What courses does DClessons offer?

DClessons offers a wide range of online courses including SD-WAN & Cloud Networking, Data Center Technologies, VMware, Docker, SDN, and more.

How can I register for a course on DClessons?

You can register for courses on DClessons by visiting our registration page at https://www.dclessons.com/register and selecting your desired course.

What is the pricing for DClessons courses?

The pricing for each course varies. For example, the SD-WAN & Cloud Networking training is priced at $100. For detailed pricing, visit our course pages.

Is the training online or in-person?

All training provided by DClessons is fully online, allowing you to learn from anywhere, anytime.

Do I get a certification after completing a course?

Yes, upon completing the course and passing the assessments, you will receive a certificate of completion from DClessons.

Configuring Zone based Firewall

Below is the steps defined for CLI.

CLI Configuration Procedure:

Create lists of IP prefixes:

vEdge(config)# policy
vEdge(config-policy)# lists data-prefix-list list-name
vEdge(config-data-prefix-list)# ip-prefix prefix/length

Configure a source zone ,this is a group of VPNs from which data traffic flows.

vEdge(config)# policy zone source-zone-name
vEdge(config-zone)# vpn vpn-id

Configure a destination zone, this is a group of VPNs to which data traffic flows.

vEdge(config)# policy zone destination-zone-name
vEdge(config-zone)# vpn vpn-id

Create a zone-based firewall policy:

vEdge(config)# policy zone-based-policy policy-name
vEdge(config-policy-zone-based-policy)#

Create a series of match–action pair sequences:

vEdge(config-zone-based-policy)# sequence number
vEdge(config-sequence)#

Define match parameters for the data traffic:

vEdge(config-sequence-number)# match match-parameter

Define actions to take when a match occurs:

vEdge(config-sequence)# action drop
vEdge(config-sequence)# action inspect
vEdge(config-sequence)# action log
vEdge(config-sequence)# action pass

Define the default action, when data traffic does not match the conditions:

vEdge(config-policy-name)# default-action (drop | inspect | pass)

If you do not include VPN 0 in any of the zones that you configure in a zone-based firewall, by default, packets are able to reach destination zones that are accessible only over the public internet. You can also disallow this traffic.

vEdge(config)# policy zone-to-no-zone-internet (allow | deny)

Create a zone pair, and define the source and destination zones in that pair and the zone-based firewall policy to apply to the flows between those two zones:

vEdge(config)# policy zone-pair pair-name
vEdge(config-zone-pair)# source-zone source-zone-name
vEdge(config-zone-pair)# destination-zone destination-zone-name
vEdge(config-zone-pair)# zone-policy policy-name

Example 1 isolating two VPNs

Here let see the topology, which describes the following and also defines the flow between different VPNs.

Comment

You are will be the first.

Please login here to comment.

EMAIL SUPPORT

LOCATION

Configuring Zone based Firewall