Reference Manual for the ProSafe VPN Firewall FVS114
4-8
Firewall Protection and Content Filtering
202-10098-01, April 2005
Considerations for Inbound Rules
•
If your external IP address is assigned dynamically by your ISP, the IP address may change
periodically as the DHCP lease expires. Consider using the Dyamic DNS feature in the
Advanced menus so that external users can always find your network.
•
If the IP address of the local server PC is assigned by DHCP, it may change when the PC is
rebooted. To avoid this, use the Reserved IP address feature in the LAN IP menu to keep the
PC’s IP address constant.
•
Each local PC must access the local server using the PC’s local LAN address (192.168.0.99 in
this example). Attempts by local PCs to access the server using the external WAN IP address
will fail.
Outbound Rules (Service Blocking)
The FVS114 allows you to block the use of certain Internet services by PCs on your network. This
is called service blocking or port filtering. You can define an outbound rule to block Internet
access from a local PC based on:
•
IP address of the local PC (source address)
•
IP address of the Internet site being contacted (destination address)
•
Time of day
•
Type of service being requested (service port number)
Following is an application example of an outbound rule: