ProSecure Unified Threat Management (UTM) Appliance Reference Manual

Table 5-9. IP/MAC Binding Settings (continued)

Setting

Description (or Subfield and Description)

 

 

IP Address

The IP address of the PC or device that is bound to the MAC address.

 

 

Log Dropped

To log the dropped packets, select Enable from the pull-down menu. The default

Packets

setting is Disable.

 

 

4.Click the Add table button. The new IP/MAC rule is added to the IP/MAC Bindings table.

5.Click Apply to save your changes.

To edit an IP/MAC binding:

1.In the IP/MAC Bindings table, click the Edit table button to the right of the IP/MAC binding that you want to edit. The Edit IP/MAC Binding screen displays.

2.Modify the settings that you wish to change (see Table 5-9).

3.Click Apply to save your changes. The modified IP/MAC binding is displayed in the IP/MAC Bindings table.

Configuring Port Triggering

Port triggering allows some applications running on a LAN network to be available to external applications that would otherwise be partially blocked by the firewall. Using this the port triggering feature requires that you know the port numbers used by the application.

Once configured, port triggering operates as follows:

1.A PC makes an outgoing connection using a port number that is defined in the Port Triggering Rules table.

2.The UTM records this connection, opens the additional incoming port or ports that are associated with the rule in the port triggering table, and associates them with the PC.

3.The remote system receives the PCs request and responds using the incoming port or ports that are associated with the rule in the port triggering table on the UTM.

4.The UTM matches the response to the previous request, and forwards the response to the PC.

Without port triggering, the response from the external application would be treated as a new connection request rather than a response to a requests from the LAN network. As such, it would be handled in accordance with the inbound port forwarding rules, and most likely would be blocked.

5-46

Firewall Protection

v1.0, January 2010

Page 160
Image 160
NETGEAR UTM50-100NAS, UTM5-100NAS manual Configuring Port Triggering, Setting Description or Subfield and Description