I'm working to setup and configure an RVS4000 for a friend and wanted to verify my understanding of the firewall section. It <seems> by default the firewall allows traffic from any source to any destination, including from the WAN. I realize with NAT this isn't a huge concern / shouldn't be the case... however I tend to prefer tighter standards rather than looser.
I wanted to ensure that it allowed internally initiated traffic outbound, and external traffic inbound dropped so I created the rules as shown attached file. Am I looking at this correctly? Is the Firewall ACL section for setting up a stateful firewall or is it just pure ACL's and the last rule from the WAN is required for returning traffic back in which has already been through the NAT engine?
If someone could please help me clear this one little detail up I would be greatly appreciative.
Thanks in advance.
The ACL is just that ACLs. The rules you made are fine, the difference with your set up and the default is that you are explicitly denying the traffic; which is not a bed idea. On that note, that does not mean that the traffic was explicitly allowed before (default config).
Before any rules are created a "deny any any" is already in place but not displayed. This is typical of the small business and consumer routers. The only thing I would change is instead of suplying the subnet, just set it to "any".
Hope this helps.