SSG 140 Example Configure

This document configures network services, zones, interfaces, and virtual IPs (VIPs) on a firewall. Key settings include: - Configuring various services like HTTP, HTTPS, RDP, and more. - Assigning interfaces to different security zones like Trust, Untrust, and DMZ. - Configuring IP addresses, routes, and NAT on interfaces. - Creating VIPs that publish internal servers on external IP addresses with port forwarding.

Uploaded by

Josue Lima

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

238 views

SSG 140 Example Configure

Uploaded by

Josue Lima

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 17

unset key protection enable

set clock timezone -6

set clock dst recurring start-weekday 2 0 3 02:00 end-weekday 1 0 11 02:00
set vrouter trust-vr sharable
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
unset auto-route-export
exit
set service "NTP" timeout 120
set service "http_81" protocol tcp src-port 1024-65535 dst-port 81-81
set service "as2" protocol tcp src-port 1024-65535 dst-port 8020-8020
set service "VPN" protocol tcp src-port 0-65535 dst-port 47-47
set service "IMAP SSL" protocol tcp src-port 0-65535 dst-port 993-993
set service "AS2(8010)" protocol tcp src-port 0-65535 dst-port 8010-8010
set service "SMTP Alter" protocol tcp src-port 0-65535 dst-port 587-587
set service "AS28030" protocol tcp src-port 0-65535 dst-port 8030-8030
set service "HTTPS(8443)" protocol tcp src-port 0-65535 dst-port 8443-8443
set service "HTTP (8080)" protocol tcp src-port 0-65535 dst-port 8080-8080
set service "ServerVNC" protocol udp src-port 0-65535 dst-port 5900-5900
set service "RDP" protocol tcp src-port 0-65535 dst-port 3389-3389
set service "https_8043" protocol tcp src-port 0-65535 dst-port 8043-8043
set service "http_90" protocol tcp src-port 0-65535 dst-port 90-90
set service "http_5443" protocol tcp src-port 0-65535 dst-port 5443-5443
set service "rdp_3390" protocol tcp src-port 0-65535 dst-port 3390-3390
set service "ESX Mamage" protocol tcp src-port 0-65535 dst-port 902-902
set service "ESX Mamage" + udp src-port 0-65535 dst-port 902-902
set service "eG Monitor" protocol tcp src-port 0-65535 dst-port 7077-7077
set service "up.time" protocol tcp src-port 9999-9999 dst-port 9999-9999
set service "49754" protocol tcp src-port 0-65535 dst-port 49754-49754
set service "HTTP/HTTPS" protocol tcp src-port 0-65535 dst-port 80-80
set service "HTTP/HTTPS" + tcp src-port 0-65535 dst-port 443-443
set service "88" protocol tcp src-port 0-65535 dst-port 88-88
set service "9992" protocol tcp src-port 0-65535 dst-port 9992-9992
set service "smtp.com" protocol tcp src-port 0-65535 dst-port 2525-2525
set service "843" protocol tcp src-port 0-65535 dst-port 843-843
set service "HTTPS(444)" protocol tcp src-port 0-65535 dst-port 444-444
set service "444(https)" protocol tcp src-port 0-65535 dst-port 444-444
set service "82" protocol tcp src-port 0-65535 dst-port 82-82
set service "Puerto 49754" protocol tcp src-port 0-65535 dst-port 49754-49754
set service "HTTPS(8081)" protocol tcp src-port 0-65535 dst-port 8081-8081
set alg appleichat enable
unset alg appleichat re-assembly enable
set alg sctp enable
set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set auth radius accounting port 1646
set admin name "netscreen"
set admin password "nDduOrrCG0dPcRjESssLpaMttoOoOn"
set admin user "joel.hernandez" password "nAcVAXrIM4yIcQXIwsNN1pDtgLAgtn" privilege
"all"
set admin port 8080
set admin access attempts 2
set admin access lock-on-failure 3
set admin ssh port 2200
set admin scs password disable username joel.hernandez
set admin http redirect
set admin mail alert
set admin mail server-name "mail.ateb.com.mx"
set admin mail traffic-log
set admin auth web timeout 0
set admin auth server "Local"
set admin format dos
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "DMZ" vrouter "trust-vr"
set zone "VLAN" vrouter "trust-vr"
set zone id 100 "Untrust-VW"
set zone "Untrust-Tun" vrouter "trust-vr"
set zone "Trust" tcp-rst
set zone "Untrust" block
unset zone "Untrust" tcp-rst
set zone "MGT" block
unset zone "V1-Trust" tcp-rst
unset zone "V1-Untrust" tcp-rst
set zone "DMZ" tcp-rst
unset zone "V1-DMZ" tcp-rst
unset zone "VLAN" tcp-rst
set zone "Untrust-VW" block
unset zone "Untrust-VW" tcp-rst
set zone "Untrust" screen tear-drop
set zone "Untrust" screen syn-flood
set zone "Untrust" screen ping-death
set zone "Untrust" screen ip-filter-src
set zone "Untrust" screen land
set zone "V1-Untrust" screen tear-drop
set zone "V1-Untrust" screen syn-flood
set zone "V1-Untrust" screen ping-death
set zone "V1-Untrust" screen ip-filter-src
set zone "V1-Untrust" screen land
set interface "ethernet0/0" zone "Null"
set interface "ethernet0/1" zone "Null"
set interface "ethernet0/2" zone "Null"
set interface "ethernet0/4" zone "Untrust"
set interface "ethernet0/5" zone "Trust"
set interface "ethernet0/6" zone "Untrust-VW"
set interface "ethernet0/7" zone "Untrust"
set interface "bgroup0/0" zone "Trust"
set interface "bgroup0/1" zone "Untrust"
set interface "bgroup0/2" zone "DMZ"
set interface "tunnel.1" zone "Trust"
set interface bgroup0/0 port ethernet0/0
set interface bgroup0/0 port ethernet0/1
set interface bgroup0/1 port ethernet0/2
set interface bgroup0/1 port ethernet0/3
set interface bgroup0/2 port ethernet0/8
set interface bgroup0/2 port ethernet0/9
unset interface vlan1 ip
set interface ethernet0/4 ip 187.174.155.114/28
set interface ethernet0/4 route
set interface ethernet0/5 ip 10.10.60.1/24
set interface ethernet0/5 route
set interface ethernet0/6 ip 10.149.65.61/29
set interface ethernet0/6 route
set interface ethernet0/7 ip 201.117.222.19/28
set interface ethernet0/7 route
set interface bgroup0/0 ip 192.168.1.100/24
set interface bgroup0/0 nat
set interface bgroup0/1 ip 200.57.180.161/28
set interface bgroup0/1 route
set interface bgroup0/2 ip 10.10.10.254/24
set interface bgroup0/2 route
set interface tunnel.1 ip unnumbered interface bgroup0/0
set interface ethernet0/4 mtu 1280
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface ethernet0/4 ip manageable
