User's Manual
Table Of Contents
- ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
- Contents
- 1. Introduction
- 2. Overview of the Configuration Commands
- 3. Net Mode Configuration Commands
- 4. Security Mode Configuration Commands
- Security Services Commands
- Security Schedules Commands
- IPv4 Add Firewall Rule and Edit Firewall Rule Commands
- IPv4 General Firewall Commands
- IPv6 Firewall Commands
- Attack Check Commands
- Session Limit, Time-Out, and Advanced Commands
- Address Filter and IP/MAC Binding Commands
- Port Triggering Commands
- UPnP Command
- Bandwidth Profile Commands
- Content Filtering Commands
- 5. System Mode Configuration Commands
- 6. Dot11 Mode Configuration Commands
- 7. VPN Mode Configuration Commands
- IPSec VPN Wizard Command
- IPSec IKE Policy Commands
- IPSec VPN Policy Commands
- IPSec VPN Mode Config Commands
- SSL VPN Portal Layout Commands
- SSL VPN Authentication Domain Commands
- SSL VPN Authentication Group Commands
- SSL VPN User Commands
- SSL VPN Port Forwarding Commands
- SSL VPN Client Commands
- SSL VPN Resource Commands
- SSL VPN Policy Commands
- RADIUS Server Command
- L2TP Server Commands
- 8. Overview of the Show Commands
- 9. Show Commands
- 10. Utility Commands
- CLI Command Index
Security Mode Configuration Commands
107
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
time in the order that you prefer. However, note that the setting of the action keyword
determines which other keywords and parameters you can apply to a rule.
Step 1 Format security firewall ipv4 edit_rule lan_dmz outbound <row id>
Mode security
Step 2 Format service_name {default_services <default service name> |
{custom_services <custom service name>}
action {ALWAYS_BLOCK | ALWAYS_ALLOW |
BLOCK_BY_SCHEDULE_ELSE_ALLOW {schedule {Schedule1 |
Schedule2 | Schedule3}} | ALLOW_BY_SCHEDULE_ELSE_BLOCK
{schedule {Schedule1 | Schedule2 | Schedule3}}}
lan_users {address_wise {ANY | SINGLE_ADDRESS {lan_user_start_ip
<ipaddress>} | ADDRESS_RANGE {lan_user_start_ip <ipaddress>}
{lan_user_end_ip <ipaddress>}} | group_wise <group name>}
dmz_users {ANY | SINGLE_ADDRESS {dmz_user_start_ip <ipaddress>}
| ADDRESS_RANGE {dmz_user_start_ip <ipaddress>}
{dmz_user_end_ip <ipaddress>}}
log {NEVER | ALWAYS}
Mode security-config [firewall-ipv4-lan-dmz-outbound]
Keyword (might consist of two
separate words)
Associated Keyword to Select or
Parameter to Type
Description
Service name, action, and schedule
service_name
default_services
ANY, AIM, BGP, BOOTP_CLIENT,
BOOTP_SERVER, CU-SEEME:UDP,
CU-SEEME:TCP, DNS:UDP, DNS:TCP,
FINGER, FTP, HTTP, HTTPS,
ICMP-TYPE-3, ICMP-TYPE-4,
ICMP-TYPE-5, ICMP-TYPE-6,
ICMP-TYPE-7, ICMP-TYPE-8,
ICMP-TYPE-9, ICMP-TYPE-10,
ICMP-TYPE-11, ICMP-TYPE-13,
ICQ, IMAP2, IMAP3, IRC, NEWS, NFS,
NNTP, PING, POP3, PPTP, RCMD,
REAL-AUDIO, REXEC, RLOGIN,
RTELNET, RTSP:TCP, RTSP:UDP,
SFTP, SMTP, SNMP:TCP, SNMP:UDP,
SNMP-TRAPS:TCP,
SNMP-TRAPS:UDP, SQL-NET,
SSH:TCP, SSH:UDP, STRMW
ORKS,
TACACS, TELNET, TFTP, RIP, IKE,
SHTTPD, IPSEC-UDP-ENCAP, IDENT,
VDOLIVE, SSH, SIP-TCP, or SIP-UDP
The default service and protocol to
which the firewall rule applies.
service_name
custom_services
custom service name The custom service that you have
configured with the security
services add command.