“Static routes” tab
This tab corresponds to the list of static routes, the maximum number of which varies according to the model of the appliance:
|
SN150 |
SN160w |
SN200 U30S |
SN210w
|
SN300 SN310 U70S |
SN510 SN500 U150S |
SN710 SN700 U250S |
SN910 SN900 U500S |
U800S |
SN2000 SN2100 |
SN300 SN3100 |
SN6000 SN6100 |
|
512 |
512 |
512 |
512 |
512 |
2048 |
2048 |
5120 |
5120 |
10240 |
10240 | 10240 |
| Default gateway (router) |
The default router is generally the equipment which allows your network to access the Internet. The Stormshield Network Firewall sends all packets which have to exit on the public network to this address. Often the default router is connected to the Internet. If you do not configure the default router, the Stormshield Network Firewall will not be able to let through packets which have a different destination address from those directly linked to the Stormshield Network Firewall. You will be able to communicate between hosts on the internal, external or DMZ networks, but not with any other network (including the Internet).
Router objects can now be selected as the default gateway. Once it has been selected, the hostname will appear on the screen. This option may be grayed out in several main gateways have been defined. |
Button bar
| Search |
Search that covers host, network and group objects. |
| Add |
Adds an “empty” static route. An added route (sending of a command) is effective only if its fields Destination network (host, network or group object) and Interface have been entered. |
| Delete |
Deletes one or several selected routes. Use the keys Ctrl/Shift + Delete to delete several routes. |
| Apply |
Sends the configuration of the static routes. |
| Cancel |
Cancels the configuration of the static routes. |
Presentation of the table
The table sets out six fields of information:
| State |
Status of the static routes:
|
|
Destination network (host, network or group object) (Mandatory) |
Clicking on this column will open the objects database in order to select a host, network or group. |
| Address range |
IP address or group of addresses linked to the items in the column “Destination network (host, network or group object)”. |
|
Interface (Mandatory) |
Drop-down list that allows selecting an interface from Ethernet, VLAN, dialup and IPSec. |
| Protected |
This column indicates whether the route is protected.
A protected route will be added to the object “Network internal”. The behavior of the security configuration will take this parameter into account. Hosts that can be contacted via this route will be remembered in the intrusion prevention engine. |
|
Gateway (Optional) |
Clicking on this column will open the objects database in order to select a host (router). |
|
Color (Optional) |
A window will appear, allowing the selection of an interface color (used in Stormshield Network REAL-TIME MONITOR). |
|
(Optional) Comments |
Any text. |
Enabled: Double-click to enable the route created. 
Disabled: The route is not functional. The line will be grayed out in order to reflect this.