Siemens Gigaset-SE587 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Siemens

Gigaset-SE587

Page 26 / 89 Scroll up to view Page 21 - 25

Advanced configuration

Gigaset SE587 WLAN dsl / eng / A31008-N1083-L171-1-7619 / configure_router.fm / 12.12.2007

Schablone 2005_05_02

IP Filters

In the IP filter list you can add the PCs for which access should be restricted.

Select the

add

box to activate the fields in a row to create a new entry.

In the

Host IP Address

field, enter the IP address of the respective PC. How to find

out the IP addresses of the individual PCs is described in chapter "Local network con-

figuration" on page 36.

From the

Direction

option menu, select the kind of communication to which the

restriction should apply:

Select the

del

box to delete an entry from the list.

Port Filters

In the port filter list you can define ports or port ranges to restrict the access of specific

Internet services. Each Internet service uses a specific port for communication. The fol-

lowing table shows some important port numbers of Internet services:

Select the

Modify

box to activate the fields in a row. You can change the values if

required.

Select the

Protocol

used by the service(s) and enter the

Start Port

and the

End Port

of the port range to be restricted. To specify one specific service with one port

number enter the same port number in the

Start Port

and the

End Port

field.

From the

Inbound Deny

and

Outbound Deny

option menus choose if the rule

should apply to incoming and/or outgoing traffic.

inbound

Internet access is restricted to outgoing data traffic.

outbound

Internet access is restricted to incoming data traffic.

both

Both incoming and outgoing data traffic with the Internet are

restricted.

Internet service

Protocol

Port number

FTP

TCP

ssh / pcAnywhere

TCP

Telnet

TCP

SMTP

TCP

TFTP

TCP

HTTP

TCP

POP3

TCP

110

NNTP

TCP

119

HTTPS

TCP

443

T.120

TCP

1503

H.323/Q931

TCP

1720

DNS

UDP

NTP

UDP

123

RealServer / QuickTime

UDP

7070

Page 27 / 89

Advanced configuration

Gigaset SE587 WLAN dsl / eng / A31008-N1083-L171-1-7619 / configure_router.fm / 12.12.2007

Schablone 2005_05_02

URL filter

The URL filter allows you to block or allow access to specific Internet domains.

Select the

add

box to activate the fields in a row to create a new entry.

Enter the URL of the domain to be blocked or allowed in the

Domain Filter

field. The

domain is blocked or allowed including all subdomains.

In the

Start Time

and

End Time

fields you can define a time period for which the

domain filter should apply.

Use the

Rule For All Above

option to specify if the domains entered in the list should

be blocked or allowed. If you select

Allow

only the domains contained in the list can

be accessed from the users of your network. If you select

Deny

only the domains

contained in the list are blocked. All other domains can be accessed.

Select

the

del

box to delete an entry from the list.

Click

Save Settings

to apply all your settings on this page.

Applications and Gaming

The Gigaset SE587 WLAN dsl comes equipped with the

NAT

(Network Address Transla-

tion) function. With address mapping, several users in the local network can access the

Internet via one or more public IP addresses. All the local IP addresses are assigned to

the router's public IP address by default.

One of the characteristics of NAT is that data from the Internet is not allowed into the

local network unless it has been explicitly requested by one of the PCs in the network.

Most Internet applications can run behind the NAT firewall without any problems. For

example, if you request Internet pages or send and receive e-mails, the request for data

from the Internet comes from a PC in the local network and so the router allows the data

through. The router opens precisely

one

port for the application. A port in this context

is an internal PC address, via which the data is exchanged between the Internet and a

client on a PC in the local network. Communicating via a port is subject to the rules of a

particular protocol (TCP or UDP).

If an external application tries to send a call to a PC in the local network, the router will

block it. There is no open port via which the data could enter the local network.

Some applications, such as games on the Internet, require several links, i.e. several ports

so that the players can communicate with each other. In addition, these applications

must also be permitted to send requests from other users on the Internet to users in the

local network. These applications cannot run if Network Address Translation (NAT) has

been activated.

Using port forwarding (the forwarding of requests to particular ports) the router is

forced to send requests from the Internet for a certain service, for example a game, to

the appropriate port(s) on the PC on which the game is running.

When the Gigaset SE587 WLAN dsl is supplied, the NAT function is activated, i.e. all IP

addresses of PCs in the local network are converted to the router's public IP address

when accessing the Internet.

