■
Firewall
IP (L3)
List box: Off, On
NOTE: The L3 Firewall may be activated in both the Router and Bridge modes.
Default = Off
If "
On
", a standard Layer 3 Linux firewall is activated.
Port
– a range of port numbers can be entered. E.g. 2000-2120.
Connection state
– state-firewall active only for TCP protocol.
New
– relates to the first packet when a TCP connection starts (Request from TCP client to
TCP server for opening a new TCP connection). Used e.g. for allowing to open TCP only
from RipEX network to outside.
Established
– relates to an already existing TCP connection. Used e.g. for allowing to get
replies for TCP connections created from RipEX network to outside.
Related
– a connection related to the "Established" one. e.g. FTP typically uses 2 TCP
connections – control and data - where data connection is created automatically using dy-
namic ports.
NOTE 1:
L2/L3 firewall settings do not impact the local ETH access, i.e. the settings never deny access
to a locally connected RipEX (web interface, ping, ...).
NOTE 2:
Ports 443 and 8889 are used internally for service access. Exercise caution when making rules
which may affect datagrams to/from these ports in L3 Firewall settings. Management connection
to a remote RipEX may be lost when another RipEX acts as a router along the management
packets route and port 443 (or 8889) is disabled in firewall settings of that routing RipEX (RipEX
uses iptables "forward"). When this happens, you have to use the Reset button on the bottom
side of the misconfigured RipEX (keep it pressed for 15 sec.) in order to set Default access. It
restores the default Ethernet IP, default password, sets the L3 Firewall to Off, sets ARP
proxy&VLAN settings to Off and Ethernet speed to Auto.
103
© RACOM s.r.o. – RipEX Radio modem & Router
Advanced Configuration
Summary of Contents for RipEX
Page 2: ......