Products Partners Download Buy Network About Community Help  

Howtos Overview






Contact Us
  Sales Enquiry
  Tech Support

 

Howtos - Advanced Firewall Tricks

Contents

Overview

The Advanced Firewall configuration page can be used to create firewall rules that cannot be created via the core firewall configuration tools in ClarkConnect. The following document shows some commonly used advanced rules.

Allowing Access to Port X from Single Remote IP Address

  • Scenario: Opening a port for remote administration but only for a particular IP address.
  • Example: Webconfig access for remote IP 69.90.141.13

Image:Ss_firewall_remote_one_ip.png

Forwarding Port X from Single Remote IP Address

  • Scenario: Forwarding a port to the local network but only for a particular IP address.
  • Example: SSH access to 192.168.2.16 on the LAN, but only from 69.90.141.13

Image:Ss_firewall_forward_one_ip.png

Allowing Access to Port X on a Virtual IP Address

  • Scenario: Opening a port for a virtual IP address configured on the system.
  • Example: Secure web server access on virtual IP 1.2.4.5

Image:Ss_firewall_virtual_ip.png

Blocking Ping/ICMP

According to Internet standards (RFCs), all hosts connected to the Internet must respond to ping requests. This requirement is outlined in RFC 1122 Section 3.2.2.6. If you would like to block all ping requests to your ClarkConnect system, you are free to do so. However, this non-standard behavior is not a configuration option in the web-based interface. There are plenty of ways to detect a system on the network, so blocking ping is not only an ineffective security precaution but also potentially quite harmful.

Retrieved from "http://wiki.clarkconnect.com/docs/Howtos_-_Advanced_Firewall_Tricks"

This page has been accessed 9,221 times. This page was last modified on 24 July 2008, at 22:21.


 
   
Copyright © 2000-2007, Point Clark Networks
Company | Contact | Legal | Help | Login