Quick Reference Guide

ManualsBrandsNetgear ManualsNetworkingSRXN3205

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

5-6 Firewall Security and Content Filtering

v1.0, January 2010

Remember that allowing inbound services opens holes in your VPN firewall. Only enable those

ports that are necessary for your network. It is also advisable to turn on the server application

security and invoke the user password or privilege levels, if provided.

Translate to Port

Number

Check this box and enter a port number to assign the LAN server to a different service

port number. Inbound traffic to the service port will have the destination port number

modified to the port number configured here.

WAN

Destination IP

Address

This setting determines the destination IP address applicable to incoming traffic.

This is the public IP address that will map to the internal LAN server; it can either be the

address of the WAN port, another public IP address, or an address range.

LAN Users These settings determine which computers on your network are affected by this rule.

Select the desired options:

• Any – All PCs and devices on your LAN.

• Single address – Enter the required address and the rule will be applied to that

particular PC.

• Address range – If this option is selected, you must enter the start and finish fields.

• Groups – Select the Group to which this rule will apply. Use the (under Network

Configuration) to assign PCs to Groups. See “Managing Groups and Hosts (LAN

Groups)” on page 3-5.

WAN Users These settings determine which Internet locations are covered by the rule, based on their

IP addresses. Select the desired option:

• Any – All Internet IP address are covered by this rule.

• Single address – Enter the required address in the start field.

• Address range – If this option is selected, you must enter the start and end fields.

Log This determines whether packets covered by this rule are logged. Select the desired

action:

• Always – Always log traffic considered by this rule, whether it matches or not. This is

useful when debugging your rules.

• Never – Never log traffic considered by this rule, whether it matches or not.

Bandwidth

Profile

Specifies the name of a bandwidth limiting profile. Using a bandwidth profile, bandwidth

consumed by different connections can be limited. If multiple connections correspond to

the same firewall rule, they will share the same bandwidth limiting. See “Creating

Bandwidth Profiles” on page 5-21.

Note: Some residential broadband ISP accounts do not allow you to run any server

processes (such as a Web or FTP server) from your location. Your ISP may

periodically check for servers and may suspend your account if it discovers any

active services at your location. If you are unsure, refer to the Acceptable Use

Policy of your ISP.

Table 5-2. Inbound Rules (continued)

Item Description