unset interface ethernet0/5 ip manageable
unset interface ethernet0/6 ip manageable
set interface ethernet0/7 ip manageable
set interface bgroup0/0 ip manageable
set interface bgroup0/1 ip manageable
set interface bgroup0/2 ip manageable
set interface ethernet0/4 manage ping
set interface ethernet0/4 manage ssh
set interface ethernet0/4 manage snmp
set interface ethernet0/4 manage ssl
unset interface ethernet0/5 manage ping
unset interface ethernet0/5 manage ssh
unset interface ethernet0/5 manage telnet
unset interface ethernet0/5 manage snmp
unset interface ethernet0/5 manage ssl
unset interface ethernet0/5 manage web
set interface ethernet0/6 manage ping
set interface ethernet0/6 manage telnet
set interface ethernet0/6 manage ssl
set interface ethernet0/7 manage ping
set interface ethernet0/7 manage ssh
set interface ethernet0/7 manage ssl
unset interface bgroup0/0 manage telnet
set interface bgroup0/1 manage ssh
set interface bgroup0/1 manage snmp
set interface bgroup0/1 manage ssl
set interface bgroup0/2 manage ssh
set interface bgroup0/2 manage snmp
set interface bgroup0/2 manage ssl
set interface bgroup0/2 manage web
set interface vlan1 manage mtrace
set interface bgroup0/1 vip 200.57.180.162 443 "HTTPS(8443)" 192.168.1.102
set interface bgroup0/1 vip 200.57.180.162 + 80 "HTTP" 192.168.1.102
set interface bgroup0/1 vip 200.57.180.162 + 21 "FTP" 192.168.1.102
set interface bgroup0/1 vip 200.57.180.162 + 3389 "RDP" 192.168.1.102
set interface bgroup0/1 vip 200.57.180.163
set interface bgroup0/1 vip 200.57.180.164 80 "HTTP" 10.10.10.10 manual
set interface bgroup0/1 vip 200.57.180.164 + 443 "HTTPS(8443)" 10.10.10.10 manual
set interface bgroup0/1 vip 200.57.180.164 + 3389 "RDP" 10.10.10.10 manual
set interface bgroup0/1 vip 200.57.180.165 80 "HTTP" 10.10.10.11
set interface bgroup0/1 vip 200.57.180.165 + 443 "HTTPS" 10.10.10.11
set interface bgroup0/1 vip 200.57.180.165 + 3389 "RDP" 10.10.10.11
set interface bgroup0/1 vip 200.57.180.166 443 "HTTPS" 10.10.10.1 manual
set interface ethernet0/4 vip 187.174.155.115 80 "HTTP" 10.10.10.40 manual
set interface ethernet0/4 vip 187.174.155.115 + 443 "HTTPS" 10.10.10.40 manual
set interface ethernet0/4 vip 187.174.155.115 + 444 "444(https)" 10.10.10.32
set interface ethernet0/6 vip 10.149.65.58 80 "HTTP" 10.10.10.11
set interface ethernet0/6 vip 10.149.65.58 + 443 "HTTPS" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.117 80 "HTTP" 10.10.10.10 manual
set interface ethernet0/4 vip 187.174.155.117 + 443 "HTTPS(8443)" 10.10.10.10
manual
set interface ethernet0/4 vip 187.174.155.117 + 81 "http_81" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.117 + 123 "NTP" 10.10.10.17
set interface ethernet0/4 vip 187.174.155.117 + 843 "843" 10.10.10.10 manual
set interface ethernet0/4 vip 187.174.155.117 + 82 "82" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.117 + 444 "HTTPS(444)" 10.10.10.32
set interface ethernet0/4 vip 187.174.155.118 81 "http_81" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.118 + 444 "HTTPS" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.118 + 80 "HTTP" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.118 + 443 "HTTPS" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.118 + 5443 "HTTPS" 10.10.10.26
set interface ethernet0/4 vip 187.174.155.118 + 445 "HTTPS" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.118 + 8010 "AS2(8010)" 10.10.10.61
set interface ethernet0/4 vip 187.174.155.119 80 "HTTP" 10.10.10.11
set interface ethernet0/4 vip 187.174.155.119 + 443 "HTTPS" 10.10.10.36
set interface ethernet0/4 vip 187.174.155.119 + 8081 "HTTPS(8081)" 10.10.10.19
manual
set interface bgroup0/1 vip 200.57.180.167 80 "HTTP" 10.10.10.20
set interface bgroup0/1 vip 200.57.180.167 + 443 "HTTPS" 10.10.10.20
set interface bgroup0/1 vip 200.57.180.167 + 3389 "RDP" 10.10.10.20
set interface bgroup0/1 vip 200.57.180.168 80 "HTTP" 10.10.10.21
set interface bgroup0/1 vip 200.57.180.168 + 443 "HTTPS" 10.10.10.21
set interface bgroup0/1 vip 200.57.180.168 + 3389 "RDP" 10.10.10.21
set interface bgroup0/1 vip 200.57.180.169 80 "HTTP" 10.10.10.23
set interface bgroup0/1 vip 200.57.180.169 + 443 "HTTPS" 10.10.10.23
set interface bgroup0/1 vip 200.57.180.169 + 3389 "RDP" 10.10.10.23
set interface ethernet0/4 vip 187.174.155.120 80 "HTTP" 10.10.10.19 manual
set interface ethernet0/4 vip 187.174.155.120 + 443 "HTTPS" 10.10.10.19 manual
set interface ethernet0/4 vip 187.174.155.120 + 81 "http_81" 10.10.10.19 manual
set interface ethernet0/4 vip 187.174.155.120 + 49754 "49754" 10.10.10.19 manual
set interface ethernet0/4 vip 187.174.155.120 + 88 "88" 10.10.10.115 manual
set interface ethernet0/6 vip interface-ip 80 "HTTP" 10.10.10.11
set interface ethernet0/6 vip interface-ip 443 "HTTPS" 10.10.10.36
set interface ethernet0/4 vip 187.174.155.116 443 "HTTPS" 10.10.10.41 manual
set interface ethernet0/4 vip 187.174.155.116 + 80 "HTTP" 10.10.10.41 manual
set interface "ethernet0/6" mip 10.149.65.59 host 10.10.10.63 netmask
255.255.255.255 vr "trust-vr"
set interface "ethernet0/6" mip 10.149.65.60 host 10.10.10.163 netmask
255.255.255.255 vr "trust-vr"
set interface "ethernet0/6" mip 10.149.65.65 host 10.10.10.36 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.10 host 10.10.10.10 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.11 host 10.10.10.11 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.12 host 10.10.10.12 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.13 host 10.10.10.13 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.14 host 10.10.10.14 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.111 host 10.10.10.111 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.99 host 10.10.10.99 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.20 host 10.10.10.110 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.21 host 10.10.10.21 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.23 host 10.10.10.23 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.120 host 10.10.10.120 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.15 