Firewall
128
You can also select to Accept echo request (incoming port) on Internet interfaces.
The default is to disallow echo requests, so your CyberGuard SG appliance does not
respond to pings on its Internet interfaces. This may make it more difficult for external
attackers scanning for hosts to discover your CyberGuard SG appliance. Destination
unreachable ICMP messages are always accepted.
Web Server
Click the Web Server tab to configure the CyberGuard SG appliance’s administrative
web server. This web server is responsible for running the web management console.
Here you can change the port on which the server runs. Most CyberGuard SG
appliances support enabling SSL encryption for establishing secure connections to the
web management console from SSL enabled browsers.
Note
Changing the web server port number is recommended if you are allowing Internet
access to the Management Console. This may help hide the web management console
from casual web surfers who type your CyberGuard SG appliance’s Internet IP address
into a web browser.
Ideally, you should use packet filter rules (see the Packet Filtering section later in this
chapter) to restrict who has access for remote administration (i.e. allow connections on
the administrative web server port from trusted originating IP addresses only).
To Next Page
Loading...
Need help?
General
