Filter
Top Products
Page 23 | AlliedWare™ OS How To Note: VPNs for Corporate Networks
branch office
1
The rule for the private interface uses both source and destination addresses to identify
outgoing VPN traffic.
add firewall policy=branch1 ru=5 ac=non int=vlan1 prot=all
ip=192.168.141.1-192.168.141.254 rem=192.168.140.0-192.168.142.254
If you configured SSH (recommended), create a rule to allow SSH traffic to pass through the
firewall.
add firewall policy=branch1 ru=6 ac=allo int=ppp0 prot=tcp po=22
ip=222.222.222.1 gblip=222.222.222.1 gblp=22
If you instead stayed with telnet (not recommended) and configured RSOs, create a rule to
allow telnet traffic to pass through the firewall.
add firewall policy=branch1 ru=7 ac=allo int=ppp0 prot=tcp po=23
ip=222.222.222.1 gblip=222.222.222.1 gblp=23
It is important to save your configuration when you finish, to preserve the configuration over
any power cuts.
create conf=<your-file.cfg>
This is particularly important in security configurations because it preserves the security
officer definition. Without this, regaining configuration access would destroy encryption
information such as keys.
Once you have saved the configuration to a file, specify that file as the configuration script to
use when the router boots up.
set config=<your-file.cfg>
12. Save your configuration