figure 43 services window
the services window contains a table showing the defined network access rules. rules are sorted from the most specific at the top, to the most general at the bottom. at the bottom of the table is the default rule. the default rule is all ip services. you can create rules to override the behavior of the default rule. for example, the default rule allows users on the lan to access all internet services, including nntp news. however, lan access to nntp may be blocked by clearing the lan out box corresponding to the nntp news service.
1 lan out
when the check box is clicked for a specific protocol, users on the lan can access servers of that type on the internet. when the check box is cleared, users on the lan cannot access servers of that type on the internet.
the default value is enabled. when the warning icon is displayed to the right of the check box, there is a custom rule in the rules tab section that modifies the behavior of the listed network access rule.
2 lan in
when this check box is cleared, access to the protocol is not permitted from the wan and dmz, if appropriate, to the lan. when the service is selected, users on the wan and dmz can access all hosts on the lan via that protocol. the default value is disabled; use caution when enabling. when the warning icon is displayed to the right of the check box, there is a custom rule in the rules tab section that modifies the behavior of the listed network access rule. the lan in column is not displayed if nat is enabled.
3 dmz in
if you are using the internet firewall dmz, when this check box is cleared, access to the protocol is not permitted from the internet to the dmz. when the service is selected, users on the internet can access all hosts on the dmz via that protocol. the default value is enabled. when the warning icon is displayed to the right of the check box, there is a custom rule in the rules tab section that modifies the behavior of the listed network access rule.
4 public lan server
a public lan server is a single host on the lan that is defined to handle all traffic originating from the internet to the lan of a specific protocol, such as http.
define a public lan server by typing its ip address in the public lan server box for that protocol. if a server is not designated for a certain protocol, type 0.0.0.0 in the box.
5 inactivity timeout
if a connection to a server outside the lan remains idle for more than 5 minutes (default value), the internet firewall closes the connection. this is done for security purposes. without this timeout, it is possible that connections could stay open indefinitely, creating potential security risks. you can increase the timeout interval if users frequently complain of dropped connections in applications such as telnet and ftp.
click update to send the configuration data to the internet firewall. you must restart the internet firewall for these changes to take effect.