3com:tippingpoint:x506:script:configuration_example_script
ENTERPRISE-NAME# show configuration
interface ethernet 3 1
negotiate
duplex full
linespeed 100
no shutdown
exit
interface ethernet 3 2
negotiate
duplex full
linespeed 100
no shutdown
exit
interface ethernet 3 3
negotiate
duplex full
linespeed 100
no shutdown
exit
interface ethernet 3 4
negotiate
duplex full
linespeed 100
no shutdown
exit
interface ethernet 3 5
negotiate
duplex full
linespeed 100
no shutdown
exit
interface ethernet 3 6
negotiate
duplex full
linespeed 100
no shutdown
exit
interface settings poll-interval 2000
interface settings detect-mdi enable
interface settings mdi-mode mdix
host name "ENTERPRISE-NAME"
host location "CCP/R2"
host ip-filter permit any icmp
host ip-filter permit any ip
autodv day Saturday time 23:00
user options max-attempts 10
user options expire-period 0
user options expire-action expire
user options lockout-period 5
user options attempt-action lockout
user options security-level 2
high-availability disable
high-availability heartbeat 4 100 2
high-availability id 4098
high-availability port 843
high-availability auto-sync-config disable
high-availability primary 9H4282G9E9F49
high-availability preempt disable
clock timezone GMT-5
clock dst
log audit select general
log audit select login
log audit select logout
log audit select user
log audit select time
log audit select policy
log audit select update
log audit select boot
log audit select report
log audit select host
log audit select configuration
log audit select oam
log audit select sms
log audit select server
log audit select segment
log audit select high-availability
log audit select monitor
log audit select ip-filter
log audit select conn-table
log audit select host-communication
log audit select tse
remote-syslog no system
remote-syslog no audit
remote-syslog no firewallsession
remote-syslog no vpn
remote-syslog no antispam
notify-contact "Management Console" 1
notify-contact "Remote System Log" 1
action-set "Block" block
action-set "Block + Notify" block
action-set "Block + Notify" notify-contact add "Management Console"
action-set "Block + Notify + Trace" block
action-set "Block + Notify + Trace" notify-contact add "Management Console"
action-set "Block + Notify + Trace" packet-trace -priority low -capture-size 0
action-set "Permit + Notify" permit
action-set "Permit + Notify" notify-contact add "Management Console"
action-set "Permit + Notify + Trace" permit
action-set "Permit + Notify + Trace" notify-contact add "Management Console"
action-set "Permit + Notify + Trace" packet-trace -priority low -capture-size 0
profile "Default Security Profile" security -description "Recommended Settings"
profile "Default Security Profile" add-pair "ANY" "ANY"
category-settings -profile "Default Security Profile" vulnerabilities enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" exploits enable -
action-set "Block"
category-settings -profile "Default Security Profile" security-policy enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" reconnaissance enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" virus enable -
action-set "Block"
category-settings -profile "Default Security Profile" spyware enable -
action-set "Block"
category-settings -profile "Default Security Profile" identity-theft enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" traffic-normal enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" network-equipment enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" p2p enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" im enable -
action-set "Recommended"
category-settings -profile "Default Security Profile" streaming-media enable -
action-set "Recommended"
default-alert-sink to example@youdomain.com
default-alert-sink from tppx506@youdomain.com
default-alert-sink domain ENTERPRISE-NAME.com
default-alert-sink server 1.0.0.22
default-alert-sink period 1
email-rate-limit 10
server ssh
server no http
server https
server browser-check
monitor threshold memory -major 90 -critical 95
monitor threshold disk -major 90 -critical 95
monitor threshold temperature -major 92 -critical 94
monitor disable power-supply
no service-access
tse adaptive-filter mode automatic
tse afc-severity warning
tse connection-table timeout 1800
tse logging-mode conditional -threshold 1.0 -period 600
tse quarantine duration 60
zone update LAN vlan-id 1
zone update LAN port 3/3 3/4 vlan-tagged 3/1
zone update LAN mtu 1500
zone update LAN addresses disable
zone update LAN vpn-tunnel-access enable
zone update LAN dns disable
zone update VPN vlan-id 4085
zone update VPN port none
zone update VPN mtu 1500
zone update VPN addresses disable
zone update VPN vpn-tunnel-access enable
zone update VPN dns disable
zone update Invitados vlan-id 22
zone update Invitados port vlan-tagged 3/1
zone update Invitados mtu 1500
zone update Invitados addresses disable
zone update Invitados vpn-tunnel-access enable
zone update Invitados dns disable
zone update WAN vlan-id 18
zone update WAN port 3/6
zone update WAN mtu 1500
zone update WAN addresses disable
zone update WAN vpn-tunnel-access enable
zone update WAN dns disable
zone update IRONPORT vlan-id 24
zone update IRONPORT port 3/2
zone update IRONPORT mtu 1500
zone update IRONPORT addresses disable
zone update IRONPORT vpn-tunnel-access enable
zone update IRONPORT dns disable
zone update WAN-2 vlan-id 25
zone update WAN-2 port 3/5
zone update WAN-2 mtu 1500
zone update WAN-2 addresses disable
zone update WAN-2 vpn-tunnel-access enable
zone update WAN-2 dns 200.13.249.10 200.13.224.254 4.2.2.2
address-groups update POOL-INVITADOS range 172.16.100.21 172.16.100.254
address-groups update IRONPORT host 172.16.50.2
address-groups update ADMON-ITCORP range 190.147.103.150 190.147.103.155
address-groups update VPN-ENTERPRISE-NAMErange 172.16.150.21 172.16.150.254
address-groups update ADMON-ENTERPRISE-NAMEhost 1.0.0.25
address-groups add-entry ADMON-ENTERPRISE-NAMEhost 1.0.0.22
address-groups add-entry ADMON-ENTERPRISE-NAMEhost 1.0.0.21
address-groups update LAN-SERVIDORES-ENTERPRISE-NAMEhost 1.0.0.24
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 1.0.0.50
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 1.0.0.25
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.5.13
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.1.5
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.3.14
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.0.9
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.3.4
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.3.5
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.10.51
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.0.6
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 1.0.0.22
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.5.6
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.4.5
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.4.37
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.10.25
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.13.8
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 1.0.0.20
address-groups add-entry LAN-SERVIDORES-ENTERPRISE-NAMEhost 10.0.15.32
address-groups update SERVER-MAIL-EXCHANGE host 1.0.0.50
address-groups update ANTISPAM-MACAFEE host 1.0.0.44
address-groups update SERVER-1 host 1.0.0.23
address-groups update SERVER-2 host 1.0.0.27
address-groups update SERVER-3-ENTERPRISE-NAMEhost 10.0.6.3
address-groups update SERVER-4-INTRANET host 1.0.0.32
address-groups update SERVER-5 host 1.0.0.25
address-groups update SERVER-6 host 1.0.0.42
address-groups update LOCATION-1 range 10.0.0.2 10.0.0.62
address-groups update LOCATION-2 range 10.0.0.66 10.0.0.126
address-groups update LOCATION-3 range 10.0.0.130 10.0.0.190
address-groups update LOCATION-4 range 10.0.0.194 10.0.0.254
address-groups update LOCATION-5 range 10.0.1.2 10.0.1.62
address-groups update LOCATION-6 range 10.0.1.66 10.0.1.126
address-groups update LOCATION-7 range 10.0.6.2 10.0.6.254
address-groups update LOCATION-8 range 10.0.1.194 10.0.1.254
address-groups update LOCATION-9 range 10.0.2.2 10.0.2.62
address-groups update LOCATION-10 range 10.0.2.66 10.0.2.126
address-groups update LOCATION-11 range 10.0.10.0 10.0.10.254
address-groups update LOCATION-12 range 10.0.2.194 10.0.2.254
address-groups update LOCATION-13 range 10.0.3.2 10.0.3.62
address-groups update LOCATION-14 range 10.0.3.66 10.0.3.126
address-groups update LOCATION-15 range 10.0.3.130 10.0.3.190
address-groups update LOCATION-16 range 10.0.4.2 10.0.4.126
address-groups update LOCATION-17 range 10.0.5.2 10.0.5.126
address-groups update LOCATION-18 range 10.0.6.2 10.0.6.62
address-groups update LOCATION-19 range 172.16.0.2 172.16.3.254
address-groups update ALL-VLAN-ENTERPRISE-NAMErange 10.0.0.2 10.0.0.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.1.2 10.0.1.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.2.2 10.0.2.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.3.2 10.0.3.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.4.2 10.0.4.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.5.2 10.0.5.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.6.2 10.0.6.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.7.2 10.0.7.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.8.2 10.0.8.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.9.2 10.0.9.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.10.2 10.0.10.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.11.2 10.0.12.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.12.2 10.0.12.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.13.2 10.0.13.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.14.2 10.0.14.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.15.2 10.0.15.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.16.2 10.0.16.254
address-groups add-entry ALL-VLAN-ENTERPRISE-NAMErange 10.0.17.2 10.0.17.254
address-groups update MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.11.20
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.0.13
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.11.42
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.1.10
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.11.10
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.8
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.2.5
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.2.19
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.55
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.57
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.15.49
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.15
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.3.11
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.38
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.15.73
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.39
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.9.11
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.4.10
