Table of Contents
Advertisement
•
Arranging policies in the Int to Ext and Outgoing policy list
Denying connections to the Internet from the internal network
Create policies that deny connections to the Internet from the internal network to restrict the full access to
the Internet granted by the default policy.
You can use policies to deny connections:
•
From addresses on your internal network (see
•
To addresses on the Internet (see
•
To services (see Services)
•
According to a one-time or recurring schedule (see Schedules)
Since policy matching works on a first-match principle, you must add deny policies above the default
policy. You must also add deny policies above matching policies that accept connections.
Adding a policy to deny connections
•
Add addresses, services, or schedules as required.
•
Go to Firewall > Policy > Int to Ext . (In Transparent mode go to Firewall > Policy > Outgoing .)
•
Click New to add a policy.
You can also click Insert Policy before
policy.
•
Configure the policy.
Source
Select the Internal address from which to deny connections.
Destination
Select the Internet address to which to deny connections.
Schedule
Select a schedule to control when the policy denies connections.
Service
Set Service to the service to deny.
Action
Select Deny.
Optionally select Log Traffic to add messages to the traffic log whenever the policy accepts a
Log Traffic
connection.
Traffic
Optionally, select Traffic Shaping to control the bandwidth available to and set the priority of
Shaping
the traffic processed by the policy.
•
Click OK to save the policy.
DFL-1000 User's Manual
Adding
addresses)
Adding
addresses)
on a policy in the list to add the new policy above a specific
30
Advertisement
Table of Contents
