User Guide

OmniAccess 3500 Nonstop Laptop Guardian Administration Guide

Figure 65 - Connection Manager Server Table (Add)

− Rules — [Gateway|Configure Advanced Settings|Rules], [Gateway

Configure:-> Rule Information], [rw]

Packet classification rules for the firewall and IPsec endpoint that are

embedded in the OmniAccess 3500 NLG gateway.

The embedded firewall can be used to restrict the network traffic that the

OmniAccess 3500 NLG gateway exchanges over its interfaces, assuming the

function of an enterprise firewall in a network where an enterprise firewall

is not already deployed. The firewall rules may or may not be associated

with existing IPsec tunnels.

The embedded IPsec endpoint handles the requests to open IKEv2 and IPsec

security associations that the OmniAccess 3500 NLG cards originate from

their current locations. The OmniAccess 3500 NLG gateway uses the IPsec

endpoint rules to match incoming IKEv2 requests with sets of IKEv2/IPsec

parameters to be used in the configuration of the security associations that

may result from the negotiations.

Each rule requires the configuration of the following set of parameters:

 Precedence — Rule precedence with respect to other rules defined in

the same context. The priority of the rule is higher with a higher

precedence value. The highest-precedence rule that matches a packet

is the rule that defines how the packet is handled.

 Type — Rule type, to be chosen among <Pass> (accept all packets

matching the rule), <Drop> (drop all packets matching the rule), and