ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

Port Triggering

Port triggering allows some applications running on a LAN network to be available to external applications that would otherwise be partially blocked by the firewall. Using the port triggering feature requires that you know the port numbers used by the application. Without port triggering, the response from the external application would be treated as a new connection request rather than a response to a request from the LAN network. As such, it would be handled in accordance with the inbound port forwarding rules, and most likely would be blocked. For the procedure about how to configure port triggering, see Configure Port Triggering on page 190.

DMZ Port

The demilitarized zone (DMZ) is a network that, by default, has fewer firewall restrictions when compared to the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or email server) and provide public access to them. The eighth LAN port on the wireless VPN firewall (the rightmost LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet without compromising security on your LAN. By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN ports.

For information about how to enable the DMZ port, see Enable and Configure the DMZ Port for IPv4 and IPv6 Traffic on page 85. For the procedures about how to configure DMZ traffic rules, see Configure DMZ WAN Rules on page 145.

Exposed Hosts

Specifying an exposed host allows you to set up a computer or server that is available to anyone on the Internet for services that you have not yet defined. For an example of how to set up an exposed host, see IPv4 LAN WAN or IPv4 DMZ WAN Inbound Rule: Specifying an Exposed Host on page 163.

VPN and L2TP Tunnels

The wireless VPN firewall supports site-to-site IPSec VPN tunnels, dedicated SSL VPN tunnels, and L2TP tunnels. Each tunnel requires extensive processing for encryption and authentication, thereby increasing traffic through the WAN ports.

For information about IPSec VPN and L2TP tunnels, see Chapter 6, Virtual Private Networking Using IPSec and L2TP Connections. For information about SSL VPN tunnels, see Chapter 7, Virtual Private Networking Using SSL Connections.

Network and System Management

327

Page 327
Image 327
NETGEAR FVS318N manual Port Triggering, DMZ Port, Exposed Hosts, VPN and L2TP Tunnels, 327