Firewall - Allied Telesis AR410 User Manual

Ar400 series software release 2.7.1

Hide thumbs Also See for AR410:

Hardware reference manual (111 pages)

Quick install manual (12 pages)

Quick install manual (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

Table of Contents

Getting Started with the Graphical User Interface (GUI)

Problem

Solution

Problem

Solution

Problem

Solution

Diagnosis

Problem

Solutions

Software Release 2.7.1

C613-02021-00 REV F

•

Any password and authentication settings must be configured on the

neighbour as well as on this router.

■

Check that the router is passing the correct DNS information to hosts on

the LAN, if the router is a DHCP server. If the router acting as a DHCP

client as well, and therefore is passing on DNS information from another

DHCP server, check that this DHCP server is providing the router with the

correct information.

A device on the LAN or DMZ can send some traffic out, but cannot receive

traffic.

If you are using a static Standard NAT, this problem may indicate that NAT is

mapping to an invalid IP address. To check this, select Configuration > Firewall

> NAT.

Incoming traffic is sent to the wrong host.

If you are using a static Standard NAT, this problem may indicate that NAT is

mapping to a valid IP address, but which belongs to the wrong host. To correct

the IP address, select Configuration > Firewall > NAT.

Only one device on the LAN or DMZ can access the Internet.

■

If you are using a static Standard NAT, only one device from the LAN will

be able to access the Internet. If you wish to have more than one device

access the Internet, use Enhanced NAT instead (Configuration > Firewall >

NAT).

■

It is also possible that no other device has been configured with the correct

gateway.

Firewall

To see information about the traffic that the firewall has denied, use the CLI

command SHOW FIREWALL EVENT=DENY

To see information about the traffic that the firewall has allowed, use the CLI

command SHOW FIREWALL EVENT=ALLOW

Legitimate traffic is not reaching your LAN or DMZ.

■

Check that a rule exists to allow the traffic (Firewall > Configuration >

Traffic Rules)

Activating a DMZ does not provide access to servers on it. Rules must be

created for each server on the DMZ. Likewise, by default there is no access

to any devices on the private LAN.

■

If the rule exists, it may be incorrect or insufficient. Check that:

•

Rules intended to allow traffic have an action of "Allow".

•

The firewall is processing the rules in the order you expected, and that

specific rules (e.g. allow IP address x access to FTP on the server) have

lower numbers than general rules (e.g. deny all FTP access).

•

The ports, services and protocols are correct.

•

The IP addresses the rules apply to are entered correctly, and belong to

the specified devices.

•

The rules apply to the correct days and time.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Ar441s Ar450s Ar440s

Firewall - Allied Telesis AR410 User Manual

Firewall

Hide quick links:

Troubleshooting

Related Manuals for Allied Telesis AR410

Related Content for Allied Telesis AR410

This manual is also suitable for:

Table of Contents