Ip based acl – Linksys WRVS4400N User Manual

Page 57

background image

49

Chapter 6: Setting Up and Configuring the Router
Firewall Tab

Wireless-N Gigabit Security Router with VPN

IP Based ACL

This screen shows a summary of configured IP based Access List. The Access List is used to restrict traffic going
through the Router either from WAN or LAN port. There are two ways to restrict data traffic. You can block specific
types of traffic according to your ACL definitions. Or you can allow only specific types of traffic according to your
ACL definition. The ACL rules will be read according to its priority. If there is a match for a packet, the action will
be taken and following lower priority rules will not be checked against this packet.

Note that the higher the number of rules that need to be checked against packets, the lower the throughput. Use
ACL rules with caution.

There are two default rules in the table that cannot be deleted. The first rule will allow all traffic coming in from
LAN port to pass the Router. The second rule will allow all traffic coming in from WAN port. These two rules have
the lowest priority, so without adding any user defined rules, all the packets can be passed through from both
WAN and LAN sides.

The rule will be enabled when the Enable button is checked, and when Date and Time are matched. If any of
conditions are not met, the rule will not be used to check against packets.

The following are descriptions on each of the fields in the ACL Table:

Priority: This defines the order on which rule is checked against first. The smaller number has higher priority.
The default rules will always be checked last.

Enable: This tells the Router if the rule is active or not. You can have rules defined in the ACL Table but in an
inactive state. The administrator can decide on when to enable specific ACL rules manually.

Action: This defines how the rule is to affect the traffic. It can be either Allow or Deny. If the rule is matched and
the action is Allow, the packet will be forwarded. If the rule is matched and the action is Deny, the packet will be
dropped.

Service: You can either select one of the pre-defined services in the drop-down menu or you can define new
services by clicking the Service Management button. Once you defined your own service, it will be listed on the
top of the drop-down menu. You can also select ALL to allow or block all types of IP traffic.

The User-defined Service GUI page can be either accessed from the New Rule screen by clicking Service
Management button, or you can access it directly from the 2nd layer tab under Firewall.

Source Interface: Select LAN, WAN, or ANY interface.

Figure 6-30: Firewall - IP Based ACL

Figure 6-31: Firewall - IP Based ACL

(pre-defined services)

See also other documents in the category Linksys Hardware: