Black Box LR1112A-T1/E1 Manual De Usuario
Firewall Configuration Ex-
69
Step 8:Verify the firewall policy for Security Zone DMZ
Step 9: Verify that the FTP filter objects for Security Zone DMZ are created as configured:
Step 10: Create a default route out of the WAN
Step 11:Verify the system configuration by displaying the running configuration.
Blackbox/configure> firewall dmz
Blackbox/configure/firewall dmz> object
Blackbox/configure/firewall dmz/object> ftp-filter putdeny deny put
mkdir
Blackbox/configure/firewall dmz/object> nat-pool ftpsrvr static
10.3.1.100
Blackbox/configure/firewall dmz/object> exit
Blackbox/configure/firewall dmz> policy 100 in address any any
193.168.94.221 32
Blackbox/configure/firewall dmz/policy 100 in> apply-object nat-pool
ftpsrvr
Blackbox/configure/firewall dmz/policy 100 in> apply-object
ftp-filter putdeny
Blackbox/configure/firewall dmz/policy 100 in> exit
Blackbox/configure/firewall dmz> exit
Blackbox/configure> show firewall policy dmz
Advanced: S - Self Traffic, F - Ftp-Filter, H - Http-Filter,
R - Rpc-Filter, N - Nat-Ip/Nat-Pool, L - Logging,
E - Policy Enabled, M - Smtp-Filter
Advanced: S - Self Traffic, F - Ftp-Filter, H - Http-Filter,
R - Rpc-Filter, N - Nat-Ip/Nat-Pool, L - Logging,
E - Policy Enabled, M - Smtp-Filter
Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced
--- --- ----------- ---------------- ----------------- ------ --------
100 in any 193.168.94.221/32 any any any PERMIT FNE
1022 out any any any any any PERMIT SE
1023 in any any any any any PERMIT SE
1024 out any any any any any PERMIT E
--- --- ----------- ---------------- ----------------- ------ --------
100 in any 193.168.94.221/32 any any any PERMIT FNE
1022 out any any any any any PERMIT SE
1023 in any any any any any PERMIT SE
1024 out any any any any any PERMIT E
Blackbox/configure> show firewall object ftp-filter dmz
Object Name Action Log Commands
----------- ------ --- --------
putdeny deny no put mkdir
Blackbox/configure>
Blackbox/configure> ip route 0.0.0.0 0 wan
Blackbox/configure>