Firewall Protection
184
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
3. In the same section, from the Policy for MAC Addresses listed below drop-down list, select
one of the following options:
• Block and Permit
the rest. Traffic coming from all addresses in the MAC Addresses
table is blocked. Traffic from all other MAC addresses is permitted.
• Permit
and Block the rest. Traffic coming from all addresses in the MAC Addresses
table is permitted. Traffic from all other MAC addresses is blocked.
4. Click App
ly to save your settings. The MAC Address field in the Add Source MAC Address
section of the screen now becomes available.
5. Build your list of source
MAC addresses to be permitted or blocked by entering the first MAC
address in the MAC Address field. A MAC address needs to be entered in the format
xx:xx:xx:xx:xx:xx, in which x is a numeric (0 to 9) or a letter between a and f (inclusive), for
example
: aa:11:bb:22:cc:33.
WARNING:
If you select Permit and Block the rest from the drop-down list but
do not add the MAC address of the computer from which you are
accessing the web management interface, you are locked out of
the web management interface.
6. Click the Add table button. The MAC address is added to the MAC Addresses table.
7. Repeat
the previous two steps to add more MAC addresses to the MAC Addresses table.
To remove one or more MAC addresses from the table:
1. Select the check box to the lef
t of each MAC address that you want to delete, or click
the Select All table button to select all addresses.
2. Click the Delete t
able button.
Set Up IP/MAC Bindings
IP/MAC binding allows you to bind an IPv4 or IPv6 address to a MAC address and the other
way around. Some computers or devices are configured with static addresses. To prevent
users from changing their static IP addresses, the IP/MAC binding feature needs to be
enabled on the wireless VPN firewall. If the wireless VPN firewall detects packets with an IP
address that matches the IP address in the IP/MAC Bindings table but does not match the
related MAC address in the IP/MAC Bindings table (or the other way around), the packets are
dropped. If you have enabled the logging option for the IP/MAC binding feature, these
packets are logged before they are dropped. The wireless VPN firewall displays the total
number of dropped packets that violate either the IP-to-MAC binding or the MAC-to-IP
binding.