Netgear FVS318N – Prosafe Wireless N VPN Firewall Reference Manual
Firewall Protection
134
ProSAFE Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Inbound Rules (Port Forwarding)
If you have enabled Network Address Translation (NAT), your network presents one IP
address only to the Internet, and outside users cannot directly access any of your local
computers (LAN users). (For information about configuring NAT, see
address only to the Internet, and outside users cannot directly access any of your local
computers (LAN users). (For information about configuring NAT, see
28.) However, by defining an inbound rule you can make a local server
(for example, a web server or game server) visible and available to the Internet. The rule
informs the firewall to direct inbound traffic for a particular service to one local server based
on the destination port number. This process is also known as port forwarding.
informs the firewall to direct inbound traffic for a particular service to one local server based
on the destination port number. This process is also known as port forwarding.
WARNING:
Allowing inbound services opens security holes in your network.
Only enable those ports that are necessary for your network.
Bandwidth Profile
Bandwidth limiting determines how the data is sent to and from
your host. The purpose of bandwidth limiting is to provide a
solution for limiting the outgoing and incoming traffic, thus
preventing the LAN users from consuming all the bandwidth of
the Internet link. For more information, see
your host. The purpose of bandwidth limiting is to provide a
solution for limiting the outgoing and incoming traffic, thus
preventing the LAN users from consuming all the bandwidth of
the Internet link. For more information, see
176. For outbound traffic, you can configure
bandwidth limiting only on the WAN interface for a LAN WAN rule.
Note:
Bandwidth limiting does not apply to the DMZ interface.
IPv4 LAN WAN rules
Log
The setting that determines whether packets covered by this rule
are logged. The options are:
are logged. The options are:
•
Always. Always log traffic that matches this rule. This is
useful when you are debugging your rules.
•
Never. Never log traffic that matches this rule.
All rules
NAT IP
The setting that specifies whether the source address of the
outgoing packets on the WAN should be assigned the address of
the WAN interface or the address of a different interface. You can
specify these settings only for outbound traffic of the WAN
interface. The options are:
outgoing packets on the WAN should be assigned the address of
the WAN interface or the address of a different interface. You can
specify these settings only for outbound traffic of the WAN
interface. The options are:
•
WAN Interface Address. All the outgoing packets on the
WAN are assigned to the address of the specified WAN
interface.
WAN are assigned to the address of the specified WAN
interface.
•
Single Address. All the outgoing packets on the WAN are
assigned to the specified IP address, for example, a
secondary WAN address that you have configured.
assigned to the specified IP address, for example, a
secondary WAN address that you have configured.
Note:
The NAT IP drop-down list is available only when the WAN
mode is NAT. If you select Single Address, the IP address
specified should fall under the WAN subnet.
specified should fall under the WAN subnet.
IPv4 LAN WAN rules
IPv4 DMZ WAN rules
Table 33. Outbound rules overview (continued)
Setting
Description
Outbound Rules