I've found the "insert" and similar commands often get confused as to what you mean and where unless you move into the hierarchy closest to where you're working first by doing "edit security policies from-zone it_staff to-zone untrust" then doing your insert X before Y statement from that part of the hierarchy.
On Mon, Jul 18, 2011 at 1:07 PM, James S. Smith <[email protected]>wrote: > I have an SRX240 running 11.1R2.3, and occasionally I have to add new > policies. The obvious choice would seem to be use the insert command but > I’m getting some weird errors. For example, I have a number of policies > for the different protocols going between the IT staff and the untrust > zone. When trying to insert a new policy the SRX complains the policy does > not exist.**** > > ** ** > > jsmith@fw01# insert security policies from-zone it_staff to-zone untrust > policy it_staff-untrust-windows-rdp before policy it_staff-untrust-default > **** > > error: statement 'it_staff-untrust-windows-rdp' not found**** > > ** ** > > ** ** > > ** ** > > *James S. Smith *Network Architect**** > > *WIND Mobile *207 Queen's Quay West, Suite 710* *Toronto, ON M5J 1A7**** > > ** ** > > *Email: *[email protected]** > > *Direct:* 416-640-9792**** > > ** ** > > *Fax: *416-987-1203 **** > > * * > > <http://www.windmobile.ca/> > <http://www.facebook.com/WINDmobile><http://www.twitter.com/WINDmobile> > **** > > <http://www.windmobile.ca/>**** > > _______________________________________________ > juniper-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- "Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds." -- Samuel Butler
<<image002.png>>
<<image001.png>>
<<image004.png>>
<<image003.png>>
_______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