host 10.10.10.19 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.16 host 10.10.10.20 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.254 host 10.10.10.254 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.18 host 10.10.10.1 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.17 host 10.10.10.17 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.201 host 10.10.10.201 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.150 host 10.10.10.150 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.200 host 10.10.10.200 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.115 host 10.10.10.115 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.182 host 10.10.20.115 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.24 host 10.10.10.24 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.25 host 10.10.10.25 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.26 host 10.10.10.26 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.131 host 10.10.10.131 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.179 host 10.10.10.179 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.113 host 10.10.10.33 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.28 host 10.10.10.18 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.40 host 10.10.10.40 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.211 host 10.10.10.211 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.60 host 10.10.10.60 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.61 host 10.10.10.61 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.41 host 10.10.10.41 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.42 host 10.10.10.42 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.151 host 10.10.20.150 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.140 host 10.10.10.140 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.30 host 10.10.10.30 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.31 host 10.10.10.31 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.32 host 10.10.10.32 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.33 host 10.10.10.33 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.34 host 10.10.10.34 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.90 host 10.10.10.90 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.210 host 10.10.10.210 netmask
255.255.255.255 vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.50 host 10.10.10.50 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/0" mip 192.168.1.80 host 10.10.10.80 netmask 255.255.255.255
vr "trust-vr"
set interface "bgroup0/2" mip 10.10.10.182 host 10.10.20.115 netmask
255.255.255.255 vr "trust-vr"
unset flow no-tcp-seq-check
set flow tcp-syn-check
unset flow tcp-syn-bit-check
set flow reverse-route clear-text prefer
set flow reverse-route tunnel always
set hostname QROFW1
set pki authority default scep mode "auto"
set pki x509 default cert-path partial
set dns host dns1 8.8.8.8
set dns host dns2 0.0.0.0
set dns host dns3 0.0.0.0
set dns ddns
set address "Trust" "---" 192.168.0.158 255.255.255.0
set address "Trust" "----" 192.168.0.247 255.255.255.0
set address "Trust" "-----" 192.168.0.244 255.255.255.255
set address "Trust" "10.10.10.0/24" 10.10.10.0 255.255.255.0
set address "Trust" "10.10.20.0/24" 10.10.20.0 255.255.255.0
set address "Trust" "187.174.155.114/32" 187.174.155.114 255.255.255.255
set address "Trust" "192.168.0.0/24" 192.168.0.0 255.255.255.0
set address "Trust" "192.168.0.178/32" 192.168.0.178 255.255.255.255
set address "Trust" "192.168.0.26/24" 192.168.0.26 255.255.255.0
set address "Trust" "192.168.1.0/24" 192.168.1.0 255.255.255.0
set address "Trust" "192.168.1.102/32" 192.168.1.102 255.255.255.255
set address "Trust" "192.168.1.13/32" 192.168.1.13 255.255.255.255
set address "Trust" "192.168.1.35/24" 192.168.1.35 255.255.255.0
set address "Trust" "192.168.150.105/32" 192.168.150.105 255.255.255.255
set address "Trust" "192.168.150.49" 192.168.150.49 255.255.255.255
set address "Trust" "192.168.150.52/32" 192.168.150.52 255.255.255.255
set address "Trust" "192.168.50.0/24" 192.168.50.0 255.255.255.0
set address "Trust" "192.168.50.5/32" 192.168.50.5 255.255.255.255
set address "Trust" "accesos1" 192.168.0.224 255.255.255.255
set address "Trust" "accesos2" 192.168.0.229 255.255.255.255
set address "Trust" "Alberto Toledo" 192.168.0.20 255.255.255.255
set address "Trust" "Alberto Toledo SRV" 192.168.0.201 255.255.255.255
set address "Trust" "alejandro.lopez" 192.168.0.77 255.255.255.255
set address "Trust" "Ana Leon" 192.168.0.49 255.255.255.255 "Delivery"
set address "Trust" "Baja" 192.168.0.206 255.255.255.255
set address "Trust" "Carlos Ortiz DBA" 192.168.0.42 255.255.255.255 "Sistemas"
set address "Trust" "Consulta RFC" 192.168.0.112 255.255.255.255
set address "Trust" "Daniel Cruz" 192.168.0.58 255.255.255.0
set address "Trust" "Daniel Hernandez" 192.168.0.199 255.255.255.255
set address "Trust" "Erik Tapia" 192.168.0.114 255.255.255.255
set address "Trust" "gabriel.rodriguez" 192.168.0.246 255.255.255.255
set address "Trust" "hector.perez" 192.168.0.178 255.255.255.255
set address "Trust" "Ismael Gonzalez" 192.168.0.57 255.255.255.0
set address "Trust" "ivan macias" 192.168.0.225 255.255.255.255
set address "Trust" "Ivan Renteria" 192.168.0.78 255.255.255.255
set address "Trust" "Jesus Guerrero" 192.168.0.178 255.255.255.255
set address "Trust" "Jesus Romero" 192.168.0.150 255.255.255.255
set address "Trust" "Jorge Cano" 192.168.0.76 255.255.255.255
set address "Trust" "jorge.paez" 192.168.0.80 255.255.255.255
set address "Trust" "juan.olea" 192.168.0.19 255.255.255.255
set address "Trust" "Laura Saucedo" 192.168.0.34 255.255.255.0
set address "Trust" "Ninel Govantes" 192.168.0.222 255.255.255.0
set address "Trust" "Osvaldo Valle" 192.168.0.169 255.255.255.255 "Delivery"
set address "Trust" "PRTG" 192.168.0.8 255.255.255.255
set address "Trust" "sincronizacion" 192.168.0.235 255.255.255.255
set address "Trust" "Snare" 192.168.0.81 255.255.255.255
set address "Trust" "snare.server" 192.168.0.189 255.255.255.255
