Configuration for VLAN 170 (csclient3net); 2010-4-30

Notes

This network is routed on the Netscreen firewall dc-csfw1. It is a /23 network covering the Maintain zone csclient3 (129.97.170.0 to 129.97.171.238; the balance of the CIDR block being allocated to the dynamic host facility).

Configuration

set interface "redundant2.2" tag 170 zone Zone4

set interface "Redundant2.2" ip 129.97.170.2/23
set interface "Redundant2.2" route
set interface "Redundant2.2" ip manageable 
set interface "redundant2.2" manage ping
set interface "Redundant2.2" protocol rip
set interface "Redundant2.2" protocol rip enable

set interface "Redundant2.2:1" ip 129.97.170.1/23
set interface "Redundant2.2:1" route
set interface "Redundant2.2:1" ip manageable 
set interface "redundant2.2:1" manage ping
set interface "Redundant2.2:1" protocol rip
set interface "Redundant2.2:1" protocol rip enable

set vrouter untrust-vr access-list 2 permit ip 129.97.170.0/23 10

set vrouter trust-vr 
set access-list 3 
set access-list 3 permit ip 129.97.170.0/23 1

set route-map name "rtmap1" permit 3 
set match interface "redundant2.2:1"
set match ip 3 
exit
exit

set interface redundant2.2:1 dhcp relay server-name "129.97.15.253"

set interface redundant2.2:1 dhcp relay server-name "129.97.15.250"

set interface redundant2.2:1 dhcp relay service

save config