Page 51 / 132 Scroll up to view Page 46 - 50
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010
CRADLEPOINT, INC.
PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 49
5.5.2
Inbound Filter Rules List
This section lists the current Inbound Filter rules. Click the
Enable
check box at the left to directly activate or de-activate the entry. An
entry can be changed by clicking the
Edit
icon or can be deleted by
clicking the
Delete
Inbound Filters Rule List section icon. When you
click the
Edit
icon, the item is highlighted, and the
Inbound Filter Rules
section is activated for editing.
After you‟ve completed all modifications or deletion
s, you must click the
Save Settings
button at the top of the page to save your changes. The
router must reboot before new settings will take effect. You will be prompted to
Reboot the Device
or
Continue
. If you need to make additional
settings changes, click
Continue
. If you are finished with all configuration settings, click the
Reboot the Device
button.
5.5.3
Configuring an Inbound Filter Rule
When the Rule List is empty or none of the rules are enabled, all inbound data that corresponds to a connection that originated from inside the
router or which corresponds to a
Virtual Server
,
Gaming
, or
Special Application Rule
is ALLOWED by default. When rules are configured, the
router compares incoming data packets against the rules in the list. It is very important to understand that the router examines each rule one by
one in the order that they are listed in the Rule list until it finds a match. The packet will either be DENIED (Dropped) or ALLOWED. Once a match
has been made, no further rules will be examined for that packet. If no rules match the data packet, it is ALLOWED. This means that to allow only
a specific subset of traffic usually requires more than one rule to be entered.
Example: You have configured a game server, using the
Advanced
Gaming
sub-menu, to play HALO: Combat Evolved with some friends. You
would like to limit the access to your network and server to specific times of the day and only to your friends.
Next you would define a schedule on the
Tools
Schedule
sub-menu, called Game time, which specifies a schedule of Friday and Saturday
between 7 PM and 11 PM. This example will assume all of your friends use the same service provider and have IP addresses 67.150.220.117,
67.150.231.43, and 67.150.231.75. You have an option of defining a set of rules to match each one of these addresses individually or you may
just decide that using an IP range that covers all of them is sufficient for your needs.
The first rule is to configure a
DENY
rule that will catch all of the traffic that arrives on these ports but does not match data from the sources you
want to have access to your network. It is important to enter the
DENY
rule first since all subsequent rules will be added higher in the list and will
be checked first. Notice that it covers all
Source IP Address
,
Source Ports
, and
Times (Always)
, but is specifically tied to the Public Ports
defined in the
Game Rule List
.
This is because you do not want to accidentally block traffic for other applications. It is a good idea to turn on the
log for this rule so that you can check in the log for anything that is filtered inappropriately. Next configure the
ALLOW
rules.
Page 52 / 132
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010
CRADLEPOINT, INC.
PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 50
5.6 MAC Address Filter
Use the MAC (Media Access Control) Address filter sub-menu to control network
access based on the MAC Address of the network adapter. A MAC address is a
unique ID assigned by the manufacturer of a networking device. This feature can
be configured to ALLOW or DENY network/Internet access.
5.6.1
MAC Filtering Setup
Configure MAC Filtering Below.
(Default: MAC Filtering Off). When MAC Fil-
tering ON, depending on the mode selected, computers are granted or denied
network access based on their MAC address.
Turn MAC Filtering ON and ALLOW computers listed to access the
network. When
ALLOW
is selected; only computers with MAC
addresses listed in the MAC Address List are granted network access.
Turn MAC Filtering ON and DENY computers listed to access the
network. When
DENY
is selected, any computer with a MAC address
listed in the MAC Address List will not be granted network access.
Filter Wired Clients.
When check box is selected, MAC Filtering is applied to
wired clients connected to the MBR1200 in addition to wireless clients.
5.6.2
ADD MAC Filtering Rule
Enable.
MAC address entries are activated or deactivated with this check box.
MAC Address.
Enter the MAC address of the desired computer or connect to
the router from the desired computer and click
Copy Your PC’s MAC Address
button.
Computer Name.
Enter the name of the device or computer to which this MAC Address Filter Rule applies.
