26

1. WEP Encryption:

WEP (Wired Equivalent Privacy) is based on IEEE 802.11 standard

and uses the RC 4 encryption algorithm to encrypt data over the wireless network so as

to protect your data from unauthorized accesses or intruders. When connecting to a

WEP network, the user has to know a key that can be either 64-bit or 128 bit with ASCII

characters or hexadecimal characters.

Authentication:

There are two options available for authentication; these are,

“

Open

System

”

and

“

Share Key

”

. For more secure protection, you should choose

“

Share Key

”

option which requires wireless clients have the same key positions with the VoIP &

Wireless Residential Gateway.

WEP Encryption Length:

Select either 64-bit WEP or 128-bit WEP. 128-bit WEP

requires a longer key than 64-bit WEP. Your wireless clients must have the same WEP

encryption length as this Residential Gateway; otherwise, the connection will not be

established.

Key 1 ~ 4:

Enter values for Key 1 to Key 4 with either HEX or ASCII characters.

If you choose 64-bit WEP as your WEP encryption length, enter 5 ASCII characters or 10

hexadecimal characters (

“

0-9

”

,

“

A-F

”

) for each Key (1~4). If you choose 128-bit WEP,

enter 13 ASCII characters or 26 hexadecimal characters (

“

0-9

”

,

“

A-F

”

) fro each Key (1~4).

2. WPA:

WPA stands for Wi-Fi Protected Access and intends to improve the security

functions of WEP by using two security-enhanced types to encrypt data, these are: TKIP

(Temporal Key Integrity Protocol) and AES (Advanced Encryption Standard).

27

WPA Cipher Suite:

Select either

“

TKIP

”

or

“

AES

”

(AES is a stronger encryption

method than TKIP).

WPA Pre-Shared Key:

Enter the pre-shared key value which can be between 8 and 63

characters long or 64 HEX characters long. Symbols and spaces can also be used.

3. WPA2:

WPA2, based on 802.11i, provides stronger wireless security than WPA to protect

your network from malicious intruders.

WPA Cipher Suite:

Choose either TKIP or AES.

WPA Pre-Shared Key:

Enter the pre-shared key value which can be between 8 and 63

characters long or 64 HEX characters long. Symbols and spaces can also be used.

2.5.4 WLAN Access Policy

Select

WLAN Access Policy Setting

from the

Network Management

menu,

then

WLAN

Access Policy Setting

screen page appears.

Access Policy:

To disable Access Policy function or to select

“

Allow all

”

or

“

Reject all

”

accesses from the control list.

Access Control List:

Enter MAC addresses (with the AA:AA:AA:AA:AA:AA format) that you

would like to add to the access control list. A total of 50 MAC addresses can be added to the

access control list.

Insert to list:

Once you have entered a MAC address, press

“

Insert to list

”

to add it to the

28

list.

Delete from list:

Select a MAC address from the access control list and press

“

Delete from

list

”

to remove it from the list.

2.5.5 Static Route

The Residential Gateway uses IP or Host name to communicate with management

computers, for example using HTTP, telnet, SSH, or SNMP. Using IP static routes allows the

Residential Gateway to respond to remote management stations that are not reachable

through the default gateway, for example when sending SNMP traps or using ping packets

to test IP connectivity.

Select

Static Route

from the

Network Management

menu,

then

Static Route

screen page

appears.

Enable:

Tick the checkbox to turn on this static route rule.

Type:

Specify the Type to be used with the Residential Gateway IP address.

The types

available are listed in the pull-down menu with following options

–

NET (IP address), Host

(Host name).

Target:

Specify the IP network address or Host name of the final destination. Routing is

always based on network number.

Netmask:

Select the subnet mask for this destination from the pull-down menu.

Gateway:

Specify the default gateway IP address.

Action:

Insert - To insert a new static route to the Residential Gateway.

Change - To

modify the current static route setting.

29

2.5.6 NAT

Network Address Translation (NAT) allows the translation of an Internet protocol address

used within one network (for example a private IP address used in a local network) to a

different IP address known within another network (for example a public IP address used on

the Internet).

Select

NAT

from the

Network Management

menu, then the

NAT

screen page appears as

follows.

NAT Setting

Network Address Translation:

If you would like to activate NAT function, tick the enable

checkbox.

A

DMZ (Demilitarized Zone)

host is a computer without the protection of the firewall.

If you

have a client PC that cannot run Internet applications properly from the Residential Gateway,

you can set the client up for unrestricted Internet access. Adding a client to the DMZ

(Demilitarized Zone) may expose your local network to a variety of security risks.

Therefore,

enable this function when necessary.

DMZ:

Enable DMZ if checked.

DMZ LAN IP:

Enter the IP address that you would like to open all ports to.

DDOS Protection:

Tick the checkbox to enable Residential Gateway to detect SYN flooding

attacks. By default, this function is disabled which makes your device vulnerable to attacks.

To prevent your Residential Gateway from open malicious attacks, you should enable DDoS

Protection manually.

Detection Frequency:

Specify the frequency of attack requests to Residential Gateway.

When Residential Gateway detects malicious SYN attacks, it will clear streams occupied by

the source host.

30

Virtual Server Mapping

Virtual Server is used to set up public services on your network. When users from the

Internet make certain requests on your network, the Residential Gateway can forward those

requests to computers to handle the requests. For example, when you set the port number

80 (HTTP) to be forwarded to IP Address 192.168.1.2, all HTTP requests from outside users

will be forwarded to 192.168.1.2. You may use this function to establish a Web server or

FTP server via an IP Gateway. Be sure that you enter a valid IP Address. (You may need to

establish a static IP address in order to properly run an Internet server.)

For added security, Internet users can communicate with the server, but they will not

actually be connected. The packets will simply be forwarded through the Residential

Gateway.

Enable:

Tick the checkbox to enable this rule.

WAN Port:

Specify the WAN port number (1~65535).

Protocol:

Choose TCP, UDP or Both as your desired protocol.

LAN IP:

Specify the LAN IP - 192.168.0.xxx, where xxx is editable.

LAN Port:

Specify the port LAN port number (1~65535).

Action:

Insert- To insert a new Virtual Server setting to the Residential Gateway. Change-

To modify the current setting.

Port Trigger

Enable:

Tick the checkbox to enable this rule.

Trigger Port:

Enter the port number used by the application to establish an open service

port.

Trigger Type:

Choose either TCP or UDP.

Public Port:

Enter the port number to be allowed to pass through when trigger packets are

detected.

Public Type:

Choose either TCP or UDP.

Action:

Insert - To add a new port trigger to the Residential Gateway. Change - To modify

the current setting.