DrayTek Vigor 2830 Router Manual PDF (Setup & Configuration Guide)

Page 161 / 357 Scroll up to view Page 156 - 160

Vigor2830 Series User’s Guide

149

Check to enable the Filter

Rule

Check this box to enable the filter rule.

Comments

Enter filter set comments/description. Maximum length is 14-

character long.

Index(1-15)

Set PCs on LAN to work at certain time interval only. You

may choose up to 4 schedules out of the 15 schedules

pre-defined in

Applications >> Schedule

setup. The default

setting of this field is blank and the function will always work.

Direction

Set the direction of packet flow. It is for

Data Filter

only. For

the

Call Filter

, this setting is not available since

Call Filter

is

only applied to outgoing traffic.

Note:

RT means routing

domain for 2nd subnet or other LAN.

Source/Destination IP

Click

Edit

to access into the following dialog to choose the

source/destination IP or IP ranges.

Page 162 / 357

Vigor2830 Series User’s Guide

150

To set the IP address manually, please choose

Any

Address/Single Address/Range Address/Subnet Address

as

the Address Type and type them in this dialog. In addition, if

you want to use the IP range from defined groups or objects,

please choose

Group and Objects

as the Address Type.

From the

IP Group

drop down list, choose the one that you

want to apply. Or use the

IP Object

drop down list to choose

the object that you want.

Service Type

Click

Edit

to access into the following dialog to choose a

suitable service type.

To set the service type manually, please choose

User defined

as the Service Type and type them in this dialog. In addition, if

you want to use the service type from defined groups or

objects, please choose

Group and Objects

as the Service

Type.

Page 163 / 357

Vigor2830 Series User’s Guide

151

Protocol -

Specify the protocol(s) which this filter rule will

apply to.

Source/Destination Port –

(=)

– when the first and last value are the same, it indicates one

port; when the first and last values are different, it indicates a

range for the port and available for this service type.

(!=)

– when the first and last value are the same,

it indicates

all the ports except the port defined here; when the first

and

last values are different, it indicates that all the ports

except the range defined here are available for this service

type.

(>)

–

the port number greater than this value is available.

(<)

–

the port number less than this value is available for this

profile.

Service Group/Object

- Use the drop down list to choose the

one that you want.

Fragments

Specify the action for fragmented packets. And it is used for

Data Filter

only.

Don’t care -

No action will be taken towards fragmented

packets.

Unfragmented -

Apply the rule to unfragmented packets.

Fragmented -

Apply the rule to fragmented packets.

Too Short -

Apply the rule only to packets that are too short to

contain a complete header.

Filter

Specifies the action to be taken when packets match the rule.

Block Immediately -

Packets matching the rule will be

dropped immediately.

Pass Immediately -

Packets matching the rule will be passed

immediately.

Block If No Further Match -

A packet matching the rule, and

that does not match further rules, will be dropped.

Pass If No Further Match -

A packet matