ELTEX ESR-3100 - Page 625

To Next Page

To Previous Page

ESR series service routers.ESR-Series. User manual

625

Enable DHCP transmitting from trusted to dmz:

esr (config)# security zone-pair trusted dmz

esr (config-zone-pair)# rule 10

esr(config-zone-pair-rule)# action permit

esr(config-zone-pair-rule)# match protocol udp

esr(config-zone-pair-rule)# match source-address any

esr(config-zone-pair-rule)# match destination-address any

esr(config-zone-pair-rule)# match source-port dhcp_client

esr(config-zone-pair-rule)# match destination-port dhcp_server

esr(config-zone-pair-rule)# enable

esr(config-zone-pair-rule)# exit

esr(config-zone-pair)# exit

Enable ICMP transmission to the device. For BRAS operation, open ports for web proxying – TCP 3129/3128

(NetPortDiscovery Port/Active API Server port:

esr(config)# object-group service bras

esr(config-object-group-service)# port-range 3129

esr(config-object-group-service)# port-range 3128

esr(config-object-group-service)# exit

esr(config)# security zone-pair trusted self

esr(config-zone-pair)# rule 10

esr(config-zone-pair-rule)# action permit

esr(config-zone-pair-rule)# match protocol tcp

esr(config-zone-pair-rule)# match source-address any

esr(config-zone-pair-rule)# match destination-address any

esr(config-zone-pair-rule)# match source-port any

esr(config-zone-pair-rule)# match destination-port bras

esr(config-zone-pair-rule)# enable

esr (config-zone-pair-rule)# exit

esr(config-zone-pair)# rule 20

esr(config-zone-pair-rule)# action permit

esr(config-zone-pair-rule)# match protocol icmp

esr(config-zone-pair-rule)# match source-address any

esr(config-zone-pair-rule)# match destination-address any

esr(config-zone-pair-rule)# enable

esr(config-zone-pair-rule)# exit

esr(config)# security zone-pair dmz self

esr(config-zone-pair)# rule 20

esr(config-zone-pair-rule)# action permit

esr(config-zone-pair-rule)# match protocol icmp

esr(config-zone-pair-rule)# match source-address any

esr(config-zone-pair-rule)# match destination-address any

esr(config-zone-pair-rule)# enable

esr(config-zone-pair-rule)# exit

esr(config)# security zone-pair untrusted self

esr(config-zone-pair)# rule 20

esr(config-zone-pair-rule)# action permit

esr(config-zone-pair-rule)# match protocol icmp

esr(config-zone-pair-rule)# match source-address any

esr(config-zone-pair-rule)# match destination-address any

esr(config-zone-pair-rule)# enable

esr(config-zone-pair-rule)# exit

Main Page

ELTEX ESR-3100 - Page 625

Table of Contents

Related product manuals