AR1220VW connects to a wireless router

Created: Mar 20, 2017 11:17:35Latest reply: Mar 29, 2017 06:07:12 1136 4 0 0
  Rewarded Hi-coins: 0 (problem resolved)

good day,

 

please assist, I need to configure anAR1220vw as a firewall.

It has to connect to a wireless ASUS router and this router connects to another one as gateway to the internet, the network has 25 users,I need to block epcific sites and allow others and only for specific users. about 80% of the users needs to be blocked.

do I have to use ACL and NAT or just ACL?please assist with the procedure on how to do this. what is the easier way?

 

  • x
  • convention:

Featured Answers
kmyd
Created Mar 21, 2017 08:51:24 Helpful(0) Helpful(0)

ACL
  • x
  • convention:

All Answers
gululu
gululu Admin Created Mar 21, 2017 05:52:01 Helpful(0) Helpful(0)

@Lemon @撒么 @kmyd please help!
  • x
  • convention:

Come on!
kmyd
kmyd Created Mar 21, 2017 08:51:24 Helpful(0) Helpful(0)

ACL
  • x
  • convention:

ProNko
ProNko Created Mar 23, 2017 22:14:22 Helpful(0) Helpful(0)

This post was last edited by PRO at 2017-03-29 06:08.
[V200R007C00SPC600]
#
 drop illegal-mac alarm
#
vlan batch 100
#
pki realm default
 enrollment self-signed
#
ssl policy default_policy type server
 pki-realm default
#
acl number 3000
 description DENY
 rule 5 permit ip source 192.168.210.222 0
 rule 10 deny tcp source 192.168.210.222 0 destination-port eq www
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 undo local-user admin
 local-user user password irreversible-cipher %^%#o1D!")ma#>N7^!1-Xr)4e.q/,h@by!ZK3=0!$8P>_<;e.G(K"G=N*c=Il[s@%^%#
 local-user user privilege level 15
 local-user user service-type http
#
firewall zone IN
 priority 15
#
firewall zone OUT
 priority 3
#
firewall zone Local
 priority 16
#
firewall interzone IN OUT
 firewall enable
 packet-filter 3000 inbound
#
interface Vlanif100
 ip address 10.0.0.5 255.255.255.0
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
 ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
 description Uplinkto ASUS Router
 ip address 192.168.210.11 255.255.255.0
 traffic-filter inbound acl 3000
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
  • x
  • convention:

ProNko
ProNko Created Mar 29, 2017 06:07:12 Helpful(0) Helpful(0)

[V200R007C00SPC600]
#
drop illegal-mac alarm
#
vlan batch 100
#
pki realm default
enrollment self-signed
#
ssl policy default_policy type server
pki-realm default
#
acl number 3000
description DENY
rule 5 permit ip source 192.168.210.222 0
rule 10 deny tcp source 192.168.210.222 0 destination-port eq www
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
undo local-user admin
local-user user password irreversible-cipher %^%#o1D!")ma#>N7^!1-Xr)4e.q/,h@by!ZK3=0!$8P>_<;e.G(K"G=N*c=Il[s@%^%#
local-user user privilege level 15
local-user user service-type http
#
firewall zone IN
priority 15
#
firewall zone OUT
priority 3
#
firewall zone Local
priority 16
#
firewall interzone IN OUT
firewall enable
packet-filter 3000 inbound
#
interface Vlanif100
ip address 10.0.0.5 255.255.255.0
#
interface Ethernet0/0/0
#
interface Ethernet0/0/1
#
interface Ethernet0/0/2
#
interface Ethernet0/0/3
#
interface Ethernet0/0/4
#
interface Ethernet0/0/5
#
interface Ethernet0/0/6
#
interface Ethernet0/0/7
#
interface GigabitEthernet0/0/0
ip address 192.168.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
description Uplinkto ASUS Router
ip address 192.168.210.11 255.255.255.0
traffic-filter inbound acl 3000
#
interface Cellular0/0/0
#
interface Cellular0/0/1
#
interface NULL0
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login