Table of Contents
Advertisement
The SG unit is equipped with a fully featured, stateful firewall. The firewall allows you to
control both incoming and outgoing access, so that PCs on local networks can have
tailored Internet access facilities while being shielded from malicious attacks from
external networks.
The SG unit's stateful firewall keeps track of outgoing connections (e.g. a PC on your
LAN requesting content from a server on the Internet) and only allows corresponding
incoming traffic (e.g. the server on the Internet sending the requested content to the PC).
By default, your SG unit allows network traffic as shown in the following table:
Incoming Interface
LAN
VPN
Dialin
DMZ
DMZ
Internet
Guest
Sometimes it is useful to allow some incoming connections, e.g. if you have a mail or web
server on your LAN or DMZ that you want to be accessible from the Internet. This is
accomplished using a combination of NAT and packet filter rules.
The SG unit web management console provides a powerful interface for tailoring your
firewall to your network. For details, refer to the Customizing your Firewall section later in
this chapter.
Incoming Access
The Incoming Access section allows you to control access to the SG unit itself, e.g. for
remote administration. Click Incoming Access under Firewall on the main menu to
display the Incoming Access configuration page.
Firewall
Outgoing Interface
Any
Any
Any
Internet
Any except Internet
Any
Any
4.
Firewall
Action
Accept
Accept
Accept
Accept
Drop
Drop
Drop
127
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
