[x]

Configuring object policies > Applying object policies to zone pairs

 

 Next

Applying object policies to zone pairs

You can apply one IPv4 object policy and one IPv6 object policy to each zone pair. Configuration fails if you apply more than one IPv4 or IPv6 object policy to a zone pair.

To apply an object policy to a zone pair:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Configure the security zones.

security-zone name zone-name

By default, no security zones exist.

You can repeat this command to create multiple security zones.

3. Create a zone pair and enter zone pair view.

zone-pair security source source-zone-name destination destination-zone-name

By default, no zone pairs exist.

For more information about this command, see Fundamentals Command Reference.

4. Apply an object policy to the zone pair.

  • Apply an IPv4 object policy to the zone pair:object-policy apply ip object-policy-name

  • Apply an IPv6 object policy to the zone pair:object-policy apply ipv6 object-policy-name

By default, no object policy is applied to a zone pair.

prev

 

up

 next

Configuring an IPv6 object policy rule 

home

 Changing the rule match order

© Copyright 2017 Hewlett Packard Enterprise Development LP