NETGEAR DGFV338 manual Outbound Rules Service Blocking

Page 75

DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual

Figure 4-1

You may define additional rules that will specify exceptions to the default rules. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day.

You can also tailor these rules to your specific needs (see “Security and Administrator Management” on page 4-35).

Note: This feature is for Advanced Administrators only! Incorrect configuration will cause serious problems.

Outbound Rules (Service Blocking)

The DGFV338 allows you to block the use of certain Internet services by PCs on your network. This is called service blocking or port filtering.

The default policy can be changed to block all outbound traffic and enable only specific services to pass through the router. The following Outbound Services lists all the existing rules for outgoing traffic. A rule is defined by the following fields:

! (Status): A rule can be disabled if not in use and enabled as needed. A rule is disabled if the status light is grey and it is enabled if the status light is green. Disabling a rule does not delete the configuration, but merely de-activates the rule.

Service Name: This is a unique name assigned to the service. The name usually indicates the type of traffic the rule covers such as ftp, ssh, telnet, ping, etc. Services not already in the list can be added on the Add LAN WAN Outbound Services screen.

Security and Firewall Protection

4-3

v1.0, April 2007

Page 74 Page 76
Image 75
Page 74 Page 76
Contents NETGEAR, Inc Statement of Conditions Placement and Range GuidelinesTechnical Support TrademarksFCC Requirements for Operation in the United States FCC StatementEurope EU Declaration of Conformity Português Bestätigung des Herstellers/Importeurs Certificate of the Manufacturer/ImporterVoluntary Control Council for Interference Vcci Statement Terms Additional CopyrightsViii MD5 DGFV338 Product and Publication DetailsContents Chapter Wireless Configuration Chapter Virtual Private Networking Chapter LAN Configuration Appendix a Default Settings and Technical Specifications Xvi Conventions, Format and Scope About This ManualHow to Print this Manual How to Use This ManualXix Page Chapter Introduction Key Features of the Netgear ProSafe DGFV338Full Routing on Both the Adsl and 10/100 WAN Port Powerful, True Firewall with Content FilteringSecurity Virtual Private Networking VPNAutosensing Ethernet Connections with Auto Uplink Extensive Protocol Support Easy Installation and ManagementSystem Requirements Maintenance and SupportHardware Description Package ContentsNos LEDs Activity Description Object DescriptionsRouter Rear Panel Enter http//192.168.1.1 as the URL Router Login Factory DefaultsPlacement of your Netgear ProSafe DGFV338 Chapter Basic Installation and Configuration Using Adsl Microfilters optional Logging in and Configuring your Internet Connection Configuring Your Internet Connection using Auto Detect V1.0, April Internet Service Connections Manually Configuring your Adsl ConnectionEnter your Internet IP Address Manually Configuring your Ethernet Connection V1.0, April Enter your Internet IP Address V1.0, April V1.0, April V1.0, April Configuring the WAN Mode Use Dedicated WAN port V1.0, April On the Internet Configuring Dynamic DNS If NeededV1.0, April DynDNS Service Screen Traffic Meter Adsl Programming the Traffic MeterParameter Description Traffic Meter ParametersV1.0, April Implementing Wireless Security Chapter Wireless ConfigurationLUHOHVVDWD 6HFXULW\2SWLRQV Understanding Wireless Settings Wireless Access Point Wireless LANsV1.0, April Access Control List Advanced Wireless Router Settings Wireless Advanced OptionsWPA-PSK or WPA2-PSK Pre-Shared Key WEP and WPA/WPA2 Wireless Security Check List FormConfiguring Your Wireless Settings Configuring WEP V1.0, April Configuring WPA-PSK Configuring WPA2-PSK Configuring WPA-PSK and WPA2-PSK Configuring WPA with Radius Configuring WPA2 with Radius Configuring WPA and WPA2 with Radius Restricting Wireless Access by MAC Address V1.0, April V1.0, April Using Rules to Block or Allow Specific Kinds of Traffic Firewall Protection and Content Filtering OverviewAbout Service Based Rules Outbound Rules Service Blocking V1.0, April V1.0, April V1.0, April Outbound Rule Example Blocking Instant