IPv4 Firewall Protection
111
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
DMZ Users The settings that determine which DMZ computers on the DMZ network are affected by
this rule. The options are:
• Any. All PCs and devices on your DMZ network.
• Sin
gle address. Enter the required address in the Start field to apply the rule to a
single PC on the DMZ network.
• Ad
dress range. Enter the required addresses in the Start and Finish fields to apply the
rule to a range of DMZ computers.
QoS Priority The priority assigned to IP packets of this service. The priorities are defined by Type of
Service (ToS) in the Internet Protocol Suite standards, RFC 1349. The QoS profile
determines the priority of a service, which, in turn, determines the quality of that service
for the traffic passing through the firewall.
The wireless VPN firewall marks the Type of Service (ToS) field as defined in the QoS
profiles that you create. For more information, see Preconfigured Quality of Service
Profiles on page 141.
Note: The wireless VPN firewall has preconfigured default QoS profiles; you cannot
configu
re the QoS profiles. A QoS profile can become active only when you apply it to a
nonblocking inbound or outbound firewall rule.
Bandwidth Profile Bandwidth limiting determines the way in which
the data is sent to and from your host.
The purpose of bandwidth limiting is to provide a solution for limiting the outgoing and
incoming traffic, thus preventing the LAN users from consuming all the bandwidth of the
Internet link. For more information, see Create Bandwidth Profiles on page 139. For
outbound traffic, you can configure bandwidth limiting only on the WAN interface for a
LAN WAN rule.
Note: Bandwidth limiting does not apply to the DMZ interface.
Log The setting that determines whether packets covered by this rule are
logged. The options
are:
• Alway
s. Always log traffic considered by this rule, whether it matches or not. This is
useful when you are debugging your rules.
• Neve
r. Never log traffic considered by this rule, whether it matches or not.
NAT IP The setting that specifies whether the so
urce address of the outgoing packets on the
WAN should be assigned the address of the WAN interface or the address of a different
interface. You can specify these settings only for outbound traffic of the WAN interface.
The options are:
• W
AN Interface Address. All the outgoing packets on the WAN are assigned to the
address of the specified WAN interface.
• Si
ngle Address. All the outgoing packets on the WAN are assigned to the specified IP
address, for example, a secondary WAN address that you have configured.
Note: The NAT IP option is available only when the WAN mode is NAT. The IP address
specified
should fall under the WAN subnet.
Table 27. Outbound rules overview (continued)
Setting Description
To Next Page
Loading...