Save.
Record the changes you have made.
Clear.
Re-initialize this area of the screen, discarding any changes you have made.
When you are done editing the settings, you must click the
Save Settings
button at the top of the page to make the changes effective and
permanent.
(continued)
Page 53 / 132
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010
CRADLEPOINT, INC.
PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 51
5.6.3
MAC Filtering Rules
This section lists the network devices that are under control of MAC
filtering. Click the
Enable
check box at the left to directly activate or
deactivate the entry. An entry can be changed by clicking the
Edit
icon
or can be deleted MAC Filtering Rules section by clicking the
Delete
icon. When you click the
Edit
icon, the item is highlighted, and the
MAC Filtering Rules
section is activated for editing.
After you‟ve completed all modifications or deletions, you must click the
Save Settings
button at the top of the page to save your changes. The
router must reboot before new settings will take effect. You will be prompted to
Reboot the Device
or
Continue
. If you need to make additional
settings changes, click
Continue
. If you are finished with all configuration settings, click the
Reboot the Device
button.
Page 54 / 132
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010
CRADLEPOINT, INC.
PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 52
5.7 Network
The Network configuration is used to enable several special settings for the
router. UPnP, WAN Ping response, WAN Port Speed, Multicast Streams, and
PPoE Pass Through can be enabled or disabled.
5.7.1
UPNP
Enable UPnP.
Enables UPnP (Universal Plug and Play) functionality.
5.7.2
WAN Ping
Pinging public WAN IP addresses is a common method used by hackers to test
whether your WAN IP address is valid.
Enable WAN Ping Respond.
If you leave this option unchecked, you are caus-
ing the router to ignore ping commands for the public WAN IP address of the
router.
WAN Ping Inbound Filter.
Select a filter that controls which WAN computers
can use the ping feature. If you do not see the filter you need in the list of filters,
go to the
Advanced
Inbound Filter
sub-menu and create a new filter.
Details.
This filter designates certain IP addresses from other computers or
devices so that these IP addresses are either specifically allowed to com-
municate to the router, or are specifically blocked. This limits the range of IPs
that can connect to the router, or block ones that are known to be from an
attacking network.
5.7.3
WAN Port Speed
WAN Port Speed.
Normally, this is set to
Auto
. If you have trouble connecting to the WAN, try the other settings.
5.7.4
Multicast Streams
The router uses the IGMP protocol to support efficient multicasting --transmission of identical content, such as multimedia, from a source to a
number of recipients.
Enable Multicast Streams.
This option must be enabled if any applications on the LAN participate in a multicast group. If you have a multimedia
LAN application that is not receiving content as expected, try enabling this option.
Page 55 / 132
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010
CRADLEPOINT, INC.
PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 53
5.8 Routing
Use the Routing sub-menu to define fixed routes.
5.8.1
Add Route
Adds a new route to the IP routing table or edits an existing route.
Enable.
Specifies whether the entry will be enabled or disabled.
Destination IP.
The IP address or network that the packets will be
attempting to access. NOTE: 192.168.1.0 with a Netmask of 255.255.255.0
means traffic will be routed to the entire 192.168.1.x network.
Netmask.
Used to specify which portion of the
Destination IP
signifies the
network trying to be accessed and which part signifies the host that the
packets will be routed to. NOTE: 255.255.255.255 is used to signify only the
host that was entered in the Destination IP field.
Gateway.
Specifies the next hop to be taken if this route is used. A gateway
of 0.0.0.0 implies there is no next hop, and the IP address matched is directly
connected to the router on the interface specified:
LAN
or
WAN
.
Metric.
The route metric is a value from 1 to 16 that indicates the cost of
using this route. A value of 1 is the lowest cost, and 15 is the highest cost. A
value of 16 indicates that the route is not reachable from this router. When
trying to reach a particular destination, computers on your network will select
the best route, ignoring unreachable routes.
Interface.
Specifies the interface,
LAN
or
WAN
, that the IP packet must use
to transit out of the router when this route is used.
Save/Update.
Record the changes you have made.
Clear.
Re-initialize this area of the screen, discarding any changes you have made.
(continued)

Rate

3.5 / 5 based on 2 votes.

Popular Cradlepoint Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top