Lancom-systems LCOS 3.50 Manual de usuario Pagina 147
- Pagina / 346
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Chapter 8: Firewall LANCOM Reference Manual LCOS 3.50
147
Firewall
Stations and services can be described according to the following rules in the
object table:
Equal identifier can generate comma-separated lists as for example host lists/
address lists (%A10.0.0.1, 10.0.0.2), or hyphen-separated ranges like port
ranges (%S20-25). The occurrence of a "0" or an empty string represents the
’any’ object.
When configuring via console (Telnet or terminal program), the com-
bined parameters (port, destination, source) must be embraced with
inverted commas (character ").
Action table
As described above, a Firewall action consists of condition, limit, packet
action and further measures. In the action table Firewall actions are composed
as any combination of the following elements:
Description Object ID Examples and notes
Local network %L
Remote stations %H Name must be in DSL /ISDN /PPTP or
VPN name list
Host name %D Note advice for host names (→page 129)
MAC address %E 00:A0:57:01:02:03
IP address %A %A10.0.0.1, 10.0.0.2;
%A0 (all addresses)
Netmask %M %M255.255.255.0
Protocol (TCP/UDP/ICMP etc.) %P %P6 (for TCP)
Service (port) %S %S20-25 (for ports 20 to 25)
- Reference Manual 1
- LANCOM LCOS 3.50 1
- Contents 3
- 1Preface 10
- 2 System design 13
- System design 14
- Configuration and manage 15
- 3.2 Configuration software 16
- LANCAPI 21
- 3.5.1 How to start a trace 26
- 3.5.2 Overview of the keys 27
- 3.5.4 Combination commands 28
- 3.5.5 Examples 29
- 3.8 Command line interface 32
- 3.8.1 Command line reference 33
- 3.9 Scheduled Events 34
- 4 Management 37
- 4.1.1 Application examples 38
- Management 39
- 4.1.2 Configuration 42
- 5 Diagnosis 46
- Diagnosis 47
- 5.2.1 How to start a trace 48
- 5.2.2 Overview of the keys 49
- 5.2.4 Combination commands 50
- 5.2.5 Examples 51
- 6 Security 52
- Security 53
- 6.1.2 Login barring 54
- 6.2.1 Identification control 58
- 6.2.2 Callback 60
- 6.3 The security checklist 61
- 7 Routing and WAN connections 64
- 7.2 IP routing 66
- 7.2.2 Local routing 68
- Configuration tool Menu/table 72
- 7.2.4 SYN/ACK speedup 73
- 7.3.1 Simple masquerading 74
- Source IP Port 75
- 7.3.2 Inverse masquerading 78
- 7.4 N:N mapping 80
- 7.4.1 Application examples 81
- 7.4.2 Configuration 85
- 7.5.1 Name list 89
- 7.5.2 Layer list 90
- Parameter Meaning 91
- 7.6.1 The protocol 92
- In this column of 97
- 7.8 Callback functions 98
- Routing and WAN 100
- With this 100
- 8Firewall 104
- 8.1.3 The methods 105
- 8.1.4 The victims 106
- 8.2 What is a Firewall? 107
- Firewall 108
- 8.3 The LANCOM Firewall 114
- 8.3.2 Special protocols 119
- Configuration tool Run 132
- Firewall wizard 141
- Condition Description Object 148
- Limit Description Object 148
- Measure Description Object 150
- 8.3.9 Firewall diagnosis 151
- Configuration tool 152
- Element Element meaning 153
- Entry Description 155
- Flag Flag meaning 158
- 8.3.10 Firewall limitations 159
- Detection 160
- 9 Quality of Service 168
- Quality of Service 169
- 9.3 The queue concept 172
- Packet size in bytes 180
- 1 64 128 256 512 1024 1500 180
- 9.7 QoS configuration 183
- Transfer External 188
- 10 Virtual LANs (VLANs) 192
- 10.2.1 Frame tagging 193
- Virtual LANs (VLANs) 194
- 10.2.3 Application examples 195
- 10.3 Configuration of VLANs 198
- 10.3.2 The port table 199
- 11 Wireless LAN – WLAN 203
- Wireless LAN – WLAN 204
- 11.2.1 Some basic concepts 214
- 11.2.2 WEP 215
- 11.2.3 WEPplus 219
- 11.2.4 EAP and 802.1x 220
- 11.2.5 TKIP and WPA 223
- 11.2.6 AES and 802.11i 230
- 11.2.7 Summary 231
- 11.4.1 WLAN security 234
- Configuration tool Menu/Table 235
- 11.4.2 General WLAN settings 243
- √ (λ * d) 257
- 11.5.2 Antenna power 258
- Maximum distance [km] 262
- Mbps P2P P2mP 262
- Assumed cable loss: 9 dB 263
- Antenna gain: 8.5 dBi 263
- Assumed cable loss: 6 dB 263
- Office communications with 265
- 12.3 How to use the LANCAPI 270
- 12.4 The LANCOM CAPI Faxmodem 270
- 13.1.1 The DHCP server 272
- Server services for the LAN 273
- 13.2 DNS 277
- 13.2.2 DNS forwarding 279
- Configuration tool Run/Table 280
- 13.2.4 URL blocking 283
- 13.2.5 Dynamic DNS 284
- 13.3 Call charge management 285
- 13.4 The SYSLOG module 287
- Source Meaning Facility 289
- /etc/syslog.conf 290
- /var/log/lancom.log 290
- 14.1 What does VPN offer? 291
- Virtual Private Networks— 292
- 14.2 LANCOM VPN: an overview 295
- 14.2.3 LANCOM VPN functions 297
- 14.3.1 LAN-LAN coupling 298
- 14.5.3 Inspect VPN rules 309
- 14.6.1 Static/static 323
- 14.6.2 Dynamic/static 323
- Branch_office 324
- 14.7 How does VPN work? 326
- 14.7.2 Alternatives to IPSec 328
- 14.8.5 Key management – IKE 335
- 16 Index 338
© 2020, manymanuals.es. Todos los derechos reservados | 0.087 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales