Vyos - 5huckle/OFFICIALTECHJOURNAL GitHub Wiki
configure
set system host-name 'fw01-jibreel'
commit
save
exit
configure
set system login user [user] authentication plaintext-password [password]
commit
save
exit
- First, delete all dhcp addressess
delete interfaces ethernet eth0 address dhcp
- Second, Set a description of the interface
set interfaces ethernet eth0 description 'lorem ipsum'
- Third, set IP
set interfaces ethernet eth0 address IP/MASK
- Lastly, set gateway and dns
set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
set system name-server 10.0.17.2
commit
save
-
State Established Enable is only for the return network. In other words
-
Basic syntax includes 'set firewall name 'name' rule <1-9999>' followed by various actions
show firewall [name] [lan-to-dmz] # [] means optional
show interfaces
set firewall name
set zone-policy zone DMZ interface 'eth1'
set zone-policy zone DMZ from LAN firewall name LAN-TO-DMZ
set zone-policy zone LAN from DMZ firewall name DMZ-TO-LAN
set nat source rule 10 description "NAT FROM DMZ TO WAN"
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 172.16.50.0/29
set nat source rule 10 translation address masquerade
set service dns forwarding listen-address 172.16.50.2
set service dns forwarding allow-from 172.16.50.0/29
set service dns forwarding system
commit
save
set nat destination rule 10 description http->web01
set nat destination rule 10 destination port 80
set nat destination rule 10 inbound-interface eth0
set nat destination rule 10 protocol tcp
set nat destination rule 10 translation address 172.16.50.3
set nat destination rule 10 translation port 80
set service listen-address # service could be SSH, DNS, etc
set protocols rip interface eth0
set protocols rip network IP/SUBNET
commit
save