Table of Contents
Advertisement
Roles and Policies
15.1 Firewall Policies
256
Parameter
Description
Source
Select any of the following options:
from all sources—Traffic from all sources is either allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule.
from a host—Traffic from a particular host is either allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule. Af-
ter selecting this option, specify the IP address of the host.
from a network—Traffic from a particular network is either allowed, denied, or
•
the IP address is translated at the source or the destination as defined in the
rule. After selecting this option, specify the IP address and netmask of the
source network.
Destination
Select a destination option for the access rules for network services, applications,
and application categories. You can allow or deny access to any the following
destinations based on your requirements.
to all destinations—Traffic for all destinations is allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule.
to a particular server—Traffic to a specific server is allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule. Af-
ter selecting this option, specify the IP address of the destination server.
except to a particular server—Access is allowed or denied to servers other
•
than the specified server. After selecting this option, specify the IP address of
the destination server.
to a network—Traffic to the specified network is allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule. Af-
ter selecting this option, specify the IP address and netmask for the destination
network.
except to a network—Access is allowed or denied to networks other than the
•
specified network. After selecting this option, specify the IP address and net-
mask of the destination network.
to domain name—Traffic to the specified domain is allowed, denied, or the IP
•
address is translated at the source or the destination as defined in the rule. Af-
ter selecting this option, specify the domain name in the Domain Name text
box.
Log
Select the Log check box if you want a log entry to be created when this rule is
triggered. SCALANCE W supports firewall-based logging function. Firewall logs on
the APs are generated as security logs.
Blacklist
Select the Blacklist check box to blacklist the client when this rule is triggered. The
blacklisting lasts for the duration specified in the Auth failure blacklist time on the
Blacklisting tab of the Security window. For more information, see Blacklisting
Clients on page 174.
Classify
Select the Classify media check box to prioritize video and voice traffic. When
media
enabled, a packet inspection is performed on all non-NAT traffic and the traffic is
marked as follows:
Video: Priority 5 (Critical)
•
Voice: Priority 6 (Internetwork Control)
•
Configuration Manual, 02/2018, C79000-G8976-C451-02
SCALANCE W1750D UI
Hide quick links:
Advertisement
Table of Contents
