Symantec 16-00-00091 Installation Guide - Page 62

Advanced Configuration 2. Check or uncheck the Enable box to enable or disable your server. Remember to click Update Entery if using with an existing virtual server. 3. Enter your server LAN IP. Virtual Servers need a local host with a static IP address to operate effectively. Setup a static local IP for your server using the Host IP & Group screen (or on the server itself). Enter that IP here. 4. Choose either TCP or UDP as the server protocol type. 5. In the Port Ranges fields, enter the Start and Finish ports used by your server for both Internal and External. If only one port is used, enter the same number in both Start and Finish fields. Usually Internal and External should be the same, but you can Translate ports if different values are entered (for example: 2000-2500 internally can be translated to 3000-3500 externally). 6. Click Add to add a new entry or one of the following: Click Delete to delete the entry shown and free up Symantec Firewall/VPN memory. Click Update if you have changed the entry shown. Click Clear Form before adding a new entry. Exposed Host (DMZ) This screen will let you define a custom server accessible from the outside by the Symantec Firewall/VPN 's external WAN IP address. The unit redirects all requests not explictily allowed by a virtual server rule to the exposed host. The Symantec Firewall/VPN then redirects the request to your internal local IP address for the virtual server. You should first check the Virtual Servers screen to make sure your server is not already predefined. For security reasons, make sure the exposed machine is "locked down" to prevent illegal access and compromise of the system. 4-22