Aliasing several ports together that are required to pass a known service can be a great power tool in your toolbox. You can, for example, create an alias for mail that sends all necessary port combinations to the right place to process your mail. In this video, look at how that would be done. Learn how to configure an alias that can reference POP, IMAP, and SMTP, encrypted and decrypted. Discover which ports are necessary for each of the services, what they do, and why you would forward them to a given host.
- [Instructor] The alias and the rules we will create will deny unsecured mail services, because I want them blocked by my firewall. And we know that the existing rules will allow what we need to work otherwise. Let's start in Aliases and click Add. Go to Ports, come over here, click the Add button, and we provide the name of what we will want listed in the Ports area when we're creating a firewall rule. And then we can use a description that includes spaces to be a little bit more descriptive. And then we can select Ports, though we don't have to because it's preselected for us because we started in the Ports area, and then we simply start adding ports. And I'm going to add the ports for unsecured SMTP, POP, and IMAP, which is to say ports 25, 143, and 110. Once I've created each of those three port listings, I'll hit Save, and we'll be done with this alias. Click the Apply Changes button. To reinforce this skill, let's go to Firewall, Rules, and configure a rule on the LAN side to deny outbound access to unsecured mail services. We know we're already blocking all traffic inbound on the WAN, so creating a rule to explicitly deny that inbound traffic would be redundant. We want to be as efficient as possible with rule creation, so with that one rule and the help of a port group alias, we are done with securing out network for mail. Click the Add button. For Action choose Reject. Select the local LAN here. Address Family, Protocol will be TCP, and my Destination can be to any unsecured mail services. And then I can come down here, and then a description, and click Save. Click Apply Changes, and you're all set.
Author
Sean Colins
Released
8/14/2019- Designing your network
- Creating firewall schedules and rules
- Setting up a virtual IP
- Using aliases to group hosts
- Preventing local traffic from exiting to the internet
- Using Snort and other intrusion detection systems
- Prioritizing VoIP traffic
- Blocking access to specific websites
- Troubleshooting gaming performance issues
- Interpreting TCP flag definitions
Skill Level Beginner
Duration
Views
-
Introduction
-
Why do you need a firewall?2m 51s
-
Types of firewalls4m 14s
-
What it won't do2m 36s
-
Plan for your firewall3m 14s
-
Design your network2m 35s
-
Document your design2m 59s
-
1. Basic Firewall Configuration
-
Understand protocols2m 47s
-
Initial setup5m 27s
-
Create firewall schedules2m 24s
-
Create firewall rules4m 57s
-
Create floating rules2m 35s
-
2. Advanced Firewall Configuration
-
Use ports in aliases4m 58s
-
Traffic shaping3m 11s
-
3. Configuration Case Studies
-
Prioritizing VOIP traffic6m 35s
-
Blocking access to websites4m 14s
-
Intrusion protection basics7m 47s
-
Understand proxies and SSL4m 24s
-
-
4. Troubleshooting
-
Firewall command-line access5m 35s
-
-
Conclusion
-
Next steps1m 7s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Use ports in aliases