Ulterius Technologies LLC FDN40 Manual De Usuario
CHAPTER 9: FIREWALL
Configuration User Manual
206
© Ulterius Technologies, LLC 2016. Confidential & Proprietary.
9.2.4
Configuring Zones
Firewall configuration works on zone basis. User needs to specify ingress
and egress zones while configuring Firewall Access List. Zones are
classified as follows,
and egress zones while configuring Firewall Access List. Zones are
classified as follows,
1. Local
2. LAN
3. WAN
4. DMZ
5. VPN
Local zone will be taken by default when IP interface is created.
LAN, WAN and DMZ zones can be configured by the user.
DMZ or De Militarized Zone is a physical or logical subnetwork that contains
and exposes an organization's external services to a larger untrusted
network, usually the Internet. The host/hosts in this zone, called DMZ host,
will have unrestricted access from the public/external network (Internet). This
section describes the steps involved in setting and resetting a host in the
Local Area Network as DMZ host.
and exposes an organization's external services to a larger untrusted
network, usually the Internet. The host/hosts in this zone, called DMZ host,
will have unrestricted access from the public/external network (Internet). This
section describes the steps involved in setting and resetting a host in the
Local Area Network as DMZ host.
VPN zone comes into effect when IPSec tunnel is established.
9.2.4.1
CLI Configuration
To configure a IPv4 DMZ host
UltOs# c t
UltOs(config)# interface wan 0/1
UltOs(config-if)# switchport
UltOs(config-if)# no shutdown
UltOs(config-if)# exit
UltOs(config)# vlan 10
UltOs(config-vlan)# ports add wan 0/1
UltOs(config-vlan)# exit
UltOs(config)# interface vlan 10
UltOs(config-if)# ip address 10.10.10.2 255.255.255.0
UltOs(config-if)# no shutdown
UltOs(config-if)# zone wan
UltOs(config-if)# exit
UltOs(config)# interface lan 0/1
UltOs(config-if)# no shutdown
UltOs(config-if)# exit
UltOs(config)# vlan 11