3.2.6 Firewall
The Firewall tab is used for setting access to 2N® LiftGate from a selected network. If the firewall is inactive, there are no restrictions for the given network; if it is active, only the accesses defined in the table below are allowed.
- Enable for mobile network (MN)– allow access of firewall from a mobile network.
- Enable for WAN – allow access of firewall from a WAN port.
- Enable for LAN – allow access of firewall from a LAN port.
- Enable for VPN – allow access of firewall from a VPN.
Caution
- Receiving incoming ICMP and ICMPv6 packets is not restricted by enabling the firewall.
- Protocol – TCP or UDP.
- Port – port number (0 to 65535).
- Interface – for selected connection (MN, WAN, LAN, VPN) or any.
- Source IP – for a remote device with this address, or with any address if the parameter is empty.
- Description – user definable field for a connection.
- ADD NEW – add a new connection.
Caution
- If the firewall is active and access should be allowed to the device web interface from the selected network, the TCP and port 80 (HTTP) or 443 (HTTPS) should be enabled.
- Enabling the LAN firewall will limit the proper functioning of DNS and DHCP servers. To maintain their correct function, it is necessary to enable their connection.
Port | Service | Protocol | Interface |
---|---|---|---|
53 | DNS server | UDP | LAN |
67 | DHCP server | UDP | LAN, VPN |
68 | DHCP klient | UDP | MN, VPN, WAN, |
80 | HTTP server | TCP | LAN, MN, VPN, WAN |
443 | HTTPS server | TCP | LAN, VPN, MN, WAN |
546 | DHCPv6 klient | UDP | VPN, WAN |
547 | DHCPv6 server | UDP | LAN |