Firewall configuration
Firewall configuration includes the following configuration options:
- Zones: A zone is a firewall access group to which network interfaces can be added. You then use zones to configure packet filtering and access control lists for interfaces that are included in the zone. Preconfigured zones include:
- Any: Matches any network interface, even if they are not assigned to this zone.
- Loopback: Zone for interfaces that are used for communication between processes running on the device.
- Internal: Used for interfaces connected to trusted networks. By default, the firewall will allow most access from this zone.
- External: Used for interfaces to connect to untrusted zones, such as the internet. This zone has Network Address Translation (NAT) enabled by default. By default, the firewall will block most access from this zone.
- Edge: Used for interfaces connected to trusted networks, where the device is a client on the edge of the network rather than a router or gateway.
- Setup: Used for interfaces involved in the initial setup of the device. By default, the firewall will only allow this zone to access administration services.
- IPsec: The default zone for IPsec tunnels.
- Dynamic routes: Used for routes learned using routing services.
- Port forwarding: A list of rules that allow network connections to the Connect IT 16/48 to be forwarded to other servers by translating the destination address.
- Packet filtering: A list of packet filtering rules that determine whether to accept or reject network connections that are forwarded through the Connect IT 16/48.
- Custom rules: A script that is run to install advanced firewall rules beyond the scope/capabilities of the standard device configuration.
- Quality Of Service: Quality of Service (QOS) options for bandwidth allocation and policy-based traffic shaping and prioritizing.