Page 76 / 121 Scroll up to view Page 71 - 75
WBMR-G54 Wireless ADSL Router User Guide
Bridge Filters
Bridge filters are used to block or allow various types of packets through the WAN interface. This may be done for
security or to improve network efficiency. The rules are configured for individual devices based on MAC address. Filter
rules can be set up for source, destination or both. You can set up filter rules and disable the entire set of rules without
loosing the rules that have been configured.
Bridge Filters window
To add a bridge filter rule, check
Enable Bridge Filters
, type in a Source MAC, a Destination MAC or both in the
entry fields, you may opt to limit filtering to only the Ethernet, and click the
Apply
button. To remove a bridge filter
from the table in the bottom half of the window, click the corresponding
trashcan icon. Remember to save the
configuration changes.
The protocols that may be specifically allowed or denied to pass through the WAN interface are the following:
IPv4,
IPv6, RARP, PPPoE Discovery
and
PPPoE Session.
66
Downloaded from
www.Manualslib.com
manuals search engine
Page 77 / 121
WBMR-G54 Wireless ADSL Router User Guide
Routing
Use Static Routing to specify a route used for data traffic within your Ethernet LAN or to route data on the WAN. This
is used to specify that all packets destined for a particular network or subnet use a predetermined gateway.
Routing Table window
To add a static route to a specific destination IP on the local network, enter a
Destination
IP address,
Netmask
, then
click the
Gateway
radio button and type in the Gateway’s IP address. Click
Apply
to enter the new static route in the
table below. The route becomes active immediately upon creation.
To add a static route to a specific destination IP on the WAN, click the Connection radio button and choose a
connection from the pull-down menu, then enter a
Destination
IP address and
Netmask
. Click
Apply
to enter the new
static route in the table below. The route becomes active immediately upon creation
To remove a static route from the table in the bottom half of the window, choose to Delete it from the table and click the
Apply
button. Remember to save the configuration changes.
67
Downloaded from
www.Manualslib.com
manuals search engine
Page 78 / 121
WBMR-G54 Wireless ADSL Router User Guide
DMZ
Since some applications are not compatible with NAT, the Router supports use of a DMZ IP address for a single host on
the LAN. This IP address is not protected by NAT and will therefore be visible to agents on the Internet with the right
type of software. Keep in mind that any client PC in the DMZ will be exposed to various types of security risks. If you
use the DMZ, take measures (such as client-based virus protection) to protect the remaining client PCs on your LAN
from possible contamination through the DMZ.
DMZ window
To designate a DMZ IP address, select the
Enabled
radio button, type in the
IP Address
of the server or device on your
LAN, and click the
Apply
button. To remove DMZ status from the designated IP address, select the Disabled radio
button and click Apply. It will be necessary to save the settings and reboot the Router before the DMZ is activated.
68
Downloaded from
www.Manualslib.com
manuals search engine
Page 79 / 121
WBMR-G54 Wireless ADSL Router User Guide
Firewall
The
Firewall Configuration
window allows the
Router to enforce specific predefined policies
intended to protect against certain common types
of attacks. There are two general types of
protection (DoS, Port Scan) that can be enabled
on the Router, as well as filtering for specific
packet types sometimes used by hackers.
You can choose to
enable or disable protection
against a customized basket of attack and scan
types. To use
DoS Protection
or
Port Scan
Protection
, select the
State
Enabled radio button
for the protection type and click in the selection
boxes for the various types of protection listed
under each.
Note
Service Filtering may
interfere with other
configurations such as
DHCP Relay or
Remote Management
via Telnet.
Firewall Configuration window
When DoS, Port Scan, or Service Filtering Protection is enabled, it will create a firewall policy to protect your network
against the following:
69
Downloaded from
www.Manualslib.com
manuals search engine
Page 80 / 121
WBMR-G54 Wireless ADSL Router User Guide
Dos Protection
Port Scan Protection
Service Filtering
SYN Flood check
ICMP Redirection check
FIN/URG/PSH attack
Xmas Tree Scan
Null Scan attack
SYN/RST attack
SYN/FIN Scan
Ping from WAN
Telnet from WAN
FTP from WAN
DNS from WAN
IKE from WAN
RIP from WAN
DHCP from WAN
ICMP from LAN
A DoS "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a
service from using that service. Examples include: attempts to "flood" a network, thereby preventing legitimate network
traffic, attempts to disrupt connections between two machines, thereby preventing access to a service, attempts to
prevent a particular individual from accessing a service, or, attempts to disrupt service to a specific system or person.
Port scan protection is designed to block attempts to discover vulnerable ports or services that might be exploited in an
attack from the WAN.
The Service Filtering options allow you to block FTP, Telnet response, Pings, etc, from the external network. Check the
category you want to block to enable filtering of that type of packet.
When you have selected the desired Firewall policies, click the
Apply
button to enforce the policies. Remember to save
any configuration changes.
70
Downloaded from
www.Manualslib.com
manuals search engine

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top