Author Topic: Adding a new application or port to existing policy in SRX  (Read 357 times)

akula

  • Newbie
  • *
  • Posts: 10
  • Karma: +1/-0
    • View Profile
Adding a new application or port to existing policy in SRX
« on: March 17, 2018, 12:42:25 am »
Hello All,

I need some help with SRX firewall.
Currently, there is a security policy with some ports or application being used in it.
Another service (tcp-5210) needs to be added to it.
I created a custom application named tcp-5210 & did a commit , which was successful.
(i verified using sh application application command)

I need to get following clarified as i am doing juniper again after long gap.

How do i add this new port into the existing security policy without removing any other in-use application or ports?
I tried using insert application under the {edit security policy options}. But i fail to see my newly created tcp-5210
as an option under the applications. I do see all the other existing ports on it.

Appreciate if someone could please help me with this.


[security policies]
from-zone inside to-zone outside {
    policy apps {
        match {
            source-address any;
            destination-address host_public;
            application tcp_port_5000;tcp-2122,tcp-4244,tcp-65730
        }
        then {
            permit

For some reason, i wasn't able to see tcp-5210 as an option when i was under edit mode to add it to the policy.
I want to add newly created tcp-5210 on to this policies application without deleting any of the existing other ones.
Appreciate all help. Thanks.