PDA

View Full Version : https inbound policy NS-25?



jho
06-04-08, 11:43 PM
Hello,
i'm trying to create an inbound policy for https to go to my inbound
server 10.1.10.20. I click on policies and see where i can create new
policies but i don't know if i have to actually specify my server or
just point the policy to the internal network port. jho

Alan Strassberg
06-05-08, 01:57 PM
In article <b4111328-b291-4070-b24d-5e4c3f56c795@34g2000hsf.googlegroups.com>,
jho <jhogan0101@yahoo.com> wrote:
>Hello,
>i'm trying to create an inbound policy for https to go to my inbound
>server 10.1.10.20. I click on policies and see where i can create new
>policies but i don't know if i have to actually specify my server or
>just point the policy to the internal network port. jho

You need to create a MIP (maped IP) or a VIP (virtual) from
a public IP to the 10.1.10.20. And the corresponding policy
from untrust to trust(MIP/VIP)

set interface "ethernet0/0" mip 1.2.3.4 host 10.1.10.20 netmask 255.255.255.255 vr "trust-vr"

set policy id 3 from "Untrust" to "Trust" "Any" "MIP(1.2.3.4)" "HTTPS" permit

alan