User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
Security Mode Configuration Commands
101
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Command example:
FVS318N>
security firewall ipv4 add_rule dmz_wan inbound
security-config[firewall-ipv4-dmz-wan-inbound]>
service_name custom_services Traceroute
security-config[firewall-ipv4-lan-wan-inbound]>
action ALWAYS_ALLOW
security-config[firewall-ipv4-lan-wan-inbound]>
send_to_dmz_server_ip 176.21.214.2
security-config[firewall-ipv4-lan-wan-inbound]>
translate_to_port_number enable Y
security-config[firewall-ipv4-lan-wan-inbound]>
translate_to_port_number port 4500
security-config[firewall-ipv4-lan-wan-inbound]>
wan_destination_ip_address OTHERS
security-config[firewall-ipv4-lan-wan-inbound]>
wan_destination_ip_address_start 10.115.97.174
security-config[firewall-ipv4-lan-wan-inbound]>
wan_users ANY
security-config[firewall-ipv4-lan-wan-inbound]>
log Always
security-config[firewall-ipv4-lan-wan-inbound]>
save
Related show command: show security firewall ipv4 setup dmz_wan
security firewall ipv4 edit_rule dmz_wan inbound <row id>
This command configures an existing IPv4 DMZ WAN inbound firewall rule. After you have
issued the security firewall ipv4 edit_rule dmz_wan inbound command to
specify the row to be edited (for row information, see the output of the
show security firewall
ipv4 setup dmz_wan
command), you enter the security-config [firewall-ipv4-dmz-wan-inbound]
mode. You can then edit one keyword and associated parameter or associated keyword at a
time in the order that you prefer. However, note that the setting of the action keyword
determines which other keywords and parameters you can apply to a rule.
Step 1 Format security firewall ipv4 edit_rule dmz_wan inbound <row id>
Mode security
Step 2 Format service_name {default_services <default service name> |
{custom_services <custom service name>}
action {ALWAYS_BLOCK | ALWAYS_ALLOW |
BLOCK_BY_SCHEDULE_ELSE_ALLOW {schedule {Schedule1 |
Schedule2 | Schedule3}} | ALLOW_BY_SCHEDULE_ELSE_BLOCK
{schedule {Schedule1 | Schedule2 | Schedule3}}}
send_to_dmz_server_ip <ipaddress>
translate_to_port_number enable {N | Y
{translate_to_port_number port <number>}}
wan_destination_ip_address {WAN | OTHERS
{wan_destination_ip_address_start <ipaddress>}
dmz_users {ANY | SINGLE_ADDRESS {dmz_user_start_ip <ipaddress>}
| ADDRESS_RANGE {dmz_user_start_ip <ipaddress>}
{dmz_user_end_ip <ipaddress>}}
wan_users {ANY | SINGLE_ADDRESS {wan_user_start_ip <ipaddress>}
| ADDRE
SS_RANGE {wan_user_start_ip <ipaddress>}
{wan_user_end_ip <ipaddress>}}