Step Description Command Keys
15 Add necessary services (tcp/udp ports)
to the list.
esr(config-object-group-service)#
port-range 3128-3135
ESR proxy server uses for its
operation the ports starting
from the base port defined in
step 10
The http proxy uses ports from
base port to base port + the
number of cpu of this ESR
model - 1
For https proxy, the ports used
are from base port + number of
cpu of the given ESR model to
base port + number of cpu of
the given ESR model * 2 - 1
16 Create an interzone interaction rule set. esr(config)# security zone-pair
<src-zone-name1> self
<src-zone-name> – security
zone in which the interfaces
with the ip http proxy or ip https
proxy function are located.
self – a predefined security
zone for traffic entering the
ESR itself.
17 Create an interzone interaction rule set. esr(config-zone-pair)# rule <rule-
number>
<rule-number> – 1..10000.
18 Specify rule description (optional). esr(config-zone-rule)# description
<description>
<description> – up to 255
characters..
19 Specify the given rule force. esr(config-zone-rule)# action
<action> [ log ]
<action> – permit
log – activation key for logging
of sessions established
according to this rule.
20 Set name of IP protocol for which the
rule should work.
esr(config-zone-rule)# match
protocol <protocol-type>
<protocol-type> – tcp
ESR proxy server uses ESR
protocol.
21 Set the destination TCP/UDP ports
profile for which the rule should work (if
the protocol is specified).
esr(config-zone-rule)# match [not]
destination-port <obj-group-name>
<obj-group-name> – name of
the service profile created in
step 12.
22 Create an interzone interaction rule. esr(config-zone-rule)# enable
To Next Page
Loading...
Need help?
General
