...
The interface int0 has created, but it will not forward anything outside. NAT and ip forwarding is not yet configured. Let’s configure one as it was described here :
| Code Block |
|---|
lenovo# cat /etc/ipf/ipnat.conf map ext0 10.68.0.0/24 -> 0/32 proxy port ftp ftp/tcp map ext0 10.68.0.0/24 -> 0/32 portmap tcp/udp auto map ext0 10.68.0.0/24 -> 0/32 |
...
Now it is enabled, configure the first zone to test the result. Here we do not explain step by step configuring of a non-global zone, it was described here , just do it:
| Code Block |
|---|
lenovo# zonecfg -z zone01 zone01: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:zone01> create zonecfg:zone01> set zonename=zone01 zonecfg:zone01> set zonepath=/zones/zone01 zonecfg:zone01> set autoboot=false zonecfg:zone01> set ip-type=exclusive zonecfg:zone01> add net zonecfg:zone01:net> set physical=iz0 zonecfg:zone01:net> set global-nic=vsw0 zonecfg:zone01:net> add property (name=ip,value="10.68.0.2") zonecfg:zone01:net> add property (name=gateway,value="10.68.0.1") zonecfg:zone01:net> add property (name=netmask,value="255.255.255.0") zonecfg:zone01:net> add property (name=primary,value="true") zonecfg:zone01:net> end zonecfg:zone01> add attr zonecfg:zone01:attr> set name=resolvers zonecfg:zone01:attr> set type=string zonecfg:zone01:attr> set value=192.168.0.1 zonecfg:zone01:attr> end zonecfg:zone01> verify zonecfg:zone01> commit zonecfg:zone01> exit |
...