DMZ Firewall Solution for the Express Router
Filters are defined as follows:
Filter Function
—Prohibit internal users access to the Internet
1Allows access to the HTTP /FTP proxy server on the DMZ.
2Allows access to the SMTP server on the DMZ.
3Allows access to News (proxy) server on the DMZ.
4Allows access to the router from the private LAN.
4.4.1.2 Transmit (Tx) Filters on LAN1
Settings
Default Action: | Default |
|
|
Action: | Pass |
Protocol: | All |
Dest. address type: | Host |
Dest. address: | 193.84.251.2 |
Src. address type: | All |
Action: | Pass |
Protocol: | All |
Dest. address type: | Host |
Dest. address: | 193.84.251.3 |
Src. address type: | all |
Action: | Pass |
Protocol: | All |
Dest. address type: | Host |
Dest. address: | 193.84.251.4 |
Src. address type: | All |
Action: | Pass |
Protocol: | All |
Dest. port address: | Host |
Dest. address: | <LAN1 IP address> |
Scr. address type: | All |
Configure these transmit filters for the LAN1 port, shown as they appear in Advanced Setup.
Filters are defined as follows:
Filter Function
—Prohibit users on the private network from accessing the Internet
1Allows HTTP and FTP (read only using HTTP) from secure LAN to HTTP/FTP proxy server on the DMZ.
Settings
Default Action: | Discard |
|
|
Action: | Pass |
Protocol: | TCP |
TCP flags: | ACK |
Dest. address type: | All |
Dest port: | >1023 |
Src. address type: | Host |
Src. address: | 193.84.251.2 |
Version 1.0 | 19 |