This article will explain the necessary steps to follow when you need to set some restrictions on the LAN side connected devices.
APPLICABLE PRODUCTS
Ewon (all devices)
eCatcher
IN THIS ARTICLE
Defining the accessible LAN devices behind an Ewon is necessary for limiting access to the LAN network (machine network) or to allow specific path only.
Limit access to the LAN network (machine network)
- Right click on your device and go to properties > LAN & Firewall > Configure LAN Devices & Subnet and then add the devices you want and change the firewall from standard to high
-
In the Permissions area you can define which user group(s) is/are allowed to connect to the device.
By default, all users that have access to this Ewon will also have access to this device.
If required, you can limit access to specific user groups only. After encoding this information, the Firewall slider is automatically shifted to position High because this is the position required to activate the firewall protection at the LAN side.
-
The padlocks reflect the firewall settings applied on the Gateway and LAN level.
A closed padlock signifies that the access is firewalled. Only declared devices, ports and/ or gateways are accessible.
An open padlock indicates that no firewall is applied.
The properties of the LAN device can be edited afterward by clicking Properties.
Allow Specific Paths
The Ewon services allow limited access to the Ewon itself.
-
To control access at the Services level, you need to define which service(s) the ports can be opened to.
The path to create the Ewon services is: Ewons > select Ewon from list > Properties > LAN & Firewall > Configure LAN Devices & Firewall...
-
Push the Firewall slider to Ultra to have the Edit services... button shown.
Click Edit services..., the Ewon services pop-up appears:
