DMZ Firewall Solution for the Express Router
Filter
14
15
16
Function
Allows outgoing mail (SMTP) to any host on the Internet from the DMZ.
Allows incoming News (NNTP) from a specified external News server to the DMZ (see note 2).
Allows outgoing News (NNTP) to a specified external News server from the DMZ.
Settings
Action: | Pass |
Protocol: | TCP |
TCP flags: | ACK |
Dest. address type: | Host |
Dest. address: | 193.84.251.3 |
Dest. port | > 1023 |
Src. address type: | All |
Src. port: | = 25 |
Action: | Pass |
Protocol: | TCP |
TCP flags: | All |
Dest. address type: | Host |
Dest. address: | 193.84.251.4 |
Dest. port: | = 119 |
Src. address type: | Host |
Src. address: | 196.24.5.8 |
Src. port: | > 1023 |
Action: | Pass |
Protocol: | TCP |
TCP flags: | ACK |
Dest. address type: | Host |
Dest. address: | 193.84.251.4 |
Dest. port: | > 1023 |
Src. address type: | Host |
Src. address: | 196.24.5.8 |
Src. port: | = 119 |
Note 1: Only passive FTP connections are supported. The HTTP/FTP proxy must be configured to use a passive FTP connection.
Note 2: The filter is not required when using a News proxy server on DMZ.
4.4.3.2 Transmit (Tx) Filters on the Connection to the Internet
Set the default action to Pass. No individual filters are required.
Version 1.0 | 27 |
