ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
10-6
Network and System Management
v1.0, September 2009
Each rule lets you specify the desired action for the connections covered by the rule:
•
BLOCK always
•
BLOCK by schedule, otherwise Allow
•
ALLOW always
•
ALLOW by schedule, otherwise Block
The section below summarizes the various criteria that you can apply to inbound rules and that
might increase traffic. For more information about inbound rules, see
“Inbound Rules (Port
Forwarding)” on page 5-6
. For detailed procedures on how to configure inbound rules, see
“Setting LAN WAN Rules” on page 5-11
and
“Setting DMZ WAN Rules” on page 5-14
.
When you define inbound firewall rules, you can further refine their application according to the
following criteria:
•
Services
. You can specify the services or applications to be covered by an inbound rule. If the
desired service or application does not appear in the list, you must define it using the Services
screen (see
“Services-Based Rules” on page 5-3
and
“Adding Customized Services” on
page 5-30
).
•
WAN Destination IP Address
. For the UTM25, you can specify the destination IP address
for incoming traffic. Traffic is directed to the specified address only when the destination IP
address of the incoming packet matches the IP address of the selected WAN interface (that is
WAN1 or WAN2 interface). For the UTM10 with its single WAN interface, the WAN
Destination IP Address is a fixed field.
•
LAN Users
.
You can specify which computers on your network are affected by an inbound
rule. There are several options:
–
Any
.
All PCs and devices on your LAN.
–
Single address
.
The rule is applied to the address of a particular PC.
–
Address range
. The rule is applied to a range of addresses.
Warning:
This feature is for advanced administrators only! Incorrect configuration
might cause serious problems.