Filter
Top Products
Application Note Ed. 01
2 SpeedTouch
TM
610 Remote Access
6
2.1 The SpeedTouch
TM
610 Firewall
Introduction All traffic from, to, or via any of the SpeedTouch
TM
610 interfaces is subjected to its
powerful programmable firewall.
For a full description of the SpeedTouch
TM
610 programmable firewall see the applica-
tion note The SpeedTouch
TM
610 and Firewalling.
In the scope of Remote management however, the following topics provide some essen-
tial information to understand the operation of the SpeedTouch
TM
610 firewall.
Default firewall
configuration
By default a set of rules is provided for basic firewalling.
Defining LAN as your local network, SpeedTouch
TM
610 as the SpeedTouch
TM
610’s IP
host, and WAN as the “outside” network (i.e. any IP connection configured over the
SpeedTouch
TM
610 DSL line), the combination of the firewall rules make sure that IP
packets migrating:
• from WAN to LAN are allowed (Rule 1)
• from LAN to WAN are allowed (Rule 2)
• from LAN to SpeedTouch
TM
610 are allowed (Rule 3)
• from SpeedTouch
TM
610 to LAN are allowed (Rule 4)
• from SpeedTouch
TM
610 to WAN are dropped, except DNS and DHCP (Rule 5)
• from WAN to SpeedTouch
TM
610 are dropped, except DNS and DHCP (Rule 6)
• from WAN to WAN are dropped (Rule 7).
Rules 1 and 2 can be considered as “DSL Gateway rules”: these assure that the
SpeedTouch
TM
610 can act as DSL Gateway for your local network.
Rules 3 and 4 can be defined as “Local Management rules”: these two rules enable
direct communication between the local network and the SpeedTouch
TM
610 IP host (be
it for http, ftp or telnet access) possible.
Rules 5, 6 and 7 could be defined as the “Security and Remote Management rules”:
these rules ensure that by default no one from the WAN has IP access with the
SpeedTouch
TM
610 device itself.