Netgear FVS318Gv2 – ProSAFE VPN Firewall Series Reference Manual
Firewall Protection
130
NETGEAR ProSAFE VPN Firewall FVS318G v2
For yet another way to block outbound traffic from selected computers that would otherwise
be allowed by the firewall, see
be allowed by the firewall, see
The steps to configure outbound rules are described in the following sections:
•
•
•
Inbound Rules
If you enabled Network Address Translation (NAT), your network presents
one IP address
only to the Internet, and outside users cannot directly access any of your local computers
(LAN users). For information about configuring NAT, see
(LAN users). For information about configuring NAT, see
However, by defining an inbound rule you can make a local server (for example, a web server
or game server) visible and available to the Internet. The rule informs the firewall to direct
inbound traffic for a particular service to one local server based on the destination port
number. This process is also known as port forwarding.
or game server) visible and available to the Internet. The rule informs the firewall to direct
inbound traffic for a particular service to one local server based on the destination port
number. This process is also known as port forwarding.
WARNING:
Allowing inbound services opens security holes in your network.
Enable only those ports that are necessary for your network.
Enable only those ports that are necessary for your network.
Log
Select whether packets covered by this rule are logged:
•
Always. Always log traffic that matches this rule. This is
useful when you are debugging your rules.
useful when you are debugging your rules.
•
Never. Never log traffic that matches this rule.
All rules
NAT IP
Select whether the source address of the outgoing packets on the
WAN are assigned the address of the WAN interface or the
address of a different interface. You can specify the following
settings only for outbound traffic of the WAN interface:
WAN are assigned the address of the WAN interface or the
address of a different interface. You can specify the following
settings only for outbound traffic of the WAN interface:
•
WAN Interface Address. All the outgoing packets on the
WAN are assigned to the address of the specified WAN
interface.
WAN are assigned to the address of the specified WAN
interface.
•
Single Address. All the outgoing packets on the WAN are
assigned to the specified IP address, for example, a
secondary WAN address that you configured.
assigned to the specified IP address, for example, a
secondary WAN address that you configured.
Note:
The NAT IP list is available only when the WAN mode is
NAT. If you select Single Address, the IP address specified must
fall under the WAN subnet.
fall under the WAN subnet.
IPv4 LAN WAN rules
IPv4 DMZ WAN rules
IPv4 DMZ WAN rules
Table 29. Outbound rules overview (continued)
Setting
Description
Outbound Rules