Page 66 / 146 Scroll up to view Page 61 - 65
Chapter 4: Configuration
62
Any remote user who is attempting to perform this action may result in blocking
all the accesses to configure and manage of the device from the Internet.
General Settings
You can choose not to enable Firewall, to add all filter rules by yourself, or enable the Firewall
using preset filter rules and modify the port filter rules as required. The Packet Filter is used to filter
packets based-on Applications (Port) or IP addresses.
There are four options when you enable the Firewall, they are:
~
All blocked/User-defined
: no pre-defined port or address filter rules by default, meaning that
all inbound (Internet to LAN) and outbound (LAN to Internet) packets will be blocked. Users
have to add their own filter rules for further access to the Internet.
~
High/Medium/Low security level:
the predefined port filter rules for High, Medium and Low
security are displayed in Port Filters of Packet Filter.
Select either
High, Medium
or
Low
security level
to enable the Firewall. The only difference
between these three security levels is the preset port filter rules in the Packet Filter. Firewall
functionality is the same for all levels; it is only the list of preset port filters that changes between
each setting. For more detailed on level of preset port filter information, refer to
Table 1:
Predefined Port Filter
.
If you choose of the preset security levels and then add custom filters, you may temporarily disable
the firewall and recover your custom filter settings by re-selecting the same security level.
The “
Block WAN Request
” is a stand-alone function and not relate to whether security enable or
disable. Mostly it is for preventing any scan tools from WAN site by hacker.
Page 67 / 146
Chapter 4: Configuration
63
Packet Filter
This function is only available when the Firewall is enabled and one of these four security levels is
chosen (All blocked, High, Medium and Low).
The predefined port filter rules in the Packet Filter
must modify accordingly to the level of Firewall, which is selected.
See
Table1: Predefined Port
Filter
for more detailed information.
Page 68 / 146
Chapter 4: Configuration
64
Example:
Predefined Port Filters Rules
The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1.
(
Note
:
Firewall – All Blocked/User-defined
, you must define and create the port filter rules
yourself.
No predefined rule is set)
Table 1: Predefined Port Filter
Port Number
Firewall - High
Firewall - Medium
Firewall – Low
Application Protocol
Start
End
Inbound
Outbound Inbound Outbound
Inbound
Outbound
HTTP(80)
TCP(6)
80
80
NO
YES
NO
YES
NO
YES
DNS (53)
UDP(17)
53
53
NO
YES
NO
YES
YES
YES
DNS (53)
TCP(6)
53
53
NO
YES
NO
YES
YES
YES
FTP(21)
TCP(6)
21
21
NO
NO
NO
YES
NO
YES
Telnet(23)
TCP(6)
23
23
NO
NO
NO
YES
NO
YES
SMTP(25)
TCP(6)
25
25
NO
YES
NO
YES
NO
YES
POP3(110)
TCP(6)
110
110
NO
YES
NO
YES
NO
YES
NEWS(119)
TCP(6)
119
119
NO
NO
NO
YES
NO
YES
RealAudio
(7070)
UDP(17)
7070
7070
NO
NO
YES
YES
YES
YES
PING
ICMP(1)
N/A
N/A
NO
YES
NO
YES
NO
YES
H.323(1720) TCP(6)
1720
1720
NO
NO
NO
YES
YES
YES
T.120(1503) TCP(6)
1503
1503
NO
NO
NO
YES
YES
YES
SSH(22)
TCP(6)
22
22
NO
NO
NO
YES
YES
YES
NTP(123)
UDP(17)
123
123
NO
YES
NO
YES
NO
YES
HTTPS(443) TCP(6)
443
443
NO
NO
NO
YES
NO
YES
ICQ (5190)
TCP(6)
5190
5190
NO
NO
NO
NO
YES
YES
Inbound:
Internet to LAN
Outbound:
LAN to Internet.
Page 69 / 146
Chapter 4: Configuration
65
Packet Filter – Add TCP/UDP Filter
Rule Name:
A user-defined name for identifying the application.
Time Schedule:
It is self-defined time period.
You may specify a time schedule for your
prioritization policy. For setup and detail, refer to
Time Schedule
section
Source IP Address(es) / Destination IP Address(es):
This is the Address-Filter used to allow or
block traffic to/from particular IP address(es).
Selecting the
Subnet Mask
of the IP address range
you wish to allow/block the traffic to or form; set IP address and Subnet Mask to
0.0.0.0
to inactive
the Address-Filter rule.
Tip:
To block access,. to/from a single IP address, enter that IP address as the
Host IP Address
and use a
Host Subnet Mask
of “255.255.255.255”.
Type:
It is the packet protocol type used by the application, select either
TCP
or
UDP
.
Source Port:
This Port or Port Ranges defines the port allowed to be used by the Remote/WAN to
connect to the application.
Default is set from range
0 ~ 65535.
It is recommended that this option
be configured by an advanced user.
Destination Port:
This is the Port or Port Ranges that defines the application.
Inbound / Outbound:
Select
Allow
or
Block
the access to the Internet (
“Outbound”
) or from the
Internet (
“Inbound”
).
Click
Apply
button to apply your changes.
Page 70 / 146
Chapter 4: Configuration
66
Packet Filter – Add Raw IP Filter
Rule Name:
A user-defined name for identifying the rule.
Time Schedule:
It is self-defined time period.
You may specify a time schedule for your
prioritization policy. For setup and detail, refer to
Time Schedule
section
Protocol Number:
Insert the port number, i.e. GRE 47.
Inbound / Outbound:
Select
Allow
or
Block
the access to the Internet (
“Outbound”
) or from the
Internet (
“Inbound”
).
Click
Apply
button to apply your changes.

Rate

3.5 / 5 based on 2 votes.

Popular BEC Technologies Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top