Peplink Balance_One Router Manual PDF (Setup & Configuration Guide)

Page 146 / 234 Scroll up to view Page 141 - 145

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-146 / 234 -

20

Firewall

A firewall is a mechanism that selectively filters data traffic between the WAN side (the Internet) and the

LAN side of the network. It can protect the local network from potential hacker attacks, access to

offensive Web sites, and/or other inappropriate uses.

The firewall functionality of Peplink Balance supports the selective filtering of data traffic in both directions:



Outbound (LAN to WAN)



Inbound (WAN to LAN)

The firewall also supports the following functionality:



Intrusion Detection and DoS Prevention



Web Blocking

With SpeedFusion

TM

enabled, the firewall rules also apply to VPN tunneled traffic.

20.1

Outbound and Inbound Firewall Rules

20.1.1 Access Rules

The outbound firewall settings are located at:

Network>Firewall>Access Rules

.

Page 147 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-147 / 234 -

Upon clicking

Add Rule

, the following screen appears:

The Inbound firewall settings are located at:

Network>Firewall>Access Rules

.

Once you click on

Add Rule

, the following window will appear.

Page 148 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-148 / 234 -

Inbound / Outbound Firewall Settings

Rule Name

This setting specifies a name for the firewall rule.

Enable

This setting specifies whether the firewall rule should take effect.

If the box is checked, the firewall rule takes effect. If the traffic matches the specified

Protocol/IP/Port, actions will be taken by Peplink Balance based on the other parameters of

the rule.

If the box is not checked, the firewall rule does not take effect. Peplink Balance will

disregard the other parameters of the rule.

Protocol

This setting specifies the protocol to be matched.

Via a drop-down menu, the following protocols can be specified:



TCP



UDP



ICMP



IP

Alternatively, the

Protocol Selection Tool

drop-down menu can be used to automatically

fill in the Protocol and Port number of common Internet services (e.g. HTTP, HTTPS, etc.)

After selecting an item from the

Protocol Selection Tool

drop-down menu, the Protocol

and Port number remains manually modifiable.

Source IP & Port

This specifies the source IP address(es) and port number(s) to be matched for the firewall

rule.

A single address, or a network, can be specified as the Source IP & Port setting, as

indicated with the following screenshots:

In addition, a single port, or a range of ports, can be specified for the Source IP & Port

settings.

Destination IP &

Port

This specifies the destination IP address(es) and port number(s) to be matched for the

firewall rule.

A single address, or a network, can be specified as the Source IP & Port setting, as

indicated with the following screenshots:

In addition, a single port, or a range of ports, can be specified for the Source IP & Port

settings.

Page 149 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-149 / 234 -

Action

This setting specifies the action to be taken by the router upon encountering traffic that

matches the both of the following:



Source IP & Port



Destination IP & Port

With the value of

Allow

for the Action setting, the matching traffic passes through the router

(to be routed to the destination).

If the value of the Action setting is set to

Deny

, the matching traffic does not pass through

the router (and is discarded).

Event Logging

This setting specifies whether or not to log matched firewall events.

The logged messages are shown on the page

Status>Event Log

.

A sample message is as follows:

Aug 13 23:47:44 Denied CONN=Ethernet WAN SRC=20.3.2.1

DST=192.168.1.20 LEN=48 PROTO=TCP SPT=2260 DPT=80



CONN:

The connection where the log entry refers to



SRC:

Source IP address



DST:

Destination IP address



LEN:

Packet length



PROTO:

Protocol



SPT:

Source port

DPT:

Destination port

Upon clicking

Save

after entering required information, the following screen appears.

To create an additional firewall rule, click

Add Rule

and repeat the above

steps.

Page 150 / 234

USER MANUAL

Peplink Balance Series

http://www.peplink.com

-150 / 234 -

To change

a rule’s

priority, simply drag and drop the rule:



Hold the left mouse button on the rule.



Move it to the desired position.



Drop it by releasing the mouse button.

To remove a rule, click the

button.

Rules are matched from top to the bottom. If a connection matches any one of the upper rules, the

matching process will stop.

If none of the rules match the connection, the

Default

rule will be applied.

The

Default

rule is

Allow

for both outbound and inbound access.

Tip

If the default inbound rule is set to

Allow

for NAT enabled WANs, no inbound Allow firewall rules will be required

for inbound Port Forwarding and inbound NAT Mapping rules. However, if the default inbound rule is set as

Deny

, a corresponding Allow firewall rule will be required.

Rate

Popular Peplink Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share