Device:/> set DNS DNSServer1=dns1_address
Assuming a second IP object called
dns2_address
has been defined, the second DNS server is
specified with:
Device:/> set DNS DNSServer2=dns2_address
B. DHCP - automatic configuration
Alternatively, all required IP addresses can be automatically retrieved from the ISP's DHCP server
by enabling DHCP on the interface connected to the ISP. If the interface on which DHCP is to be
enabled is G2, then the command is:
Device:/> set Interface Ethernet G2 DHCPEnabled=Yes
Once the required IP addresses are retrieved with DHCP, cOS Core automatically sets the relevant
address objects in the address book with this information.
For cOS Core to know on which interface to find the public Internet, a
route
has to be added to
the
main
cOS Core routing table which specifies that the network
all-nets
can be found on the
interface connected to the ISP and this route must also have the correct
Default Gateway
IP
address specified. This
all-nets
route is added automatically by cOS Core during the DHCP
address retrieval process. Automatic route generation is a setting for each interface that can be
manually enabled and disabled.
After all IP addresses are set via DHCP and an
all-nets
route is added, the connection to the
Internet is configured but no traffic can flow to or from the Internet since there is no IP rule
defined that allows it. As was done in the previous option (A) above, we must therefore manually
define an IP rule that will allow traffic from a designated source interface and source network (in
this example, the network
G3_net
and interface G3) to flow to the destination network
all-nets
and the destination interface G2.
C. PPPoE setup
For PPPoE connection, create the PPPoE tunnel interface on the interface connected to the ISP.
The interface G2, is assumed to be connected to the ISP in the command shown below which
creates a PPPoE tunnel object called
wan_ppoe
:
Device:/> add Interface PPPoETunnel wan_ppoe
EthernetInterface=G2
username=pppoe_username
Password=pppoe_password
Network=all-nets
The ISP will supply the correct values for
pppoe_username
and
pppoe_password
in the dialog
above.
The PPPoE tunnel interface can now be treated exactly like a physical interface by the policies
defined in cOS Core rule sets.
There also has to be a route associated with the PPPoE tunnel to allow traffic to flow through it
and this is automatically created in the
main
routing table when the tunnel is defined. If the
PPPoE tunnel object is deleted, this route is also automatically deleted.
At this point, no traffic can flow through the tunnel since there is no IP rule defined that allows it.
As was done in option A above, we must define an IP rule that will allow traffic from a designated
Chapter 3: cOS Core Configuration
55
Содержание Eagle E7
Страница 11: ...Chapter 1 Product Overview 11...
Страница 23: ...Chapter 2 Installation 23...
Страница 50: ...limitation Doing this is described in Section 3 5 Installing a License Chapter 3 cOS Core Configuration 50...
Страница 65: ...Chapter 3 cOS Core Configuration 65...
Страница 72: ...Appendix B Declarations of Conformity 72...
Страница 73: ...Appendix B Declarations of Conformity 73...
Страница 76: ...Clavister AB Sj gatan 6J SE 89160 rnsk ldsvik SWEDEN Phone 46 660 299200 www clavister com...