NETGEAR FVS318N Modem User Manual


 
Network and System Management
325
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Source MAC Filtering
If you want to reduce outgoing traffic by preventing Internet access by certain computers on
the LAN, you can use the source MAC filtering feature to drop the traffic received from the
computers with the specified MAC addresses. By default, this feature is disabled; all traffic
received from computers with any MAC address is allowed. See Enable Source MAC
Filtering o
n page 183 for the procedure about how to use this feature.
Features That Increase Traffic
The following features of the wireless VPN firewall tend to increase the traffic load on the
WAN side:
L
AN WAN inbound rules (also referred to as port forwarding)
DMZ W
AN inbound rules (also referred to as port forwarding)
Por
t triggering
Ena
bling the DMZ port
Con
figuring exposed hosts
Con
figuring VPN tunnels
LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding)
The LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for
inbound traffic (from WAN to LAN and from WAN to the DMZ). Any inbound rule that you
create allows additional incoming traffic and therefore increases the traffic load on the WAN
side.
ON the LAN WAN screen, if you have not defined an
y rules, only the default rule is listed. The
default LAN WAN inbound rule blocks all access from outside except responses to requests
from the LAN side.
WARNING:
Incorrect configuration of inbound firewall rules can cause
serious connection problems.
Each rule lets you specify the desired action for the connections covered by the rule:
BLOCK always
BLOCK by
schedule, otherwise allow
AL
LOW always
ALL
OW by schedule, otherwise block
The following section summarizes the various crite
ria that you can apply to inbound rules and
that might increase traffic. For more information about inbound rules, see Inbound Rules
(Port Forwarding) on p
age 133. For detailed procedures about how to configure inbound