Configuring with Web Based Management
4.7 "Security" menu
SCALANCE SC-600 Web Based Management (WBM)
Configuration Manual, 10/2021, C79000-G8976-C475-03
307
Description
The page contains the following:
• Activate Firewall
When enabled, the firewall is active.
• TCP Idle Timeout [s]
Enter the required time in seconds. If no data exchange takes place, the TCP
connection is terminated automatically when this time has elapsed.
The range of values is 1 to 2147483.
Default setting: 86400 seconds
• UDP Idle Timeout [s]
Enter the required time in seconds. If no data exchange takes place, the UDP
connection is terminated automatically when this time has elapsed.
The range of values is 1 to 2147483.
Default setting: 300 seconds
• ICMP Idle Timeout [s]
Enter the required time in seconds. If no data exchange takes place, the ICMP
connection is terminated automatically when this time has elapsed.
The range of values is 1 to 2147483.
Default setting: 300 seconds
• TCP State Check
When enabled, the firewall only forwards TCP packets to the communication partner
that can be assigned to a connection. TCP packets that cannot be assigned to a
connection are discarded. To this end, the firewall checks the status of the TCP
connection, for example, whether a three-way handshake has been performed.
When disabled, the firewall only forwards TCP packets that cannot be assigned to a
TCP connection if the corresponding firewall rule has been created. This can be used,
for example, in "Asymmetric routing" when the firewall does not recognize all TCP
packets of a connection.
4.7.5.2 Predefined
The WBM page contains predefined IP packet filter rules. If you create your own IP
packet filter rules, these have a higher priority than the predefined IP packet filter rules.
Here, you can set which services of the device should be reachable from which
interface/subnet.
To Next Page
Loading...
