Carrier Access 770-0015 AM Local IP Address/Network , Remote IP Address/Network,

5-34 IP Router - Release 1.8

Profile Directory:Remote Profile

Firewall Filters

Local IP Address/Network

Enter the IP Address of the local device or network that this rule will affect. If you enter the

address of a local device, this rule will affect only the session establishments of the local device

and the destination address entered in the Remote IP Address/Network field, below. If this

rule is to affect “any” local devices/networks, leave this field with an asterisk default symbol *.

Significant Bits

Use this field to identify the number of bits, from left to right that will be used to match the

IP Address field within the data packet with the value entered into the Local IP Address/

Network. Range is between 1-32.

Remote IP Address/Network

Enter the IP Address of the remote device or network that this rule will affect. If you enter the

address of a remote device, this rule will affect only the session establishments of the remote

device and the device/network address entered in the Local IP Address/Network field, above.

If this rule is to affect “any” remote devices/networks, leave this field at the default symbol *.

Significant Bits

Use this field to identify the number of bits, from left to right, that will be used to match the

IP Address field within the data packet with the value entered into the Remote IP Address/

Network. Range is between 1 to 32.

< > Packets which match this rule

Use this field to indicate whether a rule match should trigger an Alarm or Log entry.

Log or Alarm entries may also be useful when a specific security issue is at stake. For example,

if your security policy does not permit Telnetting, you may wish to keep track of all Telnet

attempts. As a general rule, however, we do not recommend keeping a log of all rule matches

since this may impact system performance and may cause an Event or Alarm screen overflow.

NOTE: When enabled, a single event/alarm will be logged for all TCP

session initiations. An event/alarm will be logged for each packet for all

UDP transfers. UDP traffic should typically not be allowed across a

firewall.

NOTE: All firewall rules are considered filters and will be applied toward

the maximum allowable number of 500 filters.

(Blank) A transmission match will not trigger an Alarm or Events log entry.

Alarm A transmission match will trigger an Alarm entry.

Log A transmission match will trigger an Events log entry.