MDS 05-6632A01, Rev. F
MDS Orbit MCR/ECR Technical Manual
429
# Firewall configuration
set services firewall enabled true
set services firewall address-set CELL-IP
set services firewall filter IN_TRUSTED rule 10 match protocol all
set services firewall filter IN_TRUSTED rule 10 actions
set services firewall filter IN_TRUSTED rule 10 actions action accept
set services firewall filter IN_UNTRUSTED rule 1 match protocol icmp
set services firewall filter IN_UNTRUSTED rule 1 actions
set services firewall filter IN_UNTRUSTED rule 1 actions action accept
set services firewall filter IN_UNTRUSTED rule 2 match protocol udp
set services firewall filter IN_UNTRUSTED rule 2 match src-port
set services firewall filter IN_UNTRUSTED rule 2 match src-port services [ dns ]
set services firewall filter IN_UNTRUSTED rule 10 match protocol udp
set services firewall filter IN_UNTRUSTED rule 10 match dst-port
set services firewall filter IN_UNTRUSTED rule 10 match dst-port services [ ike ntp ]
set services firewall filter IN_UNTRUSTED rule 10 actions
set services firewall filter IN_UNTRUSTED rule 10 actions action accept
set services firewall filter IN_UNTRUSTED rule 11 match protocol esp
set services firewall filter IN_UNTRUSTED rule 11 actions
set services firewall filter IN_UNTRUSTED rule 11 actions action accept
set services firewall filter IN_UNTRUSTED rule 12 match protocol all
set services firewall filter IN_UNTRUSTED rule 12 actions
set services firewall filter IN_UNTRUSTED rule 12 actions action drop
set services firewall filter OUT_TRUSTED rule 10 match protocol all
set services firewall filter OUT_TRUSTED rule 10 actions
set services firewall filter OUT_TRUSTED rule 10 actions action accept
set services firewall filter OUT_UNTRUSTED rule 1 match src-address
set services firewall filter OUT_UNTRUSTED rule 1 match src-address address-set CELL-IP
set services firewall filter OUT_UNTRUSTED rule 1 match src-address add-interface-address true
set services firewall filter OUT_UNTRUSTED rule 1 actions
set services firewall filter OUT_UNTRUSTED rule 1 actions action accept
set services firewall filter OUT_UNTRUSTED rule 2 match protocol all
set services firewall filter OUT_UNTRUSTED rule 2 actions
set services firewall filter OUT_UNTRUSTED rule 2 actions action drop
12.2.1.2
Status
# IKE/IPsec status
> show services vpn
services vpn ike security-associations security-association 5
Содержание MDS ORBIT ECR
Страница 15: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 15 ...
Страница 35: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 35 ...
Страница 145: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 145 ...
Страница 188: ...188 MDS Orbit MCR ECR Technical Manual MDS 05 6632A01 Rev F ...
Страница 302: ...302 MDS Orbit MCR ECR Technical Manual MDS 05 6632A01 Rev F Figure 3 224 SNMP Main Page ...
Страница 380: ...380 MDS Orbit MCR ECR Technical Manual MDS 05 6632A01 Rev F ...
Страница 389: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 389 ...
Страница 393: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 393 ...
Страница 407: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 407 ...
Страница 449: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 449 ...
Страница 451: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 451 ...
Страница 452: ...452 MDS Orbit MCR ECR Technical Manual MDS 05 6632A01 Rev F ...
Страница 453: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 453 ...
Страница 459: ...MDS 05 6632A01 Rev F MDS Orbit MCR ECR Technical Manual 459 NOTES ...
Страница 460: ...460 MDS Orbit MCR ECR Technical Manual MDS 05 6632A01 Rev F ...
Страница 461: ......
Страница 463: ...GE MDS LLC Rochester NY 14620 Telephone 1 585 242 9600 FAX 1 585 242 9620 www gemds com 175 Science Parkway ...