Sample PBR on ScreenOS

Thursday, June 30, 2011

Sample PBR on ScreenOS

Following is a sample for Policy Based Routing (PBR) on Juniper ScreenOS (NetScreen & SSG)

set policy id 1

set vrouter "trust-vr"

  set access-list extended 1 dst-port \
    <PortRangeStart>-<PortRangeEnd> \
    protocol <TCP-or-UDP-or> entry 1

  set match-group name <Match-Group-Rule-Name>

  set match-group <Match-Group-Rule-Name> ext-acl 1 \
    match-entry 1

  set action-group name <Action-Group-Rule-Name>

  set action-group <Action-Group-Rule-Name> \
    next-interface <nexthop-interface> action-entry 1

  set pbr policy name <PBR-Policy-Name>

  set pbr policy <PBR-Policy-Name> match-group \
    <Match-Group-Rule-Name> action-group \
    <Action-Group-Rule-Name> 1

  set pbr <PBR-Policy-Name>

exit

set interface <Interface-of-Traffic-to-be-PBR> \
  pbr <PBR-Policy-Name>

(joint two lines break by \)

ylchang - BBBbbbbb.....loggggggg

Thursday, June 30, 2011

Sample PBR on ScreenOS

No comments: