Configuring firewall/nat settings, 1 dos protection and stateful packet inspection – Asus SL6000 User Manual
Page 53
52
ASUS VPN ADSL Router
Chapter 9
Chapter 9
9. Configuring Firewall/NAT Settings
SL6000/SL6300 provides built-in firewall/NAT functions, enabling you to
protect the system against denial of service (DoS) attacks and other types of
malicious accesses to your LAN while providing Internet access sharing at the
same time. You can also specify how to monitor attempted attacks, and who
should be automatically notified.
This chapter describes how to create/modify/delete ACL (Access Control List)
rules to control the data passing through your network. You will use firewall
configuration pages to:
•
Create, modify and delete inbound/outbound ACL rules.
•
Create, modify and delete predefined services to be used in inbound/
outbound ACL configurations.
•
Create service list (DOS)
•
View ACL inbound/outbound rules
•
View firewall statistics.
Note: When you define an ACL rule, you instruct the SL6000/SL6300
to examine each data packet it receives to determine whether it
meets criteria set forth in the rule. The criteria can include the net-
work or Internet protocol it is carrying, the direction in which it is
traveling (for example, from the LAN to the Internet or vice versa),
the IP address of the sending computer, the destination IP address,
and other characteristics of the packet data.
If the packet matches the criteria established in a rule, the packet can either be
accepted (forwarded towards its destination), or denied (discarded), depending
on the action specified in the rule.
9.1 DoS Protection and Stateful Packet Inspection
The firewall as implemented in SL6000/SL6300 provides DoS (Denial of
Service) protection and stateful packet inspection as the first line security for
your network. No configuration is required for this protection on your network
as long as firewall is enabled for SL6000/SL6300. By default, the firewall is
enabled at the factory. Please refer to section 12.1 Global Setting Configuration
to enable or disable firewall service on SL6000/SL6300.