Port forwarding, Port forwarding -5 – NETGEAR ProSafe FVS124G User Manual

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

Router and Network Management

8-5

202-10085-01, March 2005

•

VPN tunnels

Port Forwarding

The firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal
data or damage your PCs, but overloads your Internet connection so you can not use it (i.e., the
service is unavailable). You can also create additional firewall rules that are customized to block or
allow specific traffic.

Note:

This feature is for Advanced Administrators only! Incorrect configuration will cause serious

problems.

You can control specific inbound traffic (i.e., from WAN to LAN). Inbound Services lists all
existing rules for inbound traffic. If you have not defined any rules, only the default rule will be
listed. The default rule blocks all inbound traffic.

Each rule lets you specify the desired action for the connections covered by the rule:

•

BLOCK always

•

BLOCK by schedule, otherwise Allow

•

ALLOW always

•

ALLOW by schedule, otherwise Block

You can also enable a check on special rules:

•

VPN Passthrough—Enable this to pass the VPN traffic without any filtering, specially used
when this firewall is between two VPN tunnel end points.

•

Drop fragmented IP packets—Enable this to drop the fragmented IP packets.

•

UDP Flooding—Enable this to limit the number of UDP sessions created from one LAN
machine.

•

TCP Flooding—Enable this to protect the router from Syn flood attack.

•

Enable DNS Proxy—Enable this to allow the incoming DNS queries.

•

Enable Stealth Mode—Enable this to set the firewall to operate in stealth mode.

As you define your firewall rules, you can further refine their application according to the
following criteria:

•

LAN users—These settings determine which computers on your network are affected by this
rule. Select the desired IP Address in this field.