source interface and source network (in this example, the network
G3_net
and interface G3) to
flow to the destination network
all-nets
and the destination interface which is the PPPoE tunnel
that has been defined.
D. PPTP setup
For PPTP connection, first create the PPTP tunnel interface. It is assumed below that we will
create a PPTP tunnel object called
wan_pptp
with the remote endpoint
10.5.4.1
:
Device:/> add Interface L2TPClient wan_pptp
Network=all-nets
username=pptp_username
Password=pptp_password
RemoteEndpoint=10.5.4.1
TunnelProtocol=PPTP
Your ISP will supply the correct values for
pptp_username
,
pptp_password
and the remote
endpoint.
Your ISP will supply the correct values for
pptp_username
,
pptp_password
and the remote
endpoint. An interface is not specified when defining the tunnel because this is determined by
cOS Core looking up the
Remote Endpoint
IP address in its routing tables.
The PPTP client tunnel interface can now be treated exactly like a physical interface by the
policies defined in cOS Core rule sets.
There also has to be an associated route with the PPTP tunnel to allow traffic to flow through it,
and this is automatically created in the
main
routing table when the tunnel is defined. The
destination network for this route is the
Remote Network
specified for the tunnel and for the
public Internet this should be
all-nets
.
As with all automatically added routes, if the PPTP tunnel object is deleted then this route is also
automatically deleted.
At this point, no traffic can flow through the tunnel since there is no IP rule defined that allows it.
As was done in option A above, we must define an IP rule that will allow traffic from a designated
source interface and source network (in this example, the network
G3_net
and interface G3) to
flow to the destination network
all-nets
and the destination interface which is the PPTP tunnel
that has been defined.
Activating and Committing Changes
After any changes are made to a cOS Core configuration, they will be saved as a new
configuration but will not yet be activated. To activate all the configuration changes made since
the last activation of a new configuration, the following command must be issued:
Device:/> activate
Although the new configuration is now activated, it does not become permanently activated
until the following command is issued within 30 seconds following the
activate
:
Device:/> commit
The reason for two commands is to prevent a configuration accidentally locking out the
administrator. If a lock-out occurs then the second command will not be received and cOS Core
will revert back to the original configuration after the 30 second time period (this time period is a
setting that can be changed).
Chapter 3: cOS Core Configuration
56
Содержание Eagle E7
Страница 11: ...Chapter 1 Product Overview 11...
Страница 23: ...Chapter 2 Installation 23...
Страница 50: ...limitation Doing this is described in Section 3 5 Installing a License Chapter 3 cOS Core Configuration 50...
Страница 65: ...Chapter 3 cOS Core Configuration 65...
Страница 72: ...Appendix B Declarations of Conformity 72...
Страница 73: ...Appendix B Declarations of Conformity 73...
Страница 76: ...Clavister AB Sj gatan 6J SE 89160 rnsk ldsvik SWEDEN Phone 46 660 299200 www clavister com...
