
©2015 Cradlepoint. All Rights Reserved.
|
+1.855.813.3385
|
cradlepoint.com
72
User Manual
/
AER3100/AER3150
ZONE FIREWALL
ZONE DEFINITION
A Zone is a group of network interfaces. By default all interfaces within
a zone are allowed to initialize network communication with each
other, however any network traffic initialized outside of a zone to the
interfaces within the zone will be denied.
To add a zone, click
Add
.
FILTER POLICIES
A Filter Policy is a one-way filter applied to initialized network traffic flowing from one zone to another. A
Filter Policy needs to be assigned to a Forwarding for it to take effect. Filter Policies can either be Added,
Edited, or Removed.
•
Default Allow All
is a preconfigured policy to
allow all traffic initialized from one zone to flow
to another zone. The state of the connection is
tracked to allow responses to traverse the zones
back to the source. LAN to WAN forwardings use
this policy by default. The policy can be removed or
altered to filter the traffic flow.
•
Default Deny All
is a preconfigured policy to deny
all traffic initialized from one zone to be blocked
to another zone. WAN to LAN forwardings use this
policy by default. The policy can be removed or
altered to filter the traffic flow.
Click
Add
to create a new filter policy, or select an
existing policy and click Edit to open the filter policy
editor.
•
Name
: Create a name meaningful to you.
•
Action
: Choose either
Allow
or
Deny
. This is the action taken by the firewall if none of the filter policy rules
match the traffic being filtered.
•
Log
: When checked, every rule in the policy will log matching packets as if the rule’s Log option had been
selected.
Click
Add
to create a new rule for this filter policy, or select an existing rule and click Edit to open the Rule
Editor.
•
Name
: Create a rule name meaningful to you.
•
Action
: Choose either Allow or Deny. This is the action taken by the firewall if the rule criteria match the
traffic being filtered.
•
Log
: When checked, each packet matching this filter rule will be logged in the System Log.
•
IP Version
: Select the IP version to match.
•
Enter match criteria under
Source
,
Destination
,
Protocols
and
Application Sets
.