address-groups add-entry MSN-PERIMITIDO-ENTERPRISE-NAMEhost 10.0.0.12
address-groups update SERVER-VPN-USER host 1.0.0.21
address-groups add-entry SERVER-VPN-USER host 1.0.0.42
address-groups add-entry SERVER-VPN-USER host 1.0.0.50
address-groups add-entry SERVER-VPN-USER host 1.0.0.32
address-groups add-entry SERVER-VPN-USER host 10.0.16.4
address-groups update ENTERPRISE-NAME-MPLS range 192.168.25.2 192.168.25.254
address-groups add-entry ENTERPRISE-NAME-MPLS range 192.168.26.2 192.168.26.254
address-groups add-entry ENTERPRISE-NAME-MPLS range 192.168.27.2 192.168.27.254
address-groups add-entry ENTERPRISE-NAME-MPLS range 192.168.28.2 192.168.28.254
address-groups add-entry ENTERPRISE-NAME-MPLS range 192.168.29.2 192.168.29.254
address-groups add-entry ENTERPRISE-NAME-MPLS range 192.168.30.2 192.168.30.254
address-groups update ENTERPRISE-NAME-MPLS-1 range 192.168.37.2 192.168.37.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.38.2 192.168.38.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.39.2 192.168.39.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.40.2 192.168.40.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.41.2 192.168.41.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.42.2 192.168.42.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.43.2 192.168.43.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.44.2 192.168.44.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.45.2 192.168.45.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.46.2 192.168.46.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.47.2 192.168.47.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.48.2 192.168.48.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.36.2 192.168.37.254
address-groups add-entry ENTERPRISE-NAME-MPLS-1 range 192.168.35.2 192.168.35.254
address-groups update ENTERPRISE-NAME-MPLS-2 range 192.168.52.2 192.168.52.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.54.2 192.168.54.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.55.2 192.168.55.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.1.2 192.168.1.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.8.2 192.168.8.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.10.2 192.168.10.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.15.2 192.168.15.254
address-groups add-entry ENTERPRISE-NAME-MPLS-2 range 192.168.20.2 192.168.20.254
address-groups update FTP-PERMITIDOS-LAN-WAN host 10.0.2.162
address-groups update ENTERPRISE-NAME-MPLS-3 range 192.168.31.2 192.168.31.254
address-groups add-entry ENTERPRISE-NAME-MPLS-3 range 192.168.32.2 192.168.32.254
address-groups update Server-vpn-Intranet host 1.0.0.32
authentication privilege-groups update Web-filtering-VPN-ITCorp web-filtering-by
pass vpn-client-access profile Default priority 0 zone none
authentication privilege-groups update Web-filteriing-ITCorp web-filtering-bypass
profile Default priority 0 zone none
authentication privilege-groups update Allow_VPN_access vpn-client-access profile
Default priority 0 zone none
authentication privilege-groups update RADIUS profile Default priority 0 zone none
authentication radius default-privilege-group RADIUS
authentication radius server primary 0.0.0.0 port 1812 shared-secret ******** au
th-method chap
authentication radius server secondary none
authentication radius disable
authentication radius user-authentication disable
authentication radius vpn-clients enable
authentication radius retries 3
authentication radius timeout 2
authentication ldap enable
authentication ldap user-authentication enable
authentication ldap server server 1.0.0.24 port 389 protocol 3
authentication ldap server tls disable start-tls disable require-certificate dis
able
authentication ldap server anonymous disable
authentication ldap server bind-name "administrator" bind-password ********
authentication ldap server bind-tree "CN=Users,DC=med,DC=ENTERPRISE-NAME,DC=com" basedn
"DC=med,DC=ENTERPRISE-NAME,DC=com"
authentication ldap server user-tree add "CN=Users,DC=med,DC=ENTERPRISE-NAME,DC=com"
authentication ldap server user-tree add "CN=Sistemas,DC=med,DC=ENTERPRISE-NAME,DC=com"
authentication ldap server group-tree add "CN=Soporte"
authentication ldap schema use active-directory
authentication ldap schema update active-directory object-class "user" login-nam
e "sAMAccountName" qualified-login-name "userPrincipalName" membership-attribute
"memberOf" group-object-class "group" group-membership-attribute "member"
authentication ldap schema update e-directory object-class "inetOrgPerson" login
-name "cn" qualified-login-name "" membership-attribute "" group-object-class "g
roupOfNames" group-membership-attribute "member"
authentication ldap schema update fedora-ds object-class "inetOrgPerson" login-n
ame "uid" qualified-login-name "" membership-attribute "" group-object-class "gr
oupOfNames" group-membership-attribute "member"
authentication ldap schema update rfc2798 object-class "inetOrgPerson" login-nam
e "uid" qualified-login-name "mail" membership-attribute "" group-object-class "
groupOfNames" group-membership-attribute "member"
authentication ldap schema update rfc2307-nis object-class "posixAccount" login-
name "uid" qualified-login-name "" membership-attribute "" group-object-class "p
osixGroup" group-membership-attribute "memberUid"
authentication ldap schema update samba-smb object-class "sambaSAMAccount" login
-name "uid" qualified-login-name "" membership-attribute "" group-object-class "
sambaGroupMapping" group-membership-attribute "memberUid"
authentication ldap schema update 3com-NAM object-class "user" login-name "sAMAc
countName" qualified-login-name "userPrincipalName" membership-attribute "member
Of" group-object-class "group" group-membership-attribute "member"
authentication ldap schema update custom object-class "" login-name "" qualified
-login-name "" membership-attribute "" group-object-class "" group-membership-at
tribute ""
web-filtering filter-service server america
web-filtering filter-service cache expiry 24
web-filtering filter-service cache size 4194304
web-filtering filter-service enable
web-filtering profile add Default
web-filtering profile update Default default-rule permit
web-filtering profile update Default filter-action block-and-log
web-filtering profile update Default filter-service enable
web-filtering profile update Default filter-service block adult
web-filtering profile update Default filter-service block gambling
web-filtering profile update Default filter-service block violence
web-filtering profile update Default filter-service block criminal
web-filtering profile update Default filter-service block hacking
web-filtering profile update Default filter-service block weapons
web-filtering profile update Default filter-service block drugs
web-filtering profile update Default filter-service block hate
web-filtering profile update Default filter-service permit advertisement
web-filtering profile update Default filter-service permit computing
web-filtering profile update Default filter-service permit food
web-filtering profile update Default filter-service permit politics
web-filtering profile update Default filter-service permit hosting
web-filtering profile update Default filter-service permit lifestyle
web-filtering profile update Default filter-service permit dating
web-filtering profile update Default filter-service permit reference
web-filtering profile update Default filter-service block sex-education
web-filtering profile update Default filter-service permit sports
web-filtering profile update Default filter-service permit usenet
web-filtering profile update Default filter-service block arts
web-filtering profile update Default filter-service permit education
web-filtering profile update Default filter-service block games
web-filtering profile update Default filter-service permit health
web-filtering profile update Default filter-service block careers
web-filtering profile update Default filter-service block vehicles
web-filtering profile update Default filter-service permit photos
web-filtering profile update Default filter-service permit religion
web-filtering profile update Default filter-service permit search
web-filtering profile update Default filter-service permit streaming-media
web-filtering profile update Default filter-service permit email
web-filtering profile update Default filter-service block chat
web-filtering profile update Default filter-service permit finance
web-filtering profile update Default filter-service block glamour
web-filtering profile update Default filter-service block hobbies
web-filtering profile update Default filter-service block kids
web-filtering profile update Default filter-service permit news
web-filtering profile update Default filter-service permit real-estate
web-filtering profile update Default filter-service permit proxies
web-filtering profile update Default filter-service permit shopping
web-filtering profile update Default filter-service permit travel
web-filtering profile update Default manual-filter enable
web-filtering profile update Default manual-filter add permit string http://images.google.com.co
web-filtering profile update Default manual-filter add permit string www.britishsulphrevents.com
web-filtering profile update Default manual-filter add permit string www.kingocean.com
web-filtering profile update Default manual-filter add permit string www.gestionhumana.com
web-filtering profile update Default manual-filter add permit string http://ice.la14.com/
web-filtering profile update Default manual-filter add permit string www.e-interiors.net
web-filtering profile update Default manual-filter add permit string www.gerente.com
web-filtering profile update Default manual-filter add permit string www.loteriaquindio.com.co
web-filtering profile update Default manual-filter add permit string http://www.portaldms.com/*
web-filtering profile update Default manual-filter add permit regexp http://www.dmsjuridica.com/*
web-filtering profile update Default manual-filter add permit string loteriadebogota.com
web-filtering profile update Default manual-filter add permit string www.scanmarket.com
web-filtering profile update Default manual-filter add permit string http://www.ciao.es/Speak_Up__153373
web-filtering profile update Default manual-filter add permit string http://www.rbaedipresse.es/revista.php?id=36
web-filtering profile update Default manual-filter add permit string *funiber*
web-filtering profile update Default manual-filter add permit string http://www.dmsjuridica.com/
web-filtering profile update Default manual-filter add permit string www.millan.net
web-filtering profile update Default manual-filter add permit string www.stockxpert.com
web-filtering profile update Default manual-filter add permit string www.fedegan.org.co
web-filtering profile update Default manual-filter add permit string http://www.aftonpumps.com
web-filtering profile update Default manual-filter add permit string http://sit.fedegan.org.co
web-filtering profile update Default manual-filter add permit string www.fla.com.co
web-filtering profile update Default manual-filter add permit string www.amazon.com
web-filtering profile update Default manual-filter add permit string *www.tonysone.com*
web-filtering profile update Default manual-filter add permit string *legacycreative.gettyimages.com*
web-filtering profile update Default manual-filter add permit string www.spiraxsarco.com
web-filtering profile update Default manual-filter add permit string www.suconel.com
web-filtering profile update Default manual-filter add permit string http://free.avg.com/download-update
web-filtering profile update Default manual-filter add permit string www.panasonic.user-manuals.com
web-filtering profile update Default manual-filter add permit string www.carrefour.com
web-filtering profile update Default manual-filter add permit string www.homecenter.com
web-filtering profile update Default manual-filter add permit string www.elfyourself.com
web-filtering profile update Default manual-filter add permit string *http://www.sxc.hu/*
web-filtering profile update Default manual-filter add permit string www.holsteinusa.com
web-filtering profile update Default manual-filter add permit string www.redangus.com
web-filtering profile update Default manual-filter add permit string *http://www.virtualexito.com/*
web-filtering profile update Default manual-filter add permit string http://www.care2.com/
web-filtering profile update Default manual-filter add permit string www.laequidadseguros.com
web-filtering profile update Default manual-filter add permit string http://welcome.www.laequidadseguros.com/index.aspx
web-filtering profile update Default manual-filter add permit string www.shoshan.cl
web-filtering profile update Default manual-filter add permit string www.bavaria.com.co
web-filtering profile update Default manual-filter add permit string *http://portal.fedegan.org.co/*
web-filtering profile update Default manual-filter add permit string *portal.fedegan*
web-filtering profile update Default manual-filter add permit string http://portal.fedegan.org.co/portal/page?_pageid=93,18402365&_dad=portal&_schema=PORTAL
web-filtering profile update Default manual-filter add permit string http://noreimako1.ideam.gov.co:7778/acrlab/
web-filtering profile update Default manual-filter add permit string www.gates.com.mx/imagenes
web-filtering profile update Default manual-filter add block string *facebook.co m*
web-filtering profile update Default manual-filter add block string *youtube.com*
web-filtering profile update Default manual-filter add block string http://www.s itiosargentina.com.ar
web-filtering profile update Default manual-filter add block string http://www.meebo.com/index-es.html
web-filtering profile update Default manual-filter add block string http://webmessenger.msn.com/?mkt=es-es
web-filtering profile update Default manual-filter add block string *messenger*
web-filtering profile update Default manual-filter add block string *meebo.com*
web-filtering profile update Default manual-filter add block string http://www.koolim.com/
web-filtering profile update Default manual-filter add block string http://webmessenger.msn.com/
web-filtering profile update Default manual-filter add block string www.hidemyass.com
web-filtering profile add BLOQUE-MSNweb-filtering profile update BLOQUE-MSN default-rule permit
web-filtering profile update BLOQUE-MSN filter-action block-and-log
web-filtering profile update BLOQUE-MSN filter-service enable
web-filtering profile update BLOQUE-MSN filter-service block adult
web-filtering profile update BLOQUE-MSN filter-service block gambling
web-filtering profile update BLOQUE-MSN filter-service block violence
web-filtering profile update BLOQUE-MSN filter-service block criminal
web-filtering profile update BLOQUE-MSN filter-service block hacking
web-filtering profile update BLOQUE-MSN filter-service block weapons
web-filtering profile update BLOQUE-MSN filter-service block drugs
web-filtering profile update BLOQUE-MSN filter-service block hate
web-filtering profile update BLOQUE-MSN filter-service permit advertisement
web-filtering profile update BLOQUE-MSN filter-service permit computing
web-filtering profile update BLOQUE-MSN filter-service block food
web-filtering profile update BLOQUE-MSN filter-service permit politics
web-filtering profile update BLOQUE-MSN filter-service block hosting
web-filtering profile update BLOQUE-MSN filter-service permit lifestyle
web-filtering profile update BLOQUE-MSN filter-service permit dating
web-filtering profile update BLOQUE-MSN filter-service permit reference
web-filtering profile update BLOQUE-MSN filter-service block sex-education
web-filtering profile update BLOQUE-MSN filter-service permit sports
web-filtering profile update BLOQUE-MSN filter-service permit usenet
web-filtering profile update BLOQUE-MSN filter-service permit arts
web-filtering profile update BLOQUE-MSN filter-service permit education
web-filtering profile update BLOQUE-MSN filter-service block games
web-filtering profile update BLOQUE-MSN filter-service permit health
web-filtering profile update BLOQUE-MSN filter-service block careers
web-filtering profile update BLOQUE-MSN filter-service block vehicles
web-filtering profile update BLOQUE-MSN filter-service permit photos
web-filtering profile update BLOQUE-MSN filter-service block religion
web-filtering profile update BLOQUE-MSN filter-service permit search
web-filtering profile update BLOQUE-MSN filter-service permit streaming-media
web-filtering profile update BLOQUE-MSN filter-service permit email
web-filtering profile update BLOQUE-MSN filter-service permit chat
web-filtering profile update BLOQUE-MSN filter-service permit finance
web-filtering profile update BLOQUE-MSN filter-service block glamour
web-filtering profile update BLOQUE-MSN filter-service block hobbies
web-filtering profile update BLOQUE-MSN filter-service block kids
web-filtering profile update BLOQUE-MSN filter-service permit news
web-filtering profile update BLOQUE-MSN filter-service permit real-estate
web-filtering profile update BLOQUE-MSN filter-service permit proxies
web-filtering profile update BLOQUE-MSN filter-service block shopping
web-filtering profile update BLOQUE-MSN filter-service permit travel
web-filtering profile update BLOQUE-MSN manual-filter enable
web-filtering profile update BLOQUE-MSN manual-filter add permit string www.britishsulphrevents.com
web-filtering profile update BLOQUE-MSN manual-filter add permit string http://images.google.com.co
web-filtering profile update BLOQUE-MSN manual-filter add block string *youtube.com*
web-filtering profile update BLOQUE-MSN manual-filter add block string *facebook.com*
web-filtering profile update BLOQUE-MSN manual-filter add block string http://www.koolim.com/
web-filtering profile update BLOQUE-MSN manual-filter add block string *meebo.com*
web-filtering profile update BLOQUE-MSN manual-filter add block string http://webmessenger.msn.com/?mkt=es-es
web-filtering profile update BLOQUE-MSN manual-filter add block string http://www.meebo.com/index-es.html
web-filtering profile update BLOQUE-MSN manual-filter add block string http://www.sitiosargentina.com.ar
web-filtering profile add MPLS-ENTERPRISE-NAME
web-filtering profile update MPLS-ENTERPRISE-NAMEdefault-rule block
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-action block-and-log
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service enable
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block adult
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block gambling
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block violence
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block criminal
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block hacking
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block weapons
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block drugs
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block hate
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block advertisement
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block computing
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block food
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block politics
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block hosting
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block lifestyle
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block dating
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block reference
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block sex-education
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block sports
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block usenet
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block arts
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block education
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block games
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block health
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block careers
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block vehicles
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block photos
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block religion
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block search
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block streaming-media
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block email
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block chat
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block finance
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block glamour
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block hobbies
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block kids
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block news
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block real-estate
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block proxies
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block shopping
web-filtering profile update MPLS-ENTERPRISE-NAMEfilter-service block travel
web-filtering profile update MPLS-ENTERPRISE-NAMEmanual-filter enable
web-filtering profile update MPLS-ENTERPRISE-NAMEmanual-filter add permit string *zen.biz*
web-filtering profile update MPLS-ENTERPRISE-NAMEmanual-filter add permit string www.google.com
web-filtering profile add Pruebas
web-filtering profile update Pruebas default-rule permit
web-filtering profile update Pruebas filter-action block-and-log
web-filtering profile update Pruebas filter-service enable
web-filtering profile update Pruebas filter-service block adult
web-filtering profile update Pruebas filter-service block gambling
web-filtering profile update Pruebas filter-service block violence
web-filtering profile update Pruebas filter-service permit criminal
web-filtering profile update Pruebas filter-service block hacking
web-filtering profile update Pruebas filter-service block weapons
web-filtering profile update Pruebas filter-service block drugs
web-filtering profile update Pruebas filter-service block hate
web-filtering profile update Pruebas filter-service permit advertisement
web-filtering profile update Pruebas filter-service permit computing
web-filtering profile update Pruebas filter-service permit food
web-filtering profile update Pruebas filter-service permit politics
web-filtering profile update Pruebas filter-service permit hosting
web-filtering profile update Pruebas filter-service permit lifestyle
web-filtering profile update Pruebas filter-service permit dating
web-filtering profile update Pruebas filter-service permit reference
web-filtering profile update Pruebas filter-service permit sex-education
web-filtering profile update Pruebas filter-service permit sports
web-filtering profile update Pruebas filter-service permit usenet
web-filtering profile update Pruebas filter-service permit arts
web-filtering profile update Pruebas filter-service permit education
web-filtering profile update Pruebas filter-service permit games
web-filtering profile update Pruebas filter-service permit health
web-filtering profile update Pruebas filter-service permit careers
web-filtering profile update Pruebas filter-service permit vehicles
web-filtering profile update Pruebas filter-service permit photos
web-filtering profile update Pruebas filter-service permit religion
web-filtering profile update Pruebas filter-service permit search
web-filtering profile update Pruebas filter-service permit streaming-media
web-filtering profile update Pruebas filter-service permit email
web-filtering profile update Pruebas filter-service permit chat
web-filtering profile update Pruebas filter-service permit finance
web-filtering profile update Pruebas filter-service permit glamour
web-filtering profile update Pruebas filter-service permit hobbies
web-filtering profile update Pruebas filter-service permit kids
web-filtering profile update Pruebas filter-service permit news
web-filtering profile update Pruebas filter-service permit real-estate
web-filtering profile update Pruebas filter-service permit proxies
web-filtering profile update Pruebas filter-service permit shopping
web-filtering profile update Pruebas filter-service permit travel
web-filtering profile update Pruebas manual-filter enable
web-filtering profile update Pruebas manual-filter add permit string http://welcome.www.laequidadseguros.com/index.aspx
anti-spam default-rule permitanti-spam filter-action block-and-log
anti-spam ip-reputation enable
anti-spam ip-reputation server ipd%d.3com.ctmail.com
anti-spam ip-reputation cache records 100000
anti-spam ip-reputation cache interval 60
anti-spam ip-reputation thresholds risk 89
anti-spam ip-reputation thresholds class high-volume 6
anti-spam ip-reputation thresholds class transient 3
anti-spam ip-reputation thresholds class whitelist permit
anti-spam ip-reputation thresholds class blacklist block
anti-spam ip-reputation thresholds class private permit
anti-spam ip-reputation thresholds priority risk
anti-spam manual-filter disable
anti-spam manual-filter permit none
anti-spam manual-filter block none
dhcp-server addresses group POOL-INVITADOS
dhcp-server enable
dhcp-server bootp enable
dhcp-server lease-duration 60
dhcp-server dns server1 200.118.2.66
dhcp-server dns server2 200.118.2.85
dhcp-server dns server3 4.2.2.2
dhcp-server dns domain
dhcp-server wins primary 0.0.0.0
dhcp-server wins secondary 0.0.0.0
dhcp-server nbx 0.0.0.0
dhcp-server relay disable
dns use-external-dns disable
dns server 200.75.51.132 200.75.51.133
dns domain-name 200.118.2.66 200.118.2.85 4.2.2.2
interface virtual add 1 internal
interface virtual internal 1 ip 1.0.0.80 netmask 255.255.255.0
interface virtual internal 1 ha-mgmt-ip 0.0.0.0
interface virtual internal 1 ha-peer-ip 0.0.0.0
interface virtual internal 1 nat external-ip
interface virtual internal 1 rip disable
interface virtual internal 1 rip send-mode disable
interface virtual internal 1 rip receive-mode disable
interface virtual internal 1 rip auth disable
interface virtual internal 1 rip split-horizon disable
interface virtual internal 1 rip poison-reverse disable
interface virtual internal 1 rip advertise-routes enable
interface virtual internal 1 rip redistribute-routes enable
interface virtual internal 1 ospf disable
interface virtual internal 1 ospf area 0.0.0.0
interface virtual internal 1 ospf priority 1
interface virtual internal 1 ospf cost 1
interface virtual internal 1 ospf hello-interval 10
interface virtual internal 1 ospf dead-interval 40
interface virtual internal 1 ospf retransmit-interval 30
interface virtual internal 1 ospf transmit-delay 30
interface virtual internal 1 ospf auth null
interface virtual internal 1 ospf advertise-interface-route enable
interface virtual internal 1 igmp disable
interface virtual internal 1 pim-dm disable
interface virtual internal 1 bridge-mode disable
interface virtual internal 1 zone add LAN
interface virtual add 2 external
interface virtual external 2 type static 208.30.41.204 netmask 255.255.255.248 gw 208.30.41.201
interface virtual external 2 ha-mgmt-ip 0.0.0.0
interface virtual external 2 ha-peer-ip 0.0.0.0
interface virtual external 2 rip disable
interface virtual external 2 rip send-mode disable
interface virtual external 2 rip receive-mode disable
interface virtual external 2 rip auth disable
interface virtual external 2 rip split-horizon disable
interface virtual external 2 rip poison-reverse disable
interface virtual external 2 rip advertise-routes enable
interface virtual external 2 rip redistribute-routes enable
interface virtual external 2 ospf disable
interface virtual external 2 ospf area 0.0.0.0
interface virtual external 2 ospf priority 1
interface virtual external 2 ospf cost 1
interface virtual external 2 ospf hello-interval 10
interface virtual external 2 ospf dead-interval 40
interface virtual external 2 ospf retransmit-interval 30
interface virtual external 2 ospf transmit-delay 30
interface virtual external 2 ospf auth null
interface virtual external 2 ospf advertise-interface-route enable
interface virtual external 2 igmp disable
interface virtual external 2 pim-dm disable
interface virtual external 2 bridge-mode disable
interface virtual external 2 zone add WAN
interface virtual external 2 link-monitor probe-server default-gateway default-gateway
interface virtual external 2 link-monitor probe-fail-condition any-fail
interface virtual external 2 link-monitor probe-fail-retry 3
interface virtual external 2 link-monitor probe-success-retry 3
interface virtual external 2 link-monitor probe-interval 5
interface virtual external 2 link-monitor enable
interface virtual add 3 internal
interface virtual internal 3 ip 172.16.100.1 netmask 255.255.255.0
interface virtual internal 3 ha-mgmt-ip 0.0.0.0
interface virtual internal 3 ha-peer-ip 0.0.0.0
interface virtual internal 3 nat external-ip
interface virtual internal 3 rip disable
interface virtual internal 3 rip send-mode disable
interface virtual internal 3 rip receive-mode disable
interface virtual internal 3 rip auth disable
interface virtual internal 3 rip split-horizon disable
interface virtual internal 3 rip poison-reverse disable
interface virtual internal 3 rip advertise-routes enable
interface virtual internal 3 rip redistribute-routes enable
interface virtual internal 3 ospf disable
interface virtual internal 3 ospf area 0.0.0.0
interface virtual internal 3 ospf priority 1
interface virtual internal 3 ospf cost 1
interface virtual internal 3 ospf hello-interval 10
interface virtual internal 3 ospf dead-interval 40
interface virtual internal 3 ospf retransmit-interval 30
interface virtual internal 3 ospf transmit-delay 30
interface virtual internal 3 ospf auth null
interface virtual internal 3 ospf advertise-interface-route enable
interface virtual internal 3 igmp disable
interface virtual internal 3 pim-dm disable
interface virtual internal 3 bridge-mode disable
interface virtual internal 3 zone add Invitados
interface virtual add 4 internal
interface virtual internal 4 ip 172.16.50.1 netmask 255.255.255.0
interface virtual internal 4 ha-mgmt-ip 0.0.0.0
interface virtual internal 4 ha-peer-ip 0.0.0.0
interface virtual internal 4 nat external-ip
interface virtual internal 4 rip disable
interface virtual internal 4 rip send-mode disable
interface virtual internal 4 rip receive-mode disable
interface virtual internal 4 rip auth disable
interface virtual internal 4 rip split-horizon disable
interface virtual internal 4 rip poison-reverse disable
interface virtual internal 4 rip advertise-routes enable
interface virtual internal 4 rip redistribute-routes enable
interface virtual internal 4 ospf disable
interface virtual internal 4 ospf area 0.0.0.0
interface virtual internal 4 ospf priority 1
interface virtual internal 4 ospf cost 1
interface virtual internal 4 ospf hello-interval 10
interface virtual internal 4 ospf dead-interval 40
interface virtual internal 4 ospf retransmit-interval 30
interface virtual internal 4 ospf transmit-delay 30
interface virtual internal 4 ospf auth null
interface virtual internal 4 ospf advertise-interface-route enable
interface virtual internal 4 igmp disable
interface virtual internal 4 pim-dm disable
interface virtual internal 4 bridge-mode disable
interface virtual internal 4 zone add IRONPORT
interface virtual add 5 external
interface virtual external 5 type static 200.13.252.138 netmask 255.255.255.24 gw 200.13.252.137
interface virtual external 5 ha-mgmt-ip 0.0.0.0
interface virtual external 5 ha-peer-ip 0.0.0.0
interface virtual external 5 rip disable
interface virtual external 5 rip send-mode disable
interface virtual external 5 rip receive-mode disable
interface virtual external 5 rip auth disable
interface virtual external 5 rip split-horizon disable
interface virtual external 5 rip poison-reverse disable
interface virtual external 5 rip advertise-routes enable
interface virtual external 5 rip redistribute-routes enable
interface virtual external 5 ospf disable
interface virtual external 5 ospf area 0.0.0.0
interface virtual external 5 ospf priority 1
interface virtual external 5 ospf cost 1
interface virtual external 5 ospf hello-interval 10
interface virtual external 5 ospf dead-interval 40
interface virtual external 5 ospf retransmit-interval 30
interface virtual external 5 ospf transmit-delay 30
interface virtual external 5 ospf auth null
interface virtual external 5 ospf advertise-interface-route enable
interface virtual external 5 igmp disable
interface virtual external 5 pim-dm disable
interface virtual external 5 bridge-mode disable
interface virtual external 5 zone add WAN-2
interface virtual external 5 link-monitor probe-server default-gateway default-gateway
interface virtual external 5 link-monitor probe-fail-condition any-fail
interface virtual external 5 link-monitor probe-fail-retry 3
interface virtual external 5 link-monitor probe-success-retry 3
