Shulou(Shulou.com)06/01 Report--

Today, I tried to use Check point firewall to complete the external mapping of the forum. I would like to share the process and experience with you here.

First of all, I build the DISCUZ forum on Red Hat 7 and deploy the dynamic forum environment based on LAMP. As shown in the figure.

Then I installed the CheckPoint SmartConsole80.2 version, as shown in the figure

First of all, you need to enter the web address and enter the web page to complete the initialization configuration.

Enter the account name, which defaults to admin, and the password also defaults to admin. After entering the interface, you must first configure the public network URL and mask:

You can then configure your own password.

Enter the configuration password, you can see the interface shown in the figure: double-click to enter the configuration, enter the name and private network address, and check the Monitoring option.

Select your own public network and private network on this page

After entering the security protocol interface, you can see the following figure

The configuration process should choose the appropriate protocol: click Destination and select your own firewall.

Complete the corresponding agreement

Action Select allow accept,Track to choose Log log,Install on choose CP Firewall

Then select the second destination URL, which should be our public network address:

Then select the protocol, access restriction, Track,install on, etc. Here, according to the priority and security of the protocol, you should choose accept, allow.

The next choice is firewall, which is also considered from the security point of view. We should choose Drop and deny all access except the above.

Next, select the network segment that needs to be connected to the Internet; here, choose according to your own needs; the configuration of the next few items is also in accordance with the figure above; you should pay attention to selecting accept for smooth access.

The last one is to choose Drop to deny all intranet access to the extranet except 4.

Then go to the NAT option of the next item, and select the public network and private network to be converted to complete the external mapping of the forum.

Select the address of the forum

When completing the configuration, be sure to click the install policy option in the upper left corner to complete the installation.

After entering the public network address, you can log in to the mapped forum.

If there are any mistakes or inaccuracies, please do not hesitate to comment.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.