User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
Security Mode Configuration Commands
106
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Command example:
FVS318N>
security firewall ipv4 add_rule lan_dmz outbound
security-config[firewall-ipv4-lan-dmz-outbound]>
service_name default_services FTP
security-config[firewall-ipv4-lan-dmz-outbound]>
action ALWAYS_ALLOW
security-config[firewall-ipv4-lan-dmz-outbound]>
lan_users group_wise GROUP3
security-config[firewall-ipv4-lan-dmz-outbound]>
dmz_users ADDRESS_RANGE
security-config[firewall-ipv4-lan-dmz-outbound]>
dmz_user_start_ip 176.16.2.65
security-config[firewall-ipv4-lan-dmz-outbound]>
dmz_user_end_ip 176.16.2.85
security-config[firewall-ipv4-lan-dmz-outbound]>
log Never
security-config[firewall-ipv4-lan-dmz-outbound]>
save
Related show command: show security firewall ipv4 setup lan_dmz
security firewall ipv4 edit_rule lan_dmz outbound <row id>
This command configures an existing IPv4 LAN DMZ outbound firewall rule. After you have
issued the security firewall ipv4 edit_rule lan_dmz outbound command to
specify the row to be edited (for row information, see the output of the
show security firewall
ipv4 setup lan_dmz
command), you enter the security-config [firewall-ipv4-lan-dmz-outbound]
mode. You can then edit one keyword and associated parameter or associated keyword at a
lan_users group_wise group name The name of the LAN group. The
group name is either a default
name (Group1, Group2, Group3,
and so on) or a custom name that
you specified with the net lan
lan_groups edit <row id> <new
group name> command.
dmz_users ANY, SINGLE_ADDRESS, or
ADDRESS_RANGE
The type of DMZ address.
dmz_user_start_ip ipaddress There are two options:
• The IP address if the dmz_users
keyword is set to
SINGLE_ADDRESS.
• The start IP address if the
dan_users keyword is set to
ADDRESS_RANGE.
dmz_user_end_ip ipaddress The end IP address if the
dan_users keyword is set to
ADDRESS_RANGE.
Logging
log NEVER or ALWAYS Enables or disables logging.
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description