FIREWALL COMMANDS
To remove the source and destination address configuration of an existing firewall policy, enter
SR/configure/firewall corp> policy 4 out address any any SR/configure/firewall corp/policy 4
out>
To add a inbound firewall policy for a existing user-group test (remote access feature), enter
SR/configure/firewall corp> policy 14 in 13.1.1.1 32 any any user-group test permit SR/
configure/firewall corp/policy 14 in>
To add a firewall policy for out bound traffic from 40.1.1.1 to do PAT with address 90.1.1.1, enter
SR/configure/firewall corp> policy 15 out 40.1.1.1 32 any any nat-ip 90.1.1.1 permit SR/
configure/firewall corp/policy 15 out>
To add an inbound policy for a web application with destination ip address of 70.1.1.6 prefix-
len of 32, a nat-ip address of 10.1.1.10, and an port to application mapping (PAM) of 8080,
enter:
SR/configure/firewall dmz> policy 14 in address any 70.1.1.6 32 service web nat-ip 10.1.1.10
nat-port 8080
applies to:
All modules
policy max-connection-limit
Specifies the maximum number of connections for a given policy at any given time. Use the
no form of the command to restore the default value (the default value is the maximum number
of connections for the current map).
syntax:
[no] max-connection-limit <max-number-connections>
parameter
max-number-connections
example:
To limit the maximum number of connections to 20, enter:
SR/configure/firewall corp/policy 4 out> max-connection-limit 20
applies to:
All modules
970
Avaya Secure Router 3120 Command Reference Guide
Specifies the maximum number of connections at any one
time. Valid range is 1—29912. The default is the connection
limit of the map.
definition
December 2010