Firewall Protection
126
ProSecure Unified Threat Management (UTM) Appliance
Whether or not DHCP is enabled, how the PC accesses the server’s LAN address impacts
the inbound rules. For example:
• If your external IP address is assigned dynamically by your ISP (DHCP enabled), the IP
address might change periodically as the DHCP lease expires. Consider using Dyamic
DNS so that external users can always find your network (see Configure Dynamic DNS
on page 85).
• If the IP address of the local server PC is assigned by DHCP, it might change when the
PC is rebooted. To avoid this, use the Reserved (DHCP Client) feature in the LAN Groups
screen to keep the PC’s IP address constant (see Set Up Address Reservation on
page 110).
• Local PCs need to access the local server using the PCs’ local LAN address. Attempts by
local PCs to access the server using the external WAN IP address will fail.
Note: See Configure Port Triggering on page 174 for yet another way to
allow certain types of inbound traffic that would otherwise be blocked
by the firewall.
Note: The UTM always blocks denial of service (DoS) attacks. A DoS
attack does not attempt to steal data or damage your PCs, but
overloads your Internet connection so you cannot use it (that is, the
service becomes unavailable).
Note: When the Block TCP Flood and Block UDP Flood check boxes are
selected on the Attack Checks screen (see Attack Checks, VPN
Pass-through, and Multicast Pass-through on page 148), multiple
concurrent connections of the same application from one host or IP
address (such as multiple DNS queries from one PC) trigger the
UTM’s DoS protection.
Note: For more information about protecting the UTM from incoming
threats, see Use the Intrusion Prevention System on page 178.
The following table describes the fields that define the rules for inbound traffic and that are
common to most Inbound Service screens (see Figure 67 on page 133, Figure 70 on
page 136, and Figure 73 on page 139).
To Next Page
Loading...
Need help?
General