C613-22104-00 REV B Configuring Firewall and NAT allowing UTM Offload on the AR4050S | Page 62
Setting up and Configuring UTM Offload Advanced Network Protection
Configuring Firewall and NAT allowing UTM Offload on
the AR4050S
The following is a simple configuration for firewall and NAT allowing UTM Offload.
Configuration notes
Rule 30 will allow the device to access the Update Manager.
You need to configure a DNS Server address to allow communication with the update manager.
The offload device synchronizes the time from the forwarding device. This ensures log messages
are correctly time-stamped. Therefore, NTP is configured on the forwarding device (AR4050S).
!
zone private
network lan
ip subnet 192.168.10.0/24 interface vlan1
network offload
ip subnet 192.168.100.0/24 interface eth2
!
zone public
network all
ip subnet 0.0.0.0/0 interface eth1
host router
ip address dynamic interface eth1
!
firewall
rule 10 permit any from private to private
rule 20 permit any from private to public
rule 30 permit any from public.all.router to public
protect
!
nat
rule 10 masq any from private to public
enable
!
ntp server <URL>
!
utm-offload interface eth2 subnet 192.168.100.0/24
!
ip name-server <x.x.x.x>
!
interface vlan1
ip address 192.168.10.1/24
!
interface eth1
ip address dhcp
!
To Next Page
Loading...