interface virtual external 5 link-monitor probe-interval 5
interface virtual external 5 link-monitor enable default-gateway 208.30.41.201
firewall schedule update working-day days smtwtfs from 0000 to 2359
firewall service update 3com-nbx udp port 2093 to 2096
firewall service update audio-call-control tcp port 1731
firewall service update dhcp-client udp port 68
firewall service update dhcp-server udp port 67
firewall service update dns-tcp tcp port 53
firewall service update dns-udp udp port 53
firewall service update finger-tcp tcp port 79
firewall service update ftp tcp port 21
firewall service update gopher-tcp tcp port 70
firewall service update gre 47
firewall service update h323 tcp port 1720
firewall service update http tcp port 80
firewall service update https tcp port 443
firewall service update igmp 2
firewall service update ike udp port 500
firewall service update imap tcp port 143
firewall service update imapv3 tcp port 220
firewall service update ipsec-ah 51
firewall service update ipsec-esp 50
firewall service update kerberos-tcp tcp port 88
firewall service update kerberos-udp udp port 88
firewall service update l2tp udp port 1701
firewall service update ldap-tcp tcp port 389
firewall service update ldap-udp udp port 389
firewall service update lotus-notes-domino tcp port 1352
firewall service update lpr tcp port 515
firewall service update nat-t-ipsec udp port 4500
firewall service update nbname tcp port 137
firewall service update netbios-tcp tcp port 137 to 139
firewall service update netbios-udp udp port 137 to 139
firewall service update netmeeting tcp port 1720
firewall service update nfsd-tcp tcp port 2049
firewall service update nfsd-udp udp port 2049
firewall service update nntp tcp port 119
firewall service update ntp udp port 123
firewall service update pim-dm 103
firewall service update ping icmp port 8
firewall service update pop3 tcp port 110
firewall service update portmapper-tcp tcp port 111
firewall service update portmapper-udp udp port 111
firewall service update pptp-tcp tcp port 1723
firewall service update radius-accounting udp port 1813
firewall service update radius-auth udp port 1812
firewall service update rexec tcp port 512
firewall service update rip udp port 520
firewall service update rlogin tcp port 513
firewall service update rsh tcp port 514
firewall service update rtsp tcp port 554
firewall service update sip-tcp tcp port 5060
firewall service update sip-udp udp port 5060
firewall service update smb tcp port 445
firewall service update sms-client tcp port 10042
firewall service update sms-trap tcp port 8162 to 8163
firewall service update smtp tcp port 25
firewall service update snmp-request udp port 161
firewall service update snmp-trap udp port 162
firewall service update ssh tcp port 22
firewall service update syslog udp port 514
firewall service update t120 tcp port 1503
firewall service update telnet tcp port 23
firewall service update tftp udp port 69
firewall service update traceroute icmp port 8
firewall service update uucp udp port 540
firewall service update vnc-browser tcp port 5800
firewall service update vnc-viewer tcp port 5900
firewall service update x-windows tcp port 6000 to 6063
firewall service update SSH-udp udp port 22
firewall service update aol tcp port 5190 to 5193
firewall service update aol-udp udp port 5190 to 5193
firewall service update MSN-TCP tcp port 1863
firewall service update msn-udp udp port 1863
firewall service update Sametime tcp port 1533
firewall service update sametime-udp udp port 1533
firewall service update WINS-TCP tcp port 42
firewall service update WINS-UDP udp port 42
firewall service update aol-tcp tcp port 5190 to 5193
firewall service update TermServer-TCP tcp port 3389
firewall service update TermServer-UDP udp port 3389
firewall service update Discard-UDP udp port 9
firewall service update Discard-TCP tcp port 9
firewall service update echo-tcp tcp port 7
firewall service update echo-udp udp port 7
firewall service update Internet-Locator tcp port 389
firewall service update irc tcp port 194
firewall service update Itunes-Tcp tcp port 3689
firewall service update Itunes-Udp udp port 5353
firewall service update Msn-Tcp tcp port 1863
firewall service update Mns-Udp udp port 1863
firewall service update Pc-anywhere-TCP tcp port 5631
firewall service update Talk udp port 517 to 518
firewall service update Uls tcp port 522
firewall service update Wais tcp port 210
firewall service update AEROMEDELLIN tcp port 5222 to 5223
firewall service update AEROMEDELLIN-445 tcp port 445
firewall service update SMTP-2526 tcp port 2526
firewall service update BANCAFE udp port 500 to 501
firewall service update LOCATION tcp port 8880
firewall service update AEREOMEDELLIN-1080 tcp port 1080
firewall service update proxy tcp port 8080
firewall service update Ftp-20 tcp port 20
firewall service update Puerto-8181 tcp port 8181
firewall service update Puerto-8080 tcp port 8080
firewall service update funiber tcp port 8900
firewall service-group update dns dns-tcp dns-udp
firewall service-group update email pop3 smtp imap imapv3
firewall service-group update ipsec ike ipsec-ah ipsec-esp
firewall service-group update ldap ldap-udp ldap-tcp
firewall service-group update management https ssh ping snmp-request telnet http dns-tcp dns-udp
firewall service-group update netmeeting h323 audio-call-control t120
firewall service-group update network-protocols dns-tcp dns-udp dhcp-server dhcp-client
firewall service-group update nfs portmapper-tcp portmapper-udp nfsd-tcp nfsd-udp
firewall service-group update pptp pptp-tcp gre
firewall service-group update secure-management https ssh
firewall service-group update sip sip-tcp sip-udp
firewall service-group update sms-config https snmp-request ssh
firewall service-group update sms-get ntp sms-trap
firewall service-group update snmp snmp-request snmp-trap
firewall service-group update vnc vnc-browser vnc-viewer
firewall service-group update voice 3com-nbx sip-tcp sip-udp
firewall service-group update vpn-protocols pptp-tcp l2tp gre ike nat-t-ipsec
firewall service-group update DHCP-SERVICIOS dhcp-server dhcp-client
firewall service-group update GRUPO-TRABAJO-NETBIOS nbname netbios-tcp netbios-udp WINS-TCP WINS-UDP ping
firewall service-group update ServiciosSWS dns-tcp dns-udp http ftp smtp
firewall service-group update Terminal_Server TermServer-TCP TermServer-UDP
firewall service-group update MSN-SERVICIO msn-udp aol-tcp aol-udp Msn-Tcp
firewall service-group update VNC-SERVICIOS vnc-browser vnc-viewer
firewall service-group update AOL aol-tcp aol-udp
firewall service-group update SAMETIME Sametime sametime-udp
firewall service-group update WEB-SERVICE http https
firewall service-group update INVITADOS dns-tcp dns-udp https http ftp sip-tcp sip-udp telnet MSN-TCP msn-udp "location name"
firewall service-group update web_services http https
firewall service-group update web-basic-service http https location
location-123 location ping location-1080 ftp Puerto-8181 Puerto-8080 LOCATION funiber
firewall service-group update SERVICIOS-WEB-SISTEMAS-ENTERPRISE-NAME3com-nbx dns-tcp dns-udp ftp h323 http https ike ipsec-ah ipsec-esp l2tp nat-t-ipsec ping pop3 smtp
firewall service-group update SERVICIOS-WEB-SISTEMAS-ENTERPRISE-NAME-1 pop3 pptp-tcp sip-tcp sip-udp vnc-browser vnc-viewer TermServer-TCP TermServer-UDP Pc-anywhere-TCP
firewall service-group update FTP-PERMITODO-LAN-WAN ftp
firewall service-group update MPLS-ENTERPRISE-NAMEhttp https dns-tcp dns-udp ftp pop3 smtp
firewall rule update 94 permit LAN VPN ANY
firewall rule update 94 schedule always timeout 30 logging disable
firewall rule update 94 src-addr all
firewall rule update 94 dst-addr all
firewall rule update 94 bandwidth disable
firewall rule update 94 authentication disable
firewall rule update 94 position 1
firewall rule update 94 comment ""
firewall rule update 94 anti-spam disable
firewall rule update 94 skip-ips disable
firewall rule update 94 web-filter disable
firewall rule update 94 web-filter-profile Default
firewall rule update 94 user-login-redirect disable
firewall rule enable 94
firewall rule update 92 permit LAN WAN SERVICIOS-BASICOS-WEB
firewall rule update 92 schedule always timeout 30 logging disable
firewall rule update 92 src-addr group MSN-PERIMITIDO-ENTERPRISE-NAME
firewall rule update 92 dst-addr all
firewall rule update 92 bandwidth disable
firewall rule update 92 authentication disable
firewall rule update 92 position 2
firewall rule update 92 comment "SERVICIOS BASICOS WEB CON MSN SIN PROXY"
firewall rule update 92 anti-spam disable
firewall rule update 92 skip-ips disable
firewall rule update 92 web-filter enable
firewall rule update 92 web-filter-profile BLOQUE-MSN
firewall rule update 92 user-login-redirect disable
firewall rule disable 92
firewall rule update 97 permit LAN WAN-2 SERVICIOS-BASICOS-WEB
firewall rule update 97 schedule always timeout 30 logging disable
firewall rule update 97 src-addr group MSN-PERIMITIDO-ENTERPRISE-NAME
firewall rule update 97 dst-addr all
firewall rule update 97 bandwidth disable
firewall rule update 97 authentication disable
firewall rule update 97 position 3
firewall rule update 97 comment "BACKUP LAN - WAN-2"
firewall rule update 97 anti-spam disable
firewall rule update 97 skip-ips disable
firewall rule update 97 web-filter enable
firewall rule update 97 web-filter-profile BLOQUE-MSN
firewall rule update 97 user-login-redirect enable
firewall rule disable 97
firewall rule update 90 permit LAN WAN MSN-SERVICIO
firewall rule update 90 schedule always timeout 30 logging disable
firewall rule update 90 src-addr group MSN-PERIMITIDO-ENTERPRISE-NAME
firewall rule update 90 dst-addr all
firewall rule update 90 bandwidth disable
firewall rule update 90 authentication disable
firewall rule update 90 position 4
firewall rule update 90 comment "PERMITIR MSN LAN ENTERPRISE-NAMECON FILTRO DE CONTENIDO"
firewall rule update 90 anti-spam disable
firewall rule update 90 skip-ips disable
firewall rule update 90 web-filter disable
firewall rule update 90 web-filter-profile BLOQUE-MSN
firewall rule update 90 user-login-redirect disable
firewall rule enable 90
firewall rule update 98 permit LAN WAN-2 MSN-SERVICIO
firewall rule update 98 schedule always timeout 30 logging disable
firewall rule update 98 src-addr group MSN-PERIMITIDO-ENTERPRISE-NAME
firewall rule update 98 dst-addr all
firewall rule update 98 bandwidth disable
firewall rule update 98 authentication disable
firewall rule update 98 position 5
firewall rule update 98 comment "MNS LAN BACKUP"
firewall rule update 98 anti-spam disable
firewall rule update 98 skip-ips disable
firewall rule update 98 web-filter disable
firewall rule update 98 web-filter-profile Default
firewall rule update 98 user-login-redirect disable
firewall rule enable 98
firewall rule update 88 permit LAN WAN SERVICIOS-BASICOS-WEB
firewall rule update 88 schedule always timeout 30 logging disable
firewall rule update 88 src-addr group SERVER-VENUS
firewall rule update 88 dst-addr all
