NETGEAR FVS318N-100NAS Network Router User Manual


  Open as PDF
of 414
 
Network and System Management
317
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Features That Increase Traffic
The following features of the wireless VPN firewall tend to increase the traffic load on the
WAN side:
L
AN WAN inbound rules (also referred to as port forwarding)
DMZ W
AN inbound rules (also referred to as port forwarding)
Por
t triggering
Ena
bling the DMZ port
Con
figuring exposed hosts
Con
figuring VPN tunnels
LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding)
The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for
inbound traffic (from WAN to LAN and from WAN to the DMZ). If you have not defined any
rules, only the default rule is listed. The default rule blocks all access from outside except
responses to requests from the LAN side. Any inbound rule that you create allows additional
incoming traffic and therefore increases the traffic load on the WAN side.
WARNING:
This feature is for advanced administrators. Incorrect
configuration might cause serious problems.
Each rule lets you specify the desired action for the connections covered by the rule:
BLOCK always
BLOCK by
schedule, otherwise allow
AL
LOW always
ALL
OW by schedule, otherwise block
The following section summarizes the various crite
ria that you can apply to inbound rules and
that might increase traffic. For more information about inbound rules, see Inbound Rules
(Port Forwarding) on p
age 130. For detailed procedures on how to configure inbound rules,
see Configure LAN WAN Rules on p
age 135 and Configure DMZ WAN Rules on page 142.
When you define inbound firewall rules, you can further refine their application according to
t
he following criteria:
Servi
ces. You can specify the services or applications to be covered by an inbound rule.
If the desired service or application does not display in the list, you need to define it using
the Services screen (see Inbound Rules (Port Forwarding) on p
age 130 and Add
Customized Services on p
age 168).
W
AN destination IP address. You can specify the destination IP address for incoming
traffic. Traffic is directed to the specified address only when the destination IP address of
the incoming packet matches the IP address of the selected WAN interface.
 previous next