Chapter 18 Firewall
UAG CLI Reference Guide
122
18.2 Firewall Commands
The following table identifies the values required for many of these commands. Other input values
are discussed with the corresponding commands.
The following table describes the commands available for the firewall. You must use the
configure terminal command to enter the configuration mode before you can use the
configuration commands.
Table 62 Input Values for General Firewall Commands
LABEL DESCRIPTION
address_object The name of the IP address (or address group) object. You may use 1-31
alphanumeric characters, underscores(
_), or dashes (-), but the first character
cannot be a number. This value is case-sensitive.
profile_name The name of the firewall rule. You may use 1-31 alphanumeric characters,
underscores(_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
user_name The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
zone_object The name of the zone. Use up to 31 characters (a-zA-Z0-9_-). The name cannot start
with a number. This value is case-sensitive.
The UAG uses pre-defined zone names like DMZ, LAN1, LAN2, SSL VPN, IPSec VPN,
and WAN.
rule_number The priority number of a firewall rule. 1 - X where X is the highest number of rules
the UAG model supports. See the UAG’s User’s Guide for details.
schedule_object The name of the schedule. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
service_name The name of the service (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
Table 63 Command Summary: Firewall
COMMAND DESCRIPTION
[no] firewall asymmetrical-route activate Allows or disallows asymmetrical route topology.
[no] connlimit max-per-host <1..8192> Sets the highest number of sessions that the UAG will
permit a host to have at one time. The
no command
removes the settings.
firewall rule_number Enters the firewall sub-command mode to set a
firewall rule. See Table 64 on page 124 for the sub-
commands.
firewall profile_name {zone_object|Device} rule_number Enters the firewall sub-command mode to set a
direction specific through-Device rule or to-Device
rule. See Table 64 on page 124 for the sub-
commands.
firewall profile_name {zone_object|Device} append Enters the firewall sub-command mode to add a
direction specific through-Device rule or to-Device
rule to the end of the global rule list. See Table 64 on
page 124 for the sub-commands.
To Next Page
Loading...
