Nortel 4134 Guia Do Utilizador
100
Firewall and NAT configuration
Variable
Value
[protocol <protocol-valu
e>]
e>]
Can be one of the following:
tcp
udp
icmp
ah
esp
gre
any
tcp
udp
icmp
ah
esp
gre
any
[port <port-value>]
Can be specified as
<src-start> <src-end> <dst-start> <dst-end> OR
<src-port> <dst-port>
<src-start> <src-end> <dst-start> <dst-end> OR
<src-port> <dst-port>
[traffic {transit | self}]
Type of traffic, either transit or self. Default is transit.
[nat-ip <nat-ip-value>]
Specifies the IP address or interface to use for NAT
translation.
Can be ethernet<slot/port>, intf-name,
intf-name:pvc-num
translation.
Can be ethernet<slot/port>, intf-name,
intf-name:pvc-num
[port-map <port-map-v
alue>]
alue>]
Port to application mapping (pam) for reverse NAT
IP only. Can be specified as <start-port> <end-port>
or <port>.
IP only. Can be specified as <start-port> <end-port>
or <port>.
[log {enable-log |
disable-log}]
disable-log}]
Enable or disable logging.
[no]
Deletes the specified policy from the map.
Applying an object to a policy
Apply pre-configured objects to a policy.
Procedure steps
Step
Action
1
To enter configuration mode, enter:
configure terminal
2
To specify the map name to configure, enter:
firewall <map-name>
3
To specify the firewall policy to configure, enter:
policy <1-1024> {out|in}
4
To apply an object to the policy, enter:
apply-object <object-type> <object-name>
—End—
Nortel Secure Router 4134
Security — Configuration and Management
NN47263-600
01.02
Standard
10.0
3 August 2007
Copyright © 2007, Nortel Networks
.