[index] AT-AR2050V/AT-AR3050S/AT-AR4050S コマンドリファレンス 5.4.6
使用できるアドレス | 10.0.0.0/29(10.0.0.0〜10.0.0.7) |
接続形態 | LAN型(アドレス8個固定) |
WAN側物理インターフェース | eth1 |
WAN側(eth1)IPアドレス | 10.0.0.1/29 |
LAN側(vlan1)IPアドレス | 192.168.10.1/24 |
デフォルトゲートウェイ | 10.0.0.6(既設ルーターのLAN側) |
no spanning-tree rstp enable |
interface eth1 ip limited-local-proxy-arp ip address 10.0.0.1/29 |
interface vlan1 ip address 192.168.10.1/24 |
local-proxy-arp 10.0.0.0/29 |
zone private network lan ip subnet 192.168.10.0/24 host dns ip address 192.168.10.4 host smtp ip address 192.168.10.3 host web ip address 192.168.10.2 |
zone public network wan ip subnet 0.0.0.0/0 interface eth1 host eth1 ip address 10.0.0.1 |
zone global network ip8 ip subnet 10.0.0.0/29 host dns ip address 10.0.0.4 host smtp ip address 10.0.0.3 host web ip address 10.0.0.2 |
application dns_tcp protocol tcp sport any dport 53 |
firewall rule 10 permit any from private to private rule 20 permit any from private to public rule 30 permit any from private to global rule 40 permit any from global to global rule 50 permit any from global to public rule 60 permit http from public to private.lan.web rule 70 permit smtp from public to private.lan.smtp rule 80 permit dns from public to private.lan.dns rule 90 permit dns_tcp from public to private.lan.dns protect |
nat rule 10 masq any from private to public with src public.wan.eth1 rule 20 portfwd http from public to global.ip8.web with dst private.lan.web rule 30 portfwd smtp from public to global.ip8.smtp with dst private.lan.smtp rule 40 portfwd dns from public to global.ip8.dns with dst private.lan.dns rule 50 portfwd dns_tcp from public to global.ip8.dns with dst private.lan.dns enable |
ip route 0.0.0.0/0 10.0.0.6 |
end |
copy running-config startup-config
」の書式で実行します。awplus# copy running-config startup-config ↓ Building configuration... [OK] |
awplus# write memory ↓ Building configuration... [OK] |
awplus(config)# log buffered level informational program kernel msgtext Firewall ↓ |
awplus# show log | include firewall ↓ |
! no spanning-tree rstp enable ! interface eth1 ip limited-local-proxy-arp ip address 10.0.0.1/29 ! interface vlan1 ip address 192.168.10.1/24 ! local-proxy-arp 10.0.0.0/29 ! zone private network lan ip subnet 192.168.10.0/24 host dns ip address 192.168.10.4 host smtp ip address 192.168.10.3 host web ip address 192.168.10.2 ! zone public network wan ip subnet 0.0.0.0/0 interface eth1 host eth1 ip address 10.0.0.1 ! zone global network ip8 ip subnet 10.0.0.0/29 host dns ip address 10.0.0.4 host smtp ip address 10.0.0.3 host web ip address 10.0.0.2 ! application dns_tcp protocol tcp sport any dport 53 ! firewall rule 10 permit any from private to private rule 20 permit any from private to public rule 30 permit any from private to global rule 40 permit any from global to global rule 50 permit any from global to public rule 60 permit http from public to private.lan.web rule 70 permit smtp from public to private.lan.smtp rule 80 permit dns from public to private.lan.dns rule 90 permit dns_tcp from public to private.lan.dns protect ! nat rule 10 masq any from private to public with src public.wan.eth1 rule 20 portfwd http from public to global.ip8.web with dst private.lan.web rule 30 portfwd smtp from public to global.ip8.smtp with dst private.lan.smtp rule 40 portfwd dns from public to global.ip8.dns with dst private.lan.dns rule 50 portfwd dns_tcp from public to global.ip8.dns with dst private.lan.dns enable ! ip route 0.0.0.0/0 10.0.0.6 ! end |
(C) 2015 - 2016 アライドテレシスホールディングス株式会社
PN: 613-002107 Rev.L