Page 31 / 82
Scroll up to view Page 26 - 30
X5671
User’s Guide
26
Enter the
Start External Port #
and
End External Port #
that open to remote to
access the service
Select the
Protocol
from the list
Enter the
Start Internal Port #
and
End Internal Port #
that may use different port
# to secure the service. If you use the same port # as
external port #
, please
leave
Internal Port #
as blank.
Click
Save/Apply
Port Triggering
The feature is similar to the virtual server, but provides a more secure way to provide
your device. It opens up the port hole temporary and allows CPE in LAN to establish a
connection with remote parties. Those ports are open only if a specified request from
a PC in LAN is received, and then the device allows the remote parties to access to
establish a connection with that PC in LAN.
Figure 28: Port Triggering Setup
Click
Add
to add a rule of port triggering.
Global Setting
Select a
service
from the predefined list or enter the name of
Custom Server
Enter the
Start Trigger Port #
and
End Trigger Port #
that open to remote to
access the service
Select the
Trigger Protocol
Enter the
Start Open Port #
and
End Open Port #
that may use different port # to
secure the service. If you use the same port # as
Trigger port #
, please leave
Open Port #
as blank.
Select the
Open Protocol
Click
Save/Apply
Page 32 / 82
X5671
User’s Guide
27
Figure 29: Add a Rule of Port Triggering
DMZ
A DMZ (DeMilitarized Zone) host is a computer on your network that can be accessed
from the Internet. The de-militarised zone (DMZ) is for forwarding IP packets from the
remote parties that are not fixed to any of the applications configured in the virtual
server. These packets are forwarded to a designated DMZ host device. A DMZ is
often used to host Web servers, FTP servers etc that need to be accessible from the
Internet
Figure 30: Add A Rule Of Port Triggering
Global Setting
Enter the
DMZ Host IP address
Click
Save/Apply
Page 33 / 82
X5671
User’s Guide
28
ALG
A ALG (Application Layer Gateway) is a method to allow specific application to pass
through NAT firewall.
Figure 31: ALG configuration
Global Setting
Check to select
SIP ALG
enabled
Click
Save/Apply
Security
The Security feature provides two more setting pages including IP filtering in Route
mode, MAC filtering and Parental Control.
IP Address Filter
The device can block the packet in outgoing and incoming directions. By default, all
outgoing IP packets from LAN is allowed to surf Internet, but some IP packets can be
blocked by setting up filters.
Figure 32: Outgoing IP Filter Setup
Click
Add
to add a rule of Outgoing IP Filtering.
Check
Remove
and click
Remove
to remove the specified entry.
Page 34 / 82
X5671
User’s Guide
29
Figure 33: Add - Outgoing IP Filter Setup
Global Setting
Enter the
Filter Name
Select the
Protocol
from the selection list.
Enter the
Source IP Address
and
Subnet Mask (range of IP addresses)
of packet
Enter the
one port or multi ports
(port range)
Enter the
Destination IP Address
and
Subnet Mask (range of IP addresses)
of
packet
Enter the
one port or multi ports
(port range)
Click
Save/Apply
By default, all incoming IP packets from WAN are blocked to access PCs in LAN, but
some IP packets can be accepted by setting up filters.
Figure 34: Incoming IP Filter Setup
Page 35 / 82
X5671
User’s Guide
30
Click
Add
to add a rule of Incoming IP Filtering.
Check
Remove
and click
Remove
to remove the specified entry.
Figure 35: Add - Incoming IP Filter Setup
Global Setting
Enter the
Filter Name
Select the
Protocol
from the selection list.
Enter the
Source IP Address
and
Subnet Mask (range of IP addresses)
of packet
Enter the
one port or multi ports
(port range)
Enter the
Destination IP Address
and
Subnet Mask (range of IP addresses)
of
packet
Enter the
one port or multi ports
(port range)
Select the
WAN interfaces
which will be applied with this incoming IP filter rule.
Click
Save/Apply
19216811.live