Table
Item | Description | |
|
| |
Enable IPsec/Firewall | Select the check box to enable your IPsec or Firewall policy. Clear this check box to | |
or | disable IPsec/Firewall operation. | |
|
| |
Enable Firewall |
|
|
|
| |
IPsec/Firewall Rules | Configure up to ten rules in descending order of precedence. For example, Rule 1 is | |
| higher in precedence than Rule 2. | |
| Define each rule using the following fields: | |
| ● | Enable Select whether a configured rule is enabled or disabled for the policy. |
| ● | Address Template Set the IP addresses for which the rule applies. Select |
|
| among several predefined templates, or specify a custom template. Click on a |
|
| template entry to view or modify the template configuration. |
| ● | Services Template Identify the services for which the rule applies. Select |
|
| among several predefined templates, or specify a custom template. Click on a |
|
| template entry to view or modify the template configuration. |
|
| CAUTION: If the All Services template for a rule is not specified, a security |
|
| risk can exist. Future networking applications deployed after the IPsec Policy is |
|
| in place might not be |
|
| For example, installing a |
|
| for the printer or print server, can result in a new service that is not covered by |
|
| the IPsec policy. Review policies whenever firmware is updated or a new Chai |
|
| applet is installed. |
| ● | Action on Match Define how to process the IP traffic that contains the |
|
| addresses and services specified. |
|
| For Firewall operation, the traffic is allowed or dropped, depending on the action |
|
| specified by the rule. |
|
| For IPsec operation, the traffic is allowed without IPsec protection, dropped, or |
|
| |
|
| template entry to view or modify the template configuration. |
|
| |
Default Rule | Indicate whether the default rule drops or allows the traffic. The default rule specifies | |
| whether to process IP packets that do not match the configured rules. | |
| Select Drop (default) to discard traffic not covered by the configured rules. | |
| Select Allow to allow traffic that is not covered by the configured rules. Allowing IP | |
| packets that do not match the configured rules is not secure. | |
| For an example, see Default Rule example on page 108. | |
|
| |
Add Rules | Select Add Rules to configure rules using the IPsec wizard.. | |
Delete Rules | Select Delete Rules to remove one or more rules from the policy. | |
|
| |
Advanced | Configure a Failsafe feature to prevent lock out of the print server over HTTPS | |
| (secure Web browser access) during IPsec/Firewall policy set up. | |
You can allow selected multicast and broadcast traffic to bypass your IPsec/Firewall policy. This might be required for device discovery by system installation utilities.
ENWW | 107 |