set address "Trust" "Temporal-AT" 192.168.0.214 255.255.255.255
set address "Trust" "TS-GW" 192.168.0.14 255.255.255.255
set address "Trust" "Ulises Esponiza" 192.168.0.195 255.255.255.255
set address "Trust" "Victor Ordo�ez" 192.168.0.151 255.255.255.0
set address "Trust" "wendolyn.lugo" 192.168.0.234 255.255.255.255
set address "Untrust" "10.100.0.0/16" 10.100.0.0 255.255.0.0
set address "Untrust" "10.100.67.0/24" 10.100.67.0 255.255.255.0
set address "Untrust" "13.107.4.50" 13.107.4.50 255.255.255.0
set address "Untrust" "169.44.183.3" 169.44.183.3 255.255.255.255
set address "Untrust" "177.232.81.248" 177.232.81.248 255.255.255.255
set address "Untrust" "177.66.76.170" 177.66.76.170 255.255.255.255
set address "Untrust" "187.133.124.169/32" 187.133.124.169 255.255.255.255
set address "Untrust" "187.160.242.252" 187.160.242.252 255.255.255.255
set address "Untrust" "187.188.85.2/32" 187.188.85.2 255.255.255.255
set address "Untrust" "187.190.163.96" 187.190.163.96 255.255.255.255
set address "Untrust" "191.238.145.8/32" 191.238.145.8 255.255.255.255
set address "Untrust" "192.168.0.0/16" 192.168.0.0 255.255.0.0
set address "Untrust" "192.168.0.0/24" 192.168.0.0 255.255.255.0
set address "Untrust" "192.168.1.0/24" 192.168.1.0 255.255.255.0
set address "Untrust" "192.168.150.0" 192.168.150.0 255.255.255.0
set address "Untrust" "192.168.150.10/32" 192.168.150.10 255.255.255.255
set address "Untrust" "192.168.150.49" 192.168.150.49 255.255.255.255
set address "Untrust" "192.168.150.52/32" 192.168.150.52 255.255.255.255
set address "Untrust" "192.168.50.0/24" 192.168.50.0 255.255.255.0
set address "Untrust" "195.81.195.57" 195.81.195.57 255.255.255.0
set address "Untrust" "200.36.47.191" 200.36.47.191 255.255.255.255
set address "Untrust" "200.52.90.78" 200.52.90.78 255.255.255.255
set address "Untrust" "200.66.76.170/24" 200.66.76.170 255.255.255.0
set address "Untrust" "200.66.76.170/29" 200.66.76.170 255.255.255.248
set address "Untrust" "200.66.76.173/24" 200.66.76.173 255.255.255.0
set address "Untrust" "201.144.64.70/32" 201.144.64.70 255.255.255.255
set address "Untrust" "201.163.30.36" 201.163.30.36 255.255.255.255
set address "Untrust" "207.248.104.50" 207.248.104.50 255.255.255.255
set address "Untrust" "216.50.193.14" 216.50.193.14 255.255.255.0
set address "Untrust" "50.62.40.85" 50.62.40.85 255.255.255.255
set address "Untrust" "52.25.46.217" 52.25.46.217 255.255.255.0
set address "Untrust" "66.102.131.123/32" 66.102.131.123 255.255.255.255
set address "Untrust" "69.162.124.227" 69.162.124.227 255.255.255.0
set address "Untrust" "69.162.124.233" 69.162.124.233 255.255.255.255
set address "Untrust" "72.21.81.253" 72.21.81.253 255.255.255.255
set address "Untrust" "72.21.81.253/32" 72.21.81.253 255.255.255.255
set address "Untrust" "74.125.3.108" 74.125.3.108 255.255.255.255
set address "Untrust" "74.86.158.106/32" 74.86.158.106 255.255.255.255
set address "Untrust" "Akamai International" 23.43.116.115 255.255.255.0
set address "Untrust" "Akamai Technologie 23.213.76.25" 23.213.76.25
255.255.255.255
set address "Untrust" "Akamai Technologies, Inc" 23.0.153.46 255.255.255.0
set address "Untrust" "Amazon Technologies Inc" 52.0.60.64 255.255.255.0
set address "Untrust" "AMAZON-2011L" 54.89.36.21 255.255.255.0
set address "Untrust" "Hetzner-RZ16 176.9.138.231" 176.9.138.231 255.255.255.255
set address "DMZ" "10.10.10.0/24" 10.10.10.0 255.255.255.0
set address "DMZ" "10.10.10.111/24" 10.10.10.111 255.255.255.0
set address "DMZ" "10.10.10.33/32" 10.10.10.33 255.255.255.255
set address "DMZ" "10.10.20.0/24" 10.10.20.0 255.255.255.0
set address "DMZ" "10.10.20.33/32" 10.10.20.33 255.255.255.255
set address "DMZ" "192.168.0.0/24" 192.168.0.0 255.255.255.0
set address "DMZ" "192.168.1.0/24" 192.168.1.0 255.255.255.0
set address "DMZ" "192.168.1.102/32" 192.168.1.102 255.255.255.255
set address "DMZ" "192.168.1.13/32" 192.168.1.13 255.255.255.255
set address "DMZ" "192.168.1.16/32" 192.168.1.16 255.255.255.255
set ippool "pool_remotos" 10.10.10.151 10.10.10.156
set user "alberto.toledo" uid 5
set user "alberto.toledo" type xauth
set user "alberto.toledo" password "F43WcCVgNNZvcMs5FSCFm3qTFVnIxBXyRg=="
unset user "alberto.toledo" type auth
set user "alberto.toledo" "enable"
set user "ignacio.robles" uid 3
set user "ignacio.robles" type xauth
set user "ignacio.robles" password "9qCH1e6rNovYsksTHPCebtoagnn1SftbAQ=="
unset user "ignacio.robles" type auth
set user "ignacio.robles" "enable"
set user "juan.olea" uid 4
set user "juan.olea" type xauth
set user "juan.olea" password "Nq+42aLtNSoh79sc8GC6LjHMOOnuU0x8WA=="
unset user "juan.olea" type auth
set user "juan.olea" "enable"
set user "omar.almazan" uid 6
set user "omar.almazan" "enable"
set user "rene.froget" uid 2
set user "rene.froget" type xauth
set user "rene.froget" password "+Cb/7hr5NTTJvlsxnmCAT76pBUnndyZ7qw=="
unset user "rene.froget" type auth
set user "rene.froget" "enable"
set user "vpn_cliente_remoto" uid 1
set user "vpn_cliente_remoto" ike-id u-fqdn "[email protected]" share-limit 1
set user "vpn_cliente_remoto" type ike
set user "vpn_cliente_remoto" "enable"
set user-group "Grupo_Cliente_Remoto" id 1
set user-group "Grupo_Cliente_Remoto" user "vpn_cliente_remoto"
set crypto-policy
exit
set ike gateway "gw_atebmx" address 201.144.64.70 Main outgoing-interface
"bgroup0/1" preshare "A7hfv5Q3NRe0O8sJouC32KE+sAnAR1whTQ==" sec-level standard
set ike gateway "vpn_usuarios_remotos" dialup "Grupo_Cliente_Remoto" Aggr outgoing-
interface "bgroup0/1" preshare "fmQGOJTTNGyvTss5kbC1po9zC2nYtpD7Dg==" proposal
"pre-g2-3des-sha" "pre-g2-3des-md5" "pre-g2-aes128-sha" "pre-g2-aes128-md5"
set ike gateway "vpn_usuarios_remotos" dpd-liveness interval 30
unset ike gateway "vpn_usuarios_remotos" nat-traversal udp-checksum
set ike gateway "vpn_usuarios_remotos" nat-traversal keepalive-frequency 5
set ike gateway "vpn_usuarios_remotos" xauth server "Local"
unset ike gateway "vpn_usuarios_remotos" xauth do-edipi-auth
set ike gateway "GW-CJF" address 189.240.126.43 Main outgoing-interface
