1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 17
Page 81 / 178 Scroll up to view Page 76 - 80
FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-23
v1.0, September 2006
Enabling Source MAC Filtering
Source MAC Filter allows you to filter out traffic coming from certain known machines or
devices.
By default, the source MAC address filter is disabled. All the traffic received from PCs with
any MAC address is allowed by default.
When enabled, traffic will be dropped coming from any computers or devices whose MAC
addresses are listed in
Available MAC Addresses to be Blocked
table.
To enable MAC filtering and add MAC addresses to be blocked:
1.
Select
Security
from the main menu and
Source MAC Filter
from the sub-menu. The
Source
MAC Filter
screen will display.
2.
Check the Yes radio box in the
MAC Filtering Enable
section.
Figure 4-15
Note:
For additional ways of restricting outbound traffic, see
“LAN WAN Outbound
Services Rules” on page 4-8
.
Page 82 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-24
Firewall Protection and Content Filtering
v1.0, September 2006
3.
Build your list of Source MAC Addresses to be block by entering the first MAC address in the
MAC Address
field in the form xx:xx:xx:xx:xx:xx where x is a numeric (0 to 9) or an
alphabet between and a and f (inclusive), for example: 00:e0:4c:69:0a:
4.
Click
Add.
The Mac Address will be added to the
Available MAC Addresses to be Blocked
table. (You can edit the MAC address by clicking
Edit
in the Action column adjacent to the
MAC Address.)
5.
Click
Reset
to cancel a MAC address entry before adding it to the table.
6.
When you have completed adding MAC addresses, click
Apply
to save your settings
Setting Up Port Triggering
Port triggering allows some applications running on a LAN network to be available to external
applications that would otherwise be partially blocked by the firewall. Using this feature requires
that you know the port numbers used by the Application.
Once configured, Port Triggering operates as follows:
1.
A PC makes an outgoing connection using a port number defined in the Port Triggering table.
2.
The VPN firewall records this connection, opens the an INCOMING port or ports associated
with this entry in the Port Triggering table, and associates them with the PC.
3.
The remote system receives the PCs request and responds using the different port numbers that
you have now opened.
4.
The VPN firewall matches the response to the previous request, and forwards the response to
the PC.
Without Port Triggering, this response would be treated as a new connection request rather than a
response. As such, it would be handled in accordance with the Port Forwarding rules:
Only one PC can use a Port Triggering application at any time.
After a PC has finished using a Port Triggering application, there is a Time-out period before
the application can be used by another PC. This is required because this Router cannot be sure
when the application has terminated.
Note:
For additional ways of allowing inbound traffic, see
“LAN WAN Inbound
Services Rules” on page 4-9
.
Page 83 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-25
v1.0, September 2006
To add a Port triggering rule:
1.
Select
Security
from the main menu and
Port Triggering
from the submenu. The
Port
Triggering
screen will display.
1.
Enter a user-defined name for this rule in the
Name
field.
2.
From the
Enable
pull-down menu, indicate if the rule is enabled or disabled.
3.
From the
Protocol
pull-down menu, select either TCP or UDP protocol.
4.
In the
Outgoing (Trigger) Port Range
fields;
a.
Enter the
Start Port
range (1 - 65534).
Figure 4-16
Page 84 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-26
Firewall Protection and Content Filtering
v1.0, September 2006
b.
Enter the
End Port
range (1 - 65534).
5.
In the
Incoming (Response) Port Range
fields:
a.
Enter the
Start Port
range (1 - 65534).
b.
Enter the
End Port
range (1 - 65534).
6.
Click
Add.
The Port Triggering Rule will be added to the
Port Triggering Rules
table.
To edit or modify a rule:
1.
Click
Edit
in the Action column opposite the rule you wish to edit. The
Edit Port Triggering
Rule
screen will display.
2.
Modify any of the fields for this rule.
3.
Click
Reset
to cancel any changes and return to the previous settings.
4.
Click
Apply
to save your modifications. Your changes will appear in the
Port Triggering
Rules
table.
To check the status of the Port Triggering rules, click the
Status
link on the
Port Triggering
screen..
Figure 4-17
Page 85 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Firewall Protection and Content Filtering
4-27
v1.0, September 2006
E-Mail Notifications of Event Logs and Alerts
The Firewall Logs can be configured to log and then e-mail denial of access, general attack
information, and other information to a specified email address. For example, your VPN firewall
will log security-related events such as: accepted and dropped packets on different segments of
your LAN; denied incoming and outgoing service requests; hacker probes and Login attempts; and
other general information based on the settings you input on the
Firewall Logs &
E-mail
screen. In addition, if you have set up Content Filtering on the Block Sites screen (see
“Setting Block Sites (Content Filtering)” on page 4-21
), a log will be generated when someone on
your network tries to access a blocked site.
You must have e-mail notification enabled to receive the logs in an e-mail message. If you don't
have e-mail notification enabled, you can view the logs on the
Logs
screen (see
Figure 4-18 on
page 4-28
). Selecting all events will increase the size of the log, so it is good practice to select only
those events which are required.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top