Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Firewall Feature Set Commands

16-118 Configuring Security

Defaults

Denyall

Mode

Globalconfiguration:XSR(config)#

Example

ThefollowingexamplepermitsanyremotehosttorunaPPTPtunneltoaserverontheinternal

network:

XSR(config)#ip firewall network pptp-server 120.21.1.18/32 internal

XSR(config)#ip fire filter allow--gre ANY_EXTERNAL pptp-server 47 protocol-id

XSR(config)#ip firewall filter allow--gre pptp-server ANY_EXTERNAL protocol-id 47

ip firewall icmp timeout

ThiscommanddefinestheobjectwhichhandlesallconfigurationforICMPpacketinspection.

Syntax

ip firewall icmp timeout <seconds>

Syntax of the “no” Form

Thenoformofthiscommandsetsthetimeouttothedefaultvalue:

no ip firewall icmp timeout

Default

Timeout:60seconds

Mode

Globalconfiguration:XSR(config)#

Example

ThefollowingexampleresetstheICMPidleti meoutinterval:

XSR(config)#ip firewall icmp timeout 300

ip firewall java and ip firewall activex

ThiscommanddefinestheobjectthatallowsordeniesHTMLpageswithembeddedJavaor

ActiveXappletsfromparticularorallIPaddresses.Anameforanyfirewallobjectmustusethese

alpha‐numericcharactersonly:

A‐Z(upperorlowercase),0‐9,-(dash),or _(underscore).Also,

allfirewallobjectnamesarecase‐sensitive.

seconds

IdletimeoutforICMPsessions,rangingfrom60to86400seconds.

previous next