ProSafe VPN Firewall 200 FVX538 Reference Manual
A firewall has two default rules, one for inbound traffic and one for outbound. The default rules of the FVX538 are:
•Inbound: Block all access from outside except responses to requests from the LAN side.
•Outbound: Allow all access from the LAN side to the outside.
The firewall rules for blocking/allowing traffic on the VPN firewall can be applied to LAN/WAN traffic, DMZ/WAN traffic and LAN/DMZ traffic.
Services-Based Rules
The rules to block traffic are based on the traffic’s category of service.
•Outbound Rules (service blocking) – Outbound traffic is normally allowed unless the firewall is configured to disallow it.
•Inbound Rules (port forwarding) – Inbound traffic is normally blocked by the firewall unless the traffic is in response to a request from the LAN side. The firewall can be configured to allow this otherwise blocked traffic.
•Customized Services – Additional services can be added to the list of services in the factory default list. These added services can then have rules defined for them to either allow or block that traffic (see “Adding Customized Services” on page
•Quality of Service (QoS) priorities – Each service at its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change this QoS priority if desired to change the traffic mix through the system (see “Setting Quality of Service (QoS)
Priorities” on page
Outbound Rules (Service Blocking)
The FVX538 allows you to block the use of certain Internet services by PCs on your network. This is called service blocking or port filtering.
Note: See “Enabling Source MAC Filtering” on page
Firewall Protection and Content Filtering |
v1.0, August 2006