firewall rule update 88 bandwidth disable
firewall rule update 88 authentication disable
firewall rule update 88 position 6
firewall rule update 88 comment "PERMITIR SERVICIOS WEB - SERVER VENUS"
firewall rule update 88 anti-spam disable
firewall rule update 88 skip-ips disable
firewall rule update 88 web-filter enable
firewall rule update 88 web-filter-profile Default
firewall rule update 88 user-login-redirect disable
firewall rule enable 88
firewall rule update 99 permit LAN WAN-2 SERVICIOS-BASICOS-WEB
firewall rule update 99 schedule always timeout 30 logging disable
firewall rule update 99 src-addr group SERVER-VENUS
firewall rule update 99 dst-addr all
firewall rule update 99 bandwidth disable
firewall rule update 99 authentication disable
firewall rule update 99 position 7
firewall rule update 99 comment "BACKUP"
firewall rule update 99 anti-spam disable
firewall rule update 99 skip-ips disable
firewall rule update 99 web-filter enable
firewall rule update 99 web-filter-profile Default
firewall rule update 99 user-login-redirect disable
firewall rule enable 99
firewall rule update 68 permit LAN WAN ANY
firewall rule update 68 schedule always timeout 30 logging disable
firewall rule update 68 src-addr group LAN-SERVIDORES-ENTERPRISE-NAME
firewall rule update 68 dst-addr all
firewall rule update 68 bandwidth disable
firewall rule update 68 authentication disable
firewall rule update 68 position 8
firewall rule update 68 comment "PERMITIR DE LAN-SERVIDORES A WAN ANY"
firewall rule update 68 anti-spam disable
firewall rule update 68 skip-ips disable
firewall rule update 68 web-filter disable
firewall rule update 68 web-filter-profile Default
firewall rule update 68 user-login-redirect disable
firewall rule enable 68
firewall rule update 96 permit LAN WAN-2 ANY
firewall rule update 96 schedule always timeout 30 logging disable
firewall rule update 96 src-addr group LAN-SERVIDORES-ENTERPRISE-NAME
firewall rule update 96 dst-addr all
firewall rule update 96 bandwidth disable
firewall rule update 96 authentication disable
firewall rule update 96 position 9
firewall rule update 96 comment "PERMITIR LAN SERVIDORES ENTERPRISE-NAMEWAN ANY"
firewall rule update 96 anti-spam disable
firewall rule update 96 skip-ips disable
firewall rule update 96 web-filter disable
firewall rule update 96 web-filter-profile Default
firewall rule update 96 user-login-redirect disable
firewall rule enable 96
firewall rule update 62 permit IRONPORT WAN ANY
firewall rule update 62 schedule always timeout 30 logging disable
firewall rule update 62 src-addr group IRONPORT
firewall rule update 62 dst-addr all
firewall rule update 62 bandwidth disable
firewall rule update 62 authentication disable
firewall rule update 62 position 10
firewall rule update 62 comment "PERMITIR ZONA IRONPORT ANY A WAN"
firewall rule update 62 anti-spam disable
firewall rule update 62 skip-ips disable
firewall rule update 62 web-filter disable
firewall rule update 62 web-filter-profile Default
firewall rule update 62 user-login-redirect disable
firewall rule enable 62
firewall rule update 100 permit IRONPORT WAN-2 ANY
firewall rule update 100 schedule always timeout 30 logging disable
firewall rule update 100 src-addr group IRONPORT
firewall rule update 100 dst-addr all
firewall rule update 100 bandwidth disable
firewall rule update 100 authentication disable
firewall rule update 100 position 11
firewall rule update 100 comment "BACKUP IRONPORT WAN-2"
firewall rule update 100 anti-spam disable
firewall rule update 100 skip-ips disable
firewall rule update 100 web-filter disable
firewall rule update 100 web-filter-profile Default
firewall rule update 100 user-login-redirect disable
firewall rule enable 100
firewall rule update 82 permit WAN LAN ANY
firewall rule update 82 schedule always timeout 30 logging disable
firewall rule update 82 src-addr all
firewall rule update 82 dst-addr group SERVER-JUNO
firewall rule update 82 bandwidth disable
firewall rule update 82 authentication disable
firewall rule update 82 position 12
firewall rule update 82 comment "PERMITIR WEB SERVICES WAN - LAN SERVER JUNO"
firewall rule update 82 anti-spam disable
firewall rule update 82 skip-ips disable
firewall rule update 82 web-filter disable
firewall rule update 82 web-filter-profile Default
firewall rule update 82 user-login-redirect disable
firewall rule enable 82
firewall rule update 81 permit WAN LAN ANY
firewall rule update 81 schedule always timeout 30 logging disable
firewall rule update 81 src-addr all
firewall rule update 81 dst-addr group SERVER-ZEUS-INTRANET
firewall rule update 81 bandwidth disable
firewall rule update 81 authentication disable
firewall rule update 81 position 13
firewall rule update 81 comment "SERVICIOS WEB PARA SERVER ZEUS INTRANET"
firewall rule update 81 anti-spam disable
firewall rule update 81 skip-ips disable
firewall rule update 81 web-filter disable
firewall rule update 81 web-filter-profile Default
firewall rule update 81 user-login-redirect disable
firewall rule enable 81
firewall rule update 70 permit WAN LAN ANY
firewall rule update 70 schedule always timeout 30 logging disable
firewall rule update 70 src-addr all
firewall rule update 70 dst-addr group SERVER-MAIL-EXCHANGE
firewall rule update 70 bandwidth disable
firewall rule update 70 authentication disable
firewall rule update 70 position 14
firewall rule update 70 comment "COMMENTS"
firewall rule update 70 anti-spam disable
firewall rule update 70 skip-ips disable
firewall rule update 70 web-filter disable
firewall rule update 70 web-filter-profile Default
firewall rule update 70 user-login-redirect disable
firewall rule enable 70
firewall rule update 38 permit WAN IRONPORT smtp
firewall rule update 38 schedule always timeout 30 logging disable
firewall rule update 38 src-addr all
firewall rule update 38 dst-addr group IRONPORT
firewall rule update 38 bandwidth disable
firewall rule update 38 authentication disable
firewall rule update 38 position 15
firewall rule update 38 comment "ALLOW..."
firewall rule update 38 anti-spam enable
firewall rule update 38 skip-ips disable
firewall rule update 38 web-filter disable
firewall rule update 38 web-filter-profile Default
firewall rule update 38 user-login-redirect disable
firewall rule enable 38
firewall rule update 80 permit WAN IRONPORT pop3
firewall rule update 80 schedule always timeout 30 logging disable
firewall rule update 80 src-addr all
firewall rule update 80 dst-addr group IRONPORT
firewall rule update 80 bandwidth disable
firewall rule update 80 authentication disable
firewall rule update 80 position 16
firewall rule update 80 comment "PERMITIR POP3 DE WAN - IRONPORT"
firewall rule update 80 anti-spam disable
firewall rule update 80 skip-ips disable
firewall rule update 80 web-filter disable
firewall rule update 80 web-filter-profile Default
firewall rule update 80 user-login-redirect disable
firewall rule enable 80
firewall rule update 72 permit WAN LAN ANY
firewall rule update 72 schedule always timeout 30 logging disable
firewall rule update 72 src-addr all
firewall rule update 72 dst-addr group SERVER-ATENEA
firewall rule update 72 bandwidth disable
firewall rule update 72 authentication disable
firewall rule update 72 position 17
firewall rule update 72 comment "SERVICIO FTP DE WAN - LAN ATENEA"
firewall rule update 72 anti-spam disable
firewall rule update 72 skip-ips disable
firewall rule update 72 web-filter disable
firewall rule update 72 web-filter-profile Default
firewall rule update 72 user-login-redirect disable
firewall rule enable 72
firewall rule update 71 permit WAN LAN ANY
firewall rule update 71 schedule always timeout 30 logging disable
firewall rule update 71 src-addr all
firewall rule update 71 dst-addr group SERVER-VENUS
firewall rule update 71 bandwidth disable
firewall rule update 71 authentication disable
firewall rule update 71 position 18
firewall rule update 71 comment "SERVICIO FTP WAN - LAN VENUS"
firewall rule update 71 anti-spam disable
firewall rule update 71 skip-ips disable
firewall rule update 71 web-filter disable
firewall rule update 71 web-filter-profile Default
firewall rule update 71 user-login-redirect disable
firewall rule enable 71
firewall rule update 60 permit WAN IRONPORT management
firewall rule update 60 schedule always timeout 30 logging disable
firewall rule update 60 src-addr group ADMON-ITCORP
firewall rule update 60 dst-addr group IRONPORT
firewall rule update 60 bandwidth disable
firewall rule update 60 authentication disable
firewall rule update 60 position 19
firewall rule update 60 comment "permitir adm ironport desde ITC"
firewall rule update 60 anti-spam disable
firewall rule update 60 skip-ips disable
firewall rule update 60 web-filter disable
firewall rule update 60 web-filter-profile Default
firewall rule update 60 user-login-redirect disable
firewall rule enable 60
firewall rule update 59 permit WAN this-device management
fire update 59 bandwidth disable
firewall rule update 59 authentication disable
firewall rule update 59 position 20
firewall rule update 59 comment "permitir soporte ITCORP"
firewall rule update 59 anti-spam disable
firewall rule update 59 skip-ips disable
firewall rule update 59 web-filter disable
firewall rule update 59 web-filter-profile Default
firewall rule update 59 user-login-redirect disable
firewall rule enable 59
firewall rule update 102 permit WAN-2 this-device management
firewall rule update 102 schedule always timeout 30 logging disable
firewall rule update 102 src-addr group ADMON-ITCORP
firewall rule update 102 dst-addr all
firewall rule update 102 bandwidth disable
firewall rule update 102 authentication disable
firewall rule update 102 position 21
firewall rule update 102 comment "ALLOW..."
firewall rule update 102 anti-spam disable
firewall rule update 102 skip-ips disable
firewall rule update 102 web-filter disable
firewall rule update 102 web-filter-profile Default
firewall rule update 102 user-login-redirect disable
firewall rule enable 102
firewall rule update 51 permit WAN this-device vpn-protocols
firewall rule update 51 schedule always timeout 30 logging disable
firewall rule update 51 src-addr all
firewall rule update 51 dst-addr all
firewall rule update 51 bandwidth disable
firewall rule update 51 authentication disable
firewall rule update 51 position 22
firewall rule update 51 comment "Allow VPN termination"
firewall rule update 51 anti-spam disable
firewall rule update 51 skip-ips disable
firewall rule update 51 web-filter disable
firewall rule update 51 web-filter-profile Default
firewall rule update 51 user-login-redirect disable
firewall rule enable 51
firewall rule update 103 permit WAN-2 this-device vpn-protocols
firewall rule update 103 schedule always timeout 30 logging disable
firewall rule update 103 src-addr all
firewall rule update 103 dst-addr all
firewall rule update 103 bandwidth disable
firewall rule update 103 authentication disable
firewall rule update 103 position 23
firewall rule update 103 comment "ALLOW..."
