Watchguard V10 Command Line Interface Manual page 73
Firewall
Hide thumbs
Also See for V10:
- User manual (477 pages) ,
- Installation manual (97 pages) ,
- Supplementary manual (28 pages)
Table of Contents
Advertisement
Top-level configuration mode commands
positions that you can choose from. You pick a
location and enter a "1" to mark that bit.
[-log_per_policy [enable|disable] ]
This argument allows you to enable or disable
logging on a per-policy basis.
[-icmp_error_handling_per_policy
[[global | all] |
[[no] fragmentation_required]
[[no] time_exceeded]
[[no] network_unreachable]
[[no] host_unreachable]
[[no] port_unreachable] ]
This argument allows you to implement ICMP
error handling per policy, and specify error
handling options.
[-mss_adjustment_per_policy [auto|
limit_to <num>|disable|use_global]]
This argument allows you to specify a per-policy
TCP Maximum Segment Size. See
"mss_adjustment" on page 112 for more
information on these settings. To use the global
settings, use the argument use_global .
Examples
WG(config)#policy Allow_Outbound Any
Any \
interface 0 -firewall pass -nat
DYNAMIC_NAT <ENTER>
WG(config)#policy HQ_BR_VPN HQ BR
interface 0 \
-firewall pass -ipsec bi HQ_IPsec
<ENTER>
WG(config)#policy SJ_NY_VPN SJ NY
interface 1 \
WatchGuard Command Line Interface Guide
59
Hide quick links:
Advertisement
Table of Contents
