![]() set firewall name guest-wan default-action acceptĨ. Define the firewall rule that applies to the GUEST zone for traffic destined for the WAN zone. Set firewall name guest-local rule 20 destination port 53ħ. Set firewall name guest-local rule 20 protocol tcp_udp Set firewall name guest-local rule 20 log disable Set firewall name guest-local rule 20 description dns Set firewall name guest-local rule 20 action accept Set firewall name guest-local rule 10 destination port 67 Set firewall name guest-local rule 10 protocol udp Set firewall name guest-local rule 10 log disable Set firewall name guest-local rule 10 description dhcp Set firewall name guest-local rule 10 action accept set firewall name guest-local default-action drop Define the firewall rule that applies to the GUEST zone for traffic destined for the LOCAL zone. Set firewall name guest-lan rule 20 state related enableĦ. Set firewall name guest-lan rule 20 state established enable Set firewall name guest-lan rule 20 protocol all Set firewall name guest-lan rule 20 log disable Set firewall name guest-lan rule 20 description established Set firewall name guest-lan rule 20 action accept Set firewall name guest-lan rule 10 destination address 10.0.10.10 Set firewall name guest-lan rule 10 destination port 80,443 Set firewall name guest-lan rule 10 protocol tcp Set firewall name guest-lan rule 10 log disable Set firewall name guest-lan rule 10 description webserver Set firewall name guest-lan rule 10 action accept set firewall name guest-lan default-action drop Define the firewall rules that apply to the GUEST zone for traffic destined for the LAN zone. set firewall name local default-action acceptĥ. Define the firewall rule that applies to the LOCAL zone. set firewall name lan default-action acceptĤ. Define the firewall rule that applies to the LAN zone. Set firewall name wan rule 20 state invalid enableģ. Set firewall name wan rule 20 description invalid Set firewall name wan rule 20 action drop Set firewall name wan rule 10 state related enable Set firewall name wan rule 10 state established enable Set firewall name wan rule 10 description established Set firewall name wan rule 10 action accept set firewall name wan default-action drop Define the firewall rules that applies to the WAN zone. GUEST to LOCAL zone All traffic is dropped, with the exception of DHCP and DNS requests.ĬLI: Access the Command Line Interface.You can do this using the CLI button in the GUI or by using a program such as PuTTY.Ģ.GUEST to LAN zone Only HTTP and HTTPS requests to the Webserver at 10.0.10.10 and Established/Related traffic is allowed.GUEST to WAN zone All traffic is allowed.LOCAL to other zones All traffic is allowed.LAN to other zones All traffic is allowed.WAN to other zones Only Established/Related traffic is allowed. ![]() The following traffic is allowed between the zones: ![]() LOCAL Traffic sent from the EdgeRouter itself.GUEST Assigned to VLAN20 on the eth1 interface (eth1.20).LAN Assigned to VLAN10 on the eth1 interface (eth1.10).The following zones are used in this example: The traffic that originates in the EdgeRouter itself will also be assigned to a zone: the local zone. The firewall zones will be used to define what traffic is allowed to flow between the interfaces. The Zone-Based Firewall will be used to limit the traffic between the 10.0.10.0/24 and 10.0.20.0/24 networks.Ī Zone-Based Firewall assigns each interface to a specific zone.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |