Management
set interface vlan1 ip 1.1.1.1/24
set interface vlan1 manage web
set interface vlan1 manage telnet
set interface vlan1 manage ssh
set interface vlan1 manage ping
Interfaces
set interface ethernet0/1 ip 0.0.0.0/0
set interface ethernet0/1 zone v1-trust
set interface ethernet0/3 ip 0.0.0.0/0
set interface ethernet0/3 zone v1-untrust
V1-Trust Zone
set zone v1-trust manage web
set zone v1-trust manage telnet
set zone v1-trust manage ping
Addresses
set address v1-trust FTP_Server 1.1.1.5/32
set address v1-trust Mail_Server 1.1.1.10/32
Route
set vrouter trust-vr route 0.0.0.0/0 interface vlan1 gateway 1.1.1.250 metric 1
Policies
set policy from v1-trust to v1-untrust any any any permit
set policy from v1-untrust to v1-trust any Mail_Server mail permit
set policy from v1-untrust to v1-trust any FTP_Server ftp-get permit
'업무이야기 > Security' 카테고리의 다른 글
| Safezone IPS 뚜껑따다 (0) | 2011.11.21 |
|---|---|
| NSRP Monitor Track IP Configuration Examples (0) | 2011.11.17 |
| Juniper Firewall TroubleShooting Command (0) | 2011.11.04 |
| Juniper ISG Series Integrated Security Gateways (0) | 2011.09.27 |
| Juniper Netscreen 204... (0) | 2011.08.19 |