Firewall Protection
192
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
4. Click the Set Interval button. Wait for the confirmation that the operation has succeeded
before you close the window.
Configure Port Triggering
Port triggering allows some applications running on a LAN network to be available to external
applications that would otherwise be partially blocked by the firewall. Using the port triggering
feature requires that you know the port numbers used by the application.
Note: Port triggering is supported for IPv4 devices only.
Once configured, port triggering operates as follows:
1. A computer make
s an outgoing connection using a port number that is defined in the
Port Triggering Rules table.
2. Th
e VPN firewall records this connection, opens the additional incoming port or ports that
are associated with the rule in the port triggering table, and associates them with the
computer.
3. The
remote system receives the computer’s request and responds using the incoming port
or ports that are associated with the rule in the port triggering table on the VPN firewall.
4. Th
e VPN firewall matches the response to the previous request and forwards the response
to the computer.
Without port triggering, the response from the external
application would be treated as a new
connection request rather than a response to a request from the LAN network. As such, it
would be handled in accordance with the inbound port forwarding rules, and most likely
would be blocked.
Note these restrictions on port triggering:
• On
ly one computer can use a port triggering application at any time.
• Af
ter a computer has finished using a port triggering application, there is a short time-out
period before the application can be used by another computer. This time-out period is
required so the VPN firewall can determine that the application has terminated.
Note: For additional ways of allowing inbound traffic, see Inbound Rules
(Port Forwarding) on page 135.
To add a port triggering rule:
1. Select Secu
rity > Port Triggering. The Port Triggering screen displays. (The following
figure shows a rule in the Port Triggering Rules table as an example.)