I would like to know whether the Juniper SRX by default allows all the source and destination ports if all the devices are from the internal networking range.
For eg, Src-10.10.x.x SrcPrt-any Des-10.20.x.x DesPrt-23 would be allowed by default or we require ACL policies for allowing the traffic in the Juniper SRX series firewalls.
Best Answer
As per Juniper you can actually check the defaults by:
Steps taken from SRX650 Services Gateway Hardware Guide, you can also see the sampling of the above steps if in doubt.
System default security
Deny all transit traffic.
Factory default security policies
Trust to trust permit, trust to untrust permit, untrust to trust deny
*quotes taken from JNCIS-SEC Study Guide- Part 1, Ch 3:Security Policies