VyOS edge01 configuration

Output from: show configuration commands | grep -v "syslog|global|ntp|login|console|config|hw-id|loopback|conntrack"

set interfaces ethernet eth0 address '10.0.17.155/24' set interfaces ethernet eth1 address '172.16.50.2/29' set interfaces ethernet eth2 address '172.16.150.2/24' set interfaces ethernet eth3 address '172.16.200.2/28'

set firewall name LAN-to-WAN default-action 'drop' set firewall name LAN-to-WAN rule 10 action 'accept' set firewall name LAN-to-WAN rule 10 description 'Allow LAN to WAN traffic' set firewall name LAN-to-WAN rule 10 protocol 'tcp_udp'

set firewall name DMZ-to-WAN default-action 'drop' set firewall name DMZ-to-WAN rule 10 action 'accept' set firewall name DMZ-to-WAN rule 10 description 'Allow DMZ to WAN traffic' set firewall name DMZ-to-WAN rule 10 protocol 'tcp_udp'

set firewall name MGMT-to-WAN default-action 'drop' set firewall name MGMT-to-WAN rule 10 action 'accept' set firewall name MGMT-to-WAN rule 10 description 'Allow MGMT to WAN traffic' set firewall name MGMT-to-WAN rule 10 protocol 'tcp_udp'

set nat source rule 100 outbound-interface 'eth0' set nat source rule 100 source address '172.16.150.0/24' set nat source rule 100 translation address 'masquerade'

set nat source rule 101 outbound-interface 'eth0' set nat source rule 101 source address '172.16.50.0/29' set nat source rule 101 translation address 'masquerade'

set nat source rule 102 outbound-interface 'eth0' set nat source rule 102 source address '172.16.200.0/28' set nat source rule 102 translation address 'masquerade'

set zone-policy zone WAN interface eth0 set zone-policy zone LAN interface eth2 set zone-policy zone DMZ interface eth1 set zone-policy zone MGMT interface eth3

set zone-policy zone LAN from WAN firewall name 'LAN-to-WAN' set zone-policy zone DMZ from WAN firewall name 'DMZ-to-WAN' set zone-policy zone MGMT from WAN firewall name 'MGMT-to-WAN'