9configuring firewall and nat, 1 firewall overview, 1 stateful packet inspection – Asus RX3042H User Manual
Page 75
RX3042H User's Manual
Configuring Firewall
63
9
Configuring Firewall and NAT
The RX3042H provides built-in firewall/NAT functions, enabling
you to protect the system against denial of service (DoS) attacks
and other types of malicious accesses to your LAN while providing
Internet access sharing at the same time. You can also specify how
to monitor attempted attacks, and who should be automatically
notified.
This chapter describes how to create/modify/delete ACL (Access
Control List) rules to control the data passing through your network.
You will use firewall configuration pages to:
• Configure firewall global and DoS settings
• Create, modify, delete and view ACL rules.
Note
: When you define an ACL rule, you instruct the RX3042H to
examine each data packet it receives to determine whether it meets
criteria set forth in the rule. The criteria can include the network or
internet protocol it is carrying, the direction in which it is traveling (for
example, from the LAN to the Internet or vice versa), the IP address
of the sending computer, the destination IP address, and other
characteristics of the packet data.
If the packet matches the criteria established in a rule, the packet
can either be accepted (forwarded towards its destination), or
denied (discarded), depending on the action specified in the rule.
9.1
Firewall Overview
9.1.1 Stateful Packet Inspection
The stateful packet inspection engine in the RX3042H maintains a
state table that is used to keep track of connection states of all the
packets passing through the firewall. The firewall will open a “hole”
to allow the packet to pass through if the state of the packet that
belongs to an already established connection matches the state
maintained by the stateful packet inspection engine. Otherwise,
the packet will be dropped. This “hole” will be closed when the
connection session terminates. No configuration is required for
stateful packet inspection; it is enabled by default when the firewall
is enabled. Please refer to section 9.3.1 “Firewall ” to enable or
disable firewall service on the RX3042H.