ELTEX ESR-3100 - Configuration Example

To Next Page

To Previous Page

ESR series service routers.ESR-Series. User manual

297

11.8.2 Configuration example

Objective:

ESR series router features 2 connected networks that should be isolated from other networks.

Solution:

Create VRF:

esr(config)# ip vrf bit

esr(config-vrf)# exit

Create a security zone:

esr(config)# security zone vrf-sec

esr(config-zone)# ip vrf forwarding bit

esr(config-zone)# exit

Create rule for a pair of zones and allow all TCP/UDP traffic:

esr(config)# security zone-pair vrf-sec vrf-sec

esr(config-zone-pair)# rule 1

esr(config-zone-rule)# match source-address any

esr(config-zone-rule)# match destination-address any

esr(config-zone-rule)# match protocol udp

esr(config-zone-rule)# match source-port any

esr(config-zone-rule)# match destination-port any

esr(config-zone-rule)# action permit

esr(config-zone-rule)# enable

esr(config-zone-rule)# exit

esr(config-zone-pair)# rule 2