Table 268: Stateful Firewall Configuration Details - Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1 Manual

Copyright © 2010, Juniper Networks, Inc.

Table 268: Stateful Firewall Configuration Details

Task
Define the rule.
Define a term.
Define Ip option.
Your Action
1. Click Rule next to Stateful Firewall.
2. Click Add new entry next to Rule.
3. In the Name box, enter the identifier for the collection of
terms that constitute this rule.
4. In the Comment box, enter the comment.
5. From the Match Direction list, select the direction in which
the rule match is applied.
Select input to apply the rule match on the input side of
the interface.
Select output to apply the rule match on the output side
of the interface.
Select input-output to apply the rule match bidirectionally.
1. Click Term next to rule.
2. Click Add new entry next to Term.
3. In the Name box, enter the identifier for the term.
4. In the Comment box, enter the comment.
5. Expand term.
6. Click From next to term.
7. In the Comment box, enter the comment.
8. Expand From.
9. From the listed match conditions, select the match condition
for stateful firewall.
The match conditions listed are Application Sets,
Applications, Destination Address, Destination Address
Range, Destination Prefix List, Source Address, Source
Address Range, and Source Prefix List.
10. Click Then next to term.
11. In the Comment box, enter the comment.
12. Select the Syslog check box to enable system logging.
13. Expand Then.
14. Click Accept next to Then.
Select Accept to accept the traffic and send it on to its
destination.
Select discard to not accept traffic or process it further.
Select reject to accept the traffic and return a rejection
message.
1. Click Allow Ip Options next to Then.
2. Click Add new entry next to Allow Ip Options.
3. From the dropdown list, select the IP option name.
Chapter 23: Configuring Services
461