Multi-Tech Systems S000573A Settingupfirewalls





UsingtheRouter’sWebInterface  22



Settingupfirewalls

Therouter'sfirewallenforcesasetofrulesthatdeterminehowincomingandoutgoingpacketsarehandled.

Bydefault,alloutboundtrafficoriginatingfromtheLANisallowedtopassthroughthefirewall,andall

inboundtrafficoriginatingfromexternalnetworksisdropped.Thiseffectivelycreatesaprotectivebarrier

betweentheLANandallothernetworks.

ForadevicewithintheLANtobevisiblefromtheinternetorfromanoutsidenetwork,createaforwarding

ruletoallowincomingpacketstoreachthedevice.

1. InthePortForwardinggroup,clickAddRule.

2. Enteranameanddescription.ClickNext.

3. IntheIPForwardingDNATpane,enterthefollowing:

 IntheExternalWANPortsfield,typetheport(s)tobeforwarded.Commonportsarelistedinthe

field'sattacheddrop‐downlistandareexposedonceyouenteracharacter.TypeANYtoforwardall

ports.

 IntheDestinationLANIPfield,typetheIPaddressofthedevicepacketswillbeforwardedto.The

attacheddrop‐downlistcontainsDHCPleasedandSavedNetworkaddresses.

 IntheDestinationLANPortsfield,typetheporttowhichpacketsaretranslated.Ifthereisarangeof

ports,theendingportisautomaticallyset.TheDestinationLANendingportisbasedonthe

DestinationLANstartingportandtherangeprovidedintheExternalWANPort(s)field.

 FromtheProtocoldrop‐downlist,selecttheprotocolofthemessagesthatcanbeforwarded.

 Adefaultfilterallowingforwardedpacketsthroughthefirewallisautomaticallycreated.Ifdesired

youcanusetheAdvancedSettingmodeofthePortForwardingwizardtofurtherrestrictpackets

basedonsourceaddressandsourceports.Inmostcasesthisisnotnecessary.

4. ClickFinish.

TopreventadevicewithintheLANfromcommunicatingwithadeviceinanexternalnetwork,arulehastobe

establishedinthefirewalltodroppacketsdestinedtotheexternaldevice.

1. ClickAddRuleintheOutboundTrafficsection.

2. Enteranameanddescription.ClickNext.

3. IntheDestinationIPfield,typetheIPaddressofthedeviceornetworkpacketsarebeingsentto.Type

ANYifthedestinationaddressdoesnotmatter.

4. IntheDestinationMaskfield,typethenetworkmaskofthedestinationnetwork.

5. IntheDestinationPortfield,typetheportpacketsaredestinedfor.Commondestinationportsare

listedintheDestinationPortfield'sattacheddropdownlist.TypeANYifthedestinationportdoesnot

matter.

6. IntheSourceIPfield,typetheIPaddressofthedeviceornetworkthatthetrafficoriginatesfrom.Type

ANYifthesourceaddressdoesnotmatter.

7. IntheSourceMaskfield,typeanetworkmaskfortheoriginofthetraffic.