Patton electronic 2635 Enabling the Firewall, Firewall Portfilters, Deleting a security Policy

Page 74

Models 2603, 2621, and 2635 Getting Started Guide

7 • Security

 

 

Deleting a security Policy

To delete a security policy, go to the table of ‘Current Security Policies’ and click on the Delete button for the selected security policy.

Figure 49. Deleting a Security Policy

Enabling the Firewall

At this point, both security and the firewall can be enabled and the network is secure. All the interfaces which have been defined are protected, that is, all traffic has been blocked between the internal (‘ip1’) and external (‘ppp-0’) interfaces. Only traffic which has validators is allowed to pass through, and, at this moment, there are no validators.

1.Return to the Security page.

2.Under Security State select Enabled for Security. Click on Change State.

3.Next select Enabled for Firewall. Click on Change State.

The network is now secure. All the interfaces which have been defined are protected and all traffic is blocked between different the different interface types. That is, all traffic is blocked between the external and internal interfaces.

The next section describes how to configure the Firewall for allowing certain types of data transfer to occur between the PC’s on different networks.

Firewall Portfilters

Next, we configure the Firewall to permit certain types of data transfer between the PCs (in general, hosts) on the different networks. This is done by the implementation of Firewall portfilters. Portfilters are individual rules that determine what kind of traffic can pass between two interface types.

For the Protocol Number below, the different types are defined as:

Protocol

Abbreviation

Number

 

1ICMP

2IGMP

3

GGP

4

IP

Enabling the Firewall

74

Page 73 Page 75
Image 74
Page 73 Page 75
Contents IPLink Series High Speed Routers Mailsupport@patton.com Summary Table of Contents Contents Contents Models 2603, 2621, and 2635 Getting Started Guide Remote Site Configuration Central site configuration EMC Ethernet Cable 123 Adapter Contents Models 2603, 2621, and 2635 Getting Started Guide List of Figures Models 2603, 2621, and 2635 Getting Started Guide List of Tables Structure About this guideAudience Precautions Impaired functioningSafety when working with electricity General observationsGeneral conventions Factory default parametersTypographical conventions used in this document Chapter contents General InformationIPLink Series High Speed Routers overview General attributesPPP Support EthernetProtocol support WAN InterfacesSecurity Front Panel Status LEDs and Console PortRear panel connectors and switches Console portPower connector Ethernet port outlined in greenGeneral Information Product Overview Introduction Applications Overview Sync Serial ApplicationInitial Configuration What you will need Hardware installationInterface cable installation RJ-48C pinout diagram Models 2603, 2621, and 2635 Getting Started Guide Mechanical serviceability Case being opened with a screwdriver Ethernet connector Interface connector RJ-45 DB-25 Installing the AC power cord DCEInitial Configuration Installing the Ethernet cable Do the followingPC Configuration IP address modificationWeb Operation and Configuration Web BrowserModel 2603 home Model 2635 home Ethernet LAN Port LAN Connections Ethernet PortBasic Ethernet port attributes Configurable Ethernet parameters Serial Port Configuration Variables WAN Serial Port ConfigurationSerial Interface Web Interface Configuration T1/E1 Interface ConfigurationConfiguring the IPLink Series 2603 for T1 Operation Web Configuration , enter username See figureLine Options Fractional T1 Configuring the IPLink Series 2603 for E1 OperationSerial Port Configuration WAN Services PPP BridgedWAN Services PPP Bridged WAN Service ConfigurationPPP Configuration Leave User name and Password blank. Click on Create PPP Routed Remote site configurationClick on Create Click the Update button PPP link status LMI Management Frame Relay links LMI ConfigurationWeb Configuration Methods Frame Relay Configuration Dlci Number UseFrame Relay bridged Frame Relay bridged creationCentral site configuration Frame Relay Routed RelayDescription FR routed Frame Relay Channel Routed configuration Cost Interface frame-0 WAN Services Security Click on Create a new service Configuring the routerClick on the Create a new Ip route... hyperlink Configuring the security interfaces Valid gateway routeSecurity configuration home Configuring Security Policies Define ‘ppp-0’ interface as ExternalDeleting a security Policy Enabling the FirewallFirewall Portfilters Security Triggers Add Raw IP FilterConfiguring TCP port filter for FTP Adding trigger for FTP data transfer Intrusion Detection System IDS Attack Name Protocol Attacking Host Blacklisted?Security Global address pool and reserved map Introduction to NATEnabling NAT Click on Add Global Address Pool button Dhcp and DNS Configuration Services and features normally associated with each other Dhcp Server NATDhcp Server web Parameters for the Dhcp Server subnet Dhcp server configuration webIP Addresses to be available on this subnet Dhcp IP address poolExample based on default range of IP address pool DNS server option informationDhcp Relay Default gateway option informationAdditional option information Configuration of the Dhcp RelayDhcp Relay webpage DNS Relay Configuring the DNS RelayDNS Relay configuration webpage IP Services CLI Configuration IP ServicesWEB Server Associated Ports for the different System IP Services System Configuration Authentication Authentication web page showing default superuserAlarm Access the configuration and status of the alarmsRemote Access Alarm & Alarm Error Log configurationSave UpdateBackup/Restore Website Settings RestartError Log Snmp DaemonSystem Tools Snmp Daemon configurationSntp Client Configuration Sntp Client Mode Configuration Parameters Configuring the Sntp ClientSystem Clock Setting Sntp Client General Configuration ParametersConfiguration of the internal system calendar clock System Status System Status Port Connection StatusHardware Status LAN StatusWAN Status Defined InterfacesStatus LEDs Contacting Patton for assistance Patton support headquarters in the USA Warranty coverageContact information Return for credit policy Out-of-warranty serviceReturns for credit RMA numbersAppendix a Compliance information EMCRadio and TV Interference FCC Part SafetyCompliance CE Declaration of ConformityAuthorized European Representative Appendix B Specifications Sync Serial Interface General CharacteristicsEthernet T1/E1 InterfaceManagement Protocol SupportPPP Support AC universal power supply DimensionsPower and Power Supply Specifications VDC power supplyAppendix C Cable Recommendations Ethernet Cable AdapterAppendix D IPLink Physical Connectors RJ-45 shielded 10/100 Ethernet port RJ-45 non-shielded RS-232 console port EIA-56135 M/34 and DB-25 Connector Serial port21 DB-15 Connector Pin No Circuit Signal Name DirectionE1/T1 RJ-48C Connector Pin No SignalAppendix E Command Line Interface CLI Operation Local VT-100 emulation Using the ConsoleCLI Terminology Remote TelnetThen Adding new users Administering user accountsSetting user passwords Controlling user access Changing user settingsControlling login access
Related manuals
Manual 133 pages 40.62 Kb Manual 8 pages 11.19 Kb
Top Page Image Contents