Black Box LR1102A-T1/E1 User Manual
Page 65
Firewall Configuration Ex-
67
Step 2: Create the security zones CORP and DMZ and attach interfaces:
Step 3: Verify that the interfaces are attached to the security zones:
Step 4: Create policies for Security Zone CORP that:
Allow all outgoing traffic (with firewall policy priority 1024)
Deny all incoming traffic (with firewall policy priority 1021)
Create an object of type
http-filter
to block java traffic
Modify policy 1024 to pat all outgoing traffic using public IP 193.168.94.220
Modify policy 1024 to add a java HTTP filter.
Blackbox/configure> interface ethernet 0
Configuring existing Ethernet interface
Blackbox/configure/interface/ethernet 0> ip address 10.2.1.1 24
Blackbox/configure/interface/ethernet 0> exit
Blackbox/configure> interface ethernet 1
Configuring existing Ethernet interface
Blackbox/configure/interface/ethernet 1> ip address 10.3.1.1 24
Blackbox/configure/interface/ethernet 1> exit
Blackbox/configure> interface bundle wan
Blackbox/configure/interface/bundle wan> link t1 1
Blackbox/configure/interface/bundle wan> encapsulation p
Blackbox/configure/interface/bundle wan> ip address 193.168.94.220 24
Blackbox/configure/interface/bundle wan> exit
Blackbox/configure> firewall corp
Blackbox/configure/firewall corp> interface ethernet0
Blackbox/configure/firewall corp> exit
Blackbox/configure> firewall dmz
Blackbox/configure/firewall dmz> interface ethernet1
Blackbox/configure/firewall dmz> exit
Blackbox/configure> firewall internet
Blackbox/configure/firewall internet> interface wan
Blackbox/configure/firewall internet> exit 2
Blackbox/configure> show firewall interface all
Interface Map Name
--------- --------
ethernet0 corp
ethernet1 dmz
wan internet