Outbound Rules (Service Blocking) - NETGEAR FVG318 Reference Manual

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Considerations for Inbound Rules
• If your external IP address is assigned dynamically by your ISP, the IP address may change
periodically as the DHCP lease expires. Consider using the Dynamic DNS feature in the
Advanced menus so that external users can always find your network.
• If the IP address of the local server PC is assigned by DHCP, it may change when the PC is
rebooted. To avoid this, use the Reserved IP address feature in the LAN IP menu to keep the
PC's IP address constant.
• Each local PC must access the local server using the PC's local LAN address (192.168.0.99 in
Local Public Web Server example). Attempts by local PCs to access the server using the
external WAN IP address will fail.

Outbound Rules (Service Blocking)

The FVG318 allows you to block the use of certain Internet services by PCs on your network. This
is called service blocking or port filtering. You can define an outbound rule to block Internet
access from a local PC based on:
• IP address of the local PC (source address)
• IP address of the Internet site being contacted (destination address)
• Time of day
• Type of service being requested (service port number)
Following is an application example of an outbound rule:
Outbound Rule Example: Blocking Instant Messenger
If you want to block Instant Messenger usage by employees during working hours, you can create
an outbound rule to block that application from any internal IP address to any external address
according to the schedule that you have created in the Schedule menu.
4-8 Firewall Protection and Content Filtering
v1.0, September 2007