Avaya 3.7 Manuel D’Utilisation
Private zone firewall templates
Issue 4 May 2005
303
Private zone firewall templates
The private network interface provides connection to the private/corporate LAN. Private zones
are considered trusted networks and because of this most traffic is allowed.
are considered trusted networks and because of this most traffic is allowed.
The private high security rules are enforced for both incoming and outgoing packets as follows.
Any incoming traffic from the private zone is allowed except traffic that is destined to the
management zone.
management zone.
For outgoing traffic to the private zone, traffic initiated from DMZ is strictly denied. All other
traffic is allowed.
traffic is allowed.
OutBoundPublic
AccessVPNKey
Mgmt
AccessVPNKey
Mgmt
Permit
Public-IP
Any
IKE-IN
IKE-AVAYA-IN
IKE-AVAYA-IN
Out
Public-IP
Yes
InBoundPublicI
CMP
CMP
Permit
Any
Public-IP
ICMPDESTUNREACHAB
LE
ICMPTIMEEXCEEDED
LE
ICMPTIMEEXCEEDED
In
Public-IP
No
OutBoundPublic
ICMP
ICMP
Permit
Public-IP
Any
ICMPDESTUNREACHAB
LE
LE
Out
Public-IP
No
InBoundPublicB
lockAll
lockAll
Block
Any
Any
Any
In
Public
No
OutBoundPublic
BlockAll
BlockAll
Block
Any
Any
Any
Out
Public
No
Table 33: Public VPN-only firewall rules (continued)
2 of 2