In this section:

Before you Begin

You must first enable the firewall from the Security page for pass-through rules to be applied. Refer to Configuring Basic WAN Firewall Settings.

Adding a Pass-Through Rule

This section outlines how to add a pass-through rule.

To add a Pass-Through Rule

  1. Choose Network > Pass-Through Rules.

  2. Configure settings using the information in the following table as a guide.

    Custom Rules Fields

    FieldDescription
    Protocol

    Choose ports and protocols that are allowed through the system.

    Custom-UDP—Allows the specified UDP port to pass through the system

    Custom-TCP—Allows the specified TCP port to pass through the system

    Any—Allows all ports and protocols through the system. Ports are not required because not all protocols support the concept of ports.

    For the remaining protocol options, the correct protocol and port is automatically applied for the selected addresses.

    Input Interface

    Choose the interface where data is received that is destined for the forwarded subnet destination address:

    WAN

    LAN

    VoIP

    VLAN_1

    Source IPEnter the source address or network to be forwarded through the firewall from the Input Interface to the Output Interface. When left blank or set to 0.0.0.0, all addresses in the subnet are selected.

    Source Mask

    Enter the network mask that applies to the Source IP to create the host or range of IP addresses that are forwarded through the firewall. When left blank or set to 0.0.0.0, all destination addresses are allowed for this rule.

    Custom Source Ports

    Enter the source port number that is allowed through the system when either Custom-UDP or Custom-TCP protocol is selected.

    The Custom Port parameter is not required when Any or a protocol other than Custom-UDP or Custom-TCP is selected.

    Note: For multi-DLCI single T1 Frame Relay links: When VOICE_LAN or VOICE_WAN are selected using the Any rule, traffic is automatically forwarded from VOICE_LAN to VOICE_WAN. Traffic from VOICE_WAN to VOICE_LAN is dropped unless a rule allows it through.

    Output Interface

    Choose the interface where data is received and then sent from the forwarded subnet destination address:

    WAN

    LAN

    VoIP

    VLAN_1

    Destination IP

    Enter the destination address or network to be forwarded through the firewall from the Input Interface to the Output Interface. When left blank or set to 0.0.0.0, all addresses in the subnet are selected.

    Destination Mask

    		Enter the network mask that applies to the Destination IP to create the host or range of IP addresses that are forwarded through the firewall. When left blank or set to 0.0.0.0, all destination addresses are allowed for this rule.

    Custom Destination Ports

    Enter the destination port number that is allowed through the system when either Custom-UDP or Custom-TCP protocol is selected.

    The Custom Port parameter is not required when Any or a protocol other than Custom-UDP or Custom-TCP is selected.

    TargetChoose the action that is applied to packets that match the rule. The options are ACCEPT or DROP.

    Pass-Through Rules

    Lists configured Pass-Through Rules.

  3. Click Add to save your settings.

    A message indicates that service will be temporarily interrupted.

  4. Click OK to confirm.