Page 26 / 82 Scroll up to view Page 21 - 25
Gateway User Interface
24
Configuring Advanced Settings
The Edit Advanced Home Network Settings page displays the current IP settings in use by your system for
your home network, and allows you to configure your home network settings. You should adjust these
settings
ONLY
if you are very familiar with computer networking technologies.
The Current Settings panel shows the following information:
Router Address. The IP address used by your gateway on the private home network (the default is
192.168.1.254). The gateway has two IP addresses: a private address that it uses on the home
network, and one that is used on the public broadband connection on the Internet. You can change the
home network IP address by changing the home network IP address range.
Subnet Mask. The subnet mask is determined by the home network IP address range settings (the
default is 255.255.255.0).
DHCP Range. The range of IP addresses used by your system (the default is 192.168.1.33 through
192.168.1.250). IP addresses can be either static (permanently assigned) or dynamic (automatic and
temporary).
Page 27 / 82
Gateway User Interface
25
Editing Address Allocation Settings
The Current Settings panel displays the computers currently on the local network, and their IP address. It
also indicates whether a given computer is receiving its IP address via DHCP or has been manually entered
into the computer (static).
If users enable the Public Network feature, they can choose to have their broadband accessible (non-NAT) IP
addresses assigned automatically via DHCP to computers on the local network. To do so:
1.
Click the
Edit Address Allocation
button. The Edit Address Allocation Settings page opens.
2.
In the Settings panel, select an available IP address from the pulldown menu next to the computer to
which you want an IP address automatically assigned.
3.
Click
Save
.
Users can choose to have the address assigned from any of the available networks. Computers that are
assigned non-routable (private network) addresses will use Network Address Translation (NAT) to access
the internet. Selecting a “DHCP Fixed” entry instructs the gateway to always provide the same address from
the DHCP pool to the specified computer.
Computers on the Public Network are still behind the firewall. To allow inbound traffic to these computers,
the firewall settings specified for that computer must be modified.
Page 28 / 82
Gateway User Interface
26
Firewall Pages
The 2Wire gateway has a professional-grade firewall to help prevent unauthorized users from accessing your
local network. The 2Wire gateway firewall includes the following features:
Stateful packet inspection. Blocks common Denial of Service attacks (such as SYN/FIN flooding or
Smurf), and detects and logs TCP and UDP port scans.
Stateless packet inspection. Filters specific NetBios traffic, suspicious packets and IP fragments;
blocks packets sent from the private network to the Internet that have spoofed IP addresses.
Network Address Translation (NAT). Translates a local network’s IP address to an external address
maintained by the 2Wire gateway, effectively “hiding” the existence of a home network to the Internet.
The 2Wire gateway then uses this external address to communicate with the Internet on behalf of
devices connected to the local network.
Port Address Translation (PAT). A function provided by some routers which allows hosts on a LAN to
communicate with the rest of a network (such as the Internet) without revealing their own private IP
address. All outbound packets have their IP address translated to the router’s external IP address.
Replies come back to the router, which then translates them back into the private IP address of the
original host for final delivery. During PAT, each computer on the LAN is translated to the same IP
address, but with a different port number assignment.
Inbound and outbound port blocking. Blocks common inbound and outbound protocol types from
passing information to or receiving information from the Internet.
Viewing Your Firewall Summary
The Firewall Summary page provides summary information and links to the most commonly used security-
related features of your system.
Page 29 / 82
Gateway User Interface
27
The Firewall Settings panel displays the Current Settings for your firewall.
Default. Unsolicited inbound traffic is not allowed to pass through the firewall.
Custom. Applications are associated with computers on your network.
An access list shows the computers (Devices) on your network and the names of the Allowed Applications
for each computer. When you allow application traffic, external users on the Internet can have limited
access to your home network. This access might be required to allow some programs (such as game
servers or instant messaging software) to operate properly.
For example, a remote game player on the Internet might need to contact the game server program that you
have installed on your home network in order to play against you. Normally, the firewall blocks this
communication. By changing the firewall settings, this communication is permitted to pass through a
“pinhole” in the firewall. This function may be referred to as “port-mapping” or “port-forwarding” in your
software program documentation.
Click
VIEW DETAILS
to access the Firewall Details page, which shows a list of all the devices that have
applications configured in the firewall and the details of these configurations.
Page 30 / 82
Gateway User Interface
28
Configuring Firewall Settings
The Edit Firewall Settings page allows you to open select ports, or “pinholes” in the firewall.
You can allow individual applications, or use DMZplus mode. When in DMZplus mode, the designated
computer:
Shares your gateway’s IP address (Router Address).
Appears as if it is directly connected to the Internet.
Has all of the unassigned TCP and UDP ports opened and pointed to it.
Can receive unsolicited network traffic from the Internet.
Because all filtered traffic is forwarded to the designated computer, you should use DMZplus mode with
caution. A computer in DMZplus mode is less secure because all available ports are open and all incoming
Internet traffic is directed to this computer.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top