NETGEAR SRX5308-100NAS Switch User Manual


 
Firewall Protection
140
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 71.
For any traffic attempting to pass through the firewall, the packet information is subjected to
the rules in the order shown in the Outbound Services and Inbound Services tables,
beginning at the top of each table and proceeding to the bottom of each table. In some cases,
the order of precedence of two or more rules might be important in determining the
disposition of a packet. For example, you should place the most strict rules at the top (those
with the most specific services or addresses). The Up and Down table buttons in the Action
column allow you to relocate a defined rule to a new position in the table.
Configure LAN WAN Rules
Create LAN WAN Outbound Service Rules
Create LAN WAN Inbound Service Rules
The default outbound policy is to allow all traffic to the Internet to pass through. Firewall rules
can
then be applied to block specific types of traffic from going out from the LAN to the
Internet (outbound). This feature is also referred to as service blocking. You can change the
default policy of Allow Always to Block Always to block all outbound traffic, which then allows
you to enable only specific services to pass through the VPN firewall.
To change the default outbound policy for IPv4 traffic or to change existing IPv4 rules:
1. Select Security > Firewall. Th
e Firewall submenu tabs display with the LAN WAN
Rules screen in view. In the upper right of the screen, the IPv4 radio button is selected
by default. The LAN WAN Rules screen displays the IPv4 settings. (The following figure
contains examples.)