Never mind, answered my own question. Didn't realize you have to define the policy first and let it be added to the bottom of the list, and then use the insert statement to move it.
James S. Smith Network Architect WIND Mobile 207 Queen's Quay West, Suite 710 Toronto, ON M5J 1A7 Email: [email protected] Direct: 416-640-9792 Fax: 416-987-1203 [cid:[email protected]]<http://www.windmobile.ca/>[cid:[email protected]]<http://www.facebook.com/WINDmobile>[cid:[email protected]]<http://www.twitter.com/WINDmobile> [cid:[email protected]]<http://www.windmobile.ca/> From: James S. Smith Sent: Monday, July 18, 2011 4:07 PM To: [email protected] Subject: Inserting security policies on SRX I have an SRX240 running 11.1R2.3, and occasionally I have to add new policies. The obvious choice would seem to be use the insert command but I'm getting some weird errors. For example, I have a number of policies for the different protocols going between the IT staff and the untrust zone. When trying to insert a new policy the SRX complains the policy does not exist. jsmith@fw01# insert security policies from-zone it_staff to-zone untrust policy it_staff-untrust-windows-rdp before policy it_staff-untrust-default error: statement 'it_staff-untrust-windows-rdp' not found James S. Smith Network Architect WIND Mobile 207 Queen's Quay West, Suite 710 Toronto, ON M5J 1A7 Email: [email protected] Direct: 416-640-9792 Fax: 416-987-1203 [cid:[email protected]]<http://www.windmobile.ca/>[cid:[email protected]]<http://www.facebook.com/WINDmobile>[cid:[email protected]]<http://www.twitter.com/WINDmobile> [cid:[email protected]]<http://www.windmobile.ca/>
<<inline: image001.png>>
<<inline: image002.png>>
<<inline: image003.png>>
<<inline: image004.png>>
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
