Alcatel-Lucent OmniAccess 5740

To Next Page

To Previous Page

Zone Configuration

Except on the first page, right running head:

Heading1 or Heading1NewPage text (automatic)

777

Alcatel-Lucent

Beta Beta

OmniAccess 5740 Unified Services Gateway CLI Configuration Guide

(vii) Managing the system

ALU(config)# match-list trust-manage

ALU(config-match-list-trust-manage)# 1 tcp list trust list

SG8 service ssh

ALU(config-match-list-trust-manage)# 2 tcp list trust list

SG8 service telnet

(viii) DMZ

ALU(config)# match-list DMZ-Trust

ALU(config-match-list-DMZ-Trust)# ip any any

5. RFC 1918 compliance rules.

ALU(config)# list 1918 prefix 10.0.0.0/8 prefix 172.16.0.0/

12 prefix 192.168.0.0/16 prefix 14.0.0.0/8 prefix 127.0.0.0/

ALU(config)# match-list RFC-1918

ALU(config-match-list-RFC-1918)# 1 ip list 1918 list Trust

ALU(config-match-list-RFC-1918)# 2 ip list 1918 list DMZ

6. Rules for managing the box from untrust, DMZ and trust zone through

SSH and Telnet.

ALU(config)# list untrust-manage host 202.24.45.100

ALU(config)# list dmz-manage host 172.16.0.132

ALU(config)# list trust-manage host 10.0.0.1 host

192.168.1.1 host 172.16.0.1

7. Configuring the match-lists for inband management through SSH and

Telnet.

ALU(config)# match-list manage-untrust

ALU(config-match-list-manage-untrust)# tcp any list untrust-

manage service telnet

ALU(config-match-list-manage-untrust)# tcp any list untrust-

manage service ssh

8. Configuring rules for DoS protection.

ALU(config)# match-list DoS

ALU(config-match-list-DoS)# 1 ip any list trust

ALU(config-match-list-DoS)# 2 ip any list DMZ

9. Configuring rule for SNATing the trusted and DMZ network.

ALU(config)# match-list source-nat

ALU(config-match-list-source-nat)# 1 ip list Trust any

ALU(config-match-list-source-nat)# 2 ip list DMZ any

Main Page

Alcatel-Lucent OmniAccess 5740 - Page 803

Table of Contents

Other manuals for Alcatel-Lucent OmniAccess 5740

Related product manuals