AR1220VW connects to a wireless router

Created Mar 20, 2017 19:17:35Latest reply Mar 29, 2017 14:07:12 998 4 0 0
  Rewarded E coins: 0 (problem resolved)

good day,

 

please assist, I need to configure anAR1220vw as a firewall.

It has to connect to a wireless ASUS router and this router connects to another one as gateway to the internet, the network has 25 users,I need to block epcific sites and allow others and only for specific users. about 80% of the users needs to be blocked.

do I have to use ACL and NAT or just ACL?please assist with the procedure on how to do this. what is the easier way?

 

  • x
  • convention:

kmyd  Moderator   Created Mar 21, 2017 16:51:24 Helpful(0) Helpful(0)

ACL
  • x
  • convention:

gululu  Admin   Created Mar 21, 2017 13:52:01 Helpful(0) Helpful(0)

@Lemon @撒么 @kmyd please help!
  • x
  • convention:

Best answer

Come on!
ProNko     Created Mar 24, 2017 06:14:22 Helpful(0) Helpful(0)

This post was last edited by PRO at 2017-3-29 14:08.
[V200R007C00SPC600]
#
 drop illegal-mac alarm
#
vlan batch 100
#
pki realm default
 enrollment self-signed
#
ssl policy default_policy type server
 pki-realm default
#
acl number 3000
 description DENY
 rule 5 permit ip source 192.168.210.222 0
 rule 10 deny tcp source 192.168.210.222 0 destination-port eq www
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 undo local-user admin
 local-user user password irreversible-cipher %^%#o1D!")ma#>N7^!1-Xr)4e.q/,h@by!ZK3=0!$8P>_<;e.G(K"G=N*c=Il[s@%^%#
 local-user user privilege level 15
 local-user user service-type http
#
firewall zone IN
 priority 15
#
firewall zone OUT
 priority 3
#
firewall zone Local
 priority 16
#
firewall interzone IN OUT
 firewall enable
 packet-filter 3000 inbound
#
interface Vlanif100
 ip address 10.0.0.5 255.255.255.0
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 description Uplinkto ASUS Router
 ip address 192.168.210.11 255.255.255.0
 traffic-filter inbound acl 3000
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
  • x
  • convention:

ProNko     Created Mar 29, 2017 14:07:12 Helpful(0) Helpful(0)

[V200R007C00SPC600]
#
drop illegal-mac alarm
#
vlan batch 100
#
pki realm default
enrollment self-signed
#
ssl policy default_policy type server
pki-realm default
#
acl number 3000
description DENY
rule 5 permit ip source 192.168.210.222 0
rule 10 deny tcp source 192.168.210.222 0 destination-port eq www
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
undo local-user admin
local-user user password irreversible-cipher %^%#o1D!")ma#>N7^!1-Xr)4e.q/,h@by!ZK3=0!$8P>_<;e.G(K"G=N*c=Il[s@%^%#
local-user user privilege level 15
local-user user service-type http
#
firewall zone IN
priority 15
#
firewall zone OUT
priority 3
#
firewall zone Local
priority 16
#
firewall interzone IN OUT
firewall enable
packet-filter 3000 inbound
#
interface Vlanif100
ip address 10.0.0.5 255.255.255.0
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
description Uplinkto ASUS Router
ip address 192.168.210.11 255.255.255.0
traffic-filter inbound acl 3000
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
  • x
  • convention:

Responses

Reply
You need to log in to reply to the post Login | Register

Notice:To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“ Privacy Policy.”
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Fast reply Scroll to top