migrate to git.charlotte.sh

2025-04-19 23:42:08 -04:00 · 2025-04-19 23:42:08 -04:00 · fbd588721e
commit fbd588721e
412 changed files with 13750 additions and 0 deletions
--- a/net-sec-controls-sec350/configs/fw01/fw01.config.week03.txt
+++ b/net-sec-controls-sec350/configs/fw01/fw01.config.week03.txt
@ -0,0 +1,29 @@
+set interfaces ethernet eth0 address '10.0.17.151/24'
+set interfaces ethernet eth0 description 'SEC350-WAN'
+set interfaces ethernet eth1 address '172.16.50.2/29'
+set interfaces ethernet eth1 description 'CHARLOTTE-DMZ'
+set interfaces ethernet eth2 address '172.16.150.2/24'
+set interfaces ethernet eth2 description 'CHARLOTTE-LAN'
+set nat source rule 10 description 'NAT FROM DMZ to WAN'
+set nat source rule 10 outbound-interface 'eth0'
+set nat source rule 10 source address '172.16.50.0/29'
+set nat source rule 10 translation address 'masquerade'
+set nat source rule 20 description 'NAT from LAN to WAN'
+set nat source rule 20 outbound-interface 'eth0'
+set nat source rule 20 source address '172.16.150.0/24'
+set nat source rule 20 translation address 'masquerade'
+set nat source rule 30 description 'NAT from MGMT to LAN'
+set nat source rule 30 outbound-interface 'eth0'
+set nat source rule 30 source address '172.16.200.0/28'
+set nat source rule 30 translation address 'masquerade'
+set protocols rip interface eth2
+set protocols rip network '172.16.50.0/29'
+set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
+set service dns forwarding allow-from '172.16.50.0/29'
+set service dns forwarding allow-from '172.16.150.0/24'
+set service dns forwarding listen-address '172.16.50.2'
+set service dns forwarding listen-address '172.16.150.2'
+set service dns forwarding system
+set service ssh listen-address '0.0.0.0'
+set system host-name 'fw01-charlotte'
+set system name-server '10.0.17.2'