Hi
I'm confused about destination-address-excluded and source-address-excluded. I tyr to read an example following these link "https://www.juniper.net/documentation/en_US/junos/topics/example/security-policy-negated-address-configuring.html" but I don't understand
If I have a three address books, It's
address a1 10.10.10.0/24
address a2 20.20.20.0/24
address a3 30.30.30.0/24
And security policies is below
set security policies from-zone trust to-zone untrust {
policy p1 {
match {
source-address a1;
destination-address a2;
source-address-excluded;
destination-address-excluded;
application any;
}
then {
permit;
According to my understanding, all source and destination addess excluded 10.10.10.0/24 and 20.20.20.0/24. Traffic will be permitted on firewall. Example, traffic from 30.30.30.0/24 destined to 10.10.10.0/24, It will be permitted. Am i correct?
What's about "source-address-excluded a1". What's different
Thank you