Versionen im Vergleich

Alte Version 3

changes.mady.by.user LANCOM Redaktion

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user LANCOM Redaktion

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.

...

The connection between the network object INTRANET to the Internet (LANCOM_Internet-Access) allows HTTP und HTTPS and forbids blocks ICMP.

Info

As the Unified Firewall operates according to the DENY ALL principle, initially all communication is blocked. Therefore in this case communication via ICMP is already blocked without a separate rule. Thus a separate rule to forbid block ICMP is not needed and is also not practical in most cases.

Only in individual cases it can be useful to forbid block a certain port (e.g. when a port range is allowed and it has to be ensured, that a certain port from this range is forbiddenblocked).


3) Host object:

The connection between the host object Workstation to the Internet allows ICMP.

...

  • Communication via HTTP and HTTPS from the host object Workstation to the Internet is allowed due to the inherited rules.
  • Communication via ICMP from the host object Workstation to the Internet is forbidden blocked, as a DENY rule always comes before an ALLOW rule.