Chapter 1. X Family Startup Configuration
Virtual interfaces: | IP Address | Subnet Mask | NAT | ||
Id | Type | Mode | |||
1 | internal | static | 192.168.1.254 | 255.255.255.0 | |
2 | external | dhcp | 10.0.1.200 | 255.255.255.0 | disable |
3<empty>
4<empty>
5<empty>
6<empty>
Enter [A]ccept, [C]hange, [R]emove or [E]xit without saving [C]: a
Basic Security Zone Configuration
The Security Zone dialog modifies the basic configuration of security zones, which divide your network into logical security domains. Network traffic between security zones is routed and scanned by the firewall and the IPS policies that you create.
In the setup process, you can assign security zones to different ports. You can change the zone configuration at any time afterwards.
Example
In this example, a new security zone called MyZone is created:
Security zones enable you to section your network logically into security domains. As network traffic travels between zones, it is routed and security- scanned by the firewall and IPS according to the policies you define. You need to create security zones that naturally map onto your intended network security boundaries. A security zone may or may not be connected (mapped) to a virtual interface.
Would you like to modify security zones? <Y,[N]>:y
Security zones:
# | Zone name | Ports |
1 | LAN | 1 |
2 | VPN | None |
3 | WAN | 6 |
4<empty>
5<empty>
6<empty>
7<empty>
8<empty>
9<empty>
10<empty>
Enter [A]ccept, [C]hange, [R]emove or [E]xit without saving [C]: c
Enter the number of the entry you want to change []: 2
Zone Name [LAN2]: MyZone
Network port (0 for None) [0]: 1
***WARNING: Accepting this change will move port 1 from "LAN" to "VPN".
10X Family CLI Reference V 2.5.1