DMZ Firewall Solution for the Express Router
Filter Function
9Discards all ICMP packets entering the DMZ network. This prevents the router from reporting the IP netmask.
10Discards all packets to open router ports.
Four filters are required.
11
12
13
3.3.2.2 Transmit (Tx) filters on LAN2
Settings
Scr. address type: | Host |
Src. address: | <LAN1 IP address> |
Src. port : | All |
Action: | Discard |
Protocol: | ICMP |
Dest. address type: | All |
Scr. address type: | All |
Action: | Discard |
Protocol: | UDP |
Dest. address type: | Host |
Dest. address: | <LAN1 IP address> |
Dest. port: | All |
Src. address type: | All |
Src. port: | All |
Action: | Discard |
Protocol: | UDP |
Dest. address type: | Host |
Dest. address: | <LAN2 IP address> |
Dest. port: | All |
Src. address type: | All |
Src. port: | All |
Action: | Discard |
Protocol: | TCP |
Flags: | All |
Dest. address type: | Host |
Dest. address: | <LAN1 IP address> |
Dest. port: | All |
Src. address type: | All |
Src. port: | All |
Action: | Discard |
Protocol: | TCP |
flags: | All |
Dest. address type: | Host |
Dest. address: | <LAN2 IP address> |
Dest. port: | All |
Src. address type: | All |
Src. port: | All |
To pass all packets transmitted from the DMZ, set the default action to Pass.
Version 1.0 | 12 |