Netgear FVX538v1 FVX538 Reference Manual - Page 62
Using Rules to Block or Allow Specific Kinds of Traffic, Services-Based Rules
View all Netgear FVX538v1 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 62 highlights
ProSafe VPN Firewall 200 FVX538 Reference Manual intrusions. NAT performs a very limited stateful inspection in that it considers whether the incoming packet is in response to an outgoing request, but true Stateful Packet Inspection goes far beyond NAT. Using Rules to Block or Allow Specific Kinds of Traffic Firewall rules are used to block or allow specific traffic passing through from one side to the other. You can configure up to 600 rules on the FVX538. Inbound rules (WAN to LAN) restrict access by outsiders to private resources, selectively allowing only specific outside users to access specific resources. Outbound rules (LAN to WAN) determine what outside resources local users can have access to. A firewall has two default rules, one for inbound traffic and one for outbound. The default rules of the FVX538 are: • Inbound: Block all access from outside except responses to requests from the LAN side. • Outbound: Allow all access from the LAN side to the outside. The firewall rules for blocking/allowing traffic on the VPN firewall can be applied to LAN/WAN traffic, DMZ/WAN traffic and LAN/DMZ traffic. Table 4-1. Supported FIrewall Rule Configurations Traffic Rule LAN WAN DMZ WAN LAN DMZ Outbound Rules 50 50 50 Inbound Rules 50 50 50 Services-Based Rules The rules to block traffic are based on the traffic's category of service. • Outbound Rules (service blocking) - Outbound traffic is normally allowed unless the firewall is configured to disallow it. • Inbound Rules (port forwarding) - Inbound traffic is normally blocked by the firewall unless the traffic is in response to a request from the LAN side. The firewall can be configured to allow this otherwise blocked traffic. 4-2 Firewall Protection and Content Filtering v1.0, March 2009