Bizfon 2000 Guida Utente
Bizfon Manual II: Administrator's Guide
Administrator’s Menus
Bizfon2000 and Bizfon4000 (SW Version 4.1.x)
89
The DHS Cloak-Title text field is used for a special parameter required by the DynDNS provider DHS.
The Mail Exchange text field requires the address of the e-mail server where the DynDNS service provider will relay your e-mails.
Attention:
If this service is used, ensure that there is port forwarding configured for SMTP (port 25) to the internal e-mail server.
The easyDNS Partner text field is used for a special parameter required by the DynDNS provider easyDNS.
Selecting the Create Custom HTTP GET Request radio button will switch to the custom settings of the DynDNS service. Normally, the DynDNS
provider uses HTTP get requests to map dynamic IP addresses to host names. If the HTTP receive request is known to you, choose the Create
Custom HTTP GET Request radio button and enter the appropriate value into the URL text field.
provider uses HTTP get requests to map dynamic IP addresses to host names. If the HTTP receive request is known to you, choose the Create
Custom HTTP GET Request radio button and enter the appropriate value into the URL text field.
The selection enables the following optional settings:
The URL text field requires the complete request to be sent to the DynDNS server. Normally it has the following format:
http://www.server.domain:port/scriptpath/scriptname?param1=value1¶m2=value2
The request modifies the nameserver database so that the hostname will be resolved to the new IP address.
The Basic Authentication checkbox enables the encoding of the username and password entered in the text fields above, and then uses the Basic
Authentication method to notify the provider about the user authentication settings.
Authentication method to notify the provider about the user authentication settings.
Most of the DynDNS providers require an authentication for security. Authentication parameters can be provided in the URL text field to be used for
the HTTP get request. The Basic Authentication checkbox can be selected if no authentication parameters to be provided.
the HTTP get request. The Basic Authentication checkbox can be selected if no authentication parameters to be provided.
Firewall and NAT
The Firewall Configuration page allows setting up a firewall, configuring the security level and enabling the NAT and IDS services of Bizfon.
A Firewall is a security service configured by the Bizfon administrator based on various criteria. The firewall allows or blocks traffic based on
policies, services and/or IP addresses. The firewall has several levels of security policies (low, medium or high). The administrator may add
additional service-based rules. Filtering rules will take effect only if the Firewall has been enabled and are independent from the selected firewall
security level.
policies, services and/or IP addresses. The firewall has several levels of security policies (low, medium or high). The administrator may add
additional service-based rules. Filtering rules will take effect only if the Firewall has been enabled and are independent from the selected firewall
security level.
NAT (Network Address Translation) is used to allow Bizfon LAN members to connect to the Internet using Bizfon's WAN IP address. The Bizfon/NAT
also handles forwarding incoming packets from the WAN to the PCs or devices on Bizfon’s LAN.
also handles forwarding incoming packets from the WAN to the PCs or devices on Bizfon’s LAN.
The IDS (Intrusion Detection System) is a type of firewall, but together with deleting dangerous packets or packets containing intrusion attacks, IDS
generates a log file with information about these dropped packets and the senders responsible for those packets. The log can be viewed on the
generates a log file with information about these dropped packets and the senders responsible for those packets. The log can be viewed on the
page and notifications about them can be sent to the user in various ways such as e-mail, flashing LED and display notification.
The Firewall Configuration page offers the following
components:
components:
The Enable IDS checkbox selection enables the Intrusion
Detection System. The Enable NAT checkbox selection enables
Network Address Translation.
Detection System. The Enable NAT checkbox selection enables
Network Address Translation.
The Enable Firewall checkbox selection enables the firewall
security service. The firewall security level has to be selected,
otherwise the firewall cannot be enabled.
security service. The firewall security level has to be selected,
otherwise the firewall cannot be enabled.
The Firewall Security radio buttons are the following:
•
Low Security - Everything that is not explicitly forbidden
will be allowed. This security level doesn't block anything
by default. It is recommended if the device is already
located behind another firewall or if every filter has been
configured correctly.
will be allowed. This security level doesn't block anything
by default. It is recommended if the device is already
located behind another firewall or if every filter has been
configured correctly.
•
Medium Security - Traffic originating from the LAN side
may pass and traffic from the WAN side will be blocked by
default. This is the recommended security level.
may pass and traffic from the WAN side will be blocked by
default. This is the recommended security level.
•
High Security - Everything that is not explicitly allowed will
be blocked, including traffic from the LAN side.
be blocked, including traffic from the LAN side.
The
link refers to the page where
Bizfon’s privacy can be configured.
The View Filter Rules link opens the
page.
Fig. II-157: Firewall and NAT Settings page