User guide
Configuring Firewall Settings
106 WatchGuard Firebox X Edge
Denying FTP access to the trusted network interface
You can configure the Firebox X Edge to stop FTP traffic from the
trusted interface or external interface. This setting has higher prece-
dence than any configured service.
1 Select the Do not allow FTP access to Trusted Network check
box.
2 Click Submit.
N
OTE
N
OTE
You must clear the Do not allow FTP access to Trusted Network
check box when you apply an update to the Edge firmware with
the automatic installer. If you do not clear this option, the
Software Update Installer cannot move firmware files to the
Firebox X Edge. For information on updates for Edge firmware, see
“Updating the Firmware” on page 199.
SOCKS implementation for the Firebox X Edge
The Firebox X Edge can operate as a SOCKS network proxy server.
Software that uses more than one socket connection and uses the
SOCKS version 5 protocol can send traffic through the Edge. SOCKS
gives you secure, two-way communication between a computer on
the external network and a computer on the trusted network. To use
a SOCKS-compatible program, configure the program with the nec-
essary information about the Firebox X Edge.
The Firebox X Edge uses SOCKS version 5. Firebox X Edge users do
not authenticate before using the Edge configuration pages.
Your Firebox X Edge does not connect with software that finds only
DNS (domain name server) names. Configure the SOCKS-compatible
software to connect to IP addresses and not connect to domain
names.
Software that uses SOCKS and can operate with Firebox X Edge
includes ICQ, IRC, and AOL Messenger.
N
OTE
N
OTE
If software that uses SOCKS operates on a computer put on the
trusted network, then all users on the trusted network can use the
SOCKS proxy. To stop this risk, disable the SOCKS proxy on your
Firebox X Edge.