Configuration | Gateway 400
User Guide
35
Enable IPv6 SPI
: Use this option to enable the stateful packet inspection (SPI) firewall for IPv6 con-
nections.
Enable Firewall Logging
: Use this option for logging firewall attacks. Go to
System
|
Diagnostics
|
System Messages
to open the firewall log (
Chapter 5.8.12.1, System Messages, on
page 46
).
5.7.1.2
Schedule Rule
Click
New
to create a new schedule. If required, you can also create multiple schedules. Any existing
schedules are displayed in an overview. To edit a schedule, click on the pencil icon at the end of the
overview. .
Name
:
Here you can enter a name for your schedule.
Activate Time Period
: Here you can specify the desired time period. For each day of the week, you
can specify the
Start Time (hh:mm)
and the
End Time (hh:mm)
. For contiguous pe-
riods extending over several days, each intervening day must be specified as a full
day with the Start Time 00:00 and the End Time 23:59.
5.7.1.3
Firewall Rules
Click
New
to create a new firewall rule. The existing firewall rules are displayed in an overview. To
edit a firewall rule,
click on the pencil icon at the end of the overview.
.
You can define IP-based client rules and assign pre-defined services to them or create your own cri-
teria. The following fields are available for this:
Automatically refresh provider prefix
: (only valid for IPv6) If the computers on your local network
have IPv6 addresses, these consist of a local part and a provider prefix. This prefix is
assigned to you and can be updated automatically by the Gateway 400.
Client PC Description
: Enter a name for the rule.
Address Type
: Select the format of the IP address to create either an IPv4 or IPv6 address.
Client PC Address
: Enter the IP address of the network device to which the rule should be applied.
Use the format of the previously selected
Address Type
. For IPv4, the rule can be ap-
plied to all devices in the home network with the address 192.168.100.0.
Scheduling Rule (Ref. Schedule Rule Page)
: If you created a schedule under
“Schedule Rule” on
page 35
, you can select it here.
Status
:
Here you can select whether the rule is enabled or disabled.
Client PC Service
Select the respective service name option (
WWW
,
Sending email
,
SMTP
,
News Forums
,
Receiving
,
SecureHTTP
,
File Transfer
,
Telnet Service
,
NetMeeting
,
DNS
,
SNMP
,
VPN PPTP
,
VPN L2TP
,
TCP
,
UDP
) to specify which services are to be blocked.
If you block
User-defined Services
, the following section is enabled, in which you can individually
configure the
TCP
or
UDP
protocol and the
Port Range
.
5.7.1.4
IP Stack Settings
The device can detect and block conventional hacker attacks (such as IP Spoofing, Land Attack, Ping
of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan and TCP
SYN flooding).
Attention
If you select
Enable IPv6 SPI
, all devices in your local network are directly accessible from
the Internet. Use this option only if you are familiar with the possible consequences!
Содержание 400
Страница 1: ...User Guide Gateway 400 ...
Страница 2: ......
Страница 7: ...7 11 Index 65 ...
Страница 8: ...8 ...
Страница 54: ...Gateway 400 User Guide Legal Notices 54 ...
Страница 58: ...Gateway 400 User Guide Passwords 58 Note More Notes ...
Страница 67: ......