MBR L13

–

User’s

Guide

41

4

.

By default, the L13 will forward traffic to the same port as the incoming port. If you wish to redirect traffic to

a different port, select the

Specify

option in the

Forward to Port

drop-down menu. The screen refreshes, and

an additional field appears, enabling you to enter the port number.

Figure 45:

Forward to a Specific Port

8.

By default, the rule will always be active. However, you can configure scheduler rules by selecting

User

Defined

, in order to define time segments during which the rule may be active. Once a scheduler rule(s) is

defined, the

Schedule

drop-down menu will allow you to choose between the available rules.

9.

Click the

OK

button to save your changes. The

Port Forwarding

screen displays a summary of the rule that

you have just added.

You can edit a port-forwarding rule as necessary.



To edit a port-forwarding rule:

Click its entry under the

Local Host

column in the

Port Forwarding

screen.

You can disable a rule in order to make a service unavailable without having to remove the rule from the

Port

Forwarding

screen. This may be useful if you wish to make the service unavailable only temporarily with plans to

reinstate it in the future.



To temporarily disable a rule:

Clear the check box next to the service name.

To reinstate it at a later time, simply reselect the check box.



To remove a rule:

Click the action

icon for the service. The service will be permanently removed.

3.7.1.4

Gaming

Most games and gaming consoles only require UPnP (Universal Plug-n-Play) to be turned on. L13 is preconfigured with

UPnP “ON”, as the default.

Some games or other applications also require port forwarding in order for them to be able

to access internet services. Most use the common gaming ports.

The Gaming feature allows you to select one computer on the local network for gaming activities. Port forwarding on

this computer will automatically be set up on this computer for the common gaming ports.



To designate a computer for gaming:

1.

In the WBM, select the

Firewall

menu item under the

Services

tab, and click the

Gaming

link. The

Gaming

screen appears.

MBR L13

–

User’s

Guide

42

Figure 46: Gaming

2.

Select the

Gaming Mode Enabled

checkbox.

3.

Under

Game Host IP Address

, enter the IP address of the gaming computer. The port forwarding settings

of the gaming computer are displayed under

Gaming Profile

.

4.

Click

OK

. The settings are saved.

3.7.1.5

DMZ Host

The DMZ (Demilitarized) Host feature allows one of the local computers to be exposed to the Internet. Designate a

DMZ host when:



You wish to use a special-purpose Internet service, such as a video-conferencing program, that is not present in

the Port Forwarding list and for which no port range information is available.



You are not concerned with security and wish to expose one computer to all services without restrictions.

Warning

: A DMZ host is not protected by the firewall and may be vulnerable to attack. Designating a DMZ host may

also put other computers in the local network at risk. When designating a DMZ host, you must consider the security

implications and protect it if necessary.

An incoming request for access to a service in the local network, such as a Web server, is fielded by the L13. The L13

will forward this request to the DMZ host (if one is designated) unless the service is being provided by another PC in

the local network (assigned in Port Forwarding), in which case that PC will receive the request instead.



To designate a local computer as a DMZ Host:

1

.

Click

DMZ Host

under the Firewall menu. The

DMZ Host

screen appears.

MBR L13

–

User’s

Guide

43

Figure 47: DMZ Host

2

.

Enter the local IP address of the computer that you would like to designate as a DMZ host and select the

check box. Note that only one LAN computer may be a DMZ host at any time.

3

.

Click

OK

to save the settings.

You can disable the DMZ host so that it will not be fully exposed to the Internet, but keep its IP address recorded on

the

DMZ Host

screen. This may be useful if you wish to disable the DMZ host but expect that you will want to enable it

again in the future.



To disable the DMZ host so that it will not be fully exposed to the Internet:

Clear the check box next to the DMZ IP designation, and click OK. To reinstate it at a later time, simply reselect the

check box.

3.7.1.6

Port Triggering

Port triggering can be used for dynamic port forwarding configuration. By setting port triggering rules, you can allow

inbound traffic to arrive at a specific LAN host using ports different than those used for the outbound traffic. This is

called port triggering since the outbound traffic triggers to which ports inbound traffic is directed.

For example, consider a gaming server that is accessed using UDP protocol on port 2222. The gaming server responds

by connecting the user using UDP on port 3333 when starting gaming sessions. In such a case you must use port

triggering, since this scenario conflicts with the following default firewall settings:



The firewall blocks inbound traffic by default.



The server replies to L13 IP, and the connection is not sent back to your host, since it is not part of a session.

In order to solve this you need to define a Port Triggering entry, which allows inbound traffic on UDP port 3333 only

after a LAN host generated traffic to UDP port 2222. This will result in accepting the inbound traffic from the gaming

server and sending it back to the LAN Host which originated the outgoing traffic to UDP port 2222. Select the

'Port

Triggering

tab in the

Security

management screen. The

Port Triggering

screen will appear (see Figure 48:

Port

Triggering

). This screen will list all of the port triggering entries.

Figure 48:

Port Triggering



To add an entry for the gaming example above:

1.

Select the

User Defined

option in the

Protocol

column to add an entry. The

Edit Port Triggering Rule

screen

will appear.

MBR L13

–

User’s

Guide

44

Figure 49: Edit Port Triggering Rule

2.

Enter a name for the service (e.g. "game_server")

3.

Click the

New Trigger Ports

link. The

Edit Service Server Ports

screen will appear.

Figure 50: Edit Service Server Ports

4.

In the Protocol combo-box, select UDP. The screen will refresh, providing source and destination port

options.

5.

Leave the Source Ports combo-box at its default "Any".

6.

In the Destination Ports combo-box, select "Single".

7.

The screen will refresh again, providing an additional field in which you should enter "2222" as the

destination port.

Figure 51:

Edit Service Server Ports

8.

Click

OK

to save the settings.

9.

Back in the

Edit in

Outgoing Trigger Ports table new added entry

screen; click the

New Opened Ports

link. The

Edit Service Opened Ports

screen will appear.

MBR L13

–

User’s

Guide

45

Figure 52:

Edit Service Opened Ports

10.

Similar to the trigger ports screen, select UDP as the protocol, leave the source port at "Any", and enter a

3333 as the single destination port.

Figure 53:

Edit Service Opened Ports

11.

Click

OK

to save the settings.

You can disable a port triggering rule without having to remove it from the

Port Triggering

screen. To temporarily

disable a rule, clear the check box next to the service name. To reinstate it at a later time, simply reselect the check

box. To remove a rule, click the

action icon for the service. The service will be permanently removed.

Note

: There may be a few default port triggering rules listed when you first access the port triggering screen. Please

note that disabling these rules may result in non-existent gateway functionality.

3.7.1.7

Website Restrictions

You may configure the L13 to block specific Internet Web sites so that they cannot be accessed from computers in the

local network. Furthermore, restrictions can be applied to a comprehensive and automatically-updated table of sites

to which access is not recommended.



To block access to a Website:

1.

Click the

Website Restrictions

link of the

Firewall

menu item under the

Services

tab.

Figure 54:

Website Restrictions

2.

Click the

New Entry

link. The

Restricted Website

screen appears.