Manualshelf

User Manual

ManualsBrandsLantronix ManualsComputers & AccessoriesLantronix CONSLE Server 10/100MBPS ENET (SCS400-02)
81828384858687888990
Additional Remote Networking Examples
5-16
5.7.2 Creating a Simple Firewall
Firewalls are used to protect a network or networks from unauthorized access. To set up a firewall, a filter
list is used; packet traffic is compared to the filters in the list to determine whether or not it will be
forwarded. In general, firewalls prevent all packet traffic, with the exception of traffic to a particular service
or services.
In this example, a network policy prevents all IP traffic, permitting only ICMP ping packets and email.
Telnet connections are permitted to only one secure host (192.0.1.4) on the local network. The SCS is
calling site memphis.
First, create a filter list for IP traffic. This list is called mem.
Figure 5-26: Creating IP Filter
Finally, the mem filter list must be associated with site memphis as an incoming filter list.
Figure 5-27: Assigning mem Filter List to Site memphis
Note: For a more complex firewall example, see Creating a Firewall on page 11-29.
5.7.3 Controlling Access During Weekend Hours
Configurable time ranges are based on a Sunday-to-Saturday week. If you want to allow or restrict access
for a time period that spans Saturday and Sunday, you need to use multiple commands.
The following example restricts access during the weekend hours between 5:00 p.m. on Friday and 6:00
a.m. on Monday. Two commands are used to configure the necessary blocks of time: one that spans Friday
evening to Saturday just before midnight, and one that spans midnight on Sunday to Monday morning.
Figure 5-28: Disabling Connections During the Weekend
Note: In the above example, it is assumed that the access default is “Enabled,” in
which case connections are restricted during the specified time periods.
The following example achieves the same result by first adding a time range from Monday morning to
Friday evening. The access default is then set to Disabled, which allows connections only during the
specified time period.
Figure 5-29: Enabling Connections During Weekdays only
Local>> DEFINE FILTER mem CREATE
Local>> DEFINE FILTER mem ALLOW IP ICMP
Local>> DEFINE FILTER mem ALLOW IP TCP DPORT EQ SMTP
Local>> DEFINE FILTER mem ALLOW IP DST 255.255.255.255 192.0.1.4 TCP DPORT EQ TELNET
Local>> DEFINE FILTER mem ADD DENY ANY
Local>> DEFINE SITE memphis FILTER INCOMING mem
Local>> DEFINE SITE irvine TIME ADD FRI 17 SAT 23:59
Local>> DEFINE SITE irvine TIME ADD SUN 0 MON 6
Local>> DEFINE SITE irvine TIME ADD MON 6 FRI 17
Local>> DEFINE SITE irvine TIME DEFAULT DISABLED