Page 216 / 367 Scroll up to view Page 211 - 215
Chapter 15 Firewall
VMG4380-B10A / VMG4325-B10A User’s Guide
216
The following table describes the labels in this screen.
Table 78
Security > Firewall > Access Control
LABEL
DESCRIPTION
DoS Protection
DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and
connection requests, using so much bandwidth and so many resources that Internet access
becomes unavailable.
Select the
Enable
check box to enable protection against DoS attacks.
Add new ACL
rule
Click this to go to add a filter rule for incoming or outgoing IP traffic.
#
This is the index number of the entry.
Name
This displays the name of the rule.
Src IP
This displays the source IP addresses to which this rule applies. Please note that a blank
source address is equivalent to
Any
.
Dst IP
This displays the destination IP addresses to which this rule applies. Please note that a
blank destination address is equivalent to
Any
.
Service
This displays the transport layer protocol that defines the service and the direction of traffic
to which this rule applies.
Action
This field displays whether the rule silently discards packets (
DROP
), discards packets and
sends a TCP reset packet or an ICMP destination-unreachable message to the sender
(
REJECT
) or allows the passage of packets (
ACCEPT
).
Modify
Click the
Edit
icon to edit the rule.
Click the
Delete
icon to delete an existing rule. Note that subsequent rules move up by one
when you take this action.
Click the
Move To
icon to change the order of the rule. Enter the number in the # field.
Page 217 / 367
Chapter 15 Firewall
VMG4380-B10A / VMG4325-B10A User’s Guide
217
15.4.1
Add/Edit an ACL Rule
Click
Add
new ACL rule
or the
Edit
icon next to an existing ACL rule in the
Access Control
screen. The following screen displays.
Figure 107
Access Control: Add/Edit
The following table describes the labels in this screen.
Table 79
Access Control: Add/Edit
LABEL
DESCRIPTION
Filter Name
Enter a descriptive name of up to 16 alphanumeric characters, not including spaces,
underscores, and dashes.
You must enter the filter name to add an ACL rule. This field is read-only if you are editing
the ACL rule.
Order
Select the order of the ACL rule.
Select Source
Device
Select the source device to which the ACL rule applies. If you select
Specific IP Address
,
enter the source IP address in the field below.
Source IP
Address
Enter the source IP address.
Select
Destination
Device
Select the destination device to which the ACL rule applies. If you select
Specific IP
Address
, enter the destiniation IP address in the field below.
Destination IP
Address
Enter the destination IP address.
Page 218 / 367
Chapter 15 Firewall
VMG4380-B10A / VMG4325-B10A User’s Guide
218
15.5
The DoS Screen
DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and
connection requests, using so much bandwidth and so many resources that Internet access
becomes unavailable.
Use the
DoS
screen to activate protection against DoS attacks. Click
Security > Firewall > DoS
to display the following screen.
Figure 108
Security > Firewall > DoS
IP Type
Select whether your IP type is
IPv4
or
IPv6
.
Select Protocol
Select the transport layer protocol that defines your customized port from the drop-down
list box. The specific protocol rule sets you add in the
Security > Firewall > Service >
Add
screen display in this list.
If you want to configure a customized protocol, select
Specific Service
.
Protocol
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Choose the IP port (
TCP/UDP
,
TCP
,
UDP
,
ICMP
, or
ICMPv6
) that defines your customized
port from the drop-down list box.
Custom Source
Port
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Enter a single port number or the range of port numbers of the source.
Custom
Destination Port
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Enter a single port number or the range of port numbers of the destination.
Policy
Use the drop-down list box to select whether to discard (
DROP
), deny and send an ICMP
destination-unreachable message to the sender of (
REJECT
) or allow the passage of
(
ACCEPT
) packets that match this rule.
Direction
Use the drop-down list box to select the direction of traffic to which this rule applies.
Enable Rate
Limit
Select this check box to set a limit on the upstream/downstream transmission rate for the
specified protocol.
Specify how many packets per minute or second the transmission rate is.
Scheduler Rules
Select a schedule rule for this ACL rule form the drop-down list box. You can configure a
new schedule rule by click
Add New Rule
. This will bring you to the
Security > Scheduler
Rules
screen.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to exit this screen without saving.
Table 79
Access Control: Add/Edit (continued)
LABEL
DESCRIPTION
Page 219 / 367
Chapter 15 Firewall
VMG4380-B10A / VMG4325-B10A User’s Guide
219
The following table describes the labels in this screen.
Table 80
Security > Firewall > DoS
LABEL
DESCRIPTION
DoS Protection
Blocking
Select
Enable
to enable protection against DoS attacks.
Deny Ping
Response
Select Enable to block ping request packets.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to exit this screen without saving.
Page 220 / 367
Chapter 15 Firewall
VMG4380-B10A / VMG4325-B10A User’s Guide
220

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top