FW01 Week 3 Config - max-gallagher/SEC-350 GitHub Wiki

set interfaces ethernet eth0 address '10.0.17.120/24'

set interfaces ethernet eth0 description 'SEC350-WAN'

set interfaces ethernet eth1 address '172.16.50.2/29'

set interfaces ethernet eth1 description 'SEC350-DMZ'

set interfaces ethernet eth2 address '172.16.150.2/24'

set interfaces ethernet eth2 description 'SEC350-LAN'

set nat source rule 10 description 'NAT FROM DMZ to WAN'

set nat source rule 10 outbound-interface 'eth0'

set nat source rule 10 source address '172.16.50.0/29'

set nat source rule 10 translation address 'masquerade'

set nat source rule 11 description 'NAT FROM LAN to WAN'

set nat source rule 11 outbound-interface 'eth0'

set nat source rule 11 source address '172.16.150.0/24'

set nat source rule 11 translation address 'masquerade'

set nat source rule 15 description 'NAT FROM LAN to WAN'

set nat source rule 15 outbound-interface 'eth0'

set nat source rule 15 source address '172.16.150.0/24'

set nat source rule 15 translation address 'masquerade'

set nat source rule 20 description 'NAT FROM MGMT to WAN'

set nat source rule 20 outbound-interface 'eth0'

set nat source rule 20 source address '172.16.200.0/28'

set nat source rule 20 translation address 'masquerade'

set protocols rip interface eth2

set protocols rip network '172.16.50.0/29'

set protocols static route 0.0.0.0/0 next-hop 10.0.17.2

set service dns forwarding allow-from '172.16.50.0/29'

set service dns forwarding allow-from '172.16.150.0/24'

set service dns forwarding listen-address '172.16.50.2'

set service dns forwarding listen-address '172.16.150.2'

set service dns forwarding listen-address '172.16.150.10'

set service dns forwarding system

set service ssh listen-address '0.0.0.0'

set system host-name 'fw1-max'

set system name-server '10.0.17.2'