Table 13: Firewall Rule Settings
Save the change and click on the “Apply” button. Then submit the configuration by clicking on “Apply Changes” on the upper right of the web pag
new rule will be listed at the bottom of the page with sequence number, rule name, action, protocol, type, source, destination, and operation. Mor
operations are below:
Click on to edit the rule.
Click on to delete the rule.
Use the arrows up ,down , to the top or to the bottom to move the rules up and down.
For typical firewall settings, users could configure the following options on the GXW450X.
Ping Defense
Enable
If enabled, ICMP response will not be allowed for Ping requests. The default setting is disabled. To enable or disable it, clic
the check box for the LAN or WAN (GXW450X) interface.
SYN-Flood
Defense Enable
Allows the GXW450X to handle excessive amounts of SYN packets from one source and keep the web portal access. There
two options available and only one of these options may be enabled at one time.
eth(0)LAN defends against attacks directed to the LAN IP address of the GXW450X.
eth(1)WAN defends against attacks directed to the WAN IP address of the GXW450X.
SYN Flood Defense will limit the number of SYN packets accepted by the GXW450X from one source to 10 packets per sec
Any excess packets from that source will be discarded.
Ping-of-Death
Defense Enable
Enable to prevent Ping-of-Death attack on the device. The default setting is disabled. To enable or disable it, click on the c
box for the LAN or WAN (GXW450X) interface.
Table 14: Typical Firewall Settings
Dynamic Defense
Dynamic defense is supported on the GXW450X series. It can blacklist hosts dynamically when the LAN mode is set to “Route” under the Web
GUI🡪System Settings🡪Network Settings🡪Basic Settings page. If enabled, the traffic coming into the GXW450X can be monitored, which helps pr
massive connection attempts or brute force attacks on the device. The blacklist can be created and updated by the GXW450X firewall, which will th
displayed on the web page. Please refer to the following table for dynamic defense options on the GXW450X.
Dynamic Defense
Enable
Enable dynamic defense. The default setting is disabled.
Blacklist Update
Interval
Configure the blacklist update time interval (in seconds). The default setting is 120.
Connection
Threshold
Configure the connection threshold. Once the number of connections from the same host reaches the threshold, it will b
added to the blacklist. The default setting is 100.
● IN : If selected, users will need to specify to the network interface (for
GXW450X) for the incoming traffic, the network interface can be set to
“WAN”, “LAN”, or Both.
● OUT
Service
Select the service type.
1. FTP
2. SSH
3. Telnet
4. HTTP
5. Custom
If “Custom” is selected, users will need to specify Source (IP and port), Destin
(IP and port), and Protocol (TCP, UDP, or Both) for the service. Please note if
source or the destination field is left blank, it will be used as “Anywhere”.
To Next Page
Loading...
Need help?
General
