Cisco Cisco ASR 5000
Firewall-and-NAT Policy Configuration Mode Commands
firewall policy ▀
Command Line Interface Reference, StarOS Release 18 ▄
5123
firewall policy
This command enables/disables Stateful Firewall support in a Firewall-and-NAT policy.
Important:
In release 8.0, this configuration is available in the ACS Configuration Mode. In release 8.1, for
Rulebase-based Stateful Firewall configuration, this configuration is available in the ACS Rulebase Configuration
Mode. In release 8.3, this configuration is available in the ACS Rulebase Configuration Mode.
Mode. In release 8.3, this configuration is available in the ACS Rulebase Configuration Mode.
Product
PSF
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Firewall-and-NAT Policy Configuration
active-charging service service_name > fw-and-nat policy policy_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-fw-and-nat-policy)#
Syntax
In 11.0 and earlier releases:
firewall policy firewall-required
no firewall policy
In 12.0 and later releases:
firewall policy { ipv4-and-ipv6 | ipv4-only | ipv6-only }
{ default | no } firewall policy
default
Disables IPv4 and IPv6 Stateful Firewall support in the Firewall-and-NAT policy.
no
Disables IPv4 and IPv6 Stateful Firewall support in the Firewall-and-NAT policy.
firewall-required
Enables Stateful Firewall support in the Firewall-and-NAT policy.
Important:
This keyword is available only in 11.0 and earlier releases.
ipv4-and-ipv6
Enables both IPv4 and IPv6 Stateful Firewall support in the Firewall-and-NAT policy.