Manualshelf

User's Manual

ManualsBrandsWave Wireless Networking ManualsElectronicsSpread Spectrum Transmitter
111112113114115116117118119120
SPEEDLAN 9000 Series Installation and Operation User Guide Version 3.03
General Functions of the Configurator 3-65
Note: Once you have finished configuring your firewall, reboot the SPEEDLAN 9000
router. This will terminate any undesired connections that may have existed prior to the
firewall configuration. You can verify if such undesired connections exist by opening the
IP Sessions page, which is last function under the Forwarding menu. For more
information, see IP Sessions, page 3-66.
Special Rules for Virtual Addresses
When you create a firewall rule that references a 1:1 NAT mapping or an internal
service using a virtual address, you must specify the internal address
as the destination.
This is important to know because the virtual addresses have already been translated to
their defined internal addresses before the firewall examines the packet's destination.
Tutorial: What is happening in this firewall rule set?
As previously explained, a rule set tells the firewall what it can do. The rule set checklist
follows the top-down concept. The first row takes priority, and then follows the second
row's criteria, followed by the third, and so on.
Can you explain what is happening in the example below?
Figure 3-47: Example of Firewall Rules
The explanation:
Rule 1 (FTP server): This rule will allow incoming traffic coming from the Star Net
interface to enter the firewall and go to the FTP server on 172.16.70.245.
Rule 2 (Web server): This rule will allow incoming traffic coming from the Star Net
interface to enter the firewall and go to the web server on 192.168.69.66.