P74238ea_F1DE101G-man.qxd
28-04-2003
Firewall
IP access control parameters
Parameter
Description
Enable Firewall
Enables access control based on IP source addresses.
Default Policy
This option controls arriving IP packets that don't match any of the
configured rules. They can be accepted or dropped.
Note: If you set this to DROP and you have no ACCEPT rules configured, access
to the Web over LAN is disabled. To enable access again, you can change the
security settings via modem or ISDN dial-in or by temporarily disabling IP
access control with the initial configuration procedure.
Rule Number
This should contain the number of a rule for which the following commands
will apply. This field will be ignored, in case of appending a new rule.
IP/Mask
Specifies the IP address or IP address range for which the rule applies.
Examples (the number concatenated to an IP address with a '/' is the
number of valid bits that will be used of the given IP address):
192.168.1.22 or 192.168.1.22/32 matches the IP address 192.168.1.22
192.168.1.0/24 matches all IP packets with source addresses from
192.168.1.0 to 192.168.1.255
0.0.0.0/0 matches any IP packet
Firewall Settings Menu
09:33
Page 24
SECURITY
24
SECURITY
Certificate Management
The RIPC uses the SSL protocol
for any encrypted network traffic
between itself and a connected
client. During connection
establishment, the RIPC has to
expose its identity to a client
using a cryptographic certificate.
SSL Certificate Request
Parameter
Description
Common name
This is the network name of the RIPC once it is installed in the
user's network.
Organizational unit
This field is used for specifying to which department within an
organization the RIPC belongs.
Organization
The name of the organization to which the RIPC belongs.
Locality/City
The city where the organization is located.
State/Province
The state or province where the organization is located.
Country
The country where the organization is located. This is the
two-letter ISO code, e.g. US for the USA.
Challenge Password
Some certification authorities require a challenge password to
authorize later changes on the certificate (e.g. revocation of the
certificate). The minimal length of this password is four characters.
Confirm Challenge Password
Confirmation of the Challenge Password.
E-mail
The e-mail address of a security contact person that is responsible
for the RIPC.
Key length
This is the length of the generated key in bits. 1024 bits are supposed
to be sufficient for most cases. Larger keys may result in slower
response time of the RIPC during connection establishment.
25