Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
169
Views
0
Helpful
0
Comments

Firewall Basic Settings on RVS4000

smallbusiness
Community Manager
Community Manager

‎08-18-2017 07:58 PM - edited ‎03-21-2019 12:41 AM

Article ID:600

Firewall Basic Settings on RVS4000

Objective

Firewalls help to block harmful content within a network. They protect form various attacks such as Denial of Service (DoS) attacks, Distributed Denial of Service (DDoS) attacks, and various other harmful actions.

This document explains how to configure firewall basic settings on the RVS4000 VPN routers using the configuration utility.

Applicable Device

• RVS4000

Software Version

• 2.0.3.2

Firewall Basic Settings

Step 1. Log in to the web configuration utility and choose Firewall > Basic Settings. The Basic Settings page opens:

Step 2. Click the Enable radio button in the Firewall field to enable deep packet inspection on traffic. This field represents the SPI (Stateful Packet Inspection) firewall service on router. SPI scans deep into packets and compares them to predefined rules. The packet is dropped if it fails to match the rules. Click Disable to disable the firewall.

Step 3. Click the Enable radio button in the DoS Protection field to enable the DoS protection service. This represents protection service against DoS (Denial of Service) attacks. DoS attacks send fake service requests to the router, which makes network resources unavailable to legitimate users.  Click Disable to disable the DoS protection.

Step 4. Click the Enable radio button in the Block WAN Request field to block / drop ping requests to the WAN interface. This allows the router to hide from the external network and increase protection. Click Disable to allow ping requests to the WAN.

Step 5. Click the Enable radio button in the Remote Management field to enable the remote access on the RVS4000. This service allows remote access to the web configuration utility of the router. Click Disable to disable remote access to the RVS4000 router.

Note: If the service is disabled, this field will not be accessible.

Step 6. Enter the port number used for remote access in the Remote Management Port field. The port will be used for the Uniform Resource Locator (URL). Click Disable to disable this service.

Note: If Remote Management is disabled, skip to Step 10. The HTTPS field, Remote IP Address field, and the Remote Upgrade field are visible only when remote management is enabled.

Step 7. Click the Enable radio button in the HTTPS field to enable secure access to the router. With this service enabled, secure remote access through Hypertext Transfer Protocol Secure (HTTPS) is protected by Secure Sockets Layer (SSL) encryption algorithms. Click Disable radio button to disable the HTTPS access and allow web access through HTTP.

Step 8. Choose which IP address to use from the Remote IP Address drop-down list. This field imposes restrictions on external IP addresses, which can have remote access to router's web configuration utility. When Any IP Address is selected, any device on the Internet can access the router.

• Any IP Address — Any IP address has access.

• Single IP Address — Allows a specific IP address. Enter the specific IP address to be allowed in the field that appears.

• IP Range — Allows a range of IPs. Enter the IP range to be allowed in the field that appears.

• Subnet — Allows a certain subnet. Enter the subnet to be allowed in the field that appears.

Step 9. Click the Enable radio button in the Remote Upgrade field to enable the remote upgrade service. This service allows router upgrades through remote access. Click Disable to disable remote upgrade.

Step 10. Click the Enable radio button in the Multicast Passthrough field to enable the multicast passthrough service. This service allows multicast traffic from the Internet to pass through the router. This is performed through the user of the IGMP proxy on the router. Click Disable to disable multicast passthrough.

Step 11. Click the Enable radio button in the SIP Application Layer Gateway field to enable the SIP application layer gateway. This allows Session Initiation Protocol (SIP) packets to traverse through Network Address Translation (NAT) and firewall settings. This also allows non-interrupted voice call through the router. Enable this service if your Voice over Internet Protocol (Voice over IP, VoIP) service provider doesn't provide NAT traversal solutions.

Step 12. Check the check box(es) to block that particular feature under Block area.

• Java — Blocks the use of Java applications in the network which can run harmful programs within the network or devices connected to the network.

• Cookies — Blocks cookies which can be intrusive to privacy.

• ActiveX — Blocks the use of ActiveX applications in the network which can run harmful programs within the network or devices connected to the network.

• Access to Proxy HTTP Server — Blocks access to proxy servers on HTTP which can help to make sure there are no hidden devices on the network.

Note: Blocking these features may increase security, but a few services may be become inactive. By default, no service is blocked.

Step 13. Click Save to save the settings.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents