Firewall Protection
127
ProSecure Unified Threat Management (UTM) Appliance
The steps to configure inbound rules are described in the following sections:
• Set LAN WAN Rules
• Set DMZ WAN Rules
• Set LAN DMZ Rules
Table 28. Inbound rules overview
Setting Description
Service
(also referred to as
Service Name)
The service or application to be covered by this rule. If the service or application does not
display in the list, you need to define it using the Services screen (see Add Customized
Services on page 154).
Action
(also referred to as
Filter)
The action for outgoing connections covered by this rule:
• BLOCK always
• ALLOW always
Note: Any inbound traffic that is not blocked by rules you create is allowed by the default
rule.
Note: ALLOW rules are useful only if the traffic is already covered by a BLOCK rule. That
is, you wish to allow a subset of traffic that is currently blocked by another rule. Similarly,
BLOCK rules are useful only if the traffic is already covered by an ALLOW rule. That is,
you wish to block a subset of traffic that is currently allowed by another rule.
Select Schedule The time schedule that is used by this rule. By default, there is no schedule assigned
(that is, None is selected from the Schedule drop-down), and the rule is in effect
permanently. For information about creating schedules, see Set a Schedule to Block or
Allow Specific Traffic on page 168.
Send to LAN Server The LAN server address determines which computer on your network is hosting this
service rule. (You can also translate this address to a port number.) The options are:
• Single address. Enter the required address in the Start field to apply the rule to a
single device on your LAN.
• Address range. Enter the required addresses in the Start and End fields to apply
the rule to a range of devices.
Send to DMZ Server The DMZ server address determines which computer on your network is hosting this
service rule. (You can also translate this address to a port number.)
Translate to Port
Number
If you want to assign the LAN server or DMZ server to a specific port, you can enable this
setting and specify a port number.
WAN Destination IP
Address
The setting that determines the destination IP address applicable to incoming traffic. This
is the public IP address that maps to the internal LAN server.
On the multiple WAN port models, it can be either the address of a WAN interface or
another public IP address (when you have a secondary WAN address configured)
. On
the single WAN port models, it can be either the address of the single WAN interface or
another public IP address (when you have a secondary WAN address configured).
You also have the option to enter an address range. Enter the required addresses in the
Start and End fields to apply the rule to a range of devices.
To Next Page
Loading...
Need help?
General