Warning
If you do want to allow administrative access on interfaces other than LAN Interfaces,
there are several security precautions you should take. See the note in the next section
for details. Also consider remote administration using a VPN connection as an alternative
to opening a hole in the firewall, PPTP in particular is well suited to this task.
You can also select to Accept echo request (incoming port) on Internet interfaces.
The default is to disallow echo requests, so your SnapGear unit does not respond to
pings on its Internet interfaces. This may make it more difficult for external attackers
scanning for hosts to discover your SnapGear unit. Destination unreachable ICMP
messages are always accepted.
Web Management
Click the Web Management tab to configure the SnapGear Management Console. You
can enable or disable protocols, change port numbers or set or create Certificates for
securing access to the Management Console via HTTPS.
Note
You cannot disable both HTTP and HTTPS access to the Management Console.
137
Firewall