Messenger Inbound Rules Port ForwardingV1.0, April V1.0, April V1.0, April V1.0, April Inbound Rule Example a Local Public Web Server Inbound Rule Example One-to-One NAT Mapping V1.0, April Inbound Rule Example Exposed Host Considerations for Inbound Rules Order of Precedence for Rules Customized ServicesV1.0, April Outbound Rules Add Screen Quality of Service QoS PrioritiesWAN Security Checks Attack ChecksManaging Groups and Hosts V1.0, April V1.0, April Groups and Hosts Blocking Internet SitesV1.0, April V1.0, April Enabling Source MAC Filtering Setting up Port Triggering V1.0, April Port triggering Setting a Schedule to Block or Allow Specific Traffic Event Logs and Alerts V1.0, April V1.0, April Security and Administrator Management V1.0, April IP addressing requirements for VPNs in dual WAN port systems Dual WAN Port SystemsSetting up a VPN Connection using the VPN Wizard V1.0, April V1.0, April IKE Policy VPN Tunnel PoliciesIKE Policy Table Managing IKE PoliciesManaging VPN Policies VPN PolicyVPN Policy Table VPN Tunnel Connection StatusCreating a VPN Connection Between FVX538 and DGFV338 Configuring the ProSafe DGFV338V1.0, April V1.0, April V1.0, April V1.0, April Configuring the FVX538 Testing the Connection Configuring the DGFV338Creating a VPN Client Connection VPN Client to DGFV338 V1.0, April Configuring the VPN Client Todgfv Left frame, select Security Policy Todgfv Testing the Connection Certificate Authorities Generate Self Certificate Request, enter the required data Generating a Self Certificate RequestV1.0, April Managing your Certificate Revocation List CRL Uploading a Trusted CertificateUpload Extended Authentication Xauth ConfigurationConfiguring Xauth for VPN Clients V1.0, April User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Mode Config Operation Manually Assigning IP Addresses to Remote Users ModeConfigConfiguring the ProSafe DGFV338 V1.0, April V1.0, April Configuring the ProSafe VPN Client for ModeConfig V1.0, April V1.0, April V1.0, April V1.0, April Performance Management Wireless Firewall Features That Reduce TrafficService Blocking Block Sites Wireless Firewall Features That Increase Traffic Source MAC FilteringPort Forwarding V1.0, April Using QoS to Shift the Traffic Mix Port TriggeringVPN Tunnels Administrator and Guest Access Authorization Changing the Passwords and Login Time-outTools for Traffic Management Enabling Remote Management Access Under Allow Remote Management, check the Yes radio box Https//172.21.4.18080 Command Line InterfaceTraffic Limits Reached Event AlertsRouter Status MonitoringRouter Status WAN Ports Internet Traffic V1.0, April Known PCs and Devices LAN Ports and Attached DevicesKnown PCs and Devices table Dhcp LogFirewall Security Port Triggering StatusPort Triggering Status data V1.0, April VPN Tunnels VPN Status Data Using a Snmp ManagerV1.0, April Diagnostics Diagnostics Configuration File Management Settings Backup and Firmware UpgradeBackup and Restore Settings Click default Router Upgrade To upgrade router software Setting the Time ZoneV1.0, April Using the Firewall as a Dhcp server Chapter LAN ConfigurationSecurity and Firewall Protection Configuring the LAN Setup OptionsUsing Address Reservation Configuring Multi Home LAN IPs V1.0, April Gateway IP and DNS server IPs Adding or Editing a Static Route Configuring Static RoutesRouting Information Protocol RIP V1.0, April Static Route Example Enabling Universal Plug and Play UPnPSettings Description UPnP Portmap Table settingsV1.0, April Basic Functions Power LED Not OnTroubleshooting the Web Configuration Interface LEDs Never Turn OffLAN or Internet Port LEDs Not On Troubleshooting the ISP Connection V1.0, April Testing the LAN Path to Your Firewall Troubleshooting a TCP/IP Network Using a Ping UtilityPing -n 10 IP address Testing the Path from Your PC to a Remote DeviceProblems with Date and Time Restoring the Default Configuration and PasswordV1.0, April Table A-1. Default Configuration Settings Default Factory SettingsFeature Default Behavior Table A-2. Technical Specifications Technical SpecificationsSpecification Description Electromagnetic Emissions Appendix B Related Documents V1.0, April Numerics IndexIndex-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8
Related manuals
Manual 10 pages 13.59 Kb
Top Page Image Contents