Moxa EDR-810 User Manual Page 106
- Page / 129
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Industrial Secure Router User's Manual Firewall
8-8
Policy Check
The Industrial Secure Router supports a PolicyCheck function for maintaining the firewall policy list. The
PolicyCheck function detects firewall policies that may be configured incorrectly.
PolicyCheck provides an auto detection function for detecting common configuration errors in the Firewall
policy (e.g., Mask, Include, and Cross conflict). When adding a new firewall policy, the user just needs to
click the PolicyCheck button to check each policy; warning messages will be generated that can be used for
further analysis. If the user decides to ignore a warning message, the Industrial Secure Router firewall will run
on the configuration provided by the user.
The three most common types of configuration errors are related to Mask, Include, and Cross Conflict.
Mask: Policy [X] is masked by Policy [Y]
The Source/Destination IP range or Source/Destination port number of policy [X] is smaller or equal to policy
[Y] but the action target (Accept/Drop) is different.
For example, two firewall policies are shown below:
Index Input Output Protocol Source IP Destination IP Target
1 WAN1 LAN All 10.10.10.10 192.168.127.10 ACCEPT
2 WAN2 LAN All 20.20.20.10
to 20.20.20.30
192.168.127.20 ACCEPT
Suppose the user next adds a new policy with the following configuration:
Index Input Output Protocol Source IP Destination IP Target
3 WAN2 LAN All 20.20.20.20 192.168.127.20 DROP
After clicking the PolicyCheck button, the Industrial Secure Router will issue a message informing the user
that policy [3] is masked by policy [2] because the IP range of policy [3] is smaller than the IP range of policy
[2], and the Target action is different.
- Second Edition, August 2013 1
- Copyright Notice 2
- Trademarks 2
- Disclaimer 2
- Table of Contents 3
- Introduction 5
- Package Checklist 6
- Features 6
- Getting Started 7
- 1, VT100) 8
- Router’s Console 9
- Secure Router 10
- Quick Setting Profile 13
- Step 4: Enable services 15
- System Information 16
- User Account 17
- Create New Account 18
- Modify Existing Account 18
- Delete Existing Account 18
- Date and Time 19
- Warning Notification 20
- System Event Settings 21
- Port Event Settings 22
- Email Settings 22
- Syslog Server Settings 23
- Relay Warning Status 23
- SettingCheck 24
- Restart 27
- Reset to Factory Default 27
- Port Settings 27
- Link Aggregation 29
- The Port Trunking Concept 29
- Port Mirror 30
- Using Virtual LAN 31
- Configuring Virtual LAN 32
- 802.1Q VLAN Settings 33
- Quick Setting Panel 33
- Multicast 34
- Multicast Filtering 35
- IGMP Multicast Filtering 36
- Static Multicast MAC 36
- Enabling Multicast Filtering 36
- IGMP Snooping 37
- IGMP Snooping Settings 37
- IGMP Table 37
- Stream Table 38
- QoS and Rate Control 39
- CoS Mapping 40
- ToS/DSCP Mapping 41
- Rate Limiting 41
- MAC Address Table 42
- Interface 43
- Network Service 46
- DHCP Server 47
- Static DHCP 48
- IP-Port Binding 49
- SNMP Settings 50
- Dynamic DNS 52
- Security 53
- Authentication Certificate 54
- Trusted Access 54
- Monitor 55
- Port Statistics 56
- Event Log 57
- Functions 59
- Configuring Basic Settings 61
- Accessible IP 62
- Password 63
- Configuration File 68
- Network Settings 70
- WAN1 Configuration 71
- Using DMZ Mode 77
- LAN Interface 77
- Communication Redundancy 78
- WAN Backup Configuration 79
- System Log 81
- Routing 83
- Unicast Routing 84
- Routing Table 86
- Network Redundancy 87
- Configuring STP/RSTP 88
- Configuring Turbo Ring V2 90
- Layer 3 Redundant Protocols 92
- Network Address Translation 93
- NAT Concept 94
- 1-to-1 NAT 94
- N-to-1 NAT 96
- Port Forward 97
- Firewall 99
- Policy Concept 100
- Policy Overview 100
- Policy Configuration 100
- EDR-G902/G903) 102
- Quick Automation Profile 104
- Policy Check 106
- Modbus TCP Policy 108
- Overview 114
- IPSec Configuration 114
- IPSec Settings 115
- Key Exchange (IPSec phase I) 117
- IPSec Status 119
- X.509 Certificate 119
- Certificate Generation 120
- Certificate Setting 121
- Local Certificate Upload 121
- L2TP Configuration 122
- VPN Plan 123
- Diagnosis 125
- LLDP Function Overview 126
- LLDP Setting 126
- LLDT Table 127
- MIB Groups 128
© 2020, manymanuals.com. All rights reserved. | 1.029 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals