Manuals / WatchGuard Technologies / Computer Equipment / Network Card

WatchGuard Technologies SOHO manual Blocking External Sites

Models: SOHO

1 118

Download 118 pages 46.32 Kb

Page 67

Blocking External Sites

3Beneath the Protocol Settings fields, select either TCP Port,

UDP Port or Protocol from the drop list.

The Custom Service page refreshes.

4Define a name for the service in the appropriate field.

5Enter the protocol number to allow in the Protocol field.

Now that you have created a custom service, you will need to specify a filter rule as well as define the incoming and outgoing properties.

6At the Incoming and Outgoing Filter drop lists, select either Allow or Deny.

7Select either Host IP Address, Network IP Address, or Host

Range from the appropriate drop list.

The configuration page refreshes.

8Enter either a single host IP address, a network IP address, or a the start and end of a range of host IP addresses for this custom service in the appropriate fields.

9Click the Add button.

Repeat the last three steps until all the appropriate address information for this custom service appears in the appropriate fields.

10Click the Submit button.

Blocking External Sites

By default, the security stance of the SOHO is to deny all incoming packets from the Internet to computers on the trusted network protected by the SOHO firewall. However, if a user initiates contact with an external site, the return traffic will be allowed through the firewall. You can selectively close your network to certain Internet sites entirely.

User Guide 5.0

67

Image 67

WatchGuard Technologies SOHO manual Blocking External Sites

Contents

WatchGuard Soho User Guide Page Following conventions are used throughout this guide Using this guideIndustry Canada Certifications and NoticesFCC Certification CE NoticeTaiwanese Notice Vcci Notice Class a ITE Declaration of Conformity WatchGuard End-User License Agreement Page User Guide WatchGuard Limited Hardware Warranty User Guide Copyright and Patent Information Table of Contents Your Administrative Options Configuring Virtual Private Networking Page Welcome IntroductionHow does a firewall work? Registration and Identification InformationHow does a firewall work? Port number How does information travel on the internet?IP Addresses ProtocolHow does the Soho process this information? ServicesNetwork Address Translation NAT Soho Home Page-System Status Default Factory SettingsFirewall Settings Resetting a Soho to the Factory DefaultsBase Model Soho Rebooting a WatchGuard SohoRebooting a WatchGuard Soho Rebooting a WatchGuard Soho Before you begin Pre-installation checklistInstallation Process Macintosh Determine your current TCP/IP settingsMicrosoft Windows NT or Microsoft Windows 95 or 98 or MEExit the TCP/IP configuration screen Disable your browser’s Http proxyNetscape 6/6.1 NetscapeInternet Explorer 5.0/5.5 Physically connecting your SohoCabling the Soho for one to four devices Installation Process Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Installation Process Network addressing Configuring Your External NetworkDouble-click the Network icon TCP/IP Properties dialog box appears Configuring the Soho External network for dynamic addressing On your computer Configuring the Soho External network for static addressingExternal On the SohoConfiguring the Soho external network for PPPoE From the Configuration Mode drop list, select PPPoE Client Click Automatically restore lost connections Release and renew the IP configuration Configure the Trusted network with static addresses Configuring Your Trusted NetworkRoutes Configure additional computers to the trusted network Configuring Static Routes View the Network Statistics Network Statistics View the Network Statistics System Security Your Administrative OptionsSetting a System Administrator Name and System Passphrase = System Security = VPN Manager Access Setting up VPN Manager AccessClick the Submit button Redeeming your Soho upgrade certificates Update Your Configuration from a Non- Windows Platform= Update = Upgrade Seat Licenses Upgrade certificates= View Configuration File View the Configuration FileView the Configuration File Configuring Incoming and Outgoing Services Firewall settingsIncoming or Outgoing Pre-configured ServicesCreating a Custom Service TCP and UDP Ports Custom ServiceIP Protocols Blocking External Sites Blocked Sites Firewall Options Firewall OptionsPing requests received on the External Network Socks implementation for the Soho Denying FTP access to the Trusted Network interfaceConfigure your Socks application Disabling Socks on the Soho Logging all allowed outbound trafficDMZ Creating a virtual DMZCreating a virtual DMZ Creating a virtual DMZ Viewing Soho log messages What is Logging?Wsep Logging Setting a WatchGuard Security Event Processor log hostOur example Syslog Logging Setting a Syslog HostSystem Time Setting the System TimeIf you have decided to use the WatchGuard Time Server Setting the System Time Setting the System Time How WebBlocker works WatchGuard Soho WebBlockerWebBlocker Users and Groups Web site not in WebBlocker databaseWeb site in WebBlocker database WatchGuard WebBlocker database unavailableBypassing the Soho WebBlocker Purchasing and enabling Soho WebBlockerEnable WebBlocker Configuring the Soho WebBlockerSettings Enter the Inactivity Timeout in minutes Groups Create WebBlocker Groups and UsersTo the right of the Users field, click the New button Click the Submit button Alcohol/Tobacco WebBlocker categoriesDrug Culture Search Engines Click Check if the URL is on the CyberNOT List Searching for blocked sitesWhy create a virtual private network? Configuring Virtual Private NetworkingWhat you will need IP Address Table example Special considerations Step-by-step instructions for configuring a Soho VPN tunnelObtaining the VPN upgrade Enabling the VPN upgradeWhy do I need a static external address? Frequently asked questionsHow do I get a static external IP address? How do I troubleshoot the connection? OK, why is ping not working?How do I obtain a VPN upgrade certificate? How do I connect three or four offices together?Muvpn Clients How do I enable a VPN Tunnel?View the VPN Statistics View the VPN Statistics 104 How do I reboot my SOHO? TroubleshootingGeneral How do I register my SOHO? What do the on and Mode lights signify on the SOHO?How does the seat limitation on the Soho work? Set a password on my unit, but I forgot it. Can you help?What is a Soho feature key? Cant get a certain Soho feature to work with a DSL modemHow do I install a Soho using a Macintosh? How do I change to a Dhcp trusted IP address? ConfigurationWhere are the Soho settings stored? How can I see the MAC address of my SOHO?How do I change to a static trusted IP address? How do I set up and disable Webblocker?Incoming WebBlockerVPN Management How do I set up VPN between two SOHOs? How do I set up my Soho for VPN Manager Access?Contacting Technical support Online Documenting and In-Depth FAQsSpecial Notices Database WebBlocker Default gateway 98 DNS service 116 User Guide 117 Socks