Manualshelf

User Manual Part 2

ManualsBrandsNetgear ManualsElectronicsProSafe Wireless-N VPN Firewall
31323334353637383940
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Firewall and Network Management 9-5
v1.0, July 2008
See “Enabling Source MAC Filtering (Address Filter)” on page 5-24 for the procedure on how to
use this feature.
Features that Increase Traffic
Features that tend to increase WAN-side loading are as follows:
Port forwarding
Port triggering
Exposed hosts
•VPN tunnels
Port Forwarding
The firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal
data or damage your PCs, but overloads your Internet connection so you can not use it (i.e., the
service is unavailable). You can also create additional firewall rules that are customized to block or
allow specific traffic.
You can control specific inbound traffic (from WAN to LAN). Inbound Services lists all existing
rules for inbound traffic. If you have not defined any rules, only the default rule will be listed. The
default rule blocks all inbound traffic.
Each rule lets you specify the desired action for the connections covered by the rule:
•BLOCK always
ALLOW always
BLOCK by schedule, otherwise allow
ALLOW by schedule, otherwise block
You can also enable a check on special rules:
VPN Passthrough. Passes the VPN traffic without any filtering, specially used when this
firewall is between two VPN tunnel end points.
Drop fragmented IP packets. Drops any fragmented IP packets.
UDP Flooding. Limits the number of UDP sessions created from one LAN machine.
TCP Flooding. Protects the firewall from SYN flood attack.
Warning: This feature is for Advanced Administrators only! Incorrect configuration
will cause serious problems.