Table of Contents
Advertisement
5.6. Firewall over PPP with a DMZ LAN
Out going Web access out
192.168.0.0 with NAT
192.168.0.1
Mail Server
208.10.10.20
Note: Be aware that with many Internet Providers it may be more suitable to turn LQR (link quality reporting) off on PPP
links, and instead use LCP Echo Request and Echo Reply messages to determine link quality (echo=on). Simply add
'lqr=off echo=on' to the PPP creation command.
Router A
create ppp=0 over=syn0
enable ip
add ip int=eth0 ip=192.168.0.1
add ip int=eth1 ip=208.10.10.1
add ip int=ppp0 ip=200.2.2.1
add ip rou=0.0.0.0 mask=0.0.0.0 int=ppp0 next=0.0.0.0
enable firewall
create firewall policy="LAN"
enable firewall policy="LAN" icmp_f=ping
add firewall policy="LAN" int=eth0 type=private
add firewall policy="LAN" int=ppp0 type=public
add firewall policy="LAN" int=eth1 type=public
add firewall poli="LAN" nat=enhanced int=eth0 gblin=ppp0 gblip=208.10.10.1
create firewall policy="DMZ"
enable firewall policy="DMZ" icmp_f=ping
add firewall policy="DMZ" int=eth1 type=private
add firewall policy="DMZ" int=ppp0 type=public
add firewall policy="DMZ" int=eth0 type=public
# Allow access from Internet to Web server (domain registered 208.10.10.20)
add firewall poli="DMZ" ru=1 ac=allo int=ppp0 prot=tcp po=80 ip=208.10.10.20
# Allow any access to DMZ from eth0 LAN
add firewall poli="DMZ" ru=2 ac=allo int=eth0 prot=ALL
Helpful Scripts
Revision 5.8.7; 5 April 2001
Private
Firewall
Site A
LI
NK TX RX
Co
ll
CentreCOM
AR300
Access Router
LAN
WAN
SYSTEM
208.10.10.1
Public
200.2.2.1
Helpful Scripts
Internet
Page
27
- Quick Links:
- Configurations
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the AR Router and is the answer not in the manual?
Questions and answers