Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 8: Firewall

140

Fi

rew

a

ll

̈

For a network coupling you permit additionally the communication
between the involved networks:

̈

If you operate e.g. an own web server, you selectively allow access to the
server:

̈

For diagnostic purposes it is helpful to allow ICMP protocols (e.g. ping):

These rules can now be refined as needed - e.g. by the indication of minimum
and maximum bandwidths for the server access, or by a finer restriction on
certain services, stations or remote sites.

The LANCOM automatically sorts Firewall rules when creating the fil-
ter list. Thereby, the rules are sorted into the filter list on the basis of
their level of detail. First all specific rules are considered, afterwards
the general ones (e.g. Deny All). Examine the filter list in case of com-
plex rule sets, as described in the following section.

Rule

Source

Destination

Action

Service

ALLOW_LAN1_TO_LAN2

LAN1

LAN2

transmit

ANY

ALLOW_LAN2_TO_LAN1

LAN2

LAN1

transmit

ANY

Rule

Source

Destina-
tion

Action

Service
(target port)

ALLOW_WEBSERVER

ANY

Webserver

transmit

HTTP, HTTPS

Rule

Source

Destination

Action

Service

ALLOW_PING

Local network

ANY

transmit

ICMP