Router1/configure# firewall internet, Router1/configure/firewall internet# exit, Router1# show firewall policy internet – Foundry Networks AR3202-CL User Manual

Security Features

June 2004

© 2004 Foundry Networks, Inc.

15 - 33

Step 11: Configure firewall policies to allow IKE negotiation through untrusted interface
(applicable only if firewall license is also enabled):

Step 12: Display firewall policies in the internet map (applicable only if firewall license is
enabled):

Step 13: Display firewall policies in the internet map in detail (applicable only if firewall license
is enabled):

Router1/configure# firewall internet

Router1/configure/firewall internet# policy 1000 in service ike self

Router1/configure/firewall internet/policy 1000 in# exit

Router1/configure/firewall internet# exit

Router1# show firewall policy internet

Advanced: S - Self Traffic, F - Ftp-Filter, H - Http-Filter,

R - Rpc-Filter, N - Nat-Ip/Nat-Pool, L - Logging,

E - Policy Enabled, M - Smtp-Filter

Pri Dir Source Addr Destination Addr Sport Dport Proto Action

Advanced

Router1# show firewall policy internet detail

Policy with Priority 1000 is enabled, Direction is inbound

Action permit, Traffic is self

Logging is disable

Source Address is any, Dest Address is any

Source Port is any, Service Name is ike

Schedule is disabled, Ftp-Filter is disabled

Smtp-Filter is disabled, Http-Filter is disabled

Rpc-Filter is disabled, Nat is disabled

Bytes In 0, Bytes Out 0

Policy with Priority 1024 is enabled, Direction is outbound

Action permit, Traffic is self

Logging is disable

Source Address is any, Dest Address is any

Source Port is any, Dest Port is any, any

Schedule is disabled, Ftp-Filter is disabled

Smtp-Filter is disabled, Http-Filter is disabled

Rpc-Filter is disabled, Nat is disabled

Bytes In 0, Bytes Out 0