"ethernet0/4" preshare "8zay58ZUNrJBAasKU6C6WMMFoynZJcj+ig==" proposal "pre-g2-
3des-md5" "rsa-g2-3des-md5"
set ike respond-bad-spi 1
set ike ikev2 ike-sa-soft-lifetime 60
unset ike ikeid-enumeration
unset ike dos-protection
unset ipsec access-session enable
set ipsec access-session maximum 5000
set ipsec access-session upper-threshold 0
set ipsec access-session lower-threshold 0
set ipsec access-session dead-p2-sa-timeout 0
unset ipsec access-session log-error
unset ipsec access-session info-exch-connected
unset ipsec access-session use-error-log
set xauth default ippool "pool_remotos"
set xauth default dns1 10.10.10.15
set vpn "vpn_atebmx" gateway "gw_atebmx" no-replay tunnel idletime 0 sec-level
standard
set vpn "vpn_atebmx" monitor
set vpn "vpn_atebmx" id 0x2 bind interface tunnel.1
set vpn "tn_usuarios_remotos" gateway "vpn_usuarios_remotos" replay tunnel idletime
0 proposal "nopfs-esp-3des-sha" "nopfs-esp-3des-md5" "nopfs-esp-aes128-sha"
"nopfs-esp-aes128-md5"
set vpn "VPN-CJF" gateway "GW-CJF" no-replay tunnel idletime 0 proposal "nopfs-esp-
3des-md5"
set vpn "VPN-CJF" monitor
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
exit
set url protocol websense
exit
set vpn "vpn_atebmx" proxy-id local-ip 192.168.1.0/24 remote-ip 192.168.0.0/24
"ANY"
set vpn "VPN-CJF" proxy-id local-ip 10.10.10.0/24 remote-ip 10.100.0.0/16 "ANY"
set policy id 91 name "Qro/Insurgentes" from "Untrust" to "Trust" "192.168.1.0/24"
"192.168.0.0/24" "ANY" permit log
set policy id 91
exit
set policy id 87 name "Politica HSM" from "Trust" to "DMZ" "Erik Tapia"
"MIP(192.168.1.32)" "http_90" permit log
set policy id 87
set dst-address "MIP(192.168.1.50)"
set service "SSH"
exit
set policy id 86 from "Trust" to "DMZ" "192.168.150.105/32" "MIP(192.168.1.33)"
"PING" permit log
set policy id 86
set service "RDP"
exit
set policy id 85 name "Politica Snare" from "Trust" to "DMZ" "Snare"
"MIP(192.168.1.10)" "ANY" permit
set policy id 85
set dst-address "MIP(192.168.1.11)"
set dst-address "MIP(192.168.1.111)"
set dst-address "MIP(192.168.1.113)"
set dst-address "MIP(192.168.1.115)"
set dst-address "MIP(192.168.1.12)"
set dst-address "MIP(192.168.1.120)"
set dst-address "MIP(192.168.1.13)"
set dst-address "MIP(192.168.1.131)"
set dst-address "MIP(192.168.1.14)"
set dst-address "MIP(192.168.1.140)"
set dst-address "MIP(192.168.1.15)"
set dst-address "MIP(192.168.1.150)"
set dst-address "MIP(192.168.1.151)"
set dst-address "MIP(192.168.1.16)"
set dst-address "MIP(192.168.1.17)"
set dst-address "MIP(192.168.1.179)"
set dst-address "MIP(192.168.1.18)"
set dst-address "MIP(192.168.1.182)"
set dst-address "MIP(192.168.1.20)"
set dst-address "MIP(192.168.1.200)"
set dst-address "MIP(192.168.1.201)"
set dst-address "MIP(192.168.1.21)"
set dst-address "MIP(192.168.1.211)"
set dst-address "MIP(192.168.1.23)"
set dst-address "MIP(192.168.1.24)"
set dst-address "MIP(192.168.1.25)"
set dst-address "MIP(192.168.1.254)"
set dst-address "MIP(192.168.1.26)"
set dst-address "MIP(192.168.1.28)"
set dst-address "MIP(192.168.1.30)"
set dst-address "MIP(192.168.1.31)"
set dst-address "MIP(192.168.1.32)"
set dst-address "MIP(192.168.1.33)"
set dst-address "MIP(192.168.1.34)"
set dst-address "MIP(192.168.1.40)"
set dst-address "MIP(192.168.1.41)"
set dst-address "MIP(192.168.1.42)"
set dst-address "MIP(192.168.1.60)"
set dst-address "MIP(192.168.1.61)"
set dst-address "MIP(192.168.1.90)"
set dst-address "MIP(192.168.1.99)"
exit
set policy id 84 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.120)" "9992"
permit log
set policy id 84
exit
set policy id 83 name "Politica Ivan Renteria" from "Trust" to "DMZ" "Ivan
Renteria" "MIP(192.168.1.15)" "http_90" permit log
set policy id 83
set dst-address "MIP(192.168.1.32)"
set dst-address "MIP(192.168.1.33)"
set service "MS-SQL"
set service "PING"
set service "RDP"
exit
set policy id 80 name "Politica DB" from "Untrust" to "DMZ" "192.168.0.0/24"
"MIP(192.168.1.33)" "ANY" permit log
set policy id 80 disable
set policy id 80
exit
set policy id 76 from "Untrust" to "DMZ" "192.168.150.52/32" "MIP(192.168.1.13)"
"MS-SQL" permit log
set policy id 76
set service "PING"
exit
set policy id 75 name "Politica Ulises Delgado" from "Trust" to "DMZ"
"192.168.150.52/32" "MIP(192.168.1.113)" "MS-SQL" permit log
set policy id 75
set dst-address "MIP(192.168.1.13)"
set service "PING"
exit
set policy id 74 name "Politica Timbrado V2" from "Untrust" to "DMZ" "Any"
"VIP(187.174.155.119)" "HTTP (8080)" permit log
set policy id 74
set service "HTTPS"
exit
set policy id 72 from "Untrust" to "Trust" "192.168.150.10/32" "192.168.1.13/32"
"ANY" permit log
set policy id 72
exit
set policy id 71 name "Politica 1.13 a 150.10" from "Trust" to "Untrust"
"192.168.1.13/32" "192.168.150.10/32" "ANY" permit log
set policy id 71
exit
set policy id 70 name "Politica a QRO1" from "Trust" to "Untrust" "192.168.1.0/24"
"192.168.150.0" "ANY" permit log
set policy id 70
exit
set policy id 69 from "Untrust" to "Trust" "192.168.150.0" "192.168.1.0/24" "ANY"
permit log
set policy id 69
exit
set policy id 68 from "Untrust" to "DMZ" "192.168.150.0" "192.168.1.0/24" "ANY"
permit log
set policy id 68
exit
set policy id 67 name "temp qro1" from "Trust" to "Untrust" "192.168.1.0/24"
"192.168.0.0/24" "ANY" permit log
set policy id 67
exit
set policy id 62 from "Untrust" to "Trust" "69.162.124.233" "VIP(187.174.155.118)"
"ANY" deny log
set policy id 62
exit
set policy id 61 from "Untrust" to "DMZ" "169.44.183.3" "VIP(187.174.155.118)"
"ANY" deny log
set policy id 61
set src-address "201.163.30.36"
set src-address "50.62.40.85"
set src-address "69.162.124.233"
exit
set policy id 60 from "DMZ" to "Untrust" "Any" "72.21.81.253/32" "ANY" permit log
set policy id 60
exit
set policy id 59 from "Untrust" to "DMZ" "169.44.183.3" "Any" "ANY" deny log
set policy id 59
set src-address "177.66.76.170"
set src-address "201.163.30.36"
set src-address "50.62.40.85"
set src-address "72.21.81.253/32"
exit
set policy id 57 from "Untrust" to "Trust" "13.107.4.50" "Any" "ANY" deny log
set policy id 57
set src-address "169.44.183.3"
