Support User Manuals

NETGEAR SRX5308-100NAS Switch User Manual

Open as PDF

of 460

Firewall Protection

139

ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308

Note: Some residential broadband ISP accounts do not allow you to run

any server processes (such as a web or FTP server) from your

location. Your ISP might periodically check for servers and might

suspend your account if it discovers any active servers at your

location. If you are unsure, see the acceptable use policy of your ISP.

Order of Precedence for Rules

As you define a new rule, it is added to a table in a Rules screen as the last item in the list, as

shown in the following figure, which shows the LAN WAN Rules screen for IPv4 as an

example:

QoS Profile The priority assigned to IP packets of this service. The priorities

are defined by Type of Service in the Internet Protocol Suite

standards, RFC 1349. The QoS profile determines the priority of

a service, which, in turn, determines the quality of that service for

the traffic passing through the firewall.

The VPN firewall marks the Type of Service (ToS) field as

define

d in the QoS profiles that you create. For more information,

see Create Quality of Service Profiles for IPv4 Firewall Rules on

page 179.

Note: T

here are no default QoS profiles on the VPN firewall.

After you have created a QoS profile, it can become active only

when you apply it to a nonblocking inbound or outbound firewall

rule.

Note: QoS profiles do not apply to LAN DMZ rules.

IPv4 LAN WAN rules

IPv4 DMZ WAN rules

Log The setting that determines whether packets covered by this rule

are log

ged. The options are:

• Always.

Always log traffic that matches this rule. This is useful

when you are debugging your rules.

• Neve

r. Never log traffic that matches this rule.

All rules

Bandwidth Profile Bandwidth limiting determines how the data is sent to and from

your host. The purpose of bandwidth limiting is to provide a

solution for limiting the outgoing and incoming traffic, thus

preventing the LAN users from consuming all the bandwidth of

the Internet link. For more information, see Create Bandwidth

Profiles on p

age 176. For inbound traffic, you can configure

bandwidth limiting only on the LAN interface for a LAN WAN rule.

Note: Ban

dwidth limiting does not apply to the DMZ interface.

IPv4 LAN WAN rules

Table 33. Inbound rules overview (continued)

Setting Description Inbound Rules

previous next