Netscreen VIP access configuration

Source: Internet
Author: User

1. Edit the interface

Network> interfaces (list)

List
5102050100

Per page

 
  List
All (5)Layer2 (0)Layer3 (3)Loopback (0)Physical (3)Tunnel (1)Unused (1)VSI (0)

Interfaces


LoopbackIfTunnel ifVSIIf
 

 

 

 
Name IP/netmask

Zone

Type Link Configure
Serial 0.0.0.0/0 Null Unused Down Edit

 
Trust 172.2.1.254/24 Trust Layer3 Up Edit

 
Tunnel.1 Unnumbered Untrust Tunnel Ready Edit

 
Untrust 58.2.24.246/32 Untrust Layer3 Up Edit

 
Vlan1 0.0.0.0/0 VLAN Layer3 Down Edit

 
 

2. Configure untrust

Network> interfaces> Edit

 

Interface: untrust (IP/netmask: 58.2.24.246/32) Back to interface
List

 
  Properties: Basic

MIP

Dip

VIP

Track IP

Track IP Options

 

 

 

 

 

 

3. Create a VIP

Network> interface> Edit> VIP/VIP services

Interface: untrust (IP/netmask: 58.2.24.246/32) Back to interface
List

 
  Properties: Basic

MIP

Dip

VIP

Track IP

Track IP Options

 

 

 

 
VIP VIP services
IP address Configure Virtual Port Service (port) Server IP Status Configure
58.2.24.246 Edit

In use 9080 Was (9080) 172.2.1.110... OK Edit

Remove

 

 

 

This is a configured VIP. First, add a VIP, then add VIP services, the Internet port is 9080, The ing service port is was (9080), and The ing Intranet host is 172.2.1.110.

 

 

4. Configure an Access Policy

 

From untrust to global, total policy: 1
ID Source Destination Service Action Options Configure Enable Move
5 Any VIP: 1 Any Permit "> Edit Clone Remove
 
 

 

This is the configured access policy policies. The direction is untrust to global.

 

5. Access Policy Configuration

 

 

6. Custom Service port M, that is, the above VIP: 1

Objects> services> Custom

 

 
Name Transport Protocol and Parameters Timeout (min) Configure
Was Tcp src port: 0-65535, DST port: 9080-9080 Default [30] Edit In use
 

 

Detailed Configuration:

Service name
Service timeout

Use protocol default

Never

Custom
(Minutes)

No. Transport Protocol Source Port Destination Port ICMP
Low High Low High Type Code
1
None
TCP
UDP
ICMP
Other
2
None
TCP
UDP
ICMP
Other
3
None
TCP
UDP
ICMP
Other
4
None
TCP
UDP
ICMP
Other
5
None
TCP
UDP
ICMP
Other
6
None
TCP
UDP
ICMP
Other
7
None
TCP
UDP
ICMP
Other
8
None
TCP
UDP
ICMP
Other
 

 

 

 

 

 

 

 

 

 

 

 

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.