WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Configuring multiple WAN support ..............................................................................................104Adding Secondary Networks ..........................................................................................................105Adding WINS and DNS Server Addresses ...................................................................................107Configuring Dynamic DNS ...............................................................................................................108Configuring Routes .............................................................................................................................110Adding a network route ..................................................................................................................110Adding a host route ..........................................................................................................................110Setting Firebox Interface Speed and Duplex ............................................................................111Configuring Related Hosts ...............................................................................................................111CHAPTER 9 Working with Firewall NAT ............................................................................................113Using Dynamic NAT ............................................................................................................................114Adding firewall dynamic NAT entries ............................................................................................114Reordering dynamic NAT entries ...................................................................................................115Policy-based dynamic NAT entries ................................................................................................115Using 1-to-1 NAT ..................................................................................................................................116Defining a 1-to-1 NAT rule ..............................................................................................................117Configuring firewall 1-to-1 NAT .....................................................................................................118Configuring policy-based 1-to-1 NAT ...........................................................................................118Configuring policy-based dynamic NAT ......................................................................................119Configuring Static NAT for a Policy ...............................................................................................119CHAPTER 10 Implementing Authentication .................................................................................121How <strong>User</strong> Authentication Works ....................................................................................................121Using authentication from the external network ......................................................................122Using authentication through a gateway Firebox to another Firebox ..................................122Authentication server types ............................................................................................................123Using a backup authentication server .........................................................................................123Configuring the Firebox as an Authentication Server ............................................................123About Firebox authentication ........................................................................................................123Setting up the Firebox as an authentication server ...................................................................125Using a local user account for Firewall user, PPTP, and MUVPN authentication .................126Configuring RADIUS Server Authentication ..............................................................................127Configuring SecurID Authentication ............................................................................................128Configuring LDAP Authentication ................................................................................................129Configuring Active Directory Authentication ..........................................................................131Configuring a Policy with <strong>User</strong> Authentication ........................................................................132CHAPTER 11 Firewall Intrusion Detection and Prevention ...................................................135Using Default Packet Handling Options .....................................................................................135Spoofing attacks ...............................................................................................................................136IP source route attacks .....................................................................................................................136“Ping of death” attacks ....................................................................................................................136Port space and address space attacks ..........................................................................................137Flood attacks .....................................................................................................................................137Unhandled packets ..........................................................................................................................137Distributed denial of service attacks .............................................................................................137<strong>User</strong> <strong>Guide</strong>vii