Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Configuracion interfaces, firewall y VPN en pfSense

    Загружено:

    Antonio Menar
    56 просмотров60 страниц
    This document contains configuration information for pfSense interfaces, firewall rules, NAT, and VPN settings. It lists interface names and IP addresses, firewall rules for inbound and outbound traffic, network address translation rules, and settings for OpenVPN and IPsec VPN tunnels.

    Исходное описание:

    Оригинальное название

    Conf Firewall

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    XLSX, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    This document contains configuration information for pfSense interfaces, firewall rules, NAT, and VPN settings. It lists interface names and IP addresses, firewall rules for inbound and outbound traffic, network address translation rules, and settings for OpenVPN and IPsec VPN tunnels.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате XLSX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    56 просмотров60 страниц

    Configuracion interfaces, firewall y VPN en pfSense

    Загружено:

    Antonio Menar
    This document contains configuration information for pfSense interfaces, firewall rules, NAT, and VPN settings. It lists interface names and IP addresses, firewall rules for inbound and outbound traffic, network address translation rules, and settings for OpenVPN and IPsec VPN tunnels.

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате XLSX, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 60

    CONFIGURACION PFSENSE PAGINA 7

    INTERFACES
    NOMBRE
    WAN
    ADSLAXS
    LAN
    Megalink

    DIRECCION IP
    GW NAME
    200.87.106.98/30
    WANGW
    200.105.197.194/29 GWADSLAXS
    192.168.1.1/23
    192.168.164.17/17 MegalinkGW

    GW IP
    OBS
    200.87.106.97
    Default
    200.105.197.193
    192.168.164.1

    FIREWALL NAT
    If
    MEGALINK

    Proto
    TCP/UDP

    Src. addr
    *

    Src. ports
    *

    Dest. addr
    MEGALINK address

    MEGALINK

    TCP/UDP

    MEGALINK address

    WAN

    TCP

    WAN address

    WAN

    TCP

    WAN address

    WAN

    TCP/UDP

    WAN address

    WAN

    TCP

    WAN address

    WAN

    TCP

    WAN address

    MEGALINK

    TCP/UDP

    MEGALINK address

    WAN

    TCP/UDP

    WAN address

    WAN

    TCP/UDP

    WAN address

    WAN

    TCP/UDP

    WAN address

    MEGALINK

    TCP/UDP

    MEGALINK address

    MEGALINK

    TCP/UDP

    Agencias

    MEGALINK address

    WAN

    TCP/UDP

    WAN address

    FIREWALL RULES
    WAN
    Proto

    Source

    Port

    Destination

    Port

    RFC 1918 networks


    Reserved/not
    assigned by IANA
    *
    *
    *
    *
    *

    *
    *
    *
    *
    *
    *

    *
    *
    192.168.1.1
    192.168.1.82
    192.168.1.90
    192.168.1.75

    *
    3000 (HBCI)
    443 (HTTPS)
    *
    22 (SSH)
    *

    *
    TCP/UDP
    TCP/UDP
    TCP
    TCP
    TCP/UDP

    TCP
    TCP
    TCP/UDP
    TCP/UDP
    TCP/UDP

    *
    *
    *
    *
    *

    *
    *
    *
    *
    *

    192.168.1.57
    192.168.1.59
    192.168.1.78
    192.168.1.54
    192.168.1.105

    *
    *
    *
    *
    *

    Proto
    *

    Source
    *

    Port
    *

    Destination
    192.168.169.88

    Port
    *

    TCP/UDP

    192.168.1.1

    192.168.1.1

    *
    *
    TCP
    *
    TCP/UDP
    TCP/UDP
    TCP
    *
    *
    TCP
    TCP

    SalidaAXS_Entel
    SalidaIrrestricta
    LAN net
    LAN net
    *
    *
    *
    *
    *
    LAN net
    LAN net

