how do you enable deny ip any any and allow icmp?i tried with deny from wan to lan, but the internet stops working.
is there a telnet feature with this product?
Web GUI for this product only.
Go to Firewall: IPV4 rules and Firewall: Attacks to configure
This page allows you to specify whether or not the security appliance is protected against common attacks from the LAN and WAN networks.
The various types of attack checks are defined below. Select the check box for each security measure that you want to enable. Enable the required security measures.
WAN Security Checks:
Block Ping to WAN interface: To configure the security appliance to block response to an ICMP Echo (ping) request on the WAN interface, check this box. This setting wen unchecked is used as a diagnostic tool for connectivity problems. Cisco recommends enabling this feature at other times to prevent discovery of the security appliance via a ping.
Note: This setting is overridden by Optional Port > WAN Mode settings that ping specified addresses for failure detection, and by firewall rules that direct ping requests to specified IP addresses on the LAN.
Enable Stealth Mode: If Stealth Mode is enabled, the security appliance will not respond to port scans from the WAN. This feature makes the network less susceptible to discovery and attacks.
Block TCP Flood: If this option is enabled, the security appliance will drop all invalid TCP packets . This feature protects the network from a SYN flood attack.
LAN Security Checks
Block UDP Flood: If this option is enabled, the security appliance will not accept more than 150 simultaneous, active UDP connections from a single computer on the LAN.
Block ICMP Notification: ICSA requires the firewall to silently block without sending an ICMP notification to the sender. Some protocols, such as MTU Path Discovery, require ICMP notifications. Enable this setting to operate in "stealth" mode.
Block Fragmented Packets: ICSA requires the firewall to block fragmented packets from ANY to ANY.
Block Multicast Packets: ICSA requires the firewall to block multicast packets.
SYN Flood Detect Rate (max/sec): Enter the maximum number of SYN packets per second the security appliance accepts before determining that a SYN Flood Intrusion is occurring. This value can range between 1 and 10,000 SYN packets per second. The default is 128 SYN packets per second.
Echo Storm (ping pkts/sec): The security appliance monitors the number of pings per second to determine when to declare an echo storm intrusion event. Echo storm intrusion events are not blacklisted. This value can range between 1 and 10,000 ping packets per second. The default is 15 ping packets per second.
ICMP Flood [ICMP pkts./sec]: The security appliance monitors the number of ICMP packets per second, not including PING packets, to determine when to declare an ICMP flood intrusion event. ICMP flood events are not blacklisted. This value can range between 1 and 10,000 ICMP packets per second. The default is 100 ICMP packets per second.
Click Apply to save your changes.
Click Reset to revert to the previous settings.
oh okay stev... thanks for the help.
so on the ipv4 rule, how do you configure rdp to one of the local computers?
can i setup one to one mapping on this router? i.e. i have 5 IPs, and i want the users to go out with IP A, but the mail server will be going out with IP B.
is it doable?
That is absolutely doable. You can create IP Aliases under the network interface, then on the port forwarding rules, use one of those IPs to setup the forwarding. Be sure to use the latest firmware 1.1.21. Read the release notes, as it will cause a factory default when you upgrade to it.