Page 61 / 123 Scroll up to view Page 56 - 60
TW100-BRV204 User Guide
58
Data
For each rule, the following data is shown:
Name
- The name you assigned to the rule.
Source
- The traffic covered by this rule, defined by the source IP
address. If the IP address is followed by ... this indicates there is
range of IP addresses, rather than a single address.
Destination
- The traffic covered by this rule, defined by destina-
tion IP address. If the IP address is followed by ... this indicates
there is range of IP addresses, rather than a single address.
Action
- Action will be "Forward" or "Block"
Add
To add a new rule, click the "Add" button, and complete the resulting
screen. See the following section for more details.
Edit
To Edit or modify an existing rule, select it and click the "Edit" button.
Move
There are 2 ways to change the order of rules
Use the up and down indicators on the right to move the selected
rule. You must confirm your changes by clicking "OK". If you
change your mind before clicking "OK", click "Cancel" to reverse
your changes.
Click "Move" to directly specify a new location for the selected
rule.
Delete
To delete an existing rule, select it and click the "Delete" button.
View Log
Clicking the "View Log" button will open a new window and display
the Firewall log.
System Rules
Clicking the "System Rules" button will open a new window and
display the default firewall rules currently applied by the system. These
rules cannot be edited, but any rules you create will take precedence
over the default rules.
Page 62 / 123
Security Configuration
59
Define Firewall Rule
Clicking the "Add" button in the
Firewall Rules
screen will display a screen like the example
below.
Figure 39: Define Firewall Rule
Data - Define Firewall Rule Screen
Name
Enter a suitable name for this rule.
Type
This determines the source and destination ports for traffic
covered by this rule. Select the desired option.
Source IP
These settings determine which traffic, based on their source IP
address, is covered by this rule.
Select the desired option:
Any - All traffic from the source port is covered by this rule.
Single address - Enter the required IP address in the "Start IP
address" field". You can ignore the "Subnet Mask" field.
Range address - If this option is selected, you must complete
both the "Start IP address" and "Finish IP address" fields.
You can ignore the "Subnet Mask" field.
Subnet address - If this option is selected, enter the required
mask in the "Subnet Mask" field.
Page 63 / 123
TW100-BRV204 User Guide
60
Dest IP
These settings determine which traffic, based on their destination
IP address, is covered by this rule.
Select the desired option:
Any - All traffic from the source port is covered by this rule.
Single address - Enter the required IP address in the "Start IP
address" field". You can ignore the "Subnet Mask" field.
Range address - If this option is selected, you must complete
both the "Start IP address" and "Finish IP address" fields.
You can ignore the "Subnet Mask" field.
Subnet address - If this option is selected, enter the required
mask in the "Subnet Mask" field.
Services
Select the desired Service or Services. This determines which
packets are covered by this rule, based on the protocol (TPC or
UDP) and port number. If necessary, you can define a new
Service on the "Services" screen, by defining the protocols and
port numbers used by the Service.
Action
Select the desired action for packets covered by this rule:
Log
This determines whether packets covered by this rule are logged.
Select the desired option.
Page 64 / 123
Security Configuration
61
Logs
The Logs record various types of activity on the TW100-BRV204. This data is useful for
troubleshooting, but enabling all logs will generate a large amount of data and adversely affect
performance.
Since only a limited amount of log data can be stored in the TW100-BRV204, log data can
also be E-mailed to your PC or sent to a Syslog Server.
Figure 40: Logs Screen
Data - Logs Screen
DoS Attacks
If enabled, this log will show details of DoS (Denial of Service)
attacks which have been blocked by the built-in Firewall.
Internet Connections
If selected, Outgoing Internet connections are logged. Normally,
the (Internet) "Destination" will be shown as an IP address. But if
the "URL Filter" is enabled, the "Destination" will be shown as a
URL.
Access Control
If enabled, the log will include attempted outgoing connections
which have been blocked by the "Access Control" feature.
Page 65 / 123
TW100-BRV204 User Guide
62
Firewall Rules
If enabled, the log will details of packets blocked by user-defined
Firewall rules. Logging can be set for each rule individually.
Only rules which have logging enabled will be included.
VPN
If enabled, the VPN log will record incoming and outgoing VPN
connections.
Timezone
Select the correct Timezone for your location. This is required for
the date/time shown on the logs to be correct.
Enable Daylight
Saving
If your location uses Daylight Saving, you should enable this
when daylight saving starts, and disable it when daylight saving
finishes.
Send E-mail alert
If enabled, an E-mail will be sent immediately if a DoS (Denial of
Service) attack is detected. If enabled, the E-mail address infor-
mation must be provided.
E-mail Logs
You can choose to have the logs E-mailed to you, by enabling
either or both checkboxes. If enabled, the Log will send to the
specified E-mail address. The interval between E-mails is deter-
mined by the "Send" setting.
Send
Select the desired option for sending the log by E-mail.
When log is full
- The time is not fixed. The log will be sent
when the log is full, which will depend on the volume of traf-
fic.
Every day, Every Monday ...
- The log is sent on the
interval specified.
If "Every day" is selected, the log is sent at the time
specified.
If the day is specified, the log is sent once per week, on
the specified day.
Select the time of day you wish the E-mail to be sent.
If the log is full before the time specified to send it, it
will be sent regardless of the day and time specified.
E-mail Address
Enter the E-mail address the Log is to be sent to. The E-mail will
also show this address as the Sender's address.
Subject
Enter the text string to be shown in the "Subject" field for the E-
mail.
SMTP Server
Enter the address or IP address of the SMTP (Simple Mail Trans-
port Protocol) Server you use for
outgoing
E-mail.
Port No.
Enter the port number used to connect to the SMTP Server. The
default value is 25.
Enable Syslog
If enabled, log data will be sent to your Syslog Server.
Syslog Server
Enter the IP address of your Syslog Server.
Include
Select the logs you wish to be included.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top