3Com 3CRWDR300A-73 Router Manual PDF (Setup & Configuration Guide)

Page 101 / 182 Scroll up to view Page 96 - 100

Firewall

99

Schedule Rule

The Router can be configured to restrict access to the Internet, email or

other network services at specific days and times. Define the time in this

screen, and define the rules in the

PC Privileges

screen (see

page 97

).

Figure 76

Schedule Rule Screen

1

Click

Add Rule

to add a schedule rule

(refer to

Figure 77

).

Figure 77

Add Schedule Rule Screen

2

Enter a name and comment for the schedule rule in the

Name

and

Comment

fields.

3

Specify the schedule rules for the required days and times - note that all

times should be in 24 hour format.

4

Click

Apply

.

Downloaded from

www.Manualslib.com

manuals search engine

Page 102 / 182

100

C

HAPTER

5: C

ONFIGURING

THE

R

OUTER

URL Filter

To configure the URL filter feature, use the table on the URL Filter screen

to specify the Web sites (www.somesite.com) and/or keywords you want

to filter on your network.

For example, entering a keyword of

xxx

would block/allow access to any

URL that contains the string

xxx

.

Figure 78

URL Filter Screen

1

Check the

Enable URL Filtering Function

checkbox. The rule table will

appear.

2

Enter the URL address or keywords in the

URL/Keyword

field.

3

Select

Denied or Allowed

from the

Mode

drop-down menu.

To complete this configuration, you will need to create or modify the

filtering rule in the PC Privileges screen (see

page 97

).

From the

PC Privileges Add PC

screen (

Figure 75

), if you check the option:

Bypass URL Filter

, then the Web sites and keywords defined in this screen

will not be filtered out.

Downloaded from

www.Manualslib.com

manuals search engine

Page 103 / 182

Advanced

101

Advanced

The Advanced section allows you to set additional parameter details for

the Router. You can configure:

■

Security

■

VLAN

■

Static Routes

■

RIP

■

DDNS

■

SNMP

■

Syslog

■

Proxy Arp

■

QoS Settings

Security

Use the Security screen to set the advanced security settings for the

Router.

Figure 79

Security Screen

Downloaded from

www.Manualslib.com

manuals search engine

Page 104 / 182

102

C

HAPTER

5: C

ONFIGURING

THE

R

OUTER

■

NAT

— (Network Address Translation), NAT is the method by which

the Router shares the single IP address assigned by your ISP with the

computers on your network.

This function should only be disabled by advanced users, and if your

ISP assigns you multiple IP addresses or you need NAT disabled for an

advanced system configuration. If you have a single IP address and

you turn NAT off, the computers on your network will not be able to

access the Internet. Other problems may also occur.

■

IPSec NAT-T Pass-through — NAT-T (NAT Traversal) is an Internet Draft

proposed to IETF in order to help the problems associated with passing

IPsec traffic through NAT Routers. For NAT-T to work, both ends of the

connection need to support this function. Ensure that you select NAT-T

only if it is needed as it will reduce LAN-WAN throughput. This Router

supports NAT-T draft 2 implementation.

■

Universal Plug and Play — This is a technology that offers seamless

operation of voice messaging, video messaging, games, and other

applications that are Universal Plug and Play compliant. Some

applications require the Router's firewall to be configured in a specific

way to operate properly. This usually requires opening TCP and UDP

ports and in some instances setting trigger ports. An application that

is Universal Plug and Play compliant has the ability to communicate

with the Router, basically "telling" the Router which way it needs the

firewall configured. The Router ships with the Universal Plug and Play

feature disabled. If you are using any applications that are Universal

Plug and Play compliant, and want to take advantage of the Universal

Plug and Play features, you can enable this feature. Simply check the

Enable Universal Plug and Play

checkbox. Click

Apply

to save the

change.

■

WAN Ping Blocking — Computer hackers use what is known as

"Pinging" to find potential victims on the Internet. By pinging a

specific IP address and receiving a response from the IP address, a

hacker can determine that something of interest might be there.

The Router can be set up so it will not respond to an Internet Control

Message Protocol (ICMP) Ping from the outside. This heightens the

level of security of your Router. To turn off the ping response, check

Block ICMP Ping

and click

Apply;

the Router will not respond to an

ICMP ping from the Internet.

Downloaded from

www.Manualslib.com

manuals search engine

Page 105 / 182

Advanced

103

■

MSS Clamping — You might not be able to browse some Web sites or

to send email messages that contain attachments from an Internet

Connection Sharing client computer if your outbound connection is

through a Windows XP-based Internet Connection Sharing host

computer that uses Point-to-Point Protocol over Ethernet (PPPoE).

This issue may occur if the Windows XP-based Internet Connection

Sharing host computer uses a smaller Maximum Transmission Unit

(MTU) size on the WAN interface (the PPPoE connection to the

Internet) than it uses on the private interface (the Ethernet connection

to the Internet Connection Sharing client). If a packet is larger than

the MTU size on the WAN interface, the client sends an Internet

Control Message Protocol (ICMP) error to the external server to

request that the server negotiate the TCP Maximum Segment Size

(MSS). However, this message may be blocked by some firewalls.

When this occurs, the packet is dropped. To allow the message to go

through the firewall, enable

MSS Clamping

. MSS clamping will make

Internet Connection Sharing set the MSS value low enough to match

the external interface.

■

Remote Administration — This feature allows you to make changes to

your Router’s settings from anywhere on the Internet. Four options are

available:

■

If you do not want to use this feature, select

Disable Remote

Administration

.

■

Select

Enable administration from a single Internet Host

, and enter

the IP address, to allow only one computer to use the remote

administration. This is more secure, as only the specified IP address

will be able to manage the Router.

■

Select

Enable administration from a whole Subnet Internet Host

,

and enter the IP address and subnet mask, to allow PCs from that

specific subnet group to use the remote administration.

■

Select

Enable administration from any Internet Host

, this allows

any computer to access the Router remotely.

Before you enable this function, ensure that you have changed the

factory default Administration Password.

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular 3Com Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share