Table of Contents
Advertisement
Configuring Firewall
3.3 Example for Access Control
3.3.1 Network Requirements
In the diagram below, the R&D and some other departments are connected to a layer 2 switch
and access the internet via the router. To limit the acts of the R&D department users, such as
sending emails with the exterior mailbox, it is required that the R&D users can only visit websites
via HTTP and HTTPs on the internet at any time. For other departments, there is no limitation.
Figure 3-1 Network Topology
3.3.2 Configuration Scheme
To meet these requirements, we can configure Access Control rules on the router to filter
the specific types of packets from R&D department: only the HTTP and HTTPs packets are
allowed to be sent to the internet, and other types of packets are not allowed. The configuration
overview is as follows:
1) Add an IP group for the R&D department in the Preferences module.
2) By default, the HTTP service type already exists, and you need to add HTTPs to the Service
Type list in the Preferences module.
3) Create two rules to allow the HTTP and HTTPs packets from the R&D department to be sent
to the WAN.
Router
Layer 2 Switch
R&D Department
192.168.0.10/24-192.168.0.120/24
WAN
1.1.1.2
LAN
192.168.0.1/24
Other Departments
Configuration Guide
Configuration Examples
100
- Quick Links:
- Vlan Configuration
Hide quick links:
Advertisement
Table of Contents
