Installation guide

ManualsBrandsEpygi ManualsBusiness equipmentQuadroCS SW-Version

151

152

153

154

155

156

157

158

159

160

QuadroM32x/8L/26x/12Li/26xi Manual II: Administrator's Guide Administrator’s Menus

QuadroM32x/8L/26x/12Li/26xi; (SW Version 5.3.x)

155

The Enable Firewall

checkbox selection enables the firewall

security service. The firewall security level has to be selected,

otherwise the firewall cannot be enabled.

The Firewall Security radio buttons are the following:

• Low Security -

Everything that is not explicitly forbidden

will be allowed. This security level doesn't block anything

by default. It is recommended if the device is already

located behind another firewall or if every filter has been

configured correctly.

• Medium Security - Traffic originating from the LAN side

may pass and traffic from the WAN side will be blocked by

default. This is the recommended security level.

• High Security -

Everything that is not explicitly allowed will

be blocked, including traffic from the LAN side.

The Advanced Firewall Settings

link refers to the page where

Quadro’s privacy can be configured.

The View Filter Rules link opens the Filtering Rules page.

Fig. II-264: Firewall and NAT Settings page

Advanced Firewall Settings

Advanced Firewall Settings are used to deny Ping and

Portscanning operations addressed towards the device. With

these features enabled, Quadro will answer with inscrutable

messages to the Ping and Portscanning operations.

Please Note: Operations are available only when the firewall is

enabled from the

Firewall and NAT page.

This page offers the following components:

The Ping Stealth checkbox selection prohibits a Ping operation

toward Quadro from its WAN.

The Fool Portscanner

checkbox selection prohibits Quadro

portscanning from its WAN. As a reply to a Portscanning

operation, "network unreachable" or "host unreachable"

feedback messages will be sent.

Fig. II-265: Advanced Firewall Settings page

Filtering Rules

The Filtering Rules page allows you to configure the filters for incoming and outgoing traffic.

To prevent inaccurate configuration, only one rule per service is allowed. The user may use IP groups to include several IP addresses for this rule.

Since the filtering rules specify the operation mode of the firewall, they only take effect if the firewall has been enabled (additionally NAT should be

enabled to use the Port Forwarding function in the Incoming Traffic / Port Forwarding filtering rules). The filtering rules are independent from the

security level, so they will work if enabled, no matter what security level has been selected.

Please Note: Applying firewall rules will prevent the establishment of new connections that violate the rules. Applying rules does not kill existing

connections that violate the rule.

Attention: The newly created blocking filtering rules will take effect immediately if there is no any active connection matching to that rule. Otherwise,

if there is an active connection matching to the created blocking rule, please restart the Quadro to make the newly created blocking rule effective

immediately. However, if you are unable to restart the Quadro, you may need to stop an existing active connection to make the newly created

blocking rule effective. Please note, that in this case the blocking rule will take effect only in 3 minutes.

View All displays all configured filters specified by their State (enabled or disabled), the selected Service, the set Action (allowed or blocked), the

IP addresses the filters apply to (if Restricted) and the destination of port forwarding (Redirect to, in case of Incoming Traffic/Port Forwarding).

Since it is read-only, no modifications are allowed and no functional buttons are available.