Manualshelf

User manual

ManualsBrandsBaseWall ManualsComputer equipmentDual WAN VPN Firewall VPN 2000
61626364656667686970
- BaseWall VPN 6000 user manual -
blank every port is allowed. Allowing ports in specific policies add to rights in
more general policies. So when a tunnel is created across the Internet. The
network behind this tunnel gains the normal rights of the Internet but normally
will have more rights.
Ports are deleted the same way as protocols.
When a port is preceded with a “!” sign this port is restricted. With only
restricted ports the rest of the ports are still free to use. It is possible for a
more specific policy to deny a port that was allowed by a more general policy.
13.3 Adding or removing port ranges
It is possible to open ranges of ports. Some tcp protocols use a range of ports
for multiple tasks. To prevent the input of all the subsequent numbers you can
enter the lowest port a colon-sign (':') and the highest port to indicate a range.
13.4 Policy overview of a network or host
When clicking with the mouse on a network or host the “Policy info” can be
selected. This window is divided in two parts. First all the policies are listed that
show the rights of this part of the network in Red. The second half shows the
rights of the rest of the network on this part.
First the most general policies are listed and then more specific policies. From
the policies the allowed protocol and ports are shown like in the “Protocols &
ports” window of that policy.
13.5 Block a host or network
In the menu that opens with clicking on a host or network is also the option
“Disable route”. With this option the traffic from and to a specific route can
quickly be stopped. This can be used to stop large data streams from parts of
the network. But normally a better solution should be sought for network rights.
13.6 IPSec authentication
When clicking with the mouse on a network or host on the other side of the
Internet the “IPSec authentication” option can be selected. The following
options can be set.
No IPSec: The traffic from and to this part doesn't need to be encrypted.
Certificate: The traffic is encrypted and a certificate is used as authorization.
You need to fill in the “Distinguished name” of the other party here. This is part
of any certificate.
Pre shared key: The traffic is encrypted and a shared key is used as
authorization.
The rest of the IPSec options are shown in the next Chapter (14 IPSec
configuration).
Page 64 / 79