Table of Contents
Advertisement
Configuration Examples
–
•
Perform a trial or delayed load to check for configuration errors
•
Load the configuration in the firewall engine
•
Enable or disable the firewall:
–
–
•
After installing the firewall, check blocked traffic in event logging for missed application rules
•
Use port scanning tools to ensure policies are properly implemented
Configuration Examples
The following sample configurations describe step-by-step how to set up these firewall scenarios:
•
XSR with firewall on
•
XSR with firewall, PPPoE, and DHCP on
•
XSR with firewall and VPN on
•
Firewall configuration for VRRP on
•
Firewall configuration for RADIUS authentication on
•
Simple security on
•
RPC configuration on
XSR with Firewall
In this scenario, the XSR acts as a router connecting a branch office to the Internet, as illustrated in
Figure
and an internal network of hosts which are protected from the external world by the firewall. The
Web and Mail servers are part of the DMZ and considered internal by the XSR. Note that some
commands have been abbreviated.
This configuration, illustrated in
access between each other while protecting traffic to and from the external interface only - this is
done by enabling the firewall on the external interface only. No policies are defined for traffic
between private and dmz networks. Also, all Java and ActiveX pages, IP options, IP broadcast and
multicast packets are banned.
16-24 Configuring Security on the XSR
Multicast or broadcast filtering for routing and communications protocol filtering
System wide, or on
Individual interfaces or sub-interfaces
page 16-24
page
16-34.
page
16-14. The branch office has two servers (Web and Mail) accessible from the external world
page 16-26
page 16-27
page
16-33.
16-35.
Figure
16-14, provides private and dmz networks with unlimited
page
16-33.
Advertisement
Table of Contents
Troubleshooting
