Page 41 / 72 Scroll up to view Page 36 - 40
39
USING THE WEB-BASED ADVANCED USER INTERFACE
Configuring Internal Forwarding Settings
The Virtual Servers function will allow you to route external (Internet) calls for
services such as a web server (port 80), FTP server (Port 21), or other
applications through your Router to your internal network. Since your internal
computers are protected by a firewall, computers outside your network (over the
Internet) cannot get to them because they cannot be “seen”. A list of common
applications has been provided in case you need to configure the Virtual Server
function for a specific application. If your application is not listed, you will need
to contact the application vendor to find out which port settings you need.
Choosing an Application
Select your application from the drop-down list. Click “Add”. The settings will be
transferred to the next available space in the screen. Click “Apply Changes” to
save the setting for that application. To remove an application, select the
number of the row that you want to remove then click “Clear”.
Manually Entering Settings into the Virtual Server
To manually enter settings, enter the IP address in the space provided for the
internal (server) machine, the port(s) required to pass (use a comma between
multiple ports), select the port type (TCP or UDP), and click “Apply Changes”. You can
only pass one port per internal IP address. Opening ports in your firewall can pose a
security risk. You can enable and disable settings very quickly. It is recommended
that you disable the settings when you are not using a specific application.
Page 42 / 72
40
USING THE WEB-BASED ADVANCED USER INTERFACE
Setting Client IP Filters
The Router can be configured to restrict access to the Internet, e-mail, or other
network services at specific days and times. Restriction can be set for a single
computer, a range of computers, or multiple computers.
To restrict Internet access to a single computer for example, enter the IP address of
the computer you wish to restrict access to in the IP fields
(1)
. Next, enter “88” in
both the port fields
(2)
. Select “Both”
(3)
. Select “Block”
(4)
. You can also select
“Always” to block access all of the time. Select the day to start on top
(5)
, the
time to start on top
(6)
, the day to end on the bottom
(7)
, and the time to stop
(8)
on the bottom. Select “Enable”
(9)
. Click “Apply Changes”. The computer at the
IP address you specified will now be blocked from Internet access at the times you
specified. Note: Be sure you have selected the correct time zone under “Utilities>
System Settings> Time Zone”.
(1)
(2)
(9)
(3)
(4)
(7)
(8)
(3)
(5)
Page 43 / 72
41
USING THE WEB-BASED ADVANCED USER INTERFACE
Setting MAC Address Filtering
The MAC address filter is a powerful security feature that allows you to specify
which computers are allowed on the network. Any computer attempting to access
the network that is not specified in the filter list will be denied access. When you
enable this feature, you must enter the MAC address of each client (computer) on
your network to allow network access to each. The “Block” feature lets you turn on
and off access to the network easily for any computer without having to add and
remove the computer’s MAC address from the list.
To enable this feature, select “Enable MAC Address Filtering”
(1)
. Next, enter the
MAC address of each computer on your network by clicking in the space provided
(2)
and entering the MAC address of the computer you want to add to the list. Click
“Add”
(3)
, then “Apply Changes” to save the settings. To delete a MAC address from
the list, simply click “Delete” next to the MAC address you wish to delete. Click
“Apply Changes” to save the settings.
NOTE:
You will not be able to delete the MAC address of the computer you are using
to access the Router's administrative functions (the computer you are using now).
(3)
(1)
(2)
Page 44 / 72
42
USING THE WEB-BASED ADVANCED USER INTERFACE
Enabling the Demilitarized Zone (DMZ)
The DMZ feature allows you to specify one computer on your network to be placed
outside of the firewall. This may be necessary if the firewall is causing problems with
an application such as a game or video conferencing application. Use this feature on
a temporary basis. The computer in the DMZ is NOT protected from hacker attacks.
To put a computer in the DMZ, enter the last digits of its IP address in the IP field
and select “Enable”. Click “Apply Changes” for the change to take effect. If you are
using multiple static WAN IP addresses, it is possible to select which WAN IP
address the DMZ host will be directed to. Type in the WAN IP address you wish the
DMZ host to direct to, enter the last two digits of the IP address of the DMZ host
computer, select “Enable” and click “Apply Changes”.
Page 45 / 72
43
USING THE WEB-BASED ADVANCED USER INTERFACE
Blocking an ICMP Ping
Computer hackers use what is known as “pinging” to find potential victims on the
Internet. By pinging a specific IP address and receiving a response from the IP
address, a hacker can determine that something of interest might be there. The
Router can be set up so it will not respond to an ICMP ping from the outside. This
heightens the level of security of your Router.
To turn off the ping response, select “Block ICMP Ping”
(1)
and click “Apply
Changes”. The Router will not respond to an ICMP ping.
(1)

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top