31

4.5.7 Routing Table

Routing Tables allow you to determine which physical interface address to use for outgoing IP

data grams. If you have more than one routers and subnets, you will need to enable routing

table to allow packets to find proper routing path and allow different subnets to communicate

with each other.

Routing Table settings are settings used to setup the functions of static.

Static Routing: For static routing, you can specify up to 8 routing rules. You can enter the

destination IP address, subnet mask, gateway, hop for each routing rule, and then enable or

disable the rule by checking or unchecking the Enable checkbox.

32

Example:

Configuration on NAT Router

Destination

SubnetMask

Gateway

Hop

Enabled

192.168.1.0

255.255.255.0

192.168.123.216

1

V

192.168.0.0

255.255.255.0

192.168.123.103

1

V

So if, for example, the client3 wanted to send an IP data gram to 192.168.0.2, it would use

the above table to determine that it had to go via 192.168.123.103 (a gateway),

And if it sends Packets to 192.168.1.11 will go via 192.168.123.216

Each rule can be enabled or disabled individually.

After routing table setting is configured, click the save button.

33

4.5.8 Schedule

You can set the schedule time to decide which service will be turned on or off. Select the

“enable” item.

Press “

Add New Rule

”

You can write a rule name and set which day and what time to schedule from “Start Time” to

“End Time”.

34

4.6 Security Settings

4.6.1 Packet Filter

Packet Filter enables you to control what packets are allowed to pass the router. Outbound

filter applies on all outbound packets. However, Inbound filter applies on packets that

destined to Virtual Servers or DMZ host only. You can select one of the two filtering policies:

•

Allow all to pass except those match the specified rules

•

Deny all to pass except those match the specified rules

You can specify 8 rules for each direction: inbound or outbound. For each rule, you can define

the following:

•

Source IP address

•

Source port address

•

Destination IP address

•

Destination port address

•

Protocol: TCP or UDP or both.

•

Use Rule#

For source or destination IP address, you can define a single IP address (4.3.2.1) or a range

of IP addresses (4.3.2.1-4.3.2.254). An empty implies all IP addresses.

For source or destination port, you can define a single port (80) or a range of ports

(1000-1999). Add prefix "T" or "U" to specify TCP or UDP protocol. For example, T80, U53,

U2000-2999. No prefix indicates both TCP and UDP are defined. An empty implies all port

addresses. Packet Filter can work with Scheduling Rules, and give user more flexibility on

Access control. For Detail, please refer to Scheduling Rule.

Each rule can be enabled or disabled individually.

4.6.1.1 Inbound Filter:

To enable

Inbound Packet Filter

click the check box next to

Enable

in the

Inbound

Packet Filter

field.

Suppose you have SMTP Server (25), POP Server (110), Web Server (80), FTP Server (21),

and News Server (119) defined in Virtual Server or DMZ Host.

Example 1:

35

•

(1.2.3.100-1.2.3.149) They are allow to send mail (port 25), receive mail (port 110),

and browse the Internet (port 80)

•

(1.2.3.10-1.2.3.20) They can do everything (block nothing)

•

Others are all blocked.

Example 2: