Chapter 25 Secure Policy
ZyWALL / USG (ZLD) CLI Reference Guide
164
25.2 Secure Policy Commands
The following table identifies the values required for many of these commands. Other input values
are discussed with the corresponding commands.
The following table describes the commands available for the secure policy. You must use the
configure terminal command to enter the configuration mode before you can use the
configuration commands. Commands that do not have IPv6 specified in the description are for IPv4.
Table 84 Input Values for Secure Policy Commands
LABEL DESCRIPTION
address_object The name of the IP address (or address group) object. You may use 1-31
alphanumeric characters, underscores(
_), or dashes (-), but the first character
cannot be a number. This value is case-sensitive.
address6_object The name of the IPv6 address (or address group) object. You may use 1-31
alphanumeric characters, underscores(
_), or dashes (-), but the first character
cannot be a number. This value is case-sensitive.
user_name The name of a user (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
zone_object The name of the zone. For some ZyWALL / USG models, use up to 31 characters (a-
zA-Z0-9_-). The name cannot start with a number. This value is case-sensitive.
For other ZyWALL / USGmodels, use pre-defined zone names like DMZ, LAN1, SSL
VPN, IPSec VPN, OPT, and WAN.
rule_number The priority number of a secure policy. 1 - X where X is the highest number of rules
the ZyWALL / USG model supports. See the ZyWALL / USG’s User’s Guide for details.
schedule_object The name of the schedule. You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
service_name The name of the service (group). You may use 1-31 alphanumeric characters,
underscores(
_), or dashes (-), but the first character cannot be a number. This value
is case-sensitive.
Table 85 Command Summary: Secure Policy
COMMAND DESCRIPTION
secure-policy activate Enables Secure Policy on the ZyWALL / USG to
perform access control.
show secure-policy filter from zone_object to
zone_object srcip <ip-address> dstip <ip> service {any |
tcp | udp | icmp | gre | esp | user-defined} port-number
user user_name sch schedule_object
Applies IPv4 search filters to find specific IPv4 security
policies based on direction, application, user, source,
destination and/or schedule.
[no] secure-policy asymmetrical-route activate Allows or disallows asymmetrical route topology.
secure-policy rule_number Enters the secure policy sub-command mode to set a
firewall rule. See Table 86 on page 167 for the sub-
commands.
secure-policy zone_object {zone_object|ZyWALL}
rule_number
Enters the secure policy sub-command mode to set a
direction specific through-ZyWALL rule or to-ZyWALL
rule. See Table 86 on page 167 for the sub-
commands.
secure-policy zone_object {zone_object|ZyWALL} append Enters the secure policy sub-command mode to add a
direction specific through-ZyWALL rule or to-ZyWALL
rule to the end of the global rule list. See Table 86 on
page 167 for the sub-commands.
To Next Page
Loading...
