Protocol options, To add a chain | Casio ACS V6000 guide

24 ACS v6000 Installation/Administration/User Guide

If LOG is selected from the Target pull-down menu, the administrator can configure a Log Level, a Log Prefix and whether the TCP sequence, TCP options and IP options are logged in the Log Options Section.

If REJECT is selected from the Target pull-down menu, the administrator can select an option from the Reject with pull-down menu; the packet is dropped and a reply packet of the selected type is sent.

Protocol options

Different fields are activated for each option in the Protocol pull-down menu.

If Numeric is selected from the Protocol menu, enter a Protocol Number in the text field.

If TCP is selected from the Protocol menu, a TCP Options Section is activated for entering source and destination ports and TCP flags.

If UDP is selected from the Protocol menu, the UDP section is activated for entering source and destination ports.

Table 3.3: Firewall Configuration - TCP and UDP Options Fields

Field/Menu Option

Definition

Source Port - or -

Destination Port

A single IP address or a range of IP addresses.

[TCP only] SYN (synchronize), ACK (acknowledge), FIN (finish), RST (reset),

TCP FlagsURG (urgent) and PSH (push). The conditions in the pull-down menu for each flag are: Any, Set or Unset.

If ICMP is selected from the Protocol menu, the ICMP Type pull-down menu is activated.

If an administrator enters the Ethernet interface (eth0) in the input or output interface fields and selects an option (2nd and further packets, All packets and fragments or Unfragmented packets and 1st packets) from the Fragments pull-down menu, the target action is performed on packets from or to the specified interface if they meet the criteria in the selected Fragments menu option.

To add a chain:

1.Select Network - Firewall.

2.Select either IPv4 Filter Table or IPv6 Filter Table as needed.

3.Click Add.

4.Enter the name of the chain to be added.

5.Click Save.

Image 29

Casio ACS V6000 manual Protocol options, To add a chain

Contents

ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Access options Features and Benefits Flexible users and groups Web ManagerIPv4 and IPv6 support Security AuthenticationVPN based on IPSec with NAT traversal Packet filtering Auto discovery Data logging, notifications, alarms and data buffering ACS v6000 virtual console server requirements To create the virtual machine using the vSphere clientPage Using Telnet or SSH # telnet hostname IPaddress To use Telnet to connect to a device through a serial portTo close a Telnet session To use SSH to connect to a device through a serial port To close an SSH session ACS v6000 Installation/Administration/User Guide To log into the web manager Web Manager Overview for Administrators Wizard Mode Wizard Screen To configure Ports To configure network parametersTo configure licenses Access Expert ModeTo configure users and change the default user passwords To view and connect to devices using the web manager Security profiles System ToolsSystem Select System Security Security Profile To configure the Security ProfileTo configure DSView 3 software security settings Help and Language Date and Time Usage VM SettingsInformation VCenter To configure a vCenterTo add an association by Datacenter License To power control targets using the web managerNetwork To configure a network device SettingsDevices IPv4 and IPv6 static routes Hosts Configuring the firewallFirewall To add a host To add a chain Protocol options IPSecVPN To change the policy for a default chainTo add a rule To edit a rule Payload or AH Authentication Header Click Network Snmp Snmp ConfigurationTo configure Snmp Ports To enable or disable one or more serial portsSerial ports Select Ports Serial Ports CAS Ctrl-X Parameter Description Auto discovery To copy/clone the configuration of one port to other portsCAS Profile Select Ports CAS Profile Auto Answer To configure the input/output strings used by auto answerSelect Probe Strings or Match Strings Click Ports Pool of CAS Ports To configure a pool of CAS portsPool of CAS ports Pool of CAS Ports Parameters Parameter Description Authentication Authentication servers Appliance authenticationTo set authentication for the console server To configure a Radius authentication server Select Authentication Authentication Servers TACACS+ To configure a TACACS+ authentication serverTo configure an Ldapsad authentication server Select Authentication Authentication Servers Ldapsad To configure an NIS authentication server To configure a Kerberos authentication serverTo configure a DSView authentication server Users Accounts and User Groups To add new users Local accounts Click Users Local Accounts Password Rules To configure password rulesAdmin group User groups To view admin Appliance Access Rights Shell-login-profile Appliance-admin groupUser group Managing user groups To remove members from a user group To configure a login profile for a user groupCheck the Enable Log-In Profile box To assign appliance access rights for custom user groups To add access to serial ports for a user group To configure a group in a Radius authentication server To configure a group in a TACACS+ authentication server Event Destinations Event NotificationsEvent List Select Events and Logs Data Buffering To configure Data BufferingData Buffering Active Sessions To configure Appliance LoggingMonitoring Appliance Logging To change your own password Change PasswordSelect Change Password Web Manager Overview for Regular Users ACS v6000 Installation/Administration/User Guide Configuration Appendix a BootP Configuration Retrieval Appendix B Technical Support To resolve an issue For Technical Support