Table of Contents
Advertisement
Table 37: Semi-private high security firewall rules (continued)
Rule Name
Action
Source
OutBoundS
Permit
SemiPriv
emiPrivate
ateIP
VPNAcces
PublicIP
s
OutBoundS
Permit
Any
emiPrivate
PermitAll
Table 38: Semi-private medium security firewall rules
Rule Name
Action
InBoundSe
Deny
miPrivateD
enyAccess
InBoundSe
Permit
miPrivateV
PNAccess
InBoundSe
Permit
miPrivateP
ermitAll
OutBound
Deny
SemiPrivat
eDenyAcc
ess
OutBound
Permit
SemiPrivat
eVPNAcce
ss
OutBound
Permit
SemiPrivat
eDenyAll
Destination
Service
Any
IKE_OUT
IPSEC_NAT_T_OUT
AH
ESP
ICMPDestUnreach
Any
Any
Source
Destination
Any
Manageme
ntNet
Any
SemiPrivat
eIP
PublicIP
Any
Any
DMZNet
Any
SemiPrivat
Any
eIP
PublicIP
Any
Any
Semi-private zone firewall templates
Direc
Zone
tion
Out
SemiP
rivate
Out
SemiP
rivate
Service
Direction
Zone
Any
In
SemiPrivat
e
IKE_IN
In
SemiPrivat
e
IPSEC_NA
T_T_IN
AH/ESP
ICMPDest
Unreach
Any
In
SemiPrivat
e
Any
Out
SemiPrivat
e
IKE_OUT
Out
SemiPrivat
e
IPSEC_NA
T_T_OUT
AH/ESP
ICMPDest
Unreach
Any
Out
SemiPrivat
e
Keep
Keep State
State
No
Permit outgoing
VPN traffic.
Yes
Permit everything
with Keep state.
(For any traffic
initiated from
Private/
ManagementNET)
2 of 2
Keep
Description
State
No
Traffic to
Manageme
ntNet is
denied.
no
Permit
incoming
VPN traffic
and ICMP
unreachabl
e packet
Yes
Permit WI/
VMGR and
VPN, clear
traffic to
PUBLIC
No
Deny
traffic from
DMZNet
no
Permit
outgoing
VPN traffic
Yes
Permit
incoming
VPN
Issue 4 May 2005
307
Advertisement
Table of Contents