firewall rule update 103 anti-spam disable
firewall rule update 103 skip-ips disable
firewall rule update 103 web-filter disable
firewall rule update 103 web-filter-profile Default
firewall rule update 103 user-login-redirect disable
firewall rule enable 103
firewall rule update 91 permit LAN WAN Terminal_Server
firewall rule update 91 schedule always timeout 30 logging disable
firewall rule update 91 src-addr group ALL-VLAN-ENTERPRISE-NAME
firewall rule update 91 dst-addr all
firewall rule update 91 bandwidth disable
firewall rule update 91 authentication disable
firewall rule update 91 position 24
firewall rule update 91 comment "ALLOW ACCESS TO THE OFICCE 1"
firewall rule update 91 anti-spam disable
firewall rule update 91 skip-ips disable
firewall rule update 91 web-filter disable
firewall rule update 91 web-filter-profile Default
firewall rule update 91 user-login-redirect disable
firewall rule enable 91
firewall rule update 101 permit LAN WAN-2 Terminal_Server
firewall rule update 101 schedule always timeout 30 logging disable
firewall rule update 101 src-addr group ALL-VLAN-ENTERPRISE-NAME
firewall rule update 101 dst-addr all
firewall rule update 101 bandwidth disable
firewall rule update 101 authentication disable
firewall rule update 101 position 25
firewall rule update 101 comment "BACKUP"
firewall rule update 101 anti-spam disable
firewall rule update 101 skip-ips disable
firewall rule update 101 web-filter disable
firewall rule update 101 web-filter-profile Default
firewall rule update 101 user-login-redirect disable
firewall rule enable 101
firewall rule update 74 permit LAN WAN SERVICIOS-WEB-SISTEMAS-ENTERPRISE-NAME-1
firewall rule update 74 schedule always timeout 30 logging disable
firewall rule update 74 src-addr group SISTEMAS
firewall rule update 74 dst-addr all
firewall rule update 74 bandwidth disable
firewall rule update 74 authentication disable
firewall rule update 74 position 26
firewall rule update 74 comment "ALLOW..."
firewall rule update 74 anti-spam disable
firewall rule update 74 skip-ips disable
firewall rule update 74 web-filter disable
firewall rule update 74 web-filter-profile Default
firewall rule update 74 user-login-redirect disable
firewall rule disable 74
firewall rule update 73 permit LAN WAN SERVICIOS-WEB-SISTEMAS-ENTERPRISE-NAME
firewall rule update 73 schedule always timeout 30 logging disable
firewall rule update 73 src-addr group SISTEMAS
firewall rule update 73 dst-addr all
firewall rule update 73 bandwidth disable
firewall rule update 73 authentication disable
firewall rule update 73 position 27
firewall rule update 73 comment "COMMENTS"
firewall rule update 73 anti-spam disable
firewall rule update 73 skip-ips disable
firewall rule update 73 web-filter enable
firewall rule update 73 web-filter-profile Default
firewall rule update 73 user-login-redirect disable
firewall rule disable 73
firewall rule update 47 permit LAN WAN SERVICIOS-BASICOS-WEB
firewall rule update 47 schedule always timeout 30 logging disable
firewall rule update 47 src-addr group ALL-VLAN-ENTERPRISE-NAME
firewall rule update 47 dst-addr all
firewall rule update 47 bandwidth disable
firewall rule update 47 authentication disable
firewall rule update 47 position 28
firewall rule update 47 comment "LAN-WAN-SERVICIOS-BASICOS-WEB"
firewall rule update 47 anti-spam disable
firewall rule update 47 skip-ips disable
firewall rule update 47 web-filter disable
firewall rule update 47 web-filter-profile Default
firewall rule update 47 user-login-redirect disable
firewall rule disable 47
firewall rule update 83 permit LAN WAN SERVICIOS-BASICOS-WEB
firewall rule update 83 schedule always timeout 30 logging disable
firewall rule update 83 src-addr group ENTERPRISE-NAME-MPLS
firewall rule update 83 dst-addr all
firewall rule update 83 bandwidth disable
firewall rule update 83 authentication disable
firewall rule update 83 position 29
firewall rule update 83 comment "ALLOW..."
firewall rule update 83 anti-spam disable
firewall rule update 83 skip-ips disable
firewall rule update 83 web-filter enable
firewall rule update 83 web-filter-profile Default
firewall rule update 83 user-login-redirect disable
firewall rule disable 83
firewall rule update 84 permit LAN WAN MPLS-ENTERPRISE-NAME
firewall rule update 84 schedule always timeout 30 logging disable
firewall rule update 84 src-addr group ENTERPRISE-NAME-MPLS-1
firewall rule update 84 dst-addr all
firewall rule update 84 bandwidth disable
firewall rule update 84 authentication disable
firewall rule update 84 position 30
firewall rule update 84 comment "ALLOW...1"
firewall rule update 84 anti-spam disable
firewall rule update 84 skip-ips disable
firewall rule update 84 web-filter enable
firewall rule update 84 web-filter-profile MPLS-ENTERPRISE-NAME
firewall rule update 84 user-login-redirect disable
firewall rule enable 84
firewall rule update 85 permit LAN WAN-2 SERVICIOS-BASICOS-WEB
firewall rule update 85 schedule always timeout 30 logging disable
firewall rule update 85 src-addr group ENTERPRISE-NAME-MPLS-2
firewall rule update 85 dst-addr all
firewall rule update 85 bandwidth disable
firewall rule update 85 authentication disable
firewall rule update 85 position 31
firewall rule update 85 comment "ALLOW..."
firewall rule update 85 anti-spam disable
firewall rule update 85 skip-ips disable
firewall rule update 85 web-filter enable
firewall rule update 85 web-filter-profile Default
firewall rule update 85 user-login-redirect disable
firewall rule disable 85
firewall rule update 95 permit LAN WAN MPLS-ENTERPRISE-NAME
firewall rule update 95 schedule always timeout 30 logging disable
firewall rule update 95 src-addr group ENTERPRISE-NAME-MPLS-3
firewall rule update 95 dst-addr all
firewall rule update 95 bandwidth disable
firewall rule update 95 authentication disable
firewall rule update 95 position 32
firewall rule update 95 comment "ALLOW..."
firewall rule update 95 anti-spam disable
firewall rule update 95 skip-ips disable
firewall rule update 95 web-filter enable
firewall rule update 95 web-filter-profile MPLS-ENTERPRISE-NAME
firewall rule update 95 user-login-redirect disable
firewall rule enable 95
firewall rule update 63 permit LAN IRONPORT ANY
firewall rule update 63 schedule always timeout 30 logging disable
firewall rule update 63 src-addr all
firewall rule update 63 dst-addr group IRONPORT
firewall rule update 63 bandwidth disable
firewall rule update 63 authentication disable
firewall rule update 63 position 33
firewall rule update 63 comment "ALLOW..."
firewall rule update 63 anti-spam disable
firewall rule update 63 skip-ips disable
firewall rule update 63 web-filter disable
firewall rule update 63 web-filter-profile Default
firewall rule update 63 user-login-redirect disable
firewall rule enable 63
firewall rule update 22 permit Invitados WAN ANY
firewall rule update 22 schedule always timeout 30 logging disable
firewall rule update 22 src-addr all
firewall rule update 22 dst-addr all
firewall rule update 22 bandwidth disable
firewall rule update 22 authentication disable
firewall rule update 22 position 34
firewall rule update 22 comment "allow guest server for to WAN"
firewall rule update 22 anti-spam disable
firewall rule update 22 skip-ips disable
firewall rule update 22 web-filter enable
firewall rule update 22 web-filter-profile Default
firewall rule update 22 user-login-redirect disable
firewall rule enable 22
firewall rule update 50 permit Invitados this-device network-protocols
firewall rule update 50 schedule always timeout 30 logging disable
firewall rule update 50 src-addr all
firewall rule update 50 dst-addr all
firewall rule update 50 bandwidth disable
firewall rule update 50 authentication disable
firewall rule update 50 position 35
firewall rule update 50 comment "DHCP GUEST SERVICE"
firewall rule update 50 anti-spam disable
firewall rule update 50 skip-ips disable
firewall rule update 50 web-filter disable
firewall rule update 50 web-filter-profile Default
firewall rule update 50 user-login-redirect disable
firewall rule enable 50
firewall rule update 86 permit Invitados this-device WEB-SERVICE
firewall rule update 86 schedule always timeout 30 logging disable
firewall rule update 86 src-addr all
firewall rule update 86 dst-addr all
firewall rule update 86 bandwidth disable
firewall rule update 86 authentication disable
firewall rule update 86 position 36
firewall rule update 86 comment "ALLOW TO..."
