EasyManua.ls Logo

GE MDS ORBIT ECR - Page 429

GE MDS ORBIT ECR
463 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
MDS 05-6632A01, Rev. F MDS Orbit MCR/ECR Technical Manual 429
# Firewall configuration
set services firewall enabled true
set services firewall address-set CELL-IP
set services firewall filter IN_TRUSTED rule 10 match protocol all
set services firewall filter IN_TRUSTED rule 10 actions
set services firewall filter IN_TRUSTED rule 10 actions action accept
set services firewall filter IN_UNTRUSTED rule 1 match protocol icmp
set services firewall filter IN_UNTRUSTED rule 1 actions
set services firewall filter IN_UNTRUSTED rule 1 actions action accept
set services firewall filter IN_UNTRUSTED rule 2 match protocol udp
set services firewall filter IN_UNTRUSTED rule 2 match src-port
set services firewall filter IN_UNTRUSTED rule 2 match src-port services [ dns ]
set services firewall filter IN_UNTRUSTED rule 10 match protocol udp
set services firewall filter IN_UNTRUSTED rule 10 match dst-port
set services firewall filter IN_UNTRUSTED rule 10 match dst-port services [ ike ntp ]
set services firewall filter IN_UNTRUSTED rule 10 actions
set services firewall filter IN_UNTRUSTED rule 10 actions action accept
set services firewall filter IN_UNTRUSTED rule 11 match protocol esp
set services firewall filter IN_UNTRUSTED rule 11 actions
set services firewall filter IN_UNTRUSTED rule 11 actions action accept
set services firewall filter IN_UNTRUSTED rule 12 match protocol all
set services firewall filter IN_UNTRUSTED rule 12 actions
set services firewall filter IN_UNTRUSTED rule 12 actions action drop
set services firewall filter OUT_TRUSTED rule 10 match protocol all
set services firewall filter OUT_TRUSTED rule 10 actions
set services firewall filter OUT_TRUSTED rule 10 actions action accept
set services firewall filter OUT_UNTRUSTED rule 1 match src-address
set services firewall filter OUT_UNTRUSTED rule 1 match src-address address-set CELL-IP
set services firewall filter OUT_UNTRUSTED rule 1 match src-address add-interface-address true
set services firewall filter OUT_UNTRUSTED rule 1 actions
set services firewall filter OUT_UNTRUSTED rule 1 actions action accept
set services firewall filter OUT_UNTRUSTED rule 2 match protocol all
set services firewall filter OUT_UNTRUSTED rule 2 actions
set services firewall filter OUT_UNTRUSTED rule 2 actions action drop
12.2.1.2 Status
# IKE/IPsec status
> show services vpn
services vpn ike security-associations security-association 5

Table of Contents

Related product manuals