    *
    *
    *
    *
    *
    *
    *
    *
    *
    *
    *

    *
    *
    LAN address
    50.196.75.137
    *
    *
    97.74.179.1
    192.168.200.0/24
    192.168.10.0/24
    *
    *

    *
    *
    *
    *
    8081
    8087
    21 (FTP)
    *
    *
    443 (HTTPS)
    80 (HTTP)

    Source
    *
    192.168.169.27
    192.168.166.20
    192.168.168.11/31
    *
    *
    *
    *
    Agencias

    Port
    *
    *
    *
    *
    *
    *
    *
    *
    *

    Destination
    *
    *
    *
    *
    192.168.1.1
    192.168.1.78
    192.168.1.59
    192.168.1.57
    192.168.1.105

    Port
    1194 (OpenVPN)
    *
    *
    *
    443 (HTTPS)
    *
    *
    443 (HTTPS)
    *

    LAN

    MEGALINK
    Proto
    TCP/UDP
    *
    *
    *
    TCP/UDP
    TCP/UDP
    TCP/UDP
    TCP/UDP
    TCP/UDP

    ALIASES
    AGENCIAS
    192.168.166.20
    192.168.169.27

    Agencia Ketal
    Agencia El Alto

    SalidaAXS_Entel
    192.168.0.17
    Pibu PC
    SalidaIrrestricta
    192.168.1.90
    192.168.1.82
    192.168.1.27
    192.168.1.51
    192.168.1.71
    192.168.1.105
    192.168.0.63
    192.168.1.75
    192.168.1.130
    192.168.0.16
    192.168.0.11
    192.168.0.42
    192.168.1.126
    192.168.0.17
    192.168.0.10
    192.168.1.112
    192.168.0.200
    192.168.0.14
    192.168.0.85
    192.168.0.35
    192.168.0.199

    Baby
    SMTP Perimetral
    Pibu
    AD1
    AD2
    Central Telefonica
    CV
    Share Point
    JM
    LG Pibu
    CS
    Pibu Wireless
    Portatil Edgar
    Portatil Pibu
    pf2
    Ramiro
    pfsense pruebas
    SVR Web
    Pfsense2
    Juane
    Carlos Saravia
    Virtual IP Addresses

    2do IP AXS

    200.105.197.195/29

    REWALL NAT
    Dest. ports
    443 (HTTPS)

    NAT IP
    192.168.1.57

    NAT Ports
    Description
    443 (HTTPS) Exchange Megalink

    10443

    192.168.1.1

    443 (HTTPS) Acceso Consola Megalink

    25 (SMTP)

    192.168.1.82

    Acceso SMTP Perimetral

    2020

    192.168.1.90

    22 (SSH)

    SSH Baby

    53 (DNS)

    192.168.1.75

    DNS Primario

    443 (HTTPS)

    192.168.1.57

    HTTPs Owa

    21 (FTP)

    192.168.1.59

    FTP Agencias

    3389 (MS RDP) 192.168.1.78

    Acceso RDP

    3389 (MS RDP) 192.168.1.78

    Acceso tmp

    80 (HTTP)

    192.168.1.54

    Acceso Ipad

    4569

    192.168.1.105

    Entrada IAX Central

    21 (FTP)

    192.168.1.59

    FTP TMP

    4569

    192.168.1.105

    Acceso IAX Agencia El Alto

    10443

    192.168.1.1

    443 (HTTPS) Acceso Consola

    Gateway

    Queue

    Schedule

    *
    *
    *
    *
    *
    *

    *
    none
    none
    none
    none
    none

    EWALL RULES

    Description
    Block private networks

    Block bogon networks


    Acceso ntop
    NAT Acceso Consola
    NAT Acceso SMTP Perimetral
    NAT SSH Baby
    NAT DNS Primario

    ALIASES

    *
    *
    *
    *
    *

    none
    none
    none
    none
    none

    NAT HTTPs Owa


    NAT FTP Agencias
    NAT Acceso tmp
    NAT Acceso Ipad
    NAT Entrada IAX Central

