Digi 34 manual Configure the Firewall, Configuration Security Firewall

Page 9

Click OK

2.4 Configure the Firewall

The firewall should be configured to monitor the ICMP requests generated by PPP 1. If the firewall detects that 3 consecutive ICMP echo requests have failed, it will take PPP 1 out of service and deactivated thus allowing PPP 4 to come up. The IP address in the firewall rule must be the IP address that PPP 1 is sending pings to.

The recovery code will then test the ADSL connection before bringing it back into service. When the recovery is successful and PPP 1 comes back into service, PPP 4 will be deactivated.

Configuration – Security > Firewall

Insert the following 2 rules:

Rule 1

pass out break end on ppp 1 proto icmp from any to 1.2.3.4 icmp-type echo inspect-state oos 10 t=3 c=3 d=3 r=ping,10,5 rd=1 dt=1

Rule 2

Pass break end

Save the firewall rules by clicking the “Save (fw -> fw.txt)” button.

Rule 1 explained:

pass out break end on PPP 1 – allow traffic outbound from PPP 1

proto icmp from any to 1.2.3.4 icmp-type echo – allow pings out to 1.2.3.4

9

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Application Note Introduction OutlineAssumptions Version CorrectionsConfigure PPP 1 Adsl ConfigurationConfiguration Interfaces PPP PPP 0 4 PPP 1 Standard Configuration Interfaces PPP PPP 0 4 PPP 1 AdvancedClick OK Pstn Configure PPP 4 PstnConfiguration Interfaces PPP PPP 0 4 PPP 4 Advanced Configuration Routing Default Route Configure the Default RoutesConfiguration Security Firewall Configure the FirewallAdministration Save configuration Save configurationConfiguration Files TestingDigi Transport Configuration Files Simulate a failureDigi Transport Firmware Versions Pppoe
Top Page Image Contents