User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2

411

412

413

414

415

416

417

418

419

420

Firewall Firewall command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-110

Options The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example --> firewall enable

4.3.2.0.4 FIREWALL SET SECURITYLEVEL

Syntax FIREWALL SET SECURITYLEVEL {NONE | HIGH | MEDIUM | LOW}

Description This command allows you to set which security level is used by the Firewall. There are

four default security levels (none, high, medium and low) that contain different security

configuration information for each interface connection.

Selecting a security level deletes the previous security level and any policies or portfilters

set, and replaces them with the newly selected level.

The factory default setting none is not a security level. It is a blank firewall configuration

that allows you to create your own policies and portfilters, using the commands firewall

add policy and firewall add portfilter. These manually configured policies/portfilters are

stored in the im.conf file.

Explicitly setting the security level to none sets a security level that does not contain any

policies or portfilters. Note that if you create policies/portfilters and store them in the

im.conf file, then select none (or any other security level), all of your manually configured

policies/portfilters will be deleted and replaced with this level.

The userdefined option allows you to select a security configuration that you have previ-

ously created.

There are three types of interface connections:

• Between the external interface and internal interface

• Between the external interface and the de-militarized zone (DMZ)

• Between the DMZ and the internal interface

You can add your own firewall portfilters to a security level by using the FIREWALL ADD

PORTFILTER command. If you then save your configuration using the SYSTEM CONFIG

CREATE/SET command, these additional filters are saved with the default level and are

restored on reboot.

Option Description Default Value

enable

Enables the

Firewall module.

Disable

disable

Disables the Firewall module.