3
94 AhnLab TrusGuard Installation Guide
6 The firewall policy checks whether the packets need Internet Access Control, Contents Filter or IPS.
• IPS and Content Filters apply firewall policy.
• If an attack is detected, it follows the action defined in the detection rules on source IP address.
7 The source address gets converted after going through the firewall policy.
8 Packets that go through the IPSec/SSL VPN tunnel go through the firewall policy before going to
the VPN tunnel.
9 If a packet without session records gets allowed to connect, it is recorded in the session table and
monitored until session timeout.
Caution: Setting Policy
NAT and Firewall Policy
When the firewall policy is linked with NAT, the IP address profile is selected from the firewall policy as
below:
Interface-based NAT
• Dynamic NAT: Apply firewall policy by using the source IP address before applying NAT. The
destination IP address does not get converted.
• Static NAT, LS NAT: Apply firewall policy based on destination IP address (private IP address)
after applying NAT. The source IP address does not get converted.
Policy-based NAT
• Convert source IP address only: Apply firewall policy based on the source IP address before
applying NAT.
• Convert detination IP address only: Apply firewall policy based on the destination IP address
after applying NAT.
Convert both source and detination IP addres: Apply firewall policy based on the source IP address
before applying NAT and destination IP address after applying NAT.
Note
Connection passing NAT is recorded as snat (source address converted) and dnat (destination address
converted) in the firewall log.
To Next Page
Loading...