Page 72

Chapter 9. Configuring Firewall/NAT Settings

Internet Security Router User

’s Manual

Field

Description

Single, Range

Select any of these and enter details as described in the Source Port

section above.

Service

This option allows you to select any of the pre-configured services

(selectable from the drop-down list) instead of the destination port. The

following are examples of services:

BATTLE-NET, PC-ANYWHERE, FINGER, DIABLO-II, L2TP, H323GK,

CUSEEME, MSN-ZONE, ILS, ICQ_2002, ICQ_2000, MSN, AOL, RPC,

RTSP7070, RTSP554, QUAKE, N2P, PPTP, MSG2, MSG1, IRC, IKE,

H323, IMAP4, HTTPS, DNS, SNMP, NNTP, POP3, SMTP, HTTP, FTP,

TELNET.

Note: service is a combination of protocol and port number. They appear

here after you add them in the

“Firewall Service” configuration page.

Protocol

This option allows you to select protocol type from a drop-down list. Available settings are All, TCP,

UDP, ICMP, AH and ESP. Note that if you select

“service” for the destination port, this option will not

be available.

NAT

This option allows you to select the type of NAT for the outbound traffic.

None

Select this option if you don

’t intend to use NAT in this outbound ACL rule.

IP Address

Select this option to specify the IP address that you want the outbound

traffic to use. Note this option is called NAPT or overload.

NAT Pool

Select this option to associate a pre-configured NAT pool to the rule. Note

that only static, dynamic and overload NAT pool can be used to associate

with an outbound ACL rule.

Interface

Select this option to use the WAN interface IP address for the outbound

traffic. Note that WAN IP must be configured prior to selecting this option.

Time Ranges

Select a pre-configured time range during which the rule is active. Select

“Always” to make the rule

active at all times.

Application Filtering

This option allows you to select pre-configured FTP, HTTP, RPC and/or SMTP application filters

from the drop-down list.

Log

Click on the

“Enable” or “Disable” radio button to enable or disable logging for this ACL rule.

VPN

Click on the

“Enable” radio button if you want the traffic to go through VPN; otherwise, click on the

“Disable” radio button.

9.4.2

Access Outbound ACL Rule Configuration Page

– (Firewall è Outbound

ACL)

Log into Configuration Manager as admin, click the Firewall menu, and then click the Outbound ACL

submenu. The Firewall Outbound ACL Configuration page displays, as shown in Figure 9.9.

Note that when you open the Outbound ACL Configuration page, a list of existing ACL rules is also displayed

at the bottom half of the configuration page such as those shown in Figure 9.9.