Step 10: create a default route out of the wan – Black Box LR1102A-T1/E1 User Manual

Firewall Configuration Ex-

69

Step 8:Verify the firewall policy for Security Zone DMZ

Step 9: Verify that the FTP filter objects for Security Zone DMZ are created as configured:

Step 10: Create a default route out of the WAN

Step 11:Verify the system configuration by displaying the running configuration.

Blackbox/configure> firewall dmz

Blackbox/configure/firewall dmz> object

Blackbox/configure/firewall dmz/object> ftp-filter putdeny deny put

mkdir

Blackbox/configure/firewall dmz/object> nat-pool ftpsrvr static

10.3.1.100

Blackbox/configure/firewall dmz/object> exit

Blackbox/configure/firewall dmz> policy 100 in address any any

193.168.94.221 32

Blackbox/configure/firewall dmz/policy 100 in> apply-object nat-pool

ftpsrvr

Blackbox/configure/firewall dmz/policy 100 in> apply-object

ftp-filter putdeny

Blackbox/configure/firewall dmz/policy 100 in> exit

Blackbox/configure/firewall dmz> exit

Blackbox/configure> show firewall policy dmz
Advanced: S - Self Traffic, F - Ftp-Filter, H - Http-Filter,
R - Rpc-Filter, N - Nat-Ip/Nat-Pool, L - Logging,
E - Policy Enabled, M - Smtp-Filter

Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced
--- --- ----------- ---------------- ----------------- ------ --------
100 in any 193.168.94.221/32 any any any PERMIT FNE
1022 out any any any any any PERMIT SE
1023 in any any any any any PERMIT SE
1024 out any any any any any PERMIT E

Blackbox/configure> show firewall object ftp-filter dmz

Object Name Action Log Commands

----------- ------ --- --------

putdeny deny no put mkdir

Blackbox/configure>

Blackbox/configure> ip route 0.0.0.0 0 wan

Blackbox/configure>