Page 36 / 59 Scroll up to view Page 31 - 35
Section 3 – Configuration
D-Link DSL-2542B User Manual
36
Outbound Filter
To access the
Outbound FIlter
window, click the
Outbound Filter
button in the
Advanced
directory.
The Outbound Filter allows you to create a filter rule to block outgoing IP
traffic by specifying a filter name and at least one condition on this
window. All of the specified conditions in this filter rule must be satisfied
for the rule to take effect. Filters are used to allow or deny LAN or WAN
users from accessing the Internet or your internal network.
Click the
Add/Apply
button and then click the
Reboot
button on the left
panel to let your changes take effect.
Name
Enter a name for the new filter.
Protocol
Select the transport protocol (
TCP
,
UDP, ICMP
,
TCP/
UD
, or
Any
) that will be used for the filter rule.
Source IP Address & Source
Subnet Mask
For an Outbound Filter, this is the IP address or IP
addresses and their associated subnets on your LAN
for which you are creating the filter rule. For an
Inbound Filter, this is the IP address or IP addresses
and their associated subnets for which you are
creating the filter rule.
Source Port
The Source Port is the TCP/UDP port on either the
LAN or WAN depending on if you are configuring an
Outbound or Inbound Filter rule.
Destination IP Address &
Destination Subnet Mask
Where the Destination IP address and subnet mask
resides also depends on if you are configuring an
Inbound or Outbound filter rule.
Destination Port
The Destination Port is the TCP/UDP port on either
the LAN or WAN depending on if you are configuring
an Outbound or Inbound Filter rule.
Page 37 / 59
Section 3 – Configuration
D-Link DSL-2542B User Manual
37
Inbound Filter
To access the
Inbound Filter
window, click the
Inbound Filter
button in the
Advanced
directory.
The Inbound Filter allows you to create a filter rule to allow incoming IP
traffic by specifying a filter name and at least one condition on this
window. All of the specified conditions in this filter rule must be satisfied
for the rule to take effect. By default, all incoming IP traffic from the
Internet is blocked when the firewall is enabled.
Click the
Add/Apply
button and then click the
Reboot
button on the left
panel to let your changes take effect.
Name
Enter a name for the new filter.
Protocol
Select the transport protocol (
TCP
,
UDP, ICMP
,
TCP/
UD
, or
Any
) that will be used for the filter rule.
Source IP Address & Source
Subnet Mask
For an Outbound Filter, this is the IP address or IP
addresses and their associated subnets on your LAN
for which you are creating the filter rule. For an
Inbound Filter, this is the IP address or IP addresses
and their associated subnets for which you are
creating the filter rule.
Source Port
The Source Port is the TCP/UDP port on either the
LAN or WAN depending on if you are configuring an
Outbound or Inbound Filter rule.
Destination IP Address &
Destination Subnet Mask
Where the Destination IP address and subnet mask
resides also depends on if you are configuring an
Inbound or Outbound filter rule.
Destination Port
The Destination Port is the TCP/UDP port on either
the LAN or WAN depending on if you are configuring
an Outbound or Inbound Filter rule.
Page 38 / 59
Section 3 – Configuration
D-Link DSL-2542B User Manual
38
DNS Setup
To access the
DNS Setup
window, click the
DNS Setup
button in the
Advanced
directory.
The Router can be configured to relay DNS settings from your ISP or
another available service to workstations on your LAN. When using DNS
relay, the Router will accept DNS requests from hosts on the LAN and
forward them to the ISP’s, or alternative DNS servers. DNS relay can use
auto discovery or the DNS IP address can be manually entered by the
user. Alternatively, you may also disable the DNS relay and configure
hosts on your LAN to use DNS servers directly. Most users who are using
the Router for DHCP service on the LAN and are using DNS servers on
the ISP’s network, will leave DNS relay enabled (either auto discovery or
user configured).
If you have not been given specific DNS server IP addresses or if the
Router is not pre-configured with DNS server information, select the
“Obtain DNS server address automatically” option. Auto discovery DNS
instructs the Router to automatically obtain the DNS IP address from the
ISP through DHCP. If your WAN connection uses a Static IP address, auto
discovery for DNS cannot be used.
If you have DNS IP addresses provided by your ISP, click the “Use the
following DNS server addresses” radio button and enter these IP
addresses in the available entry fields for the Preferred DNS Server and
the Alternative DNS Server. When you have configured the DNS settings
as desired, click the
Apply Settings
button and then click the
Reboot
button on the left panel to let your changes take effect.
The Router supports DDNS (Dynamic Domain Name Service). The
Dynamic DNS service allows a dynamic public IP address to be
associated with a static host name in any of the many domains, allowing
access to a specified host from various locations on the Internet. This is
enabled to allow remote access to a host by clicking a hyperlinked URL in
the form
hostname.dyndns.org
, Many ISPs assign public IP addresses
Page 39 / 59
Section 3 – Configuration
D-Link DSL-2542B User Manual
39
using DHCP, this can make it difficult to locate a specific host on the LAN
using standard DNS. If for example you are running a public web server or
VPN server on your LAN, this ensures that the host can be located from
the Internet if the public IP address changes. DDNS requires that an
account be setup with one of the supported DDNS providers.
Tick the Enable Dynamic DNS check box, enter the required DDNS
information, click the
Apply Settings
button, and then click the
Reboot
button on the left panel to let your changes take effect to set this
information in the Router.
Note
Page 40 / 59
Section 3 – Configuration
D-Link DSL-2542B User Manual
40
Firewall & DMZ
To access the
Firewall & DMZ
window, click the
Firewall & DMZ
button in the
Advanced
directory.
Firewalls may conflict with certain interactive applications such as video
conferencing or playing Internet video games. For these applications, a
firewall bypass can be set up using a DMZ IP address. The DMZ IP
address is a “visible” address and does not benefit from the full protection
of the firewall function. Therefore it is advisable that other security
precautions be enabled to protect the other computers and devices on the
LAN. It may be wise to use isolate the device with the DMZ IP address
from the rest of the LAN.
If you want to use video conferencing, for example, and still use a firewall,
you can use the DMZ IP address function. In this case, you must have a
PC or server through which video conferencing will take place. The IP
address of this PC or server will then be the DMZ IP address. You can
designate the server’s IP address as the DMZ by going to the DMZ
Settings section and typing in the IP address in the IP Address
field
provided and then enabling its status by ticking the
Enable DMZ
checkbox, clicking
Apply Settings
,
and then clicking the
Reboot
button
on the left panel to let your changes take effect.
For the system that uses the DMZ IP address, you may want to manually
assign an IP address to it and adjust your DHCP server addresses so that
the DMZ IP address is not included in the DHCP server range. This way
you avoid possible IP address problems if you reboot the DMZ system.
The Firewall Settings
section allows the Router to enforce specific
predefined policies intended to protect against certain common types of
attacks. Stateful Packet Inspection (SPI) is a packet inspection process
that blocks unwanted and unrequested packets trying to reach PCs on
your LAN. A DoS "denial-of-service" attack is characterized by an explicit
attempt by attackers to prevent legitimate users of a service from using

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top