    Gateway
    *

    Queue
    none

    none

    Acceso Squid desde Dansguardian

    1AXS_2ENTEL
    *
    *
    *
    *
    *
    *
    *
    *
    *
    *

    none
    none
    none
    none
    none
    none
    none
    none
    none
    none
    none

    SalidaAXS_Entel_Sin_Restriccion
    SalidaIrrestricta
    Acceso al Firewall desde LAN
    Acceso Pagina WEB
    Acceso INRA
    Acceso Impuestos
    Salida FTP Paginasiete.info
    Acceso VPN USA
    Salida VPN El Alto
    Salida HTTPs
    Salida HTTP

    Gateway
    *
    *
    *
    *
    *
    *
    *
    *
    *

    Queue
    none
    none
    none
    none
    none
    none
    none
    none
    none

    Schedule

    Schedule

    Description
    Acceso a la planta

    Description
    Acceso OpenVPN
    Acceso Agencia el Alto
    Acceso Ketal
    Acceso desde Mercado
    NAT Acceso Consola Megalink
    NAT Acceso RDP
    NAT FTP TMP
    NAT Exchange Megalink
    NAT Acceso IAX Agencia El Alto

    al IP Addresses

    VPN IPSEC
    TUNELS
    PHASE 1

    PHASE 2

    Open VPN
    SERVER

    SHARED KEY
    #
    # 2048 bit OpenVPN static key
    #
    -----BEGIN OpenVPN Static key V1----81d1f9e96d56d7e8a23c87302deac9d6
    e7b7b8bf39abbf7cfa27e4337d9be88a
    d44688cc800dd16524510b6d67ebfe05
    0cc8fbc9bae21855a6ea77b9fc0b436b
    3059a0d5aa7eba64238915f6631b654f
    43387f1c3051bb2aa5cd2253afc4b4a4
    504b8850d4f53b29537363c8c1e3e00c
    c4a96d3ad028bf13c87a2fbce2f7488f
    d915adf8517a59f938783bd39614ff1d
    af567df0f4845a928c07a0dba6cf8f76
    bf0afd50fd71c9405259d6f998177372
    70ba0f65fd1136b9fba27430f38cab7e
    0fac14c38e055ad640df28413946c5ff
    a9f8f1832089aec3dd62cad6f6671a88
    fabfdb717ed8627574c4637cf0853713
    80aee359ab7860c97c5e0a6054e55ece

    CLIENT

    SHARED KEY
    #
    # 2048 bit OpenVPN static key
    #
    -----BEGIN OpenVPN Static key V1----b8fc1fc023215164c55837453b0067a0
    4068d9b00281e7b6229b428eb7b11625
    3457ac7e25e93ab92befc7e68235e707
    341123825fc939da5b6156f087aeb7f3
    ee50f2ab03ed8568c3ca9569a29641af
    42083b0e053079f883363362c507711f
    56e62071b0dd9fe071fc51e7859a3bc2
    8bb6b820c6d8138a839d2c1c3dbb3088
    50406ca89f6fee319bd49fb2cbd70f3f
    dbcf06271575a299a8ccbd598e3b28a9
    ac37e83bb7b4e2ab39f03dfaaf1232cb
    e79e7e2e4f48738d98a3e3ad236c220e
    a593757dbc7a29ab75aec79161912551
    3db14a9387a6f889406fcb38ecdfbb67
    1ebec8db30219df030f688f3ebb1f40e

    3db14a9387a6f889406fcb38ecdfbb67
    1ebec8db30219df030f688f3ebb1f40e
    e7e5f9fe0b8ad5cc999dc8f0552736a5
    -----END OpenVPN Static key V1-----

    PROXY GENERAL SETTINGS


    General

    ACLs
    Allowed subnets
    192.168.0.0/23
    192.168.10.0/24
    192.168.11.0/24
    192.168.169.27/32
    192.168.166.20/32
    192.168.169.88/32

    Elegir Squid3 e instalar

    Вам также может понравиться