Security Settings; General - MB Connect Line mbNET MDH810 Manual

Security settings

18.
18.1

General

The industrial router has an integrated firewall to protect against third-party and unauthorized access and connection
attempts. Incoming and outgoing data traffic is checked, logged and allowed or denied via this firewall.
The firewall can generally be configured with one of the following three settings:
 maximum Security With this setting, rules for allowing data traffic must be configured accordingly. Both in-
coming and outgoing data traffic is denied.
For accessing the web interface (from outside the network), the TCP protocol and the destination port 80
must be entered and enabled in the
accordingly allowed for the data packets from the VPN tunnel.
 normal Security With this setting, incoming data traffic (data from the Internet) is denied while outgoing da-
ta traffic is allowed.
 minimum Security
With this setting, all incoming and outgoing data traffic is allowed.
The 'minimum Security' option should only be temporarily set for test purposes since it
allows all data traffic from inside to outside the network as well as access from outside
the network. This setting threatens the integrity of your mbNET and the connected devic-
es.
SNAT
This function transparently passes on the incoming data traffic from Internet or VPN connections to the LAN. In other
words, all data packets going to the LAN are assigned the IP address of the router as the sender address. This
means that none of the LAN subscribers need the router as a "gateway". This is a considerable advantage when in-
tegrating remote maintenance into existing network structures as it means that these structures do not need to be
changed.
Page 152 of 226
Version: 3.3.5 – DR05 – 23.03.2017
WAN >LAN rules. If, however, you start a VPN connection, access is