Public zone firewall templates
Issue 4 May 2005
301
Rule Name
Action
Source
Destination
Service
Direction
Zone
Keep
State
Description
InBoundPu
blicAccess
Permit
Any
PublicIP
IKE_IN
IPSEC_NAT_T_IN
AH/ESP
ICMPDestUnreach
In
Public
no
Permit
incoming
VPN traffic
and ICMP
unreachable
packet
InBoundPu
blictoDMZA
ccess
Permit
Any
DMZNet
ICMPEchoReq(PING)
FTP-Ctrl/PassiveFTP
SSH/TELNET
HTTP/HTTPS
DNS-TCP/DNS-UDP
POP3/IMAP/SMTP
NNTP
In
Public
Yes
Permit
incoming
traffic to
DMZ
network
InBoundPu
blicBlockAll
Deny
Any
Any
Any
In
Public
No
Deny the
rest of traffic
OutBoundP
ublicAcces
s
Permit
PublicIP
Any
IKE_OUT
IPSEC_NAT_T_OUT
AH/ESP
ICMPDestUnreach
Out
Public
no
Permit
outgoing
VPN traffic
OutBoundP
ublickPing
Access
Permit
DNZNet
PrivateN
et
SemiPriv
ateNat
Manage
mentNet
Any
ICMPEchoRequest
Out
Public
Yes
Permit
outgoing
ping access.
OutBoundP
ublicDNSA
ccess
Permit
PublicIP
DMZNet
PrivateN
et
SemiPriv
ateNet
Manage
mentNet
Any
DNS-TCP
DNS-UDP
Out
Public
Yes
Permit
outgoing
DNS
access.
OutBoundP
ublicGener
alAccess
Permit
Any
Any
ICMPEchoReq(PING)
FTP-Ctrl/PassiveFTP
SSH/TELNET
HTTP/HTTPS
DNS-TCP/DNS-UDP
POP3/IMAP/SMTP
Out
Public
Yes
Permit traffic
with the
services to
go out. The
traffic can
come from
any network.
OutBoundP
ublicBlockA
ll
Deny
Any
Any
Any
Out
Public
No
Deny the
rest of traffic
Summary of Contents for 3.7
Page 1: ...VPNmanager Configuration Guide Release 3 7 670 100 600 Issue 4 May 2005...
Page 4: ......
Page 20: ...Preface 20 Avaya VPNmanager Configuration Guide Release 3 7...
Page 32: ...Overview of implementation 32 Avaya VPNmanager Configuration Guide Release 3 7...
Page 53: ...Preferences Issue 4 May 2005 53 Figure 16 Tunnel End Point Policy...
Page 54: ...Using VPNmanager 54 Avaya VPNmanager Configuration Guide Release 3 7...
Page 244: ...Using advanced features 244 Avaya VPNmanager Configuration Guide Release 3 7...
Page 292: ...Upgrading firmware and licenses 292 Avaya VPNmanager Configuration Guide Release 3 7...