-
Select Firewall > Access Policies > Unicast.
-
Click Add a Policy.
-
Permit GRE packets to Module B.
-
For Action, accept the default: Permit Traffic.
-
For From, select SELF.
-
For To, select ZONE3.
-
For Service, select GRE.
-
For Source, select siteAinter.
-
For Destination, select siteBinter.
-
Select the Enable logging on this Policy check box.

|
Because policy logging is processor-intensive, it is not recommended that you enable logging permanently. Use policy logging for troubleshooting and testing only.
|
-
Click Apply.
-
Permit GRE packets traffic from Module B.
-
For Action, accept the default: Permit Traffic.
-
For From, select ZONE3.
-
For To, select SELF.
-
For Service, select GRE.
-
For Source, select siteBinter.
-
For Destination, select siteAinter.
-
Click Apply.
-
Permit outbound FTP traffic through the GRE Tunnel:
-
For Action, accept the default: Permit Traffic.
-
For From, select DMZ.
-
For To, select ZONE5.
-
For Service, select ftp.
-
For Source, select VLAN50.
-
For Destination, select VLAN80.
-
Click Apply.
-
Permit inbound FTP traffic through the GRE tunnel:
-
For Action, accept the default: Permit Traffic.
-
For From, select ZONE5.
-
For To, select DMZ.
-
for Service, select ftp.
-
For Source, select VLAN80.
-
For Destination, select VLAN50.
-
Click Apply.
|
-
Select Firewall > Access Policies > Unicast.
-
Click Add a Policy.
-
Permit GRE packets traffic to Module A.
-
For Action, accept the default: Permit Traffic.
-
For From, select SELF.
-
For To, select INTERNAL.
-
For Service, select GRE.
-
For Source, select siteBinter.
-
For Destination, select siteAinter.
-
Select the Enable logging on this Policy check box.

|
Because policy logging is processor-intensive, it is not recommended that you enable logging permanently. Use policy logging for troubleshooting and testing only.
|
-
Click Apply.
-
Permit GRE packets traffic from Module A.
-
For Action, accept the default: Permit Traffic.
-
For From, select INTERNAL.
-
For To, select SELF.
-
For Service, select GRE.
-
For Source, select siteAinter.
-
For Destination, select siteBinter.
-
Click Apply.
-
Permit outbound FTP traffic through the GRE tunnel:
-
For Action, accept the default: Permit Traffic.
-
For From, select ZONE4.
-
For To, select ZONE6.
-
For Service, select ftp.
-
For Source, select VLAN80.
-
For Destination, select VLAN50.
-
Click Apply.
-
Permit outbound FTP traffic through the GRE tunnel:
-
For Action, accept the default: Permit Traffic.
-
For From, select ZONE6.
-
For To, select ZONE4.
-
For Service, select ftp.
-
For Source, select VLAN50.
-
For Destination, select VLAN80.
-
Click Apply.
|