Allied Telesis AR410 User Manual page 46

Ar400 series software release 2.7.1

Hide thumbs Also See for AR410:

Hardware reference manual (111 pages)

Quick install manual (12 pages)

Quick install manual (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

Table of Contents

Problem

Solutions

Problem

Solutions

■

Check the NAT configuration. See "Traffic Flow and Network Address

Translation (NAT)" on page 44.

Illegitimate traffic is reaching your LAN or DMZ.

■

The most likely cause of this problem is an incorrect rule. Check that:

•

"Allow" rules are tight enough that only the intended traffic types are

allowed through.

•

The firewall is processing the rules in the order you expected, and that

specific rules (e.g. deny IP address x access to FTP on the server) have

lower numbers than general rules (e.g. allow all FTP access).

•

Rules intended to block traffic have an action of "Deny".

•

The ports, services and protocols are correct.

•

The IP addresses the rules apply to are entered correctly, and actually

belong to the specified devices.

•

The rules apply to the correct days and time.

■

Some traffic is allowed through the firewall, to enable the protocols to

work correctly. You can specify which ICMP traffic is allowed through on

the Firewall Policy Options page (Configuration > Firewall > Interfaces >

Policy options tab). For example, if Ping is checked on this page, ping

packets addressed to the private LAN will be allowed.

A device on your LAN or DMZ cannot access the Internet.

■

The most likely cause of this problem is an incorrect outgoing rule. Check

that:

•

"Deny" rules are not too tight and therefore blocking more traffic than

intended.

•

The firewall is processing the rules in the order you expected, and that

specific rules (e.g. allow IP address x to use FTP) have lower numbers

than general rules (e.g. deny all outgoing FTP requests).

•

Rules intended to allow traffic have an action of "Allow".

•

The rules apply to the correct IP services (by name or port number).

•

The IP addresses the rules apply to are entered correctly, and actually

belong to the specified devices.

•

The rules apply to the correct days and time.

■

Check that the device's gateway address is correct.

■

Check the NAT configuration. See "Traffic Flow and Network Address

Translation (NAT)" on page 44.

■

If an IP address-based rule exists to allow traffic from this particular

device, check that the device has a permanently-assigned IP address. If the

router is assigning IP addresses as a DHCP server, you can give the

required device a permanent IP address by making it a static entry

(Configuration > DHCP Server).

AR400 Series Router User Guide

Software Release 2.7.1

C613-02021-00 REV F

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Ar441s Ar450s Ar440s

Allied Telesis AR410 User Manual page 46

Hide quick links:

Troubleshooting

Related Manuals for Allied Telesis AR410

Related Products for Allied Telesis AR410

This manual is also suitable for:

Table of Contents