Siemens RUGGEDCOM ROX II User Manual page 244

Chapter 6
Security
1. Make sure the CLI is in Configuration mode.
2. Delete the host by typing:
no security firewall fwconfig firewall fwhost name
Where:
• firewall is the name of the firewall
• name is the name of the host
Type commit and press Enter to save the changes, or type revert and press Enter to abort.
3.
Section 6.9.12
Managing Policies
Policies define the default actions for establishing a connection between different firewall zones. Each policy
consists of a source zone, a destination zone and an action to be performed when a connection request is
received.
The following example illustrates the policies for establishing connections between a local network and the
Internet.
Policy
1
2
3
Each policy controls the connection between the source and destination zones. The first policy accepts all
connection requests from the local network to the Internet. The second policy drops or ignores all connection
requests from the Internet to any device on the network. The third policy rejects all other connection requests and
sends a TCP RST or an ICMP destination-unreachable packet to the client.
The order of the policies is important. If the last policy in the example above were to be the first policy, the firewall
would reject all connection requests.
NOTE
The source and destination zones must be configured before a policy can be created. For more
information about zones, refer to
NOTE
Policies for specific hosts or types of traffic can be overridden by rules. For more information about
rules, refer to
CONTENTS
• Section 6.9.12.1, "Viewing a List of Policies"
• Section 6.9.12.2, "Adding a Policy"
• Section 6.9.12.3, "Configuring the Source Zone"
• Section 6.9.12.4, "Configuring the Destination Zone"
• Section 6.9.12.5, "Deleting a Policy"
198
Source Zone
Loc
Net
All
Section 6.9.9, "Managing
Section 6.9.15, "Managing
Destination Zone
Net
All
All
Zones".
Rules".
RUGGEDCOM ROX II
CLI User Guide
Action
ACCEPT
DROP
REJECT
Managing Policies