Network and System Management
325
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Source MAC Filtering
If you want to reduce outgoing traffic by preventing Internet access by certain computers on
the LAN, you can use the source MAC filtering feature to drop the traffic received from the
computers with the specified MAC addresses. By default, this feature is disabled; all traffic
received from computers with any MAC address is allowed. See Enable Source MAC
Filtering on page 183 for the procedure about how to use this feature.
Features That Increase TrafficThe following features of the wireless VPN firewall tend to increase the traffic load on the
WAN side:
•LAN WAN inbound rules (also referred to as port forwarding)
•DMZ WAN inbound rules (also referred to as port forwarding)
•Port triggering
•Enabling the DMZ port
•Configuring exposed hosts
•Configuring VPN tunnels
LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding)
The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for
inbound traffic (from WAN to LAN and from WAN to the DMZ). Any inbound rule that you
create allows additional incoming traffic and therefore increases the traffic load on the WAN
side.
ON the LAN WAN screen, if you have not defined any rules, only the default rule is listed. The
default LAN WAN inbound rule blocks all access from outside except responses to requests
from the LAN side.
WARNING:
Incorrect configuration of inbound firewall rules can cause
serious connection problems.
Each rule lets you specify the desired action for the connections covered by the rule:
•BLOCK always
•BLOCK by schedule, otherwise allow
•ALLOW always
•ALLOW by schedule, otherwise block
The following section summarizes the various criteria that you can apply to inbound rules and
that might increase traffic. For more information about inbound rules, see Inbound Rules
(Port Forwarding) on page 133. For detailed procedures about how to configure inbound