Kerio-tech Firewall6 Manual de usuario Pagina 93
- Pagina / 404
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
7.5 Policy routing
93
7.5 Policy routing
If the LAN is connected to the Internet by multiple links with load balancing (see chapter 6.4),
it may be needed that one link is reserved for a certain traffic, leaving the rest of the load for
the other links. Such a measure is useful if it is necessary to keep important traffic swinging
(email traffic, the informational system, etc.), i.e. not slowed down by secondary or even
marginal traffic (web browsing, online radio channels, etc.). To meet this crucial requirement
of an enterprise data traffic, it is necessary to consider and employ, besides the destination IP
address, additional information when
routing packets from the LAN to the Internet, such as
source IP address, protocol, etc. This approach is called policy routing.
In WinRoute, policy routing can be defined by conditions in traffic rules for Internet access
with IP address translation (NAT). This approach brings wide range of options helping to meet
all requirements for routing and network load balancing.
Note: Policy routing traffic rules are of higher priority than routes defined in the
routing table
(see chapter 18.1).
Example: A link reserved for email traffic
Let us suppose that the firewall is connected to the Internet by two links with load balancing
with speed values of 4 Mbit/s and 8 Mbit/s. One of the links is connected to the provider where
the mailserver is also hosted. Therefore, it is desirable that all email traffic (SMTP, IMAP, POP3
protocols and their secured versions) is routed through this link.
Define the following traffic rules to meet these requirements:
• First rule defines that NAT is applied to email services and the Internet 4 Mbit interface
is used.
• The other rule is a general NAT rule with automatic interface selection (see chap-
ter 7.4).
Figure 7.30 Policy routing — a link reserved for email traffic
- Kerio WinRoute Firewall 6 1
- Contents 3
- Quick Checklist 7
- Introduction 9
- 2.2 Conflicting software 11
- 2.3 Installation 13
- Sharing 17
- 2.4 WinRoute Components 18
- 2.5 WinRoute Engine Monitor 19
- 2.7 Configuration Wizard 22
- WinRoute Administration 24
- 3.2 View Settings 27
- Chapter 4 29
- 4.2 License information 30
- 4.6 User counter 42
- Network interfaces 44
- Figure 5.2 Editing interfaces 47
- Internet Connection 49
- 6.3 Connection Failover 58
- Chapter 6 Internet Connection 60
- 6.4 Network Load Balancing 62
- Traffic Policy 67
- 7.2 How traffic rules work 74
- 7.4 Basic Traffic Rule Types 87
- 7.5 Policy routing 93
- 7.8 Use of Full cone NAT 98
- 7.9 Media hairpinning 100
- Chapter 8 102
- 8.1 DNS Forwarder 102
- 8.2 DHCP server 108
- 8.4 Proxy server 120
- 8.5 HTTP cache 123
- Bandwidth Limiter 130
- User Authentication 137
- Web Interface 141
- 11.2 User logon and logout 146
- 11.4 User preferences 150
- 11.5 Dial-up 153
- HTTP and FTP filtering 154
- 12.2 URL Rules 155
- 12.6 FTP Policy 171
- Antivirus control 176
- 13.3 HTTP and FTP scanning 181
- 13.4 Email scanning 185
- Definitions 189
- 14.2 Time Intervals 190
- 14.3 Services 192
- 14.4 URL Groups 196
- User Accounts and Groups 199
- 15.2 Local user accounts 202
- Step 1 — basic information 203
- 15.5 User groups 219
- Chapter 16 223
- 16.2 Update Checking 224
- Advanced security features 227
- Other settings 233
- 18.3 Relay SMTP server 238
- Status Information 240
- 19.3 Alerts 251
- Figure 19.11 Alert Definitions 252
- Basic statistics 256
- Figure 20.1 User statistics 257
- 20.2 Interface statistics 258
- Chapter 21 262
- 21.4 Accounting period 270
- 21.5 Overall View 272
- 21.6 User statistics 276
- 21.7 Users’ Activity 277
- 21.8 Users by Traffic 282
- 21.9 Top Visited Websites 283
- Chapter 22 288
- 22.1 Log settings 288
- Figure 22.1 Log settings 289
- 22.2 Logs Context Menu 291
- 22.3 Alert Log 295
- 22.4 Config Log 295
- 22.5 Connection Log 297
- 22.6 Debug Log 298
- 22.7 Dial Log 299
- 22.8 Error Log 301
- 22.9 Filter Log 303
- 22.10 Http log 304
- 22.11 Security Log 306
- 22.12 Sslvpn Log 307
- 22.13 Warning Log 308
- 22.14 Web Log 309
- Kerio VPN 310
- 23.1 VPN Server Configuration 311
- Chapter 23 Kerio VPN 330
- Paris branch office server 360
- Kerio Clientless SSL-VPN 363
- Chapter 25 371
- Technical support 386
- 26.2 Tested in Beta version 387
- 26.3 Contacts 387
- Legal Notices 389
- Used open-source libraries 390
- Glossary of terms 392
© 2020, manymanuals.es. Todos los derechos reservados | 0.050 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales