29 lines
1.5 KiB
Text
29 lines
1.5 KiB
Text
set interfaces ethernet eth0 address '10.0.17.151/24'
|
|
set interfaces ethernet eth0 description 'SEC350-WAN'
|
|
set interfaces ethernet eth1 address '172.16.50.2/29'
|
|
set interfaces ethernet eth1 description 'CHARLOTTE-DMZ'
|
|
set interfaces ethernet eth2 address '172.16.150.2/24'
|
|
set interfaces ethernet eth2 description 'CHARLOTTE-LAN'
|
|
set nat source rule 10 description 'NAT FROM DMZ to WAN'
|
|
set nat source rule 10 outbound-interface 'eth0'
|
|
set nat source rule 10 source address '172.16.50.0/29'
|
|
set nat source rule 10 translation address 'masquerade'
|
|
set nat source rule 20 description 'NAT from LAN to WAN'
|
|
set nat source rule 20 outbound-interface 'eth0'
|
|
set nat source rule 20 source address '172.16.150.0/24'
|
|
set nat source rule 20 translation address 'masquerade'
|
|
set nat source rule 30 description 'NAT from MGMT to LAN'
|
|
set nat source rule 30 outbound-interface 'eth0'
|
|
set nat source rule 30 source address '172.16.200.0/28'
|
|
set nat source rule 30 translation address 'masquerade'
|
|
set protocols rip interface eth2
|
|
set protocols rip network '172.16.50.0/29'
|
|
set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
|
|
set service dns forwarding allow-from '172.16.50.0/29'
|
|
set service dns forwarding allow-from '172.16.150.0/24'
|
|
set service dns forwarding listen-address '172.16.50.2'
|
|
set service dns forwarding listen-address '172.16.150.2'
|
|
set service dns forwarding system
|
|
set service ssh listen-address '0.0.0.0'
|
|
set system host-name 'fw01-charlotte'
|
|
set system name-server '10.0.17.2'
|