LANCOM Reference Manual LCOS 3.50 Chapter 8: Firewall
140
Firewall
For a network coupling you permit additionally the communication
between the involved networks:
If you operate e.g. an own web server, you selectively allow access to the
server:
For diagnostic purposes it is helpful to allow ICMP protocols (e.g. ping):
These rules can now be refined as needed - e.g. by the indication of minimum
and maximum bandwidths for the server access, or by a finer restriction on
certain services, stations or remote sites.
The LANCOM automatically sorts Firewall rules when creating the fil-
ter list. Thereby, the rules are sorted into the filter list on the basis of
their level of detail. First all specific rules are considered, afterwards
the general ones (e.g. Deny All). Examine the filter list in case of com-
plex rule sets, as described in the following section.
Rule Source Destination Action Service
ALLOW_LAN1_TO_LAN2 LAN1 LAN2 transmit ANY
ALLOW_LAN2_TO_LAN1 LAN2 LAN1 transmit ANY
Rule Source Destina-
tion
Action Service
(target port)
ALLOW_WEBSERVER ANY Webserver transmit HTTP, HTTPS
Rule Source Destination Action Service
ALLOW_PING Local network ANY transmit ICMP