ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Firewall Protection 5-7
v1.0, September 2009
Whether or not DHCP is enabled, how the PCs accesses the server’s LAN address impacts the
inbound rules. For example:
• If your external IP address is assigned dynamically by your ISP (DHCP enabled), the IP
address might change periodically as the DHCP lease expires. Consider using Dyamic DNS so
that external users can always find your network (see “Configuring Dynamic DNS” on
page 3-19).
• If the IP address of the local server PC is assigned by DHCP, it might change when the PC is
rebooted. To avoid this, use the Reserved (DHCP Client) feature in the LAN Groups menu to
keep the PC’s IP address constant (see “Setting Up Address Reservation” on page 4-17).
• Local PCs must access the local server using the PCs’ local LAN address. Attempts by local
PCs to access the server using the external WAN IP address will fail.
Table 5-3 on page 5-8 describes the fields that define the rules for inbound traffic and that are
common to most Inbound Service screens (see Figure 5-4 on page 5-14, Figure 5-7 on page 5-17
and Figure 5-10 on page 5-20).
The steps to configure inbound rules are described in the following sections:
• “Setting LAN WAN Rules” on page 5-11
• “Setting DMZ WAN Rules” on page 5-14
• “Setting LAN DMZ Rules” on page 5-18
Note: See “Configuring Port Triggering” on page 5-44 for yet another way to allow
certain types of inbound traffic that would otherwise be blocked by the firewall.
Note: The UTM always blocks denial of service (DoS) attacks. A DoS attack does not
attempt to steal data or damage your PCs, but overloads your Internet connection
so you cannot use it (that is, the service becomes unavailable). For example,
multiple concurrent connections of the same application from one host or IP
addresses (such as multiple DNS queries from one PC) triggers the UTM’s DoS
protection. For more information about protecting the UTM from incoming
threats, see “Using the Intrusion Prevention System” on page 5-47.