Netgear FVS336Gv2 – ProSafe Dual WAN Gigabit Firewall with SSL & IPSec VPN 참조 매뉴얼
Customize Firewall Protection
212
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
•
Bandwidth profiles. After you configure a bandwidth profile (see
299), you can assign it to a rule.
Order of Precedence
When you define a new rule, the rule is added to the VPN firewall’s configuration and
displayed in a table. For any traffic that attempts to pass through the VPN firewall, the packet
information is subjected to the rules in the order that they are displayed in the table,
beginning at the top of the table and proceeding to the bottom of the table. In some cases,
the order of precedence of two or more rules might be important in determining the
disposition of a packet. For example, you must place the most strict rules (those with the
most specific services or addresses) at the top of the table. For information about how
change the order of precedence of rules, see
displayed in a table. For any traffic that attempts to pass through the VPN firewall, the packet
information is subjected to the rules in the order that they are displayed in the table,
beginning at the top of the table and proceeding to the bottom of the table. In some cases,
the order of precedence of two or more rules might be important in determining the
disposition of a packet. For example, you must place the most strict rules (those with the
most specific services or addresses) at the top of the table. For information about how
change the order of precedence of rules, see
Note:
Inbound LAN WAN rules take precedence over inbound DMZ WAN rules.
When an inbound packet matches an inbound LAN WAN rule, the VPN
firewall does not match the packet against inbound DMZ WAN rules.
When an inbound packet matches an inbound LAN WAN rule, the VPN
firewall does not match the packet against inbound DMZ WAN rules.
Outbound Rules — Service Blocking
The VPN firewall allows you to block the use of certain Internet services by computers on
your network. This is called service blocking or port filtering.
your network. This is called service blocking or port filtering.
The VPN firewall has a default outbound LAN WAN rule, which allow all access from the LAN
side to the outside, that is, outbound traffic is allowed. For information about changing the
default outbound rule, see
side to the outside, that is, outbound traffic is allowed. For information about changing the
default outbound rule, see
For more conceptual information about firewall protection, see
209.
Tip:
For information about yet another way to block outbound traffic from
selected computers that would otherwise be allowed by the firewall,
see
selected computers that would otherwise be allowed by the firewall,
see
312.
Settings for Outbound Rules
The following table describes the components that let you configure rules for outbound traffic.
For information about the actual procedures to configure outbound rules, see the following
sections:
For information about the actual procedures to configure outbound rules, see the following
sections:
•
•
•