You can change the user’s

password

, whether their account is active and

Valid

, as well as

add a comment to each user account. These options are the same when creating a user

account, with the exception that once created you cannot change the username. You cannot

delete the default admin account; however you can delete any other created accounts by

clicking

Cancel

when editing the user.

You are strongly advised to change the password on the default “

admin

” account when you

receive your router, and any time you reset your configuration to Factory Defaults.

54

4.3.4 Firewall

4.3.4 Firewall

Firewall and Access Control

Firewall and Access Control

Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet

access from your LAN, as well as helping to prevent attacks from hackers. In addition to this,

when using NAT (Network Address Translation) the router acts as a “natural” Internet

firewall, since all PCs on your LAN use private IP addresses that cannot be directly

accessed from the Internet. See the

WAN

configuration section for more details on NAT.

Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet

access from your LAN, as well as helping to prevent attacks from hackers. In addition to this,

when using NAT (Network Address Translation) the router acts as a “natural” Internet

firewall, since all PCs on your LAN use private IP addresses that cannot be directly

accessed from the Internet. See the

WAN

configuration section for more details on NAT.

Firewall

: Prevents access from outside your network. The router provides three levels of

security support:

NAT natural firewall

: This masks LAN users’ IP addresses, which are invisible to outside

users on the Internet, making it much more difficult for a hacker to target a machine on your

network. This natural firewall is on when the NAT function is enabled.

When using Virtual Servers (port forwarding) your PCs are exposed to the

degree specified in your Virtual Server settings provided the ports specified

are opened in your firewall packet filter settings.

posed to the

degree specified in your Virtual Server settings provided the ports specified

are opened in your firewall packet filter settings.

Firewall Security and Policy (General Settings)

: Inbound direction of Packet Filter rules

55

prevent unauthorized computers or applications accessing your local network from the

Internet.

Intrusion Detection

: Enable Intrusion Detection to detect, prevent, and log malicious

attacks.

MAC Filter rules

: Prevents unauthorized computers accessing the Internet.

URL Filter

: Blocks PCs on your local network from unwanted websites.

A detailed explanation of each of the following five items appears in the

Firewall

section

below: Packet Filter, Ethernet MAC Filter, Wireless MAC Filter, Intrusion Detection, Block

WAN Request and URL Filter.

56

4.3.4.1 Packet Filter

Packet filtering enables you to configure your router to block specified internal/external

users (

IP address

) from Internet access, or you can disable specific service requests (

Port

number

) to /from Internet. This configuration program allows you to set up to 6 different filter

rules for different users based on their IP addresses or their network Port number. The

relationship among all filters is

“or”

operation, which means that the router checks these

different filter rules one by one, starting from the first rule. As long as one of the rules is

satisfied, the specified action is taken.

Add:

Click this button to add a new packet filter rule and the next figure appears.

Edit:

Check the Rule No. you wish to edit, and then click “Edit”.

Delete:

Check the Rule No. you wish to delete, and then click “Delete”.

57

Application:

User can choose they want.

~

Outgoing

~

Incoming:

Determine whether the rule is for outgoing packets or for

incoming packets.

Active:

Choose “Yes” to enable the rule, or choose “No” to disable the rule.

Packet Type:

Specify the packet type (TCP, UDP, ICMP or any) that the rule applies to.

Select

TCP

if you wish to search for the connection-based application service on the remote

server using the port number. Or select

UDP

if you want to search for the connectionless

application service on the remote server using the port number.

Log:

Choose “Yes” if you wish to generate logs when the filer rule is applied to a packet.

Action When Matched:

If a packet matches this filter rule,

Forward

or

Drop

this packet.

Source IP Address:

Enter the incoming or outgoing packet’s source IP address(es).

Source Port:

Check the TCP or UDP packet’s source port number(s).

Destination IP Address:

Enter the incoming or outgoing packet’s destination IP

address(es).

Destination Port:

Check the TCP or UDP packet’s destination port number(s).

58