Table of Contents
Advertisement
Enable IPv6 SPI: Use this option to enable the stateful packet inspection (SPI) firewall for IPv6 con-
nections.
Attention
If you select Enable IPv6 SPI, all devices in your local network are directly accessible from
the Internet. Use this option only if you are familiar with the possible consequences!
Enable Firewall Logging: Use this option for logging firewall attacks. Go to System | Diagnostics |
System Messages to open the firewall log
page
5.7.1.2
Schedule Rule
Click New to create a new schedule. If required, you can also create multiple schedules. Any existing
schedules are displayed in an overview. To edit a schedule, click on the pencil icon at the end of the
overview.
.
Name:
Here you can enter a name for your schedule.
Activate Time Period: Here you can specify the desired time period. For each day of the week, you
can specify the Start Time (hh:mm) and the End Time (hh:mm). For contiguous pe-
riods extending over several days, each intervening day must be specified as a full
day with the Start Time 00:00 and the End Time 23:59.
5.7.1.3
Firewall Rules
Click New to create a new firewall rule. The existing firewall rules are displayed in an overview. To
edit a firewall rule,
click on the pencil icon at the end of the overview.
You can define IP-based client rules and assign pre-defined services to them or create your own cri-
teria. The following fields are available for this:
Automatically refresh provider prefix: (only valid for IPv6) If the computers on your local network
have IPv6 addresses, these consist of a local part and a provider prefix. This prefix is
assigned to you and can be updated automatically by the Gateway 400.
Client PC Description: Enter a name for the rule.
Address Type:
Select the format of the IP address to create either an IPv4 or IPv6 address.
Client PC Address: Enter the IP address of the network device to which the rule should be applied.
Use the format of the previously selected Address Type. For IPv4, the rule can be ap-
plied to all devices in the home network with the address 192.168.100.0.
Scheduling Rule (Ref. Schedule Rule Page): If you created a schedule under
page
Status:
Here you can select whether the rule is enabled or disabled.
Client PC Service
Select the respective service name option (WWW, Sending email, SMTP, News Forums, Receiving
email, SecureHTTP, File Transfer, Telnet Service, NetMeeting, DNS, SNMP, VPN PPTP, VPN L2TP, TCP,
UDP) to specify which services are to be blocked.
If you block User-defined Services, the following section is enabled, in which you can individually
configure the TCP or UDP protocol and the Port Range.
5.7.1.4
IP Stack Settings
The device can detect and block conventional hacker attacks (such as IP Spoofing, Land Attack, Ping
of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan and TCP
SYN flooding).
46).
35, you can select it here.
Configuration | Gateway 400 User Guide
(Chapter 5.8.12.1, System Messages, on
.
"Schedule Rule" on
35
Advertisement
Table of Contents
