An ISP will supply the correct values for
pptp_username
,
pptp_password
and the remote
endpoint. An interface is not specified when defining the tunnel because this is determined by
cOS Core looking up the
Remote Endpoint
IP address in its routing tables.
The PPTP client tunnel interface can now be treated exactly like a physical interface by the
policies defined in cOS Core rule sets.
There also has to be an associated route with the PPTP tunnel to allow traffic to flow through it,
and this is automatically created in the
main
routing table when the tunnel is defined. The
destination network for this route is the
Remote Network
specified for the tunnel and for the
public Internet this should be
all-nets
.
If we go to Network > Routing > Routing Tables > main we can see this route.
If the PPTP tunnel object is deleted, this route is also automatically deleted.
At this point, no traffic can flow through the tunnel since there is no IP rule defined that allows it.
As was done in option A above, we must define an IP rule that will allow traffic from a designated
source network and source interface (in this example, the network
G3_net
and interface G3) to
flow to the destination network
all-nets
and the destination interface which is the PPTP tunnel
that has been defined.
DHCP Server Setup
If the Clavister Security Gateway is to act as a DHCP server then this can be set up in the following
way:
First create an
IP4 Address
object which defines the address range to be handed out. Here, it is
assumed that this has the name
dhcp_range
. It is also assumed that another
IP4 Address
object
dhcp_netmask
has been created which specifies the netmask.
We now create a DHCP server object called
dhcp_lan
which will only be available only on the G3
interface. To do this, go to Network > Network Services > DHCP Servers and select Add >
DHCP Server. We can now specify the server properties.
Chapter 3: cOS Core Configuration
45
Содержание Eagle E7
Страница 11: ...Chapter 1 Product Overview 11...
Страница 23: ...Chapter 2 Installation 23...
Страница 50: ...limitation Doing this is described in Section 3 5 Installing a License Chapter 3 cOS Core Configuration 50...
Страница 65: ...Chapter 3 cOS Core Configuration 65...
Страница 72: ...Appendix B Declarations of Conformity 72...
Страница 73: ...Appendix B Declarations of Conformity 73...
Страница 76: ...Clavister AB Sj gatan 6J SE 89160 rnsk ldsvik SWEDEN Phone 46 660 299200 www clavister com...