1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 40
Page 196 / 469 Scroll up to view Page 191 - 195
Firewall Protection
196
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
6.
Click the
Add
table button. The new IP/MAC rule is added to the IP/MAC Bindings table.
To edit an IP/MAC binding:
1.
In the IP/MAC Bindings table, click the
Edit
table button to the right of the IP/MAC
binding that you want to edit. The Edit IP/MAC Binding screen displays.
2.
Modify the settings that you wish to change (see the previous table; you can change the
MAC address, IPv6 address, and logging status).
3.
Click
Apply
to save your changes. The modified IP/MAC binding displays in the IP/MAC
Bindings table.
To remove one or more IP/MAC bindings from the table:
1.
Select the check box to the left of each IP/MAC binding that you want to delete, or click
the
Select All
table button to select all bindings.
2.
Click the
Delete
table button.
To change the IPv6 MAC polling interval from its default setting of 10 seconds:
1.
On the IP/MAC Bindings screen for IPv6, to the right of the IP/MAC Binding tab, click the
Set Poll Interval
option arrow. The IP MAC Binding Poll Interval (IPv6) pop-up screen
displays:
Figure 119.
2.
Click the
Stop
button. Wait until the Poll Interval field becomes available.
3.
Enter new poll interval in seconds.
4.
Click the
Set Interval
button. Wait for the confirmation that the operation has succeeded
before you close the window.
IP Address
The IPv6 address of the computer or device that is bound to the MAC address.
Log Dropped
Packets
To log the dropped packets, select
Enable
from the drop-down list. The default setting
is Disable.
Table 41.
IP/MAC Binding screen settings for IPv6 (continued)
Setting
Description
Page 197 / 469
Firewall Protection
197
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure Port Triggering
Port triggering allows some applications running on a LAN network to be available to external
applications that would otherwise be partially blocked by the firewall. Using the port triggering
feature requires that you know the port numbers used by the application.
Note:
Port triggering is supported for IPv4 devices only.
Once configured, port triggering operates as follows:
1.
A computer makes an outgoing connection using a port number that is defined in the
Port Triggering Rules table.
2.
The VPN firewall records this connection, opens the additional incoming port or ports that
are associated with the rule in the port triggering table, and associates them with the
computer.
3.
The remote system receives the computer’s request and responds using the incoming port
or ports that are associated with the rule in the port triggering table on the VPN firewall.
4.
The VPN firewall matches the response to the previous request and forwards the response
to the computer.
Without port triggering, the response from the external application would be treated as a new
connection request rather than a response to a request from the LAN network. As such, it
would be handled in accordance with the inbound port forwarding rules, and most likely
would be blocked.
Note these restrictions on port triggering:
Only one computer can use a port triggering application at any time.
After a computer has finished using a port triggering application, there is a short time-out
period before the application can be used by another computer. This time-out period is
required so the VPN firewall can determine that the application has terminated.
Note:
For additional ways of allowing inbound traffic, see
Inbound Rules
(Port Forwarding)
on page
140.
To add a port triggering rule:
1.
Select
Security > Port Triggering
. The Port Triggering screen displays. (The following
figure shows a rule in the Port Triggering Rules table as an example.)
Page 198 / 469
Firewall Protection
198
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 120.
2.
In the Add Port Triggering Rule section, enter the settings as described in the following table:
3.
Click the
Add
table button. The new port triggering rule is added to the Port Triggering Rules
table.
To edit a port triggering rule:
1.
In the Port Triggering Rules table, click the
Edit
table button to the right of the port
triggering rule that you want to edit. The Edit Port Triggering Rule screen displays.
2.
Modify the settings that you wish to change (see the previous table).
3.
Click
Apply
to save your changes. The modified port triggering rule is displayed in the Port
Triggering Rules table.
Table 42.
Port Triggering screen settings
Setting
Description
Name
A descriptive name of the rule for identification and management purposes.
Enable
From the drop-down list, select
Yes
to enable the rule. (You can define a rule but not
enable it.) The default setting is No.
Protocol
From the drop-down list, select the protocol to which the rule applies:
TCP
. The rule applies to an application that uses the Transmission Control
Protocol (TCP).
UDP
. The rule applies to an application that uses the User Datagram Protocol
(UDP).
Outgoing Ports
Start Port
The start port (1025–65535) of the range for triggering.
End Port
The end port (1025–65535) of the range for triggering.
Incoming Ports
Start Port
The start port (1025–65535) of the range for responding.
End Port
The end port (1025–65535) of the range for responding.
Page 199 / 469
Firewall Protection
199
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
To remove one or more port triggering rules from the table:
1.
Select the check box to the left of each port triggering rule that you want to delete, or
click the
Select All
table button to select all rules.
2.
Click the
Delete
table button.
To display the status of the port triggering rules:
Click the
Status
option arrow in the upper right of the Port Triggering screen. A pop-up
screen displays, showing the status of the port triggering rules.
Figure 121.
Configure Universal Plug and Play
The Universal Plug and Play (UPnP) feature enables the VPN firewall to automatically
discover and configure devices when it searches the LAN and WAN.
Note:
UPnP is supported for IPv4 devices only.
To configure UPnP:
1.
Select
Security > UPnP
. The UPnP screen displays:
Figure 122.
Page 200 / 469
Firewall Protection
200
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
The UPnP Portmap Table in the lower part of the screen shows the IP addresses and
other settings of UPnP devices that have accessed the VPN firewall and that have been
automatically detected by the VPN firewall:
Active
. A Yes or No indicates if the UPnP device port that established a connection is
active.
Protocol
. Indicates the network protocol such as HTTP or FTP that is used by the
device to connect to the VPN firewall.
Int. Port
. Indicates if any internal ports are opened by the UPnP device.
Ext. Port
. Indicates if any external ports are opened by the UPnP device.
IP Address
. Lists the IP address of the UPnP device accessing the VPN firewall.
2.
To enable the UPnP feature, select the
Yes
radio button. (The feature is disabled by default.)
To disable the feature, select
No
.
3.
Fill in the following fields:
Advertisement Period
. Enter the period in seconds that specifies how often the VPN
firewall should broadcast its UPnP information to all devices within its range. The
default setting is 30 seconds.
Advertisement Time to Live
. Enter a number that specifies how many steps (hops)
each UPnP packet is allowed to propagate before being discarded. Small values limit
the UPnP broadcast range. The default setting is four hops.
4.
Click
Apply
to save your settings.
To refresh the contents of the UPnP Portmap Table, click
Refresh
.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top