kasperj/chittick_projects
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4f1e8d3adddc8d92a2ba348a7a3b7b0163c451e8
chittick_projects/sophos-xgs-ansible/tests/sample_config/fw-sample1.yml
Jake Kasper 4f1e8d3add Claude 1
2025-12-09 09:33:48 -06:00

101 lines
2.3 KiB
YAML
Raw Blame History

---
# ============================================================================
# Sample Firewall Configuration 1
# ============================================================================
# This is a complete example configuration for testing and reference.
# All IPs, domains, and credentials are FAKE and for demonstration only.
# ============================================================================
sophos_mgmt_host: "192.168.100.1"
sophos_api_username: "admin"
sophos_api_password: "SampleP@ssw0rd123"
sophos_hostname: "fw-sample1"
sophos_location: "sample-datacenter"
# Interfaces
sophos_interfaces:
- name: "Port1"
zone: "WAN"
description: "Internet connection"
mode: "static"
ip_address: "203.0.113.100"
netmask: "255.255.255.248"
gateway: "203.0.113.97"
enabled: true
- name: "Port2"
zone: "LAN"
description: "Internal network"
mode: "static"
ip_address: "10.100.0.1"
netmask: "255.255.255.0"
enabled: true
# VLANs
sophos_vlans:
- name: "VLAN10-Servers"
vlan_id: 10
parent_interface: "Port2"
zone: "LAN"
ip_address: "10.100.10.1"
netmask: "255.255.255.0"
enabled: true
# DHCP
sophos_dhcp_servers:
- name: "DHCP-LAN"
interface: "Port2"
enabled: true
start_ip: "10.100.0.100"
end_ip: "10.100.0.200"
netmask: "255.255.255.0"
gateway: "10.100.0.1"
dns_servers: ["8.8.8.8", "8.8.4.4"]
lease_time: 86400
# Firewall Rules
sophos_firewall_rules:
- name: "Allow-LAN-to-Internet"
source_zones: ["LAN"]
dest_zones: ["WAN"]
source_networks: ["any"]
dest_networks: ["any"]
services: ["HTTP", "HTTPS", "DNS"]
action: "accept"
log: false
enabled: true
# Site-to-Site VPN
sophos_site_to_site_vpns:
- name: "Sample-VPN"
enabled: true
local_gateway: "203.0.113.100"
local_networks: ["10.100.0.0/16"]
remote_gateway: "203.0.113.200"
remote_networks: ["10.200.0.0/16"]
psk: "SamplePSK123"
description: "Sample VPN tunnel"
# SNMP
sophos_snmp:
enabled: true
version: "v2c"
community: "sample"
location: "Sample Location"
contact: "admin@example.com"
# Logging
sophos_logging:
enabled: true
syslog_servers:
- host: "10.100.0.50"
port: 514
protocol: "udp"
# NTP
sophos_ntp:
servers:
- "0.pool.ntp.org"
timezone: "UTC"
Reference in New Issue View Git Blame Copy Permalink