EasyManua.ls Logo

ELTEX ESR-1000 - Page 507

Default Icon
650 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ESR series service routers.ESR-Series. User manual
507
Step Description Command Keys
26 Set the profile of source TCP
ports for which the rule should
work.
esr(config-ips-category-rule)#
source-port {any | <PORT> |
object-group <OBJ-GR-NAME> }
<PORT> – number of sender TCP/UDP
port, takes values of [1..65535].
<OBJ_GR_NAME> – sender TCP/UDP
ports profile name, set by the string of
up to 31 characters.
When specifying the 'any' value, the
rule will work for any sender TCP/UDP
port.
27 Set destination IP addresses for
which the rule should trigger.
esr(config-ips-category-rule)#
destination-address
{ip <ADDR> | ip-prefix <ADDR/
LEN> | object-group
<OBJ_GR_NAME> |
policy-object-group { protect |
external } | any }
<<ADDR> – recipient IP address,
defined as AAA.BBB.CCC.DDD where
each part takes values of [0..255];
<ADDR/LEN> – recipient IP subnet,
defined as AAA.BBB.CCC.DDD/EE
where each part AAA-DDD takes
values of [0..255] and LEN takes
values of [1..32].
<OBJ_GR_NAME> – name of IP
addresses profile that contains
recipient IP address, set by the string
of up to 31 characters.
protect – sets recipient
addresses, protect addresses
defined in IPS/IDS policy;
external – sets external
addresses defined in IPS/IDS
policy as recipient addresses.
When specifying the 'any' value, the
rule will work for any sender IP
address.
28 Set the profile of destination
TCP ports for which the rule
should trigger.
Normally TCP port 80 is used
for the http protocol.
In cases where web servers are
used on non-standard ports
need to write these ports too.
esr(config-ips-category-rule)#
destination-port {any | <PORT> |
object-group <OBJ-GR-NAME> }
<PORT> – number of destination TCP/
UDP port, takes values of [1..65535].
<OBJ_GR_NAME> – recipient TCP/
UDP ports profile name, set by the
string of up to 31 characters.
When specifying the 'any' value, the
rule will be triggered for any source
TCP/UDP port.
29 Set traffic direction for which
the rule should trigger.
esr(config-ips-category-rule)#
direction { one-way | round-trip }
one-way – traffic is transmitted
in one direction.
round-trip – traffic is
transmitted in both directions.

Table of Contents

Other manuals for ELTEX ESR-1000

Preview: Operation Manual
Operation Manual109 pages
Preview: Quick Start And Installation Guide
Quick Start And Installation Guide19 pages

Related product manuals