[Report an Error]

Configuring a Stateful Firewall Filter with Quick Configuration

You can use the Firewall/NAT Quick Configuration pages to configure a stateful firewall filter and NAT. These Quick Configuration pages allow you to designate the interfaces that make up the untrusted network. In addition, you can designate the applications that are allowed to operate from the untrusted network to the trusted network.

Figure 43 and Figure 44 show the Firewall/NAT Quick Configuration main and application pages.

Figure 43: Firewall/NAT Quick Configuration Main Page

Firewall/NAT Quick Configuration
Main Page

Figure 44: Firewall/NAT Quick Configuration Application Page

Firewall/NAT Quick Configuration Application Page

To configure a stateful firewall filter and NAT with Quick Configuration:

  1. In the J-Web interface, select Configuration>Firewall/NAT.
  2. Enter information into the Firewall/NAT Quick Configuration pages, as described in Table 89.
  3. Click one of the following buttons on the Firewall/NAT Quick Configuration main page:
  4. Go on to one of the following procedures:

Table 89: Firewall/NAT Quick Configuration Pages Summary

Field

Function

Your Action

Stateful Firewall

Enable Stateful Firewall

Enables stateful firewall filter configuration.

To enable stateful firewall filter configuration, select the check box.

Trusted Interfaces

Trusted Interfaces

Designates the trusted and untrusted routing platform interfaces. The stateful firewall filter is applied to the untrusted interfaces.

The Trusted Interfaces box displays a list of all the interfaces configured on the routing platform. Do either of the following:

  • To apply a stateful firewall filter to an interface, click the interface in the Trusted Interfaces box to highlight it, and click the left arrow to add the interface to the Untrusted Interfaces list. You can select multiple interfaces by pressing Ctrl while you click the interface.
  • To remove a stateful firewall filter from an interface, click the interface in the Untrusted Interfaces box to highlight it, and click the right arrow to add the interface to the Trusted Interfaces list. You can select multiple interfaces by pressing Ctrl while you click the interface.
Network Address Translation (NAT)

Enable NAT

Enables NAT configuration.

To enable NAT configuration, select the check box.

Low Address in Address Range (required)

Specifies the lowest address in the NAT pool address range. If a range of addresses is not specified, you can specify a single address or an IP prefix.

Type an IP address or prefix.

High Address in Address Range

Specifies the highest address in the NAT pool address range.

Type an IP address. The total range of addresses in the pool must be limited to a maximum of 32.

Outside Applications Allowed
 

Add or delete applications that are allowed to operate from the untrusted network to the trusted network.

Click Add to move to the Firewall/NAT Quick Configuration application page. When you have finished entering information into this page, click OK to save it.

To cancel your entries, click Cancel.

Application

Application (required)

Designate which applications are allowed to operate from the untrusted network to the trusted network.

From the list, select the application you want to operate from the untrusted network to the trusted network.

Source Address

Any Unicast WAN Address

Specifies that any unicast source address is allowed from the untrusted network.

To allow any unicast source address, select the check box.

Source Addresses and Prefixes

Designates the source addresses and prefixes that are allowed from the untrusted network.

To add an IP address and prefix, type them in the boxes above the Add button, then click Add.

To delete an IP address and prefix, select them in the Source Addresses and Prefixes box, then click Delete.

Destination Address

Any Unicast LAN Address

Specifies that any unicast destination address is allowed from the untrusted network.

To allow any unicast destination address, select the check box.

Destination Addresses and Prefixes

Designates the destination addresses and prefixes that are allowed from the untrusted network.

To add an IP address and prefix, type them in the boxes above the Add button, then click Add.

To delete an IP address and prefix, select them in the Destination Addresses and Prefixes box, then click Delete.


[Report an Error]