|
Note |
|---|---|
|
In the firewall, a rule applies that packets enabled by a rule can subsequently no longer be prohibited and vice versa. The sequence of rules is crucial! |
|
Stateful inspection firewall (SIF) |
The firewall blocks packets that have passed through the NAT because the WAN partner is deemed “untrustworthy” in the default settings. No initial requests can therefore be made from this interface. Only requests from trustworthy interfaces can be answered. (All LAN interfaces are deemed trustworthy as standard.)
You have to configure a rule that enables the WAN partner access as an exception to default behaviour.
|
|
Note |
|---|---|
|
In the firewall, a rule applies that packets enabled by a rule can subsequently no longer be prohibited and vice versa. The sequence of rules is crucial! |
|
In our example the HTTPS service must be enabled for the WAN partner to gain access to the local interface 127.0.0.1 .
|
|
Note |
|---|---|
|
HTTPS can be used because PAT has already been carried out. |
|
In the example the service and all necessary interfaces are already predefined. In other circumstances a separate definition might be required beforehand under addresses or services.
Go to Firewall->Policies->IPv4 Filter Rules->New.
Firewall->Policies->IPv4 Filter Rules->New
Select a Source e.g. WAN_GERMANY_TELEKOM ENTERTAIN .
Select the Destination LAN_LOCAL .
Select the Service http (SSL) .
Leave Action Access .
Press OK to confirm your settings.
Under Firewall->Policies->IPv4 Filter Rules you will see the following overview:
Firewall->Policies->IPv4 Filter Rules
| Copyright© Version 01/2020 bintec elmeg GmbH |