1. Home
    2. /
  2. Manuals
    3. /
  3. Ericsson
    4. /
  4. MBR L21 4G LTE
    5. /
  5. 12
Page 56 / 122 Scroll up to view Page 51 - 55
MBR L13
User’s
Guide
56
3.7.1.10
Advanced Filtering
Advanced filtering is designed to allow comprehensive control over the firewall's behavior. You can define specific
input and output rules, control the order of logically similar sets of rules, and make a distinction between rules that
apply to WAN and LAN devices.
To view the L13 advanced filtering options, click the
Advanced Filtering
link of the
Firewall
menu item under the
Services
tab. The
Advanced Filtering
screen appears.
Figure 78: Advanced Filtering
3.7.1.10.1
Input and Output Rule Sets
The first two sections of the
Advanced Filtering
screen
'Input Rule Sets'
and
‘Output Rule Sets',
are designed for
configuring inbound and outbound traffic respectively. Each section is comprised of subsets which can be grouped
into three main subjects:
Initial rules
rules defined here will be applied first, on all gateway devices
Network device rules
rules can be defined for each gateway device
Final rules
rules defined here will be applied last, on all gateway devices
The order of the rules
appearance represents both the order in which they were defined and the sequence by which
they will be applied. You may change this order after your rules are defined (without having to delete and then re-add
them), by using the
and
action icons.
Figure 79: Move Up and Move Down Action Icons
There are numerous rules that are automatically inserted by the firewall in order to provide improved security and
block harmful attacks.
To an advanced filtering rule:
1.
Choose the traffic direction and the device on which to set the rule.
2.
Click the appropriate
New Entry
link. The
Add Advanced Filter
screen appears.
Page 57 / 122
MBR L13
User’s
Guide
57
Figure 80: Add Advanced Filter
The
Matching
and
Operation
sections of this screen define the operation to be executed when matching
conditions apply.
3.
Use the
Matching Section
to define characteristics of the packets matching the rule.
Source Address
The source address of packets sent or received by the L13. The drop-down menu provides
the ability to specify the computer or group of computers on which you would like to apply the rule. Select an
address or a name from the list to apply the rule on the corresponding host, or
click
Any
to apply the rule on
all L13 LAN hosts.
Destination Address
The destination address of packets sent or received by L13. This address can be
configured in the same manner as the source address. This entry enables further filtration of the packets.
Protocol
You may also specify a traffic protocol. Selecting the Show All Services option from the drop-down
menu expands the list of available protocols. Select a protocol or add a new one using the User Defined
option. This will initiate a sequence that will add a new Service representing the protocol.
Using a protocol requires observing the relationship between a client and a server in order to distinguish
between the source and destination ports. For example, let's assume you have an FTP server in your LAN,
serving clients inquiring from the WAN. You want to apply a QoS rule on incoming packets from any port on
the WAN (clients) trying to access FTP port 21 (your server) and the same for outgoing packets from port 21
trying to access any port on the WAN.
4.
Y
ou must set the following Traffic Priority rules in the
Operation Section
:
Figure 81:
Restricted Website
Operation Section options:
Page 58 / 122
MBR L13
User’s
Guide
58
Drop
Deny access to packets that match the source and destination IP
addresses and service ports defined above.
Reject
Deny access to packets that match the criteria defined and send
an ICMP error or a TCP reset to the origination peer.
Accept Connection
Allow access to packets that match the criteria defined. The data
transfer session will be handled using Stateful Packet Inspection
(SPI), meaning that other packets matching this rule will be
automatically allowed access.
Accept Packet
Allow access to packets that match the criteria defined. The data
transfer session will not be handled using SPI, meaning that other
packets matching this rule will not be automatically allowed
access. This can be useful, for example, when creating rules that
allow broadcasting.
5.
Click
OK
to save the settings.
6.
Define a QoS output rule in the same way as the input rule.
7.
Logging
section helps you to monitor the rule.
Log Packets Matched by This Rule -
Select this check box to log the first packet from a connection that was
matched by this rule.
8.
By default, the rule will always be active. However, you can configure scheduler rules by selecting
User
Defined
to define time segments during which the rule may be active. Once a scheduler rule(s) is defined, the
Schedule
drop-down menu will allow you to choose between the available rules.
Page 59 / 122
MBR L13
User’s
Guide
59
3.7.2
Quality of Service
Quality of Service refers to the capability of a network device to provide better service to a selected network traffic.
This is achieved by shaping the traffic and processing higher priority traffic before lower priority traffic.
The Broadband Connection to the Internet is typically the most significant bottleneck of the network. This is where the
high speed LAN (100 Mbps) meets limited broadband bandwidth of few Mbps. Special QoS mechanisms must be built
into routers to ensure that this sudden drop in connectivity speed is taken into account when prioritizing and
transmitting real-time service-related data packets.
Figure 82: End-to-end QoS Challenge Areas
3.7.2.1
General
The
General
screen provides a Quality of Service "wizard" with which you can configure your QoS parameters
according to predefined profiles and in just a few clicks. A chosen QoS profile will automatically define QoS rules,
which you can view and edit in the rest of the QoS tab screens, described later.
Note
:
Selecting a QoS profile will cause all previous QoS configuration settings to be permanently lost.
Click the QoS tab under
Services
. The
Overview
screen appears.
Page 60 / 122
MBR L13
User’s
Guide
60
Figure 83: Overview
WAN Devices Bandwidth (Rx/Tx)
Before selecting the QoS profile that most suits your needs, select your bandwidth
from this drop-down menu. If you do not see an appropriate entry, select
User Defined
, and enter your Tx and Rx
bandwidths manually.
Tx Bandwidth
This parameter defines the gateway
s outbound transmission rate
.
Enter your Tx bandwidth in Kbits per
second.
Rx Bandwidth
This parameter defines the gateways
Internet traffic reception rate. Enter your Rx bandwidth in Kbits
per second.
Note
:
Entering inaccurate Tx/Rx values will cause incorrect behavior of the QoS module. It is important to set these
fields as accurately as possible.
QoS Profiles
. Select the profile that most suits your bandwidth usage. Every profile entry displays a quote describing
what the profile is best used for and the QoS priority levels granted to each bandwidth consumer in this profile.
Default
No QoS profile, however the device is limited by the requested
bandwidth, if specified.
P2P User
Peer-to-peer and file sharing applications will receive priority.
Triple Play User
VoIP and video streaming will receive priority.
Home Worker
VPN and browsing will receive priority.

Rate

4 / 5 based on 1 vote.

Popular Ericsson Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top