set src-address "177.232.81.248"
set src-address "177.66.76.170"
set src-address "187.160.242.252"
set src-address "187.190.163.96"
set src-address "195.81.195.57"
set src-address "200.36.47.191"
set src-address "200.52.90.78"
set src-address "207.248.104.50"
set src-address "216.50.193.14"
set src-address "50.62.40.85"
set src-address "52.25.46.217"
set src-address "72.21.81.253"
set src-address "74.125.3.108"
set src-address "Akamai International"
set src-address "Akamai Technologie 23.213.76.25"
set src-address "Akamai Technologies, Inc"
set src-address "Amazon Technologies Inc"
set src-address "AMAZON-2011L"
set src-address "Hetzner-RZ16 176.9.138.231"
exit
set policy id 48 from "Untrust" to "DMZ" "66.102.131.123/32" "Any" "ANY" deny log
set policy id 48
exit
set policy id 7 from "DMZ" to "Untrust" "Any" "Any" "DNS" nat src permit log count

set policy id 7
set service "FTP"
set service "HTTP"
set service "http_81"
set service "HTTPS"
set service "HTTPS(444)"
set service "ICMP-ANY"
set service "MAIL"
set service "SMTP Alter"
set service "smtp.com"
set service "SNMP"
exit
set policy id 42 from "DMZ" to "Untrust" "Any" "Any" "ANY" permit log url-filter
set policy id 42
exit
set policy id 35 from "DMZ" to "Untrust" "10.10.10.0/24" "Any" "ANY" permit log
set policy id 35
exit
set policy id 11 from "DMZ" to "Untrust" "10.10.10.0/24" "Dial-Up VPN" "ANY"
tunnel vpn "tn_usuarios_remotos" id 0x6 pair-policy 10 log
set policy id 11
exit
set policy id 31 from "DMZ" to "Untrust" "10.10.10.0/24" "10.100.0.0/16" "ANY"
tunnel vpn "VPN-CJF" id 0xa pair-policy 30 log
set policy id 31
exit
set policy id 10 from "Untrust" to "DMZ" "Dial-Up VPN" "10.10.10.0/24" "ANY"
tunnel vpn "tn_usuarios_remotos" id 0x6 pair-policy 11 log
set policy id 10
exit
set policy id 30 from "Untrust" to "DMZ" "10.100.0.0/16" "10.10.10.0/24" "ANY"
tunnel vpn "VPN-CJF" id 0xa pair-policy 31 log
set policy id 30
exit
set policy id 41 from "Untrust" to "DMZ" "74.86.158.106/32" "VIP(187.174.155.117)"
"ANY" deny log
set policy id 41
set dst-address "VIP(187.174.155.118)"
set dst-address "VIP(187.174.155.119)"
set log session-init
exit
set policy id 1 from "Trust" to "Untrust" "Any" "Any" "ANY" permit log
set policy id 1
exit
set policy id 2 from "Untrust" to "Trust" "Any" "VIP(187.174.155.115)" "eG
Monitor" permit log count
set policy id 2
set service "HTTP"
set service "HTTPS"
exit
set policy id 6 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.117)" "AS2(8010)"
permit log count
set policy id 6
set dst-address "VIP(187.174.155.118)"
set service "HTTP"
set service "HTTPS"
set service "HTTPS(444)"
exit
set policy id 46 from "Trust" to "DMZ" "Alberto Toledo" "MIP(192.168.1.30)" "ANY"
permit log
set policy id 46
set dst-address "MIP(192.168.1.31)"
set dst-address "MIP(192.168.1.32)"
set dst-address "MIP(192.168.1.34)"
exit
set policy id 12 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.119)" "HTTP"
permit log
set policy id 12
set service "HTTPS"
set service "HTTPS(8081)"
set log session-init
exit
set policy id 13 from "Trust" to "DMZ" "192.168.1.0/24" "10.10.10.0/24" "ANY"
permit log
set policy id 13
set dst-address "10.10.20.0/24"
exit
set policy id 36 from "DMZ" to "Trust" "10.10.10.0/24" "192.168.1.0/24" "ANY"
permit log
set policy id 36
exit
set policy id 15 from "DMZ" to "Trust" "10.10.10.0/24" "192.168.0.0/24" "ANY"
permit log
set policy id 15
set dst-address "192.168.1.102/32"
exit
set policy id 17 from "DMZ" to "Trust" "10.10.10.0/24" "192.168.50.0/24" "ANY"
permit log
set policy id 17
exit
set policy id 18 from "Trust" to "DMZ" "192.168.50.0/24" "10.10.10.0/24" "ANY"
permit log
set policy id 18
exit
set policy id 55 from "Trust" to "Trust" "192.168.0.0/24" "MIP(192.168.1.111)"
"ANY" permit log
set policy id 55
exit
set policy id 20 from "Trust" to "Trust" "192.168.0.0/24" "192.168.1.0/24" "ANY"
permit log
set policy id 20
exit
set policy id 21 from "Trust" to "Trust" "192.168.1.0/24" "192.168.0.0/24" "ANY"
permit log
set policy id 21
exit
set policy id 22 from "Untrust" to "Trust" "200.66.76.170/24"
"VIP(187.174.155.117)" "843" permit log count
set policy id 22
set src-address "200.66.76.173/24"
set src-address "201.144.64.70/32"
set service "http_81"
exit
set policy id 23 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.117)" "82" permit
log
set policy id 23
set service "NTP"
exit
set policy id 24 from "Untrust" to "Trust" "Any" "VIP(187.174.155.117)" "NTP"
permit log count
set policy id 24
exit
set policy id 25 from "DMZ" to "Trust" "MIP(192.168.1.254)" "192.168.1.0/24" "ANY"
permit log
set policy id 25
exit
set policy id 26 from "DMZ" to "Trust" "192.168.1.102/32" "MIP(192.168.1.254)"
"ANY" permit log
set policy id 26
exit
set policy id 32 from "DMZ" to "Trust" "10.10.10.0/24" "10.10.20.0/24" "ANY"
permit log
set policy id 32
exit
set policy id 34 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.118)" "http_81"
permit log count
set policy id 34
exit
set policy id 37 from "Untrust-VW" to "DMZ" "Any" "VIP(10.149.65.58)" "HTTP"
permit log
set policy id 37
set service "HTTPS"
exit
set policy id 38 from "DMZ" to "Untrust-VW" "Any" "Any" "HTTP" permit log
set policy id 38
set service "HTTPS"
exit
set policy id 43 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.118)" "http_5443"
permit log count
set policy id 43
exit
set policy id 51 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.115)" "444(https)"
permit log sess-limit per-src-ip 30
set policy id 51
set service "HTTP"
set service "HTTPS"
set service "HTTPS(444)"
set service "RDP"
exit
set policy id 52 from "Untrust" to "DMZ" "Any" "VIP(187.174.155.116)" "HTTP"
permit log
set policy id 52
set service "HTTPS"
exit
set policy id 54 from "Trust" to "DMZ" "Ana Leon" "MIP(192.168.1.10)" "ANY" permit
log
set policy id 54
set src-address "Carlos Ortiz DBA"
set src-address "Daniel Cruz"
set src-address "Daniel Hernandez"
set src-address "Jesus Romero"
set src-address "Jorge Cano"
set src-address "Ninel Govantes"
set src-address "Osvaldo Valle"
set src-address "PRTG"
set src-address "sincronizacion"
