Private zone firewall templates – Avaya 3.7 User Manual

Private zone firewall templates

Issue 4 May 2005

303

Private zone firewall templates

The private network interface provides connection to the private/corporate LAN. Private zones
are considered trusted networks and because of this most traffic is allowed.

The private high security rules are enforced for both incoming and outgoing packets as follows.

Any incoming traffic from the private zone is allowed except traffic that is destined to the
management zone.

For outgoing traffic to the private zone, traffic initiated from DMZ is strictly denied. All other
traffic is allowed.

OutBoundPublic
AccessVPNKey
Mgmt

Permit

Public-IP

Any

IKE-IN
IKE-AVAYA-IN

Out

Public-IP

Yes

InBoundPublicI
CMP

Permit

Any

Public-IP

ICMPDESTUNREACHAB
LE
ICMPTIMEEXCEEDED

In

Public-IP

No

OutBoundPublic
ICMP

Permit

Public-IP

Any

ICMPDESTUNREACHAB
LE

Out

Public-IP

No

InBoundPublicB
lockAll

Block

Any

Any

Any

In

Public

No

OutBoundPublic
BlockAll

Block

Any

Any

Any

Out

Public

No

Table 33: Public VPN-only firewall rules (continued)

2 of 2