To Next Page

To Previous Page

MDS 05-6632A01, Rev. F MDS Orbit MCR/ECR Technical Manual 261

% set services firewall filter IN_UNTRUSTED rule 1 actions

% set services firewall filter IN_UNTRUSTED rule 1 actions action accept

% set services firewall filter IN_UNTRUSTED rule 2 match protocol udp

% set services firewall filter IN_UNTRUSTED rule 2 match src-port

% set services firewall filter IN_UNTRUSTED rule 2 match src-port services [ dns ]

% set services firewall filter IN_UNTRUSTED rule 10 match protocol udp

% set services firewall filter IN_UNTRUSTED rule 10 match dst-port services [ ike ntp ]

% set services firewall filter IN_UNTRUSTED rule 10 actions action accept

% set services firewall filter IN_UNTRUSTED rule 11 match protocol esp

% set services firewall filter IN_UNTRUSTED rule 11 actions action accept

% set services firewall filter IN_UNTRUSTED rule 12 match protocol all

% set services firewall filter IN_UNTRUSTED rule 12 actions action drop

2. Add following rules to OUT_UNTRUSTED filter that is applied to the Cell interface in the outgoing

direction:

% set services firewall address-set CELL-IP

% set services firewall filter OUT_UNTRUSTED rule 1 match src-address address-set CELL-IP

% set services firewall filter OUT_UNTRUSTED rule 1 match src-address add-interface-address

true

% set services firewall filter OUT_UNTRUSTED rule 1 actions action accept

% set services firewall filter OUT_UNTRUSTED rule 2 match protocol all

% set services firewall filter OUT_UNTRUSTED rule 2 actions action drop

3. Delete the source NAT/IP masquerading from Cell interface:

% delete interfaces interface Cell nat source MASQ

4. Commit the changes:

% commit

NOTE See section 3.8.20 Network Link failover/failback for GRE/IPsec VPN configuration examples.

See section 12.0 APPENDIX G for more VPN configuration examples like DMVPN etc.

Monitoring

Using the Web UI

To view the VPN status, navigate to Services->VPN-> Status.

GE MDS ORBIT MCR User Manual

Questions and Answers: