3Com 3CRWDR300A-73 Router Manual PDF (Setup & Configuration Guide)

Page 91 / 182 Scroll up to view Page 86 - 90

Internet Settings

89

Clone MAC address

To configure the hostname and Clone MAC Address information for your

Router, select

Internet Settings

, then go to the

Clone MAC address

tab.

The Hostname and MAC Address screen displays.

Figure 67

Hostname and Clone MAC Address Screen

1

Some ISPs require a host name. If your ISP has this requirement, enter the

host name in the

Host Name

field.

2

Three different ways to configure the WAN MAC Address:

■

If your ISP requires an assigned MAC address, enter the values in the

WAN

MAC address

field.

or

■

If the computer that you are using is the one that was previously

connected directly to the cable modem, click

Clon

e.

or

■

To reset the MAC Address to the default, click

Reset MAC

.

3

Click

Apply

to save the settings.

Downloaded from

www.Manualslib.com

manuals search engine

Page 92 / 182

90

C

HAPTER

5: C

ONFIGURING

THE

R

OUTER

Firewall

This section is for configuration settings of the Router’s firewall function.

Your Router is equipped with a firewall that will protect your network

from a wide array of common hacker attacks including Ping of Death

(PoD) and Denial of Service (DoS) attacks. You can turn the firewall

function off if needed. Turning off the firewall protection will not leave

your network completely vulnerable to hacker attacks, but 3Com

recommends that you leave the firewall enabled whenever possible.

SPI

Stateful Packet Inspection (SPI) - The Intrusion Detection Feature of the

Router limits access for incoming traffic at the WAN port.

This feature is called a "stateful" packet inspection, because it examines

the contents of the packet to determine the state of the communications;

i.e., it ensures that the stated destination computer has previously

requested the current communication. This is a way of ensuring that all

communications are initiated by the recipient computer and are taking

place only with sources that are known and trusted from previous

interactions. In addition to being more rigorous in their inspection of

packets, stateful inspection firewalls also close off ports until connection

to the specific port is requested.

Figure 68

Firewall Screen

Downloaded from

www.Manualslib.com

manuals search engine

Page 93 / 182

Firewall

91

To enable the firewall function:

1

Select the level of protection (High, Medium, or Low) that you desire from

the

Firewall level

drop-down menu.

2

Click

Apply

.

■

For low and medium levels of firewall protection, refer to

Figure 69

.

For low level of firewall protection, the DoS and SPI functions are both

off. For medium level of firewall protection, DoS is on, but SPI is off.

■

For high level of firewall protection, refer to

Figure 70

. Both DoS and

SPI are on for this level of firewall protection. The higher the firewall

level is, the safer that your network is.

Figure 69

Low and Medium Level Firewall Protection Screen

When abnormal network activity occurs, an alerting email will be sent out

to you. Enter the following information to receive the email:

■

Your E-mail Address

■

SMTP Server Address

■

User name

■

Password

Downloaded from

www.Manualslib.com

manuals search engine

Page 94 / 182

92

C

HAPTER

5: C

ONFIGURING

THE

R

OUTER

Figure 70

High Level Firewall Protection Screen

If you select high level of protection, you would have an option to

configure additional parameters for the firewall.

■

Fragmentation half-open wait - Configures the number of seconds

that a packet state structure remains active. When the timeout value

expires, the Router drops the un-assembled packet, freeing that

structure for use by another packet.

■

TCP SYN wait - Defines how long the software will wait for a TCP

session to synchronize before dropping the session.

■

TCP FIN wait - Specifies how long a TCP session will be maintained

after the firewall detects a FIN packet.

■

TCP connection idle timeout - The length of time for which a TCP

session will be managed if there is no activity.

■

UDP session idle timeout - The length of time for which a UDP session

will be managed if there is no activity.

■

H.323 data channel idle timeout - The length of time for which an

H.323 session will be managed if there is no activity.

Downloaded from

www.Manualslib.com

manuals search engine

Page 95 / 182

Firewall

93

■

Total incomplete TCP/UDP sessions HIGH - Defines the rate of new

unestablished sessions that will cause the software to start deleting

half-open sessions.

■

Total incomplete TCP/UDP sessions LOW - Defines the rate of new

unestablished sessions that will cause the software to stop deleting

half-open sessions.

■

Incomplete TCP/UDP sessions (per min) HIGH - Maximum number of

allowed incomplete TCP/UDP sessions per minute.

■

Incomplete TCP/UDP sessions (per min) LOW - Minimum number of

allowed incomplete TCP/UDP sessions per minute.

■

Maximum incomplete TCP/UDP sessions number from same host -

Maximum number of incomplete TCP/UDP sessions from the same

host.

■

Incomplete TCP/UDP sessions detect sensitive time period - Length of

time before an incomplete TCP/UDP session is detected as incomplete.

■

Maximum half-open fragmentation packet number from same host -

Maximum number of half-open fragmentation packets from the same

host.

■

Half-open fragmentation detect sensitive time period - Length of time

before a half-open fragmentation session is detected as half-open.

■

Flooding cracker block time - Length of time from detecting a flood

attack to blocking the attack.

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular 3Com Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share