• Kiếm tiền với Hostinger

    Kiếm Tiền Cùng Hostinger

    Bạn đang tìm kiếm cách kiếm thêm thu nhập online? Hãy tham gia ngay chương trình Affiliate của Hostinger! Với mỗi khách hàng đăng ký thông qua liên kết của bạn, bạn sẽ nhận được khoản hoa hồng hấp dẫn.

    Hostinger cung cấp các dịch vụ lưu trữ web (hosting) chất lượng cao với mức giá cạnh tranh, giúp bạn dễ dàng giới thiệu và thu hút người dùng.

    Đừng bỏ lỡ cơ hội tuyệt vời này để tăng thêm thu nhập thụ động.

    Tham Gia Ngay

(A10 Network)Configuring Application Publishing on A10 Thunder CFW

TigerDao

Administrator
Thành viên BQT
– In the article Basic configuration of Firewall on A10 Thunder CFW device, we will provide more in-depth instructions on configuring this Firewall feature, Publish Application Service (Application Service) to the outside of the Internet.

I/ Model:

(IMG)

Application Services with Thunder CFW devices


– Introducing these configuration steps:

  • The configuration allows direct connection to the Application Server application’s TCP service.
  • Configure additional Firewall Rules to manage incoming traffic (incoming) out (outgoing) to Server.
  • Configure NAT traffic from other IPs and other services in the private network to the Internet.

– Basic configuration steps for connecting to the Internet for the A10 Thunder CFW:

II/ Configuration for Application Service:
class-list inside

172.20.0.0/16 lsn-lid 1

!
ethernet interface 1


nameExternal
enable.enable
ip address 4.10.10.110 255.255.255.252
ip nat outside

!
ethernet interface 2


name Internal
enable.enable
ip address 4.50.50.1 255.255.255.224

!
ethernet interface 3


name ManagementNet
enable.enable
IP address 172.20.0.1 255.255.0.0
ip nat inside

!
ip route 0.0.0.0 /0 4.10.10.109
!
cgnv6 lsn inside source class-list inside
!
cgnv6 nat pool public 4.50.50.2 netmask /32
!
cgnv6 lsn-lid 1


source-nat-pool public

!

rule-set 30

!
rule-set firewall


rule 20
action permit forward
source ipv4-address any
source zone any
dest ipv4-address 4.50.50.3/32
dest zone any
service tcp dst eq 3389
service icmp code any-code
rule 25
action permit forward
source ipv4-address 4.50.50.3/32
source zone any
dest ipv4-address any
dest zone any
service any
rule 30
action permit cgnv6
source ipv4-address any
source zone any
dest ipv4-address any
dest zone any
service any

!
fw active-rule-set firewall
!

end

III/ Firewall configuration:
– Below are the Rules that allow traffic to pass through the Firewall.

  • Rule 20 – Allow incoming connections Server (IP: 4.50.50.3) for service port 3389 (RDP)
  • Rule 25 – allow traffic to return from Server to the destination address (Destinations) off the Internet.
  • Rule 30 – allows IP addresses that do not have a public address to be NATed and routed to the Internet.

!Note: Firewall can configure additional restrictions and security to use additional features of A10 Thunder CFW.
rule-set firewall

rule 20

action permit forward
source ipv4-address any
source zone any
dest ipv4-address 4.50.50.3/32
dest zone any
service tcp dst eq 3389
service icmp code any-code

rule 25

action permit forward
source ipv4-address 4.50.50.3/32
source zone any
dest ipv4-address any
dest zone any
service any

rule 30

action permit cgnv6
source ipv4-address any
source zone any
dest ipv4-address any
dest zone any
service any

fw active-rule-set firewall

IV/ Routing configuration:
– IP traffic is routed through the device’s Ethernet port 1 A10 Thunder CFW Connect directly to the ISP.
ip route 0.0.0.0 /0 4.10.10.109

-Thank you for following and supporting this article-

Xem tiếp...
 
Top