ATL Telecom AM30 User Manual

Page 129

background image

ATL Telecom User Guide

AM30

1

2
9

Configuring IP Filter Global Settings

The IP Filter Configuration page enables you to configure the following global IP filter
settings.

fSecurity Level: This setting determines which IP

filter rules take effect, based on the security level
specified in each rule. For example, when High is
selected, only those rules that are assigned a security
value of High will be in effect. The same is true for
the Medium and Low settings. When None is
selected, IP filtering is disabled.

fPrivate/Public/DMZ Default Action: This setting

specifies a default action to be taken (Accept or
Deny) on private, public, or DMZ-type device
interfaces when they receive packets that do not
match any of the filtering rules. You can specify a
different default action for each interface type. (You
specify an interface's type when you create the
interface; see the PPP configuration page, for
example.)

x A public interface typically connects to the

Internet. PPP, EoA, and IPoA interfaces are
typically public. Packets received on a public
interface are subject to the most restrictive set of
firewall protections defined in the software.
Typically, the global setting for public interfaces is
Deny, so that all accesses to your LAN initiated
from external computers are denied (discarded at
the public interface), except for those allowed by
a specific IP filter rule.

x A private interface connects to your LAN, such as

the Ethernet interface. Packets received on a
private interface are subject to a less restrictive
set of protections, because they originate within
the network. Typically, the global setting for
private interfaces is Accept, so that LAN
computers have access to the ADSL/Ethernet
routers' Internet connection.

x The term DMZ (de-militarized zone), in Internet

networking terms, refers to computers that are
available for both public and in-network accesses
(such as a company's public Web server). Packets
received on a DMZ interface—a whether from a
LAN or external source—are subject to a set of
protections that is in between public and private
interfaces in terms of restrictiveness. The global
setting for DMZ-type interfaces may be set to
Deny so that all attempts to access these servers
are denied by default; the administrator may then

See also other documents in the category ATL Telecom Routers: