Filter and Firewall
Left running head:
Chapter name (automatic)
708
Beta
Beta
CLI Configuration Guide
Alcatel-Lucent
If you prefer, you can use interface based classification:
Match-list trusted
Ip interface GigabitEthernet7/0 any
Match-list untrusted
Ip interface GigabitEthernet7/1 any
Match-list dmz
Ip interface GigabitEthernet3/0 any
Suppose Gigabit Ethernet 7/1 is facing external networks, you will need to
bind these NAT and Filter policies to this interface:
Interface GigabitEthernet7/1
//Physical i/f to untrusted networks
Ip nat out nat-policy
//This will NAT internal traffic
Ip filter out permit-dmz-policy
//This will permit DMZ traffic without
translation
Ip filter in deny-untrusted-policy
//This will deny all untrusted
traffic originated from outside
Exit
//Done
Summary of Contents for OmniAccess 700
Page 38: ...Left running head Chapter name automatic 12 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 176: ...Left running head Chapter name automatic 150 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 260: ...Left running head Chapter name automatic 234 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 434: ...Left running head Chapter name automatic 408 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 464: ...Left running head Chapter name automatic 438 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 638: ...Left running head Chapter name automatic 612 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 940: ...Left running head Chapter name automatic 914 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 1002: ...Left running head Chapter name automatic 976 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Page 1120: ...Left running head Chapter name automatic 2 Beta Beta CLI Configuration Guide Alcatel Lucent ...