sa3450 - Virtual Private Networking Concepts Guide

Firewalls and Tunnels

5-22 Hewlett-Packard Company Virtual Private Networking Concepts Guide

One-Way In Firewall Rules

One-Way In Firewall RulesOne-Way In Firewall Rules

One-Way In Firewall Rules

One-way in firewall rules allow devices on a black (untrusted)

network to establish communication sessions with devices on

the red (trusted) network. No network address translation

(NAT) is performed when a session is established through a

stateful one-way in firewall rule. One-way in firewall rules can

grant access to services executing on devices on a red (trusted)

subnet having routed IP addresses.

If you want to allow SMTP mail from people on the Internet to

be sent into the mail server, define a one-way in rule as described

in the following table.

Parameter

Parameter Parameter

Parameter

Description

DescriptionDescription

Description

Parameter Value

Parameter ValueParameter Value

Parameter Value Comments

CommentsComments

Comments

From IP address 0.0.0.0 The mail can come

from any IP address.

From subnet mask 0.0.0.0

From application

port

ALL The application port

used to send the

mail is usually

unknown.

To IP address 198.53.144.2 Assumes that the

mail record

associated with

your domain name

points to this

address.

To subnet mask 255.255.255.255 The mail must

arrive at this IP

address only.

To application port 25 The SMTP mail

server listens on

this port.