ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
v
v1.0, April 2010
Chapter 4
Firewall Protection
About Firewall Protection
................................................................................................
4-1
Administrator Tips
....................................................................................................
4-2
Using Rules to Block or Allow Specific Kinds of Traffic
..................................................
4-2
Services-Based Rules
..............................................................................................
4-3
Order of Precedence for Rules
..............................................................................
4-10
Setting LAN WAN Rules
........................................................................................
4-11
Setting DMZ WAN Rules
........................................................................................
4-14
Setting LAN DMZ Rules
.........................................................................................
4-18
Inbound Rules Examples
.......................................................................................
4-21
Outbound Rules Example
......................................................................................
4-25
Configuring Other Firewall Features
.............................................................................
4-26
Attack Checks
........................................................................................................
4-26
Setting Session Limits
............................................................................................
4-29
Managing the Application Level Gateway for SIP Sessions
..................................
4-30
Creating Services, QoS Profiles, and Bandwidth Profiles
............................................
4-31
Adding Customized Services
.................................................................................
4-31
Creating Quality of Service (QoS) Profiles
.............................................................
4-34
Creating Bandwidth Profiles
...................................................................................
4-37
Setting a Schedule to Block or Allow Specific Traffic
....................................................
4-40
Content Filtering (Blocking Internet Sites)
....................................................................
4-41
Understanding the VPN Firewall’s Content Filtering
..............................................
4-41
Enabling and Configuring Content Filtering
...........................................................
4-42
Enabling Source MAC Filtering
....................................................................................
4-44
Setting Up IP/MAC Bindings
.........................................................................................
4-46
Configuring Port Triggering
...........................................................................................
4-48
Configuring Universal Plug and Play
............................................................................
4-51
Chapter 5
Virtual Private Networking
Using IPsec Connections
Considerations for Multi-WAN Port Systems
..................................................................
5-1
Using the IPsec VPN Wizard for Client and Gateway Configurations
............................
5-3
Creating Gateway-to-Gateway VPN Tunnels with the Wizard
.................................
5-3
Creating a Client to Gateway VPN Tunnel
...............................................................
5-8