10. PPTP
上一頁 第 7 章 Firewall 下一頁
Home | Mirror | Search

10. PPTP

set vip multi-port [Enter]
save [Enter]
reset [Enter]

The multi-port command will match the first port it sees in the custom service.

Next, define a custom service for PPTP and apply this service in the VIP.  From the CLI:

set service CustomPPTP group "other" 47 src 2048-2048 dst 2048-2048 [Enter]
set service CustomPPTP + tcp src 0-65535 dst 1723-1723 [Enter]
set interface ethernet0/0 vip 2048 CustomPPTP 10.1.1.10 [Enter]

Finally, create an incoming policy with destination address as the VIP using the custom service object.  From the CLI:

set policy from untrust to trust "any" "VIP::1" "CustomPPTP" permit [Enter]
save [Enter]
comments powered by Disqus
上一頁 上一級 下一頁
9. syslog 起始頁 第 8 章 Router