set src-address "snare.server"
set src-address "Temporal-AT"
set src-address "TS-GW"
set src-address "Victor Ordo�ez"
set dst-address "MIP(192.168.1.11)"
set dst-address "MIP(192.168.1.111)"
set dst-address "MIP(192.168.1.113)"
set dst-address "MIP(192.168.1.115)"
set dst-address "MIP(192.168.1.12)"
set dst-address "MIP(192.168.1.120)"
set dst-address "MIP(192.168.1.13)"
set dst-address "MIP(192.168.1.131)"
set dst-address "MIP(192.168.1.14)"
set dst-address "MIP(192.168.1.15)"
set dst-address "MIP(192.168.1.150)"
set dst-address "MIP(192.168.1.151)"
set dst-address "MIP(192.168.1.16)"
set dst-address "MIP(192.168.1.17)"
set dst-address "MIP(192.168.1.179)"
set dst-address "MIP(192.168.1.18)"
set dst-address "MIP(192.168.1.182)"
set dst-address "MIP(192.168.1.20)"
set dst-address "MIP(192.168.1.200)"
set dst-address "MIP(192.168.1.201)"
set dst-address "MIP(192.168.1.21)"
set dst-address "MIP(192.168.1.211)"
set dst-address "MIP(192.168.1.23)"
set dst-address "MIP(192.168.1.24)"
set dst-address "MIP(192.168.1.25)"
set dst-address "MIP(192.168.1.254)"
set dst-address "MIP(192.168.1.26)"
set dst-address "MIP(192.168.1.28)"
set dst-address "MIP(192.168.1.30)"
set dst-address "MIP(192.168.1.31)"
set dst-address "MIP(192.168.1.32)"
set dst-address "MIP(192.168.1.33)"
set dst-address "MIP(192.168.1.34)"
set dst-address "MIP(192.168.1.40)"
set dst-address "MIP(192.168.1.41)"
set dst-address "MIP(192.168.1.42)"
set dst-address "MIP(192.168.1.50)"
set dst-address "MIP(192.168.1.60)"
set dst-address "MIP(192.168.1.61)"
set dst-address "MIP(192.168.1.80)"
set dst-address "MIP(192.168.1.90)"
set dst-address "MIP(192.168.1.99)"
exit
set policy id 63 from "Untrust-VW" to "DMZ" "Any" "MIP(10.149.65.59)" "ANY" permit
log
set policy id 63
exit
set policy id 64 from "Untrust-VW" to "DMZ" "Any" "MIP(10.149.65.60)" "ANY" permit
log
set policy id 64
exit
set policy id 65 from "Untrust-VW" to "DMZ" "Any" "VIP(ethernet0/6)" "HTTPS"
permit log
set policy id 65
exit
set policy id 82 from "Untrust-VW" to "DMZ" "Any" "MIP(10.149.65.65)" "ANY" permit
log
set policy id 82
exit
set policy id 89 name "Gabriela Maya" from "Trust" to "DMZ" "192.168.0.26/24"
"MIP(192.168.1.21)" "ANY" permit
set policy id 89
exit
set syslog config "192.168.0.147"
set syslog config "192.168.0.147" facilities local0 local0
set syslog config "192.168.0.147" log traffic
set syslog src-interface bgroup0/0
set syslog enable
set firewall log-self
set nsmgmt bulkcli reboot-timeout 60
set ssh version v2
set ssh enable
set config lock timeout 5
unset license-key auto-update
set telnet client enable
set ssl port 4430
set ssl encrypt 3des sha-1
set ntp server "10.10.10.17"
set snmp community "test" Read-Write Trap-on traffic version v1
set snmp community "monitorPRTG" Read-Write Trap-on traffic version v1
set snmp host "test" 192.168.1.102 255.255.255.255 src-interface bgroup0/2 trap v1
set snmp host "monitorPRTG" 192.168.1.20 255.255.255.255 src-interface bgroup0/0
trap v1
set snmp name "SSG140"
set snmp port listen 161
set snmp port trap 162
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
unset add-default-route
set route 0.0.0.0/0 interface bgroup0/1 gateway 200.57.180.174 permanent
set route 192.168.0.0/24 interface tunnel.1 preference 20
set route 0.0.0.0/0 interface ethernet0/4 gateway 187.174.155.113 preference 10
set route 192.168.50.1/24 interface tunnel.1
set route 10.149.65.0/24 interface ethernet0/6 gateway 10.149.65.57 preference 10
permanent description "VW"
exit
set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
exit

Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
Rootkits Subverting The Windows Kernel
50% (2)
Rootkits Subverting The Windows Kernel
524 pages
Teldat Infointernet Modelo + DHCP + NAT + WIFI
No ratings yet
Teldat Infointernet Modelo + DHCP + NAT + WIFI
9 pages
Cli Console
No ratings yet
Cli Console
190 pages
Continental Diesel Engine Reference Guide: Make Fits Application Engine Details
0% (1)
Continental Diesel Engine Reference Guide: Make Fits Application Engine Details
1 page
JNC DHCP
No ratings yet
JNC DHCP
6 pages
Ultimo
No ratings yet
Ultimo
35 pages
Set External Disable
No ratings yet
Set External Disable
1,734 pages
N - FortiGate 200a Configuration
No ratings yet
N - FortiGate 200a Configuration
100 pages
Cisco Nsoc
No ratings yet
Cisco Nsoc
21 pages
Hub 1
No ratings yet
Hub 1
7 pages
Ip VLN Routs
No ratings yet
Ip VLN Routs
8 pages
Router OS
No ratings yet
Router OS
79 pages
6 To 4
No ratings yet
6 To 4
7 pages
DC1
No ratings yet
DC1
4 pages
Mikrotik Dps
No ratings yet
Mikrotik Dps
8 pages
SSG Firewall
No ratings yet
SSG Firewall
5 pages
Branch 1
No ratings yet
Branch 1
5 pages
2020 11 18.17 26 26.yn4 A1 - 1f Oa JR 01 s5735 l24p4s b1 15u#
No ratings yet
2020 11 18.17 26 26.yn4 A1 - 1f Oa JR 01 s5735 l24p4s b1 15u#
11 pages
Check Point Gateway
No ratings yet
Check Point Gateway
8 pages
HQB Firewall
No ratings yet
HQB Firewall
9 pages
Juniper
No ratings yet
Juniper
3 pages
Scrip Export 750gl
No ratings yet
Scrip Export 750gl
3 pages
Aliied Wiz
No ratings yet
Aliied Wiz
7 pages
Branch 1
No ratings yet
Branch 1
4 pages
Mikrrotik
No ratings yet
Mikrrotik
6 pages
Fail Over IPSec Site-to-Site VPN With Redundant Link On FortiGate Firewall
No ratings yet
Fail Over IPSec Site-to-Site VPN With Redundant Link On FortiGate Firewall
17 pages
Isp Anti Detect
100% (1)
Isp Anti Detect
2 pages
KN-1311 Stable 4.02.C.3.0-2 Router Startup-config
No ratings yet
KN-1311 Stable 4.02.C.3.0-2 Router Startup-config
6 pages
Packet
No ratings yet
Packet
33 pages
Configuration Example of Regular DHCP Relay Through A Fortigate To Fortigate VPN
No ratings yet
Configuration Example of Regular DHCP Relay Through A Fortigate To Fortigate VPN
2 pages
Firewall Configrations
No ratings yet
Firewall Configrations
989 pages
CPE - Router Comfig
No ratings yet
CPE - Router Comfig
7 pages
Script Padrão Interface Mikrotik Nova
No ratings yet
Script Padrão Interface Mikrotik Nova
8 pages
KN-2011 Stable 3.08.C.5.0-4 Router Startup-Config
No ratings yet
KN-2011 Stable 3.08.C.5.0-4 Router Startup-Config
