Page 21 / 35
Scroll up to view Page 16 - 20
13
4.5 DHCP Server
The settings of TCP/IP environment include Host IP, Subnet Mask, Gateway, and DNS
configurations. It is not a simple task to correctly configure all the computers in your LAN
environment. Fortunately, DHCP provides a rather simple approach to handle all these
settings. The DI-704 supports the function of DHCP server. If you enable the DI-704’s
DHCP server and configure your computers as “automatic IP allocation” mode, then when
your computer is powered on, it will automatically load the proper TCP/IP settings from the
DI-704. The settings of DHCP server include the following items:
1.
DHCP Server
: Choose “
Disable
” or “
Enable
.”
2.
Range of IP Address Pool
: Whenever there is a request, the DHCP server will
automatically allocate an unused IP address from the
IP address pool
to the requesting
computer. You must specify the starting and ending address of the IP address pool.
3.
Domain Name
: Optional, this information will be passed to the client.
Downloaded from
www.Manualslib.com
manuals search engine
Page 22 / 35
14
4.6 Virtual Server
The DI-704’s NAT firewall filters out unrecognized packets to protect your Intranet, so all
hosts behind the DI-704 are invisible to the outside world. If you wish, you can make some
of them accessible by enabling the
Virtual Server Mapping
.
A virtual server is defined as a
Service Port
,
and all requests to this port will be redirected to
the computer specified by the
Server IP
.
For example, if you have an FTP server (port 21) at 192.168.123.1, a Web server (port 80) at
192.168.123.2, and a VPN server at 192.168.123.6, then you need to specify the following
virtual server mapping table:
Service Port
Server IP
Enable
21
192.168.123.1
V
80
192.168.123.2
V
1723
192.168.123.6
V
Downloaded from
www.Manualslib.com
manuals search engine
Page 23 / 35
15
4.7 Special AP
Some applications require multiple connections, like Internet games, Video conferencing,
Internet telephony and so on. Due to the firewall function, these applications can not work
with a pure NAT router. Special Applications enables some of these applications to work
with a NAT router. If Special Applications is still insufficient to allow an application to
function correctly, try DMZ host in the
Misc Items
options.
1.
Trigger
: the outbound port number the application issued first.
2.
Incoming Ports
: when the trigger packet is detected, the inbound packets to the
specified port numbers are allowed to pass the firewall.
The DI-704 provides some predefined settings in the gray pad on the bottom of the web page.
Choose the
Popular application
and click
Copy
to copy the predefined setting.
Note! At any time, only one PC can use each Special Application tunnel.
Downloaded from
www.Manualslib.com
manuals search engine
Page 24 / 35
16
4.8 Access Control
Access Control allows you to assign different access rights for different users. First, you
have to divide users into different groups. Users are identified by their IP addresses. You can
assign the members of Group 1, 2 and 3. The others are all members of the Default Group.
Second, you have to assign the access rights of each group. Access rights can allow or block
users to access specified TCP and UDP ports. For example:
Group
Members
Access Right
Comments
Default
-
Allow ()
No access right (allow nothing)
Group 1
100-199
Allow (25,53,80,110)
Can browse(80), receive(110)
and send(25) email only
Group 2
50-99
Block (21,119)
Cannot read net news(119) and
FTP(21) only
Group 3
1-9,20
Block ()
Fully access (block nothing)
Downloaded from
www.Manualslib.com
manuals search engine
Page 25 / 35
17
4.9 Misc Items
1.
IP Address of DMZ Host
: DMZ (DeMilitarized Zone) Host is a host without the
protection of firewall. It allows a computer to be exposed to unrestricted 2-way
communication. Note that, this feature should be used only when needed.
2.
Remote Administrator Host
: In general, only Intranet users can browse the built-in web
pages to perform administrative tasks. This feature enables you to perform
administrative tasks from a remote host. If this feature is enabled, only the specified IP
address can perform remote administration. If the specified IP address is 0.0.0.0, any
host can connect to the DI-704 to perform administrative tasks. When this feature is
enabled, the web port will be shifted to 88.
Downloaded from
www.Manualslib.com
manuals search engine
19216811.live