Revised 2017-08-31
Network Tab
Drawing No. LP0997-C
Firewall
Sixnet
®
Series SN/RAM
®
6000 & RAM 9000 Software Manual
- 81 -
Enter Whitelist Name (Required):
Enter a name for the whitelist in the space provided. If the name of an
existing whitelist is entered, then you are in effect adding another member to the list of subnets defined by that
whitelist group.
After the Finish button is clicked, the entry will be added to the group in the (sorted) display area under the
Current Whitelist Groups heading.
This whitelist name will become available for selection in the other Firewall Rules sections where a whitelist
can be selected.
Note:
The first whitelist entry, the ‘default’ entry may not be deleted or have its name
changed, but its subnet value may be changed. Additional entries may be added, edited and deleted as
needed.
Enter Subnet (Required):
Enter the network allowed to make connections to the above port(s), using IP/CIDR
notation. To allow data from any source, enter 0.0.0.0/0. To specify a single host, use x.x.x.x/32, where x.x.x.x
is the host’s IP address.
Click on the
Finish
button. You will be returned to the Firewall Access Control List (ACL) Rules dialog window and
the Subnet Whitelist Rules table will now be populated with the recently entered data.
To delete an existing rule, select it in the table and click on the
Delete
button. To edit an existing rule, select it in the
table and click on the
Edit
button.
Whitelist Control on Outbound Restrictions:
This setting controls whether or not the whitelist rules apply to
packets originating from this device. There are two (2) choices:
Only to Whitelist IPs:
Packets destined for subnets outside those allowed by the selected whitelist will be
suppressed by the firewall.
No Restrictions:
The device may send a packet to any subnet and the whitelist rules apply only to packets
received.
Subnet Blacklist Rules:
These rules are used to define a single IP Address or an entire network that are
NOT
allowed to access the network behind the Red Lion RTU or router.
Click on the
Add
button and the following window appears:
Enter Subnet To Blacklist (Required):
Enter the network to be banned from making any incoming or
outgoing connections, using IP/CIDR notation. To allow data from/to any source, enter 0.0.0.0/0. To specify a
single host, use x.x.x.x/32, where x.x.x.x is the host’s IP address. This will override any other sections rules
(Allow/Redirect/DMZ/NAT/etc).
Click on the
Finish
button. You will be returned to the Firewall Access Control List (ACL) Rules dialog window and
the Subnet Blacklist Rules table will now be populated with the recently entered data.
To delete an existing rule, select it in the table and click on the
Delete
button. To edit an existing rule, select it in the
table and click on the
Edit
button.
Filter Rules:
Trusted interfaces are by default trusted, and do not have restrictions. Filter rules allow setting up
specific paths that are allowed to communicate, applying even to trusted interfaces. This allows restricting traffic
between internal, trusted (LAN) interfaces and can also restrict general traffic to untrusted (LAN) interfaces.