NETGEAR FVS338 Network Router User Manual


 
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-24 Firewall Protection and Content Filtering
v1.0, September 2006
3. Build your list of Source MAC Addresses to be block by entering the first MAC address in the
MAC Address field in the form xx:xx:xx:xx:xx:xx where x is a numeric (0 to 9) or an
alphabet between and a and f (inclusive), for example: 00:e0:4c:69:0a:
4. Click Add. The Mac Address will be added to the Available MAC Addresses to be Blocked
table. (You can edit the MAC address by clicking Edit in the Action column adjacent to the
MAC Address.)
5. Click Reset to cancel a MAC address entry before adding it to the table.
6. When you have completed adding MAC addresses, click Apply to save your settings
Setting Up Port Triggering
Port triggering allows some applications running on a LAN network to be available to external
applications that would otherwise be partially blocked by the firewall. Using this feature requires
that you know the port numbers used by the Application.
Once configured, Port Triggering operates as follows:
1. A PC makes an outgoing connection using a port number defined in the Port Triggering table.
2. The VPN firewall records this connection, opens the an INCOMING port or ports associated
with this entry in the Port Triggering table, and associates them with the PC.
3. The remote system receives the PCs request and responds using the different port numbers that
you have now opened.
4. The VPN firewall matches the response to the previous request, and forwards the response to
the PC.
Without Port Triggering, this response would be treated as a new connection request rather than a
response. As such, it would be handled in accordance with the Port Forwarding rules:
Only one PC can use a Port Triggering application at any time.
After a PC has finished using a Port Triggering application, there is a Time-out period before
the application can be used by another PC. This is required because this Router cannot be sure
when the application has terminated.
Note: For additional ways of allowing inbound traffic, see “LAN WAN Inbound
Services Rules” on page 4-9.