Router User Manual
Nortel Secure Router 8000 Series
Troubleshooting - VAS 3 Firewall troubleshooting
Issue 01.01 (30 March 2009) Nortel Networks Inc. 3-3
3.2.1 Networking environment
Figure 3-1 Networking of the firewall
Internet
Ethernet
PC
10.1.1.0/24
Ethernet2/0/0
10.1.1.5/24
ATM1/0/0
202.38.160.1/24
SR8008
202.1.2.3/24
Internal Network
External Network
Server
Based on the networking diagram, you can perform the following actions:
z
Use the Secure Router 8008 as the egress.
z
Connect the egress with the Internet through the interface ATM 1/0/0.
z
Connect the egress with the internal network through the interface Ethernet 2/0/0.
The Secure Router 8008 provides the firewall filtering function. Only the specified hosts are
permitted to access the external network.
3.2.2 Configuration notes
Item Sub-item Description
Configure the
class
The system has no predefined class.
The system has no predefined policy. Configure the
firewall policy
Each class in the policy view can be associated with
only one behavior.
If you need to specify several behaviors for one
class, you can add multiple actions to one behavior.
Configuring
the firewall
Application of the
firewall policy
A policy that is applied on an interface cannot be
deleted.
Stop the application of the policy on the interface.
Use the undo traffic policy command to delete the
policy.
3.2.3 Diagnostic flowchart
Figure 3-1 shows that the hosts that are prohibited from accessing the external network can
still access the network after the Secure Router 8000 Series router is configured.
Figure 3-2 shows the diagnostic flowchart for firewall faults.