All Topics » Pulse Policy Secure

policy to limit access from untrust zone

Contributor (11)
May 19, 2014 7:07am

Dear All,


I hope you are well.


I have configured my UTM juniper ssg 20 to permit access from untrust zone by only one ip address but it doesnt work; I have configured UTM as follow:


Source : ip addr from untrust zone

Dest : IP addr of UTM untrust interface

Service : https



After this configuration, all ip adrr from untrust can get access on UTM.

I need your help to limit access to the only ip add from untrust zone


note that I have not others policies from untrust zone to trust zone



Contributor (11)
May 19, 2014 8:11am

no update, please?

Contributor (11)
May 19, 2014 8:12am

Please share your config.

    Contributor (11)
    May 19, 2014 8:21am

    see my config in attachment.

Contributor (11)
May 30, 2014 1:57pm

Your description is not clear to me.  But I think you are trying to restrict access to the SSG web management interface on the untrust zone to a specific ip address.


If this is the case, you would be using the manager-ip function and not security policies.


But manager-ip applies to all interfaces on the device regardless of zone that are enabled for management access.  So in addition to adding your outside address you would also need to add the inside network addresses that would need management access on the trust interfaces.


And remember to add the network segment you are currently connected from FIRST.  As these restrictions take place immediately cutting off your access otherwise.


Web UI:

Configuration--Admin--Permitted IPs



set admin manager-ip