Jump to:navigation, search
Wiki

Implied rules

From Securepoint Wiki





notempty
Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!

notempty
Der Artikel für die neueste Version steht hier

notempty
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Reseller-Preview bezieht





























































De.png
En.png
Fr.png

Implied rules of the UTM


Last adaptation to the version: 12.1 (02.2021)

New:

  • New rule for the Wireguard protocol
  • New rules for Fail2Ban (BlockChain section)
  • Omission of the Implied rules for the PPTP protocol
    As a proven insecure protocol, PPTP VPN is no longer supported by the UTM.
      
  • Omission of the rules for clientless VPN
    The webserver is acting as a reverse proxy, additional port are no longer necessary
      


Previous versions: 11.7



Implied rules

Settings in menu → Firewall →Implied rules
Implied rules have been added for certain use cases. These rules can be easily activated or deactivated by the user as needed. Some of these rules are already active by default.

  • The access zones are not relevant for these rules.


    • Group Rule Description Active
    (default value)
    BlockChain Monitoring of accesses to the UTM with Fail2Ban rules.
    Further configuration under → Applications →IDS / IPS. See Wiki article    		 On
    FailToBan_ssh Access via ssh On
    FailToBan_http_admin Access via the Admin Interface On
    FailToBan_http_user Access via the User interface On
    FailToBan_smtp Access via the Mailgateway On
    CaptivePortal Enable redirection of traffic to a landingpage Off
    CaptivePortalPage Opens an incoming port on the corresponding interface of the firewall that is intended for the captive portal to display the landingpage. Off
    CaptivePortalRedirection Redirection of traffic to the above mentioned port. Off
    IPComp IPComp Accepts connections with IPComp protocol (compression of data packets, IP protocol number 108) Off
    IpsecTraffic Off
    Accept Accepts incoming and outgoing traffic of an IPSec connection. On
    No NAT for IPSec connections Takes all IPSec connections from the NAT
  • I.e.: In the default state, IPSec connections are also natted.
    		•  Off
    Silent Services Accept Bootp Accepts
    • Requests for the bootstrap protocol Bootp to transmit an IP address and possibly further parameters.
    • Requests for DHCP (extension of Bootp)
    		 On
    Silent Services Drop NetBios Datagram Discards these packages without log message On
    NetBios Nameservice Discards these packages without log message On
    Discards these packages without log message On
    VPN IPSec IKE Accepts connections on port 500/UDP On
    IPSec ESP Accepts connections with the ESP protocol (50) On
    IPSec NAT Traversal Accepts connections on port 4500/UDP On
    SSL VPN UDP Accepts connections on ports for which an SSL VPN instance has been configured with the UDP protocol On
    SSL VPN TCP Accepts connections on ports for which an SSL VPN instance has been configured with the TCP protocol On
    User Interface Portal Accepts connections on port 443/TCP. Required for the user interface. Off
    Wireguard Enables connections with the Wireguard protocol. Off
    Clientless VPN VNC Akzeptiert Verbindungen auf Port 2107/TCP Aktiv
    Clientless VPN RDP Akzeptiert Verbindungen auf Port 2907/TCP Aktiv
    Retrieved from "https://wiki.securepoint.de/index.php?title=UTM/RULE/Implizite_Regeln_v12.1&oldid=81495"