security zoneΒΆ

security zone(1)	      BIG-IP TMSH Manual	      security zone(1)



NAME
       zone - Configures firewall zones.

MODULE
       security

SYNTAX
       Zones are reusable objects that are used to classify traffic in
       firewall policy. Zone is defined as consisting of one or more Vlans,
       and traffic matching one of the zone member Vlans belongs to the Zone.
       Zone object can be used as a "source" or "destination" specifier in
       Firewall policy rules to either mean originating from, or destined-to
       traffic.  Modify the zone component within the security zone module
       using the syntax shown in the following sections.

   CREATE/MODIFY
	create zone [name]
	 options:
	  copy-from [string]
	modify zone [name]
	 options:
	  vlans [add | delete | modify | replace-all-with] {
	     [ vlan_name ]
	  }
	  vlans none

	edit zone

   DISPLAY
	list zone
	show running-config zone
	 options:
	  all-properties
	  non-default-properties
	  one-line

DESCRIPTION
       You can use the zone component to configure a shareable and reusable
       set of network firewall zones which can be associated as enforced or
       staged with a number of configuration objects of the following types:
       security firewall policy.

EXAMPLES
       modify zone vlans add {
	 vlan-1 { }
	 vlan-2 { } }

       Creates a zone configuration that includes vlan-1 and vlan-2 as
       members.

       list zone

       Displays the current list of zones.

OPTIONS
       copy-from
	    (CREATE)Specifies the name of an existing policy from which to
	    copy all configuration options.

       vlans
	    Adds, deletes, or replaces a zone vlan member. Specifies one or
	    more vlans against which the packet will be compared, when used
	    with security firewall policy rules.

SEE ALSO
       create, edit, list, modify, security firewall policy, tmsh

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2018. All rights reserved.



BIG-IP				  2018-06-27		      security zone(1)