Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series

131

132

133

134

135

136

137

138

139

140

Firewall Protection

139

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

QoS Profile

QoS Priority

The priority assigned to IP packets of this service. The priorities

are defined by Type of Service in the Internet Protocol Suite

standards, RFC 1349. The QoS profile determines the priority of a

service, which, in turn, determines the quality of that service for the

traffic passing through the firewall.

The VPN firewall marks the Type of Service (ToS) field as defined

in the QoS profiles that you create. For more information, see

Create Quality of Service Profiles for IPv4 Firewall Rules on

page 184 and Quality of Service Priorities for IPv6 Firewall Rules

on page 186.

Note: There are no default QoS profiles on the VPN firewall. After

you have created a QoS profile, it can become active only when

you apply it to a nonblocking inbound or outbound firewall rule.

Note: QoS profiles and QoS priorities do not apply to LAN DMZ

rules.

QoS Profile:

• IPv4 LAN WAN

rules

• IPv4 DMZ WAN

rules

Qos Priority:

• IPv6 LAN WAN

rules

• IPv6 DMZ WAN

rules

Bandwidth Profile Bandwidth limiting determines how the data is sent to and from

your host.

The purpose of bandwidth limiting is to provide a

solution for limiting the outgoing and incoming traf

fic, thus

preventing the LAN users from consuming all the bandwidth of the

Internet link. For more information, see Create Bandwidth Profiles

on page 181. For outbound traffic, you can configure bandwidth

limiting only on the WAN interface for a LAN WAN rule.

Note: Bandwidth limiting does not apply to the DMZ interface.

IPv4 LAN WAN rules

Log The setting that determines whether packets covered by this rule

are logged. The options are:

• Always.

Always log traf

fic that matches this rule. This is useful

when you are debugging your rules.

• Never. Never log traf

fic that matches this rule.

All rules

NAT IP The setting that specifies whether the source address of the

outgoing packets on the W

AN is autodetected, is assigned the

address of the WAN interface, or is a different IP address. You can

specify these settings only for outbound traffic of the WAN

interface. The options are:

• Auto. The

source

address of the outgoing packets is

autodetected through the configured routing and load

balancing rules.

• W

AN Interface Address. All the outgoing packets on the

AN are assigned to the address of the specified WAN

interface.

• Single Address.

All the outgoing packets on the W

AN are

assigned to the specified IP address, for example, a

secondary WAN address that you have configured.

Note: The NAT IP drop-down list is available only when the WAN

mode is NAT. If you select Single Address, the IP address

specified should fall under the WAN subnet.

IPv4 LAN WAN rules

IPv4 DMZ WAN rules

Table 33. Outbound rules overview (continued)

Setting Description Outbound Rules