NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual page 114

ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
4. From the Service drop-down list, select HTTP for a Web server.
5. From the Action drop-down list, select ALLOW Always.
6. In the Send to LAN Server field, enter the local IP address of your Web server PC
(192.168.1.2 in this example).
7. From the WAN Destination IP Address drop-down list, select the Web server. In this
example, the secondary 192.168.55.10 (WAN1) address is shown. You first must have defined
this address on the WAN1 Secondary Addresses screen (see
Addresses" on page
8. Click Apply to save your settings. The rule is now added to the Inbound Services table of the
LAN WAN Rules screen.
To test the connection from a PC on the Internet, type http://<IP_address>, where <IP_address>
is the public IP address that you have mapped to your Web server. You should see the home page
of your Web server.
LAN WAN or DMZ WAN Inbound Rule: Specifying an Exposed Host
Specifying an exposed host allows you to set up a computer or server that is available to anyone on
the Internet for services that you have not yet defined.
To expose one of the PCs on your LAN or DMZ as this host:
1. Create an inbound rule that allows all protocols.
2. Place the rule below all other inbound rules.
See an example in Figure 4-14 on page
Warning: For security, NETGEAR strongly recommends that you avoid creating an
exposed host. When a computer is designated as the exposed host, it loses
much of the protection of the firewall and is exposed to many exploits from
the Internet. If compromised, the computer can be used to attack your
network.
4-24
2-25).
4-25.
v1.0, April 2010
"Configuring Secondary WAN
Firewall Protection