User Guide
OmniAccess SafeGuard OS Administration Guide
309
Chapter 7: Establishing a Security Policy
— Network – By a subnet
network ipaddr mask
This example specifies the finance_servers zone by subnet:
(SafeGuardOS) (config) # network-zone finance_servers
(SafeGuardOS) (network_zone) # network 192.168.0.0 255.255.252.0
(SafeGuardOS) (network_zone)#
— Range – By IP range
range starting_addr ending_address
This example specifies the finance_servers zone by an IP range:
(SafeGuardOS) (config) # network-zone finance_servers
(SafeGuardOS) (network_zone) # network 192.168.0.2 192.168.0.56
(SafeGuardOS) (network_zone) #
For additional examples of network zones, see Network Zones Example on page 321.
3 To remove an existing configuration use the no version of the command.
no host [ip-address addr|mac-address addr]| network [ipaddr|mask]
| range starting_addr ending_address
This example removes the previously configured subnet configuration:
(SafeGuardOS) (config) # network-zone billing
(SafeGuardOS) (network_zone) # no network 192.168.0.0 255.255.252.0
(SafeGuardOS) (network_zone) #
The following example defines a network zone for telnet called netzoneTelnet, that
contains four IP addresses:
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) # network-zone netzoneTelnet
(SafeGuardOS) (network-zone) # host ip-address 192.168.4.7
(SafeGuardOS) (network-zone) # host ip-address 192.168.4.24
(SafeGuardOS) (network-zone) # host ip-address 192.168.5.10
(SafeGuardOS) (network-zone) # host ip-address 192.168.5.26
(SafeGuardOS) (network-zone) # end
(SafeGuardOS) #
Syntax Description ipaddr An IP address.
mask A subnet mask in dotted-quad notation.
For example, 255.255.255.255.
Syntax Description starting_addr Start the range at this IP address
ending_address End the range at this IP address