1: The Eudemon 1000 supports route transparent or composite mode, the firewall mode composite cmd set the firewall for both ( default = routed )
2: Be aware of the zone priority and how the work. A higher priority to a low is considered outbound the reverse is considered inbound. A interface can be in one zone only BUT not the local zone
3: ACL are number-range specific beaware of the differences
2000-2999 == BASIC ACL ( source address only )
3000-3999= ADVANCE ACL ( source port/dest port , source address/dest address upper layer protocol service )
5000-5999 FIREWALL ACL ( src dest address and dest port )
4: Use the lock cli-cmd from the cli to lock others out when configuring the firewall
5: The display this cli-cmd show what's configured in that system view that your currently located in
6: The system-view immediately cli-cmd is great to execute the config change immediately, but use with care. Any mistake could be service impacting
7: The preview all configuration cli-cmd helps to validate the configurations before the commit. You should use it 100% of the time IMHO.
8: Execute the display configuration <filename> before loading a previous saved config to validate the configuration B4 loading.
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment