SonicWALL 4.5 用户手册
120
Enforced Client Product Guide
Using the Firewall Protection Service
Configuring policies for firewall protection
5
Configure IP addresses for a custom connection
In addition to accepting communications through the selected service ports, client computers
accept communications originating from designated IP addresses.
accept communications originating from designated IP addresses.
To add one or more IP addresses:
1 On the
1 On the
Groups + Policies
page, click
Add Policy
(or click
Edit
to modify an existing policy).
2 Click the
Desktop Firewall
tab.
3 Under
Connection Type
, select
Custom settings
, then click
edit
.
4 On the
Firewall Custom Settings
page, select which IP addresses can communicate with client
computers:
Any computer
All IP addresses.
My network
All computers with IP addresses on your local network.
Specific address range
Only computers with IP addresses specified here. When you select
this option, you must specify an address range and click
this option, you must specify an address range and click
Add
.
Address ranges that you enter appear in an
Allowed IP Address
Range
table.
Note
5 Click
OK
.
6 On the
Desktop Firewall
tab, click
Save
.
To remove a range of IP addresses:
1 Click
1 Click
in the system tray, then select
Firewall Settings
.
2 Click the
Desktop Firewall
tab.
3 Under
Connection Type
, select
Custom settings
, then click
edit
.
4 On the
Firewall Custom Settings
page, under
Allowed IP Address Range
, click
remove
for each
range you want to delete from the list, then click
OK
.
5 On the
Desktop Firewall
tab, click
Save
.
Set up allowed Internet applications
The firewall protection service monitors communications with Internet applications, which
connect to the Internet and communicate with client computers. When it detects an Internet
application running on a computer, it allows the application to connect to the Internet or blocks
the connection. Its response is based on these factors in this order:
connect to the Internet and communicate with client computers. When it detects an Internet
application running on a computer, it allows the application to connect to the Internet or blocks
the connection. Its response is based on these factors in this order:
1 A policy-specific list of allowed Internet applications created by the administrator. The
administrator creates this list as part of a policy, then assigns the policy to groups of
computers (see
computers (see
When using a computer in multiple locations, you might want to specify more than one range
of IP addresses. For example, you might want one IP address range for office use and another
for home use. To specify multiple address ranges, repeat step 4, enter another address range,
then click
of IP addresses. For example, you might want one IP address range for office use and another
for home use. To specify multiple address ranges, repeat step 4, enter another address range,
then click
Add
again.