38. Chapter - Firewall Profile

Easy Rulesets

There are three different classes of firewall rulesets: Simple firewall profiles, full rulsets and provider profiles. Rules of all three types are managed together in Network > Firewall > Rules.

For standard scenarios, no complex firewall rulesets are required on the Intra2net system, but the most important settings can be made easily using the firewall profiles.

If one of these firewall profiles is no longer sufficient for its intended purpose, it can be converted to a complete ruleset by clicking Convert and then extended accordingly.

38.1. General Basic LAN Rules

All firewall computer profiles are based on the basic LAN or basic LAN and local area networks ruleset. These contain basic rights for access to the Intra2net system itself, but do not permit any access to the Internet or to emails.

"Basic LAN" allows access to the following services of the Intra2net system:

  • DNS

  • Web Interface via HTTPS

  • Windows Share (SMB) for backups

  • ICMP Basic Services (e.g. Ping)

  • SSH for access to the system console of the Intra2net system

"Basic LAN and local networks" also allows full access to all other local networks and routings connected to the Intra2net system. Which of the two rulesets "Basic LAN" or "Basic LAN and local networks" is used is determined by the setting Allow access to local networks.

"Basic LAN and local networks" or the Allow access to local networks option should therefore never be used for de-militarized zones (DMZ).