Network and System Management
323
NETGEAR ProSAFE VPN Firewall FVS318G v2
• Configuring VPN tunnels
LAN WAN Inbound Rules and DMZ WAN Inbound Rules
The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for
inbound traffic (from WAN to LAN and from WAN to the DMZ). Any inbound rule that you
create allows additional incoming traffic and therefore increases the traffic load on the WAN
side.
On the LAN WAN screen, if you did not define any rules, only the default rule
is listed. The
default LAN WAN inbound rule blocks all access from outside except responses to requests
from the LAN side.
Incorrect configuration of inbound firewall rules can cause serious
connection problems.
Each rule lets you specify the desired action for the connections covered by the rule:
• BLOCK always
• BLOCK by
sch
edule, otherwise allow
• ALLOW always
• ALLOW by schedule, otherwise block
T
he following sections summarize the various criteria that you can app
ly to inbound rules and
that might increase traffic.
• F
or more information about inbound rules, see Inb
ound Rules on page 130.
• For detailed procedures about how to configure inbound rules, see
Configure LAN WAN
Rules on page 13
4 and Configure DMZ WAN Rules on page 144.
When you define inbound firewall rules, you can further refine their application a
ccording to
the following criteria:
• Services.
You can specify the services or applications to be covered by an inbound rule.
If the desired service or application does not display in the list, you must define it using
the Services screen. For more information, see Inbound Rules on pag
e 130 and Add
Customized Services on pag
e 176.
• WAN destination IP address. Y
ou can specify the destination IP address for incoming
traffic. Traffic is directed to the specified address only when the destination IP address of
the incoming packet matches the IP address of the selected WAN interface.
• LAN users (or DMZ users). On
ly when the IPv4 routing mode is Classical Routing, you
can specify which computers on your network are affected by an inbound rule. When
Classical Routing is enabled, several options are available:
- Any. Th
e rule
applies to all computers and devices on your LAN.
- Single address. The
rule applies to the address of a particular computer.
- Address range. T
he rule applies to a range of addresses.
To Next Page
Loading...
