Installation guide
BB005x Installation and Configuration Guide
►
►
►
To configure a port filter:
Click on the Port Filters link for the policies that you want to configure from
the Current Firewall Policies table.
Three Add Filter hyperlinks appear allowing three different kinds of port filters,
depending on the transport protocol that needs to be filtered: TCP, UDP or Raw
IP (any IP packet).
To add a TCP port filter:
1. Click on Add TCP filter
2. Type in the start and end of the port range for the TCP protocol that you
want to filter, then select from the drop down list whether you want to
allow/block inbound and outbound traffic.
3. Click on Apply
The same procedure can be followed for UDP and non-TCP/UDP filters.
To configure Validators:
1. Click on Host Validators under Policy Configuration
2. Click on the Add Host Validator link.
3. Type the IP address that you want to block access from in the Host IP
Address text box.
4. Type the IP mask address in the Host Subnet Mask box
5. Select the direction of traffic that you want to filter from the Direction
drop down box.
6. Click Apply.
You should now save the configuration and restart the BB005x.
To delete a validator, click on the Delete Host Validator hyperlink on the
Configure Validator page. Then click on Delete Host Validator on the
Confirmation page.
Triggers and Application Layer Gateways:
Many network applications can encounter difficulties while trying to operate
across a NAT firewall system. Certain applications require, at times, the
temporary opening of a secondary connection in order to function properly. This
can be done manually before the application is launched but then the
connection will stay open until it is closed manually, which will create a serious
security risk. Another obstacle is the fact that some applications often embed
the IP address of the host in the payload of the IP packet. Since NAT normally
51