Manualshelf

User Documentation

ManualsBrandsWeidmueller ManualsAutomation & SoftwareIE-SR-4TX-LTE/4G-EU
81828384858687888990
Version 1.2 / August 2020 Page 84 / 102
A4-2 Configuration of the packet filter (Firewall)
1. General information about behavior and settings of the packet filter settings
If the traffic (Layer 2: Ethernet frames, Layer 3: IP packets) is passing the Router from one interface (e.g.
LAN, WAN, 4G) to any other then the firewall checks the data packets according to the defined rules / rule-
sets in the order from top to down. If a rule-set condition or a rule (inside of a rule-set) is matching the de-
fined criteria then the action (allow/drop/reject) will be done. After that no further defined rule-set/rule will be
applied. If a data packet does not match any of the defined rules then it will be silently dropped (because of
the “white list” behavior).
Factory default firewall settings valid for operation mode “IP Router” (Layer 3):
At operation mode “IP Router” only rules defined on tab “Layer 3” will be applied. Rules defined on tab
“Layer 2are not applied.
The L3-packet-filter (firewall) behaves according to a “White list”. Only traffic between the interfaces
which explicitly is allowed may pass. If the default rule “Allow_L3” (allow each IP based traffic) is deleted
then each traffic is blocked. Then the Router’s Web interface only is accessible via the connected inter-
face (from LAN via LAN-IP, from WAN via WAN-IP).
Figure 23: Factory default settings of Layer-3 Packet filter (firewall), valid for operation mode “IP Router”
Factory default firewall settings valid for operation mode “Transparent bridge” (Layer 2):
At operation mode “Transparent bridge” only rules defined on tab “Layer 2” will be applied. Rules defined
on tab “Layer 3” are not applied.
The L2-packet-filter (firewall) behaves according to a “White list”. Only traffic between the interfaces
which explicitly is allowed may pass. If the default rules “ARP*” (ARP protocol) and “Allow_L2*” (allow any
Layer 2 traffic including Layer-3 IP packets) are deleted then each traffic is blocked. Then the Router’s
Web interface only is accessible via the connected interface (from LAN via LAN-IP, from WAN via WAN-
IP).
Figure 24: Factory default settings of Layer-2 Packet filter (firewall), valid for operation mode “Transparent bridge”