Firewall > access rules, Access rules, Chapter 4 – Cisco 4-Port SSL/IPSec VPN Router RVL200 User Manual

Chapter 4

Advanced Configuration



4-Port SSL/IPSec VPN Router

NOTE:

SSL VPN has higher priority than Port

Forwarding when HTTPS is enabled.

HTTP

To allow HTTP connections for remote management,

select Enable. Otherwise, select Disable. Then enter the

port number you want to use for remote management

(port 80 or 8080 is usually used).

Multicast Pass Through

This option is disabled by default.

IP multicasting occurs when a single data transmission

is sent to multiple recipients at the same time. Using

this feature, the Router allows IP multicast packets to be

forwarded to the appropriate LAN devices. Multicast Pass

Through is used for Internet games, videoconferencing,

and multimedia applications.

SIP Application Layer Gateway

This option is enabled

by default. It enables use of Session Initiation Protocol

(SIP), an application-layer control (signaling) protocol for

Internet phone calls, multimedia conferences, and instant

messaging.

Restrict WEB Features

Block

Select the filters you want to use.

Java

Java is a programming language for websites. If

you deny Java applets, you run the risk of losing access

to Internet sites created using this programming

language. To block Java applets, select Java.

Cookies

A cookie is data stored on your PC and used

by Internet sites when you interact with them. To block

cookies, select Cookies.

ActiveX

ActiveX is a programming language for

websites. If you deny ActiveX, you run the risk of losing

access to Internet sites created using this programming

language. To block ActiveX, select ActiveX.

Access to HTTP Proxy Servers

Use of WAN proxy

servers may compromise the Router’s security. If you

block access to HTTP proxy servers, then you block

access to WAN proxy servers. To block access, select

Access to HTTP Proxy Servers.

Don’t block Java/ActiveX/Cookies/Proxy to Trusted

Domains

To keep trusted sites unblocked, select this

option.
Click Save Settings to save your changes, or click Cancel

Changes to undo them.

Firewall > Access Rules

Access rules evaluate network traffic to decide whether

or not it is allowed to pass through the Router’s firewall.

Access Rules look specifically at a data transmission’s

source IP address, destination IP address, and IP protocol

•

•

•

•

type, and you can apply each access rule according to a

different schedule.
With the use of custom rules, it is possible to disable all

firewall protection or block all access to the Internet, so

use extreme caution when creating or deleting access

rules.
The Router has the following default rules:

All traffic from the LAN to the WAN is allowed.
All traffic from the WAN to the LAN is denied.

Custom rules can be created to override the above default

rules, but there are four additional default rules that will

be always active and cannot be overridden by any custom

rules.

HTTP service from the LAN to the Router is always

allowed.
DHCP service from the LAN is always allowed.
DNS service from the LAN is always allowed.
Ping service from the LAN to the Router is always

allowed.

Firewall > Access Rules

Access Rules

Except for the default rules, all configured access rules

are listed in the Access Rules table, and you can set the

priority for each custom rule. The Access Rules table lists

the following information for each access rule:

Priority

The Priority is displayed.

Policy Name

The name of the access rule is displayed.

Enable

The status of the access rule is displayed.

Action

The Action, Allow or Deny, is displayed.

Service

The Service is displayed.

Source Interface

The Source Interface, LAN or WAN, is

displayed.

Source

The specific Source is displayed.

Destination

The specific Destination is displayed.

•

•

•

•

•

•