6 pages
2024 02 14T20 - 31 - 59 VADODBO 2022148459 F40F SFW01 (Root) Preview
No ratings yet
2024 02 14T20 - 31 - 59 VADODBO 2022148459 F40F SFW01 (Root) Preview
213 pages
PASC-FW-PA-0174-IE02display Currentaa
No ratings yet
PASC-FW-PA-0174-IE02display Currentaa
12 pages
Comandos Set
No ratings yet
Comandos Set
5 pages
Plantilla ASR920 (Para Revisar)
No ratings yet
Plantilla ASR920 (Para Revisar)
13 pages
PASC-FW-PA-0174-IE02display Current
No ratings yet
PASC-FW-PA-0174-IE02display Current
12 pages
Console Output CLI Console
No ratings yet
Console Output CLI Console
20 pages
Entrasys
No ratings yet
Entrasys
8 pages
Copia RB 2011 Rita ... Mikrotik
No ratings yet
Copia RB 2011 Rita ... Mikrotik
9 pages
MobaXterm 192.168.195.131 20240420 001136
No ratings yet
MobaXterm 192.168.195.131 20240420 001136
135 pages
Set System Host-Name FW - BR - ISABELA
No ratings yet
Set System Host-Name FW - BR - ISABELA
3 pages
Scrip Ori Mikrotik
No ratings yet
Scrip Ori Mikrotik
2 pages
Chapter 11 - Comprehensive Lab - txt-1
33% (3)
Chapter 11 - Comprehensive Lab - txt-1
7 pages
Ingenieria Ot-76011312
No ratings yet
Ingenieria Ot-76011312
35 pages
MobaXterm 192.168.195.131 20240419 232151
No ratings yet
MobaXterm 192.168.195.131 20240419 232151
40 pages
MobaXterm 192.168.195.131 20240419 222757
No ratings yet
MobaXterm 192.168.195.131 20240419 222757
30 pages
Infocomtech4 Skills Exam1 Syntax 2
No ratings yet
Infocomtech4 Skills Exam1 Syntax 2
8 pages
Forti VPN A
No ratings yet
Forti VPN A
10 pages
FW
No ratings yet
FW
12 pages
MobaXterm 192.168.195.131 20240420 010348
No ratings yet
MobaXterm 192.168.195.131 20240420 010348
272 pages
Pim Sparse Mode With Snat Potential Bug
No ratings yet
Pim Sparse Mode With Snat Potential Bug
261 pages
Fgt50e Gye Plantilla - Nat
No ratings yet
Fgt50e Gye Plantilla - Nat
113 pages
MONTERREY
No ratings yet
MONTERREY
18 pages
gx4 Fajar
No ratings yet
gx4 Fajar
7 pages
Commands I Used in CLI
No ratings yet
Commands I Used in CLI
5 pages
Setting Mikrotik Untuk Warnet DG Feature Web-Proxy Nya
No ratings yet
Setting Mikrotik Untuk Warnet DG Feature Web-Proxy Nya
10 pages
teldat_internet&transporte
No ratings yet
teldat_internet&transporte
4 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Datasheet
No ratings yet
Datasheet
2 pages
Roll Up Banner PDF
No ratings yet
Roll Up Banner PDF
2 pages
DataSheet XRN-6410RB2 EN
No ratings yet
DataSheet XRN-6410RB2 EN
5 pages
Cisco Iox For Edge Compute Lab V1
No ratings yet
Cisco Iox For Edge Compute Lab V1
16 pages
Ax-Relay6: Relay Module For Power Surveillance
No ratings yet
Ax-Relay6: Relay Module For Power Surveillance
1 page
Cisco Remote and Mobile Asset (Kinetic GMM + Industrial Router) Lab v2
No ratings yet
Cisco Remote and Mobile Asset (Kinetic GMM + Industrial Router) Lab v2
46 pages
Roll Up Banner PDF
No ratings yet
Roll Up Banner PDF
2 pages
Cisco Video Surveillance Manager Safety and Security Desktop User Guide
No ratings yet
Cisco Video Surveillance Manager Safety and Security Desktop User Guide
188 pages
Datasheet c78 731878 PDF
No ratings yet
Datasheet c78 731878 PDF
15 pages
Codeblue Apt-En
No ratings yet
Codeblue Apt-En
94 pages
Cuestionario Técnico: Threat Protection System
No ratings yet
Cuestionario Técnico: Threat Protection System
7 pages
Quick Start Guide: Ibm Qradar Security Intelligence Platform
No ratings yet
Quick Start Guide: Ibm Qradar Security Intelligence Platform
2 pages
Output Infodoc 946385059
No ratings yet
Output Infodoc 946385059
1 page
New and Changed Information For Cisco Unified CommunicationsManager, Release 10.0
No ratings yet
New and Changed Information For Cisco Unified CommunicationsManager, Release 10.0
232 pages
SR - No. Questions A B C D Answer
No ratings yet
SR - No. Questions A B C D Answer
25 pages
Solutions Board Questions
No ratings yet
Solutions Board Questions
14 pages
The Problems of The World of Education in The Middle of The Covid-19 Pandemic
No ratings yet
The Problems of The World of Education in The Middle of The Covid-19 Pandemic
8 pages
School Grant 2024 Letter (1)
No ratings yet
School Grant 2024 Letter (1)
474 pages
Akash Kumar IITMandi
No ratings yet
Akash Kumar IITMandi
1 page
Autolab Manual
100% (1)
Autolab Manual
327 pages
Abdullah Infrared Radiation
No ratings yet
Abdullah Infrared Radiation
24 pages
GPT
No ratings yet
GPT
83 pages
DESIGN 8
No ratings yet
DESIGN 8
2 pages
DBMS MID1 QUESTION PAPER
No ratings yet
DBMS MID1 QUESTION PAPER
2 pages
CCPP Final Report
No ratings yet
CCPP Final Report
325 pages
Defense Technical Information Center Compilation Part Notice
No ratings yet
Defense Technical Information Center Compilation Part Notice
8 pages
Spanish Grammar Manual
No ratings yet
Spanish Grammar Manual
380 pages
University Law College Quetta
No ratings yet
University Law College Quetta
3 pages
Rizal Module
No ratings yet
Rizal Module
10 pages
School Based NLC Proposal Final
No ratings yet
School Based NLC Proposal Final
10 pages
Kuznetsov & Kuznetsova 2008
No ratings yet
Kuznetsov & Kuznetsova 2008
17 pages
Kines 1
No ratings yet
Kines 1
144 pages
Ryse Energy Data Sheet E 10
No ratings yet
Ryse Energy Data Sheet E 10
2 pages
Mime Summative Scene
No ratings yet
Mime Summative Scene
2 pages
Electric-Fusion-Welded Steel Pipe For Atmospheric and Lower Temperatures
No ratings yet
Electric-Fusion-Welded Steel Pipe For Atmospheric and Lower Temperatures
7 pages
W 1 SKR 3200
No ratings yet
W 1 SKR 3200
47 pages
Existentialism & Marxism: Althea Alabanzas
No ratings yet
Existentialism & Marxism: Althea Alabanzas
7 pages
Memoir Alejandrochavez
No ratings yet
Memoir Alejandrochavez
7 pages
Tandem-EnFORM Reference Manual
No ratings yet
Tandem-EnFORM Reference Manual
242 pages
Reviewer On Philosophical Anthropology
No ratings yet
Reviewer On Philosophical Anthropology
5 pages
Cryptography and Network Security Unit - 2 Chapter 3 - Block Ciphers and The Data Encryption Standard
No ratings yet
Cryptography and Network Security Unit - 2 Chapter 3 - Block Ciphers and The Data Encryption Standard
86 pages
Mms
No ratings yet
Mms
18 pages