Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2

Protecting Your Network

5-11

May 2004, 202-10030-02

Figure 5-7:

Rule example: Blocking Instant Messenger

Other Rules Considerations

The order of precedence of rules is determined by the position of the rule on a list of many rules.

Also, there are optional Rules settings you can configure. These topics are presented here.

Order of Precedence for Rules

As you define new rules, they are added to the tables in the Rules menu. For any traffic attempting

to pass through the firewall, the packet information is subjected to the rules in the order of the

entries in the Rules Table, beginning at the top and proceeding to the default rules at the bottom. In

some cases, the order of precedence of two or more rules may be important in determining the

disposition of a packet. The Move button allows you to relocate a defined rule to a new position in

the table.

Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2

5-12

Protecting Your Network

May 2004, 202-10030-02

Rules Menu Options

Figure 5-8:

Rules menu options

Use the Options checkboxes to enable the following:

•

Enable VPN Passthrough (IPSec, PPTP, L2TP)

If LAN users need to use VPN (Virtual Private Networking) software on their computer, and

connect to remote sites or servers, enable this checkbox. This will allow the VPN protocols

(IPSec, PPTP, L2TP) to be used. If this checkbox is not checked, these protocols are blocked.

•

Drop fragmented IP packets

If checked, all fragmented IP packets will be dropped (discarded). Normally, this should NOT

be checked.

•

Block TCP flood

If checked, when a TCP flood attack is detected, the port used will be closed, and no traffic

will be able to use that port.

•

Block UDP flood

If checked, when a UDP flood attack is detected, all traffic from that IP address will be

blocked.

•

Block non-standard packets

If checked, only known packet types will be accepted; other packets will be blocked. The

known packet types are TCP, UDP, ICMP, ESP, and GRE. Note that these are packet types, not

protocols.

Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2

Protecting Your Network

5-13

May 2004, 202-10030-02

Using a Schedule to Block or Allow Content or Traffic

If you enabled content filtering in the Block Sites menu, or if you defined an outbound rule to use

a schedule, you can set up a schedule for when blocking occurs or when access is restricted. The

router allows you to specify when blocking will be enforced by configuring the Schedule tab

shown below.

Figure 5-9:

Schedule menu

Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2

5-14

Protecting Your Network

May 2004, 202-10030-02

To block keywords or Internet domains based on a schedule, select Every Day or select one or

more days. If you want to limit access completely for the selected days, select All Day. Otherwise,

If you want to limit access during certain times for the selected days, type a Start Time and an End

Time.

Note:

Enter the values in 24-hour time format. For example, 10:30 am would be 10 hours and 30

minutes and 10:30 pm would be 22 hours and 30 minutes.

Be sure to click Apply when you have finished configuring this menu.

Setting the Time Zone

The FVL328 Firewall uses the Network Time Protocol (NTP) to obtain the current time and date

from one of several Network Time Servers on the Internet. In order to localize the time for your

log entries, you must specify your Time Zone:

•

Time Zone. Select your local time zone. This setting will be used for the blocking schedule

and for time-stamping log entries. At power-up, the clock is set to Saturday 01/01/2001

00:00:00.

•

Automatically Adjust for Daylight Savings Time. Select this check box for automatic daylight

savings time.

Note

: If supported for your region, you can check Automatically adjust for Daylight Savings

Time. If this is not supported, you must manually adjust the time to allow for Daylight Saving.

Be sure to click Apply when you have finished configuring this menu.

Set Clock

Use this to set a particular Date/Time to the RTC (Real-Time Clock). This is only useful if NTP

(below) is not being used. Otherwise, your setting will be lost on the next synchronization with the

NTP Server.

Enable NTP (Network Time Protocol)

If enabled, the RTC is updated regularly by contacting a NTP Server on the Internet. The fixed

NTP query interval is 2 hours.

Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2

Protecting Your Network

5-15

May 2004, 202-10030-02

User-defined NTP Server

Choose your NTP server. The firewall uses NETGEAR NTP servers by default. If you would

prefer to use a particular NTP server as the primary server, enter its IP address under Use this NTP

Server.

If you prefer to use a particular NTP server, enable this and enter the name or IP address of an NTP

Server in the

Server 1

field. If required, you can also enter the address of another NTP server in

the

Server 2

field.

Getting E-Mail Notifications of Event Logs and Alerts

In order to receive logs and alerts by e-mail, you must provide your e-mail information in the

E-Mail subheading:

Figure 5-10:

E-mail menu

•

Turn e-mail notification on.

Select this check box if you want to receive e-mail logs and

alerts from the router.