Page 28 / 89

Advanced configuration

Gigaset SE587 WLAN dsl / eng / A31008-N1083-L171-1-7619 / configure_router.fm / 12.12.2007

Schablone 2005_05_02

You can use the NAT settings to configure the Gigaset SE587 WLAN dsl to carry out the

following tasks:

Set up the Gigaset SE587 WLAN dsl as a virtual server by configuring Port Forward-

ing (see below).

Open the NAT firewall for a selected PC (page 29).

Port Forwarding

If you configure Port Forwarding, the Gigaset SE587 WLAN dsl outwardly assumes the

role of the server. It receives requests from remote users under its public IP address and

automatically redirects them to local PCs. The private IP addresses of the servers on the

local network remain protected.

Internet services are addressed via defined port numbers. The Gigaset SE587 WLAN dsl

needs a mapping table of the port numbers to redirect the service requests to the serv-

ers that actually provide the service.

In the

Applications & Gaming

menu, select

Port Forwarding

You can choose a service from a list of predefined applications or create an entry man-

ually.

Select the

add

box to activate the fields in a row to create a new entry.

If more than one interface is configured select the

Interface

for which the port for-

warding should apply from the option menu.

Select the required application from the

Predefined applications

list.

Enter the IP address of the PC that provides the service in the

Local IP

field. How to

determine the IP addresses of the individual PCs is described in chapter "Local net-

work configuration" on page 36.

If the application you require is not in the list, you must manually enter the relevant data

on the screen:

Select the

add

box to activate the fields in a row to create a new entry.

If more than one interface is configured select the

Interface

for which the port for-

warding should apply from the option menu.

Select the protocol for the service you are providing from the

Protocol

list.

Under

Public Port

, enter the port number of the service you are providing.

Page 29 / 89

Advanced configuration

Gigaset SE587 WLAN dsl / eng / A31008-N1083-L171-1-7619 / configure_router.fm / 12.12.2007

Schablone 2005_05_02

In the

Local port

field, enter the internal port number to which service requests are

to be forwarded.

Enter the IP address of the PC that provides the service in the

Local IP

field. How to

find out the IP addresses of the individual PCs is described in chapter "Local network

configuration" on page 36.

Example

: The Web server has been configured to react to requests on port 8080. How-

ever, the requests from web sites enter the Web server via port 80 (standard value). If

you add the PC to the forwarding table and define port 80 as the public port and port

8080 as an internal port, all requests from the Internet are diverted to the service with

the port number 80 on the Web server of the PC you have defined with port 8080.

Select

the

del

box to delete an entry.

Click

Save Settings

to apply your settings.

DMZ

You can set up a client in your local network to be a so-called "exposed host" (DMZ). Your

device will then forward all incoming data traffic from the Internet to this client. You can

then, for example, operate your own Web server on one of the clients in your local net-

work and make it accessible to Internet users.

As the exposed host, the local client is directly visible to the Internet and therefore par-

ticularly vulnerable to attacks (e.g. hacker attacks). Only activate this function if it is

absolutely necessary (e.g. to operate a Web server) and other functions (e.g. port for-

warding) are not adequate. In this case you should take appropriate measures for the

clients concerned.

In the

Applications & Gaming

menu, select:

DMZ

Select the

add

box to activate the fields in a row to create a new entry.

If more than one interface is configured select the

Interface

for which the DMZ

should apply from the option menu.

Enter the IP address of the PC that is to be enabled as DMZ in the

Current Host IP

field.

Click

Save Settings

to apply your settings.

Note:

Only one PC per public IP address (interface) can be set up as a DMZ.

Page 30 / 89

Administration

Gigaset SE587 WLAN dsl/ eng / A31008-N1083-L171-1-7619 / admin_router.fm / 12.12.2007

Schablone 2005_05_02

Administration

The Gigaset SE587 WLAN dsl user interface includes several helpful functions for

administering your device.

Management

Your Gigaset SE587 WLAN dsl allows you to restrict access to the device’s configuration

to specific local or remote users.

In the

Administration

menu, select

Management

provides functions to enable or restrict access to the

configuration user interface (page 30).

Log

displays logged information about the operation (page 32).

Factory Defaults

allows you to reset the Gigaset SE587 WLAN dsl to the factory

settings (page 33).

Firmware Upgrade

allows you to update the firmware of the device (page 33).

Config Management

offers functions to back up and, if necessary, restore the

configuration data of your device (page 34).

Rate

Popular Siemens Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share