firewall rule update 86 anti-spam disable
firewall rule update 86 skip-ips disable
firewall rule update 86 web-filter disable
firewall rule update 86 web-filter-profile Default
firewall rule update 86 user-login-redirect disable
firewall rule disable 86
firewall rule update 65 permit VPN IRONPORT ANY
firewall rule update 65 schedule always timeout 30 logging disable
firewall rule update 65 src-addr all
firewall rule update 65 dst-addr all
firewall rule update 65 bandwidth disable
firewall rule update 65 authentication disable
firewall rule update 65 position 37
firewall rule update 65 comment "ALLOW VPN TO IRONPORT ZONE"
firewall rule update 65 anti-spam disable
firewall rule update 65 skip-ips disable
firewall rule update 65 web-filter disable
firewall rule update 65 web-filter-profile Default
firewall rule update 65 user-login-redirect disable
firewall rule enable 65
firewall rule update 52 permit VPN this-device ping
firewall rule update 52 schedule always timeout 30 logging disable
firewall rule update 52 src-addr all
firewall rule update 52 dst-addr all
firewall rule update 52 bandwidth disable
firewall rule update 52 authentication disable
firewall rule update 52 position 38
firewall rule update 52 comment "PING TPP SAVIV"
firewall rule update 52 anti-spam disable
firewall rule update 52 skip-ips disable
firewall rule update 52 web-filter disable
firewall rule update 52 web-filter-profile Default
firewall rule update 52 user-login-redirect disable
firewall rule enable 52
firewall rule update 78 permit VPN this-device network-protocols
firewall rule update 78 schedule always timeout 30 logging disable
firewall rule update 78 src-addr all
firewall rule update 78 dst-addr all
firewall rule update 78 bandwidth disable
firewall rule update 78 authentication disable
firewall rule update 78 position 39
firewall rule update 78 comment "VPN-THIS DEVICE-NETWORK-PROTOCOLS"
firewall rule update 78 anti-spam disable
firewall rule update 78 skip-ips disable
firewall rule update 78 web-filter disable
firewall rule update 78 web-filter-profile Default
firewall rule update 78 user-login-redirect disable
firewall rule enable 78
firewall rule update 76 permit VPN LAN ANY
firewall rule update 76 schedule always timeout 30 logging disable
firewall rule update 76 src-addr group VPN-ENTERPRISE-NAME
firewall rule update 76 dst-addr group SERVER-VPN-USER
firewall rule update 76 bandwidth disable
firewall rule update 76 authentication disable
firewall rule update 76 position 40
firewall rule update 76 comment "ALLOW FROM LAN TO VPN - LAN SERVICE"
firewall rule update 76 anti-spam disable
firewall rule update 76 skip-ips disable
firewall rule update 76 web-filter disable
firewall rule update 76 web-filter-profile Default
firewall rule update 76 user-login-redirect disable
firewall rule enable 76
firewall rule update 77 permit LAN VPN ANY
firewall rule update 77 schedule always timeout 30 logging disable
firewall rule update 77 src-addr group GROUP NAME
firewall rule update 77 dst-addr all
firewall rule update 77 bandwidth disable
firewall rule update 77 authentication disable
firewall rule update 77 position 41
firewall rule update 77 comment "ALLOW FROM LAN TO VPN - LAN SERVICE"
firewall rule update 77 anti-spam disable
firewall rule update 77 skip-ips disable
firewall rule update 77 web-filter disable
firewall rule update 77 web-filter-profile Default
firewall rule update 77 user-login-redirect disable
firewall rule enable 77
firewall rule update 53 permit LAN this-device management
firewall rule update 53 schedule always timeout 30 logging disable
firewall rule update 53 src-addr group ADMON-ENTERPRISE-NAME
firewall rule update 53 dst-addr all
firewall rule update 53 bandwidth disable
firewall rule update 53 authentication disable
firewall rule update 53 position 42
firewall rule update 53 comment "Allow management access from LAN"
firewall rule update 53 anti-spam disable
firewall rule update 53 skip-ips disable
firewall rule update 53 web-filter disable
firewall rule update 53 web-filter-profile Default
firewall rule update 53 user-login-redirect disable
firewall rule enable 53
firewall rule update 54 permit LAN this-device network-protocols
firewall rule update 54 schedule always timeout 30 logging disable
firewall rule update 54 src-addr all
firewall rule update 54 dst-addr all
firewall rule update 54 bandwidth disable
firewall rule update 54 authentication disable
firewall rule update 54 position 43
firewall rule update 54 comment "Allow DNS and DHCP from LAN"
firewall rule update 54 anti-spam disable
firewall rule update 54 skip-ips disable
firewall rule update 54 web-filter disable
firewall rule update 54 web-filter-profile Default
firewall rule update 54 user-login-redirect disable
firewall rule enable 54
firewall rule update 35 permit this-device ANY ANY
firewall rule update 35 schedule always timeout 30 logging disable
firewall rule update 35 src-addr all
firewall rule update 35 dst-addr all
firewall rule update 35 bandwidth disable
firewall rule update 35 authentication disable
firewall rule update 35 position 44
firewall rule update 35 comment "This device para Update de vacuna"
firewall rule update 35 anti-spam disable
firewall rule update 35 skip-ips disable
firewall rule update 35 web-filter disable
firewall rule update 35 web-filter-profile Default
firewall rule update 35 user-login-redirect disable
firewall rule enable 35
firewall rule update 67 block ANY ANY ANY
firewall rule update 67 schedule always timeout 30 logging disable
firewall rule update 67 src-addr all
firewall rule update 67 dst-addr all
firewall rule update 67 bandwidth disable
firewall rule update 67 authentication disable
firewall rule update 67 position 45
firewall rule update 67 comment "Cerrar todo"
firewall rule update 67 anti-spam disable
firewall rule update 67 skip-ips disable
firewall rule update 67 web-filter disable
firewall rule update 67 web-filter-profile Default
firewall rule update 67 user-login-redirect disable
firewall rule enable 67
firewall virtual-servers update Terminal_Server public-ip 208.30.41.202 internal-ip 1.0.0.25 pat disable
firewall virtual-servers update SMTP-2526 public-ip 208.30.41.203 internal-ip 172.16.50.2 pat 25
firewall virtual-servers update smtp public-ip 208.30.41.203 internal-ip 172.16.50.2 pat disable
firewall virtual-servers update ftp public-ip 208.30.41.203 internal-ip 1.0.0.42 pat disable
firewall virtual-servers update http public-ip 208.30.41.202 internal-ip 1.0.0.32 pat disable
firewall virtual-servers update http public-ip 208.30.41.204 internal-ip 1.0.0.23 pat disable
firewall virtual-servers update pop3 public-ip 208.30.41.204 internal-ip 1.0.0.42 pat disable
firewall virtual-servers update SMTP-2526 public-ip 208.30.41.204 internal-ip 1. 0.0.42 pat disable
firewall virtual-servers update https public-ip 208.30.41.202 internal-ip 1.0.0.50 pat disable
firewall virtual-servers update pop3 public-ip 208.30.41.203 internal-ip 1.0.0.50 pat disable
firewall virtual-servers update ftp public-ip 208.30.41.202 internal-ip 1.0.0.25 pat disable
firewall virtual-servers update https public-ip 208.30.41.203 internal-ip 172.16 .50.2 pat disable
firewall virtual-servers update telnet public-ip 208.30.41.203 internal-ip 172.16.50.2 pat disable
firewall alg sip services ANY
firewall alg sip sdp-port-range ANY
routing rip disable update-timer 30
routing static-route add 192.168.1.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.8.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.10.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.15.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.20.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.25.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.26.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.27.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.28.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.29.0 netmask 255.255.255.0 gw 1.0.0.2 metric 1
routing static-route add 192.168.30.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.31.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.32.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.33.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.34.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.35.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.36.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.37.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.38.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.39.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.40.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.41.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.42.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.43.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.44.0 netmask 255.255.255.128 gw 1.0.0.75 metri 1
routing static-route add 192.168.45.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.46.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.47.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.48.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.49.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.50.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.52.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.53.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.54.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 192.168.55.0 netmask 255.255.255.128 gw 1.0.0.75 metric 1
routing static-route add 172.16.0.0 netmask 255.255.252.0 gw 1.0.0.1 metric 1
routing static-route add 10.0.0.0 netmask 255.255.0.0 gw 1.0.0.1 metric 1
routing static-route add 192.168.51.0 netmask 255.255.255.248 gw 1.0.0.75 metric 1
routing multicast igmp enable
routing multicast pim-dm disable query-interval 30 prune-timeout 180
routing ospf disable
routing ospf router-id external-ip
routing ospf rfc1583compatibility enable
routing ospf advertise-routes enable
routing ospf redistribute-routes static enable
routing ospf redistribute-routes rip enable
routing ospf area add 0.0.0.0
vpn ike local-id email contac@mail.com
vpn ike local-id domain co.saviv.local
vpn ike add IKE-ENTERPRISE-NAME
vpn ike proposal IKE-ENTERPRISE-NAMEphase1-encryption 3des-cbc
vpn ike proposal IKE-ENTERPRISE-NAMEphase1-integrity sha1
vpn ike proposal IKE-ENTERPRISE-NAMEphase1-dh-group 2
vpn ike proposal IKE-ENTERPRISE-NAMEphase1-lifetime 28800
vpn ike proposal IKE-ENTERPRISE-NAMEauth-type psk
vpn ike proposal IKE-ENTERPRISE-NAMEaggressive-mode disable
vpn ike proposal IKE-ENTERPRISE-NAMElocal-id-type ip
vpn ike proposal IKE-ENTERPRISE-NAMEpeer-id-type ip
vpn ike proposal IKE-ENTERPRISE-NAMEca-cert ANY
vpn ike proposal IKE-ENTERPRISE-NAMEnat-t enable
vpn ike proposal IKE-ENTERPRISE-NAMEdpd enable
vpn ike proposal IKE-ENTERPRISE-NAMEauto-connect enable
vpn ike proposal IKE-ENTERPRISE-NAMEauto-connect-phase2 enable
vpn ike proposal IKE-ENTERPRISE-NAMEtight-phase2-control enable
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-encryption 3des-cbc
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-integrity esp-sha1-hmac
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-lifetime 3600
vpn ike proposal IKE-ENTERPRISE-NAMEpfs disable
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-dh-group 2
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-zero-id disable
vpn ike proposal IKE-ENTERPRISE-NAMEphase2-strict-id-check disable
vpn ipsec enable
vpn ipsec add Default
vpn ipsec sa Default key ike proposal IKE-ENTERPRISE-NAMEshared-secret ********
vpn ipsec sa Default transport enable
vpn ipsec sa Default peer 0.0.0.0
vpn ipsec sa Default alternate-peer 0.0.0.0
vpn ipsec sa Default zone VPN
vpn ipsec sa Default tunnel enable
vpn ipsec sa Default enable
vpn l2tp addresses group VPN-ENTERPRISE-NAME
vpn l2tp zone VPN
vpn l2tp dns 1.0.0.24 1.0.0.50
vpn l2tp encryption enable
vpn l2tp enable
vpn pptp addresses none
vpn pptp zone LAN
vpn pptp dns relay
vpn pptp encryption enable
vpn pptp disable
ntp peer
ntp server
ntp duration 5
ntp offset 1
ntp fast enable
ntp disable
ddns disable
wan-failover enable
wan-failover load-balancing enable
wan-failover primary-link-percentage 50
ramdisk sync-interval sys 30
ramdisk sync-interval audit 30
ramdisk sync-interval block -1
ramdisk sync-interval alert -1
ramdisk sync-interval firewallsession -1
ramdisk sync-interval firewallblock -1
ramdisk sync-interval vpn -1
ramdisk sync-interval antispam -1
session timeout 20 -persist
no nms
sms v2
sms no must-be-ip
no sms
sms no remote-deploy
ENTERPRISE-NAME#
— David Gonzalez 2021/04/08 09:40
3com/tippingpoint/x506/script/configuration_example_script.txt · Last modified: 2021/04/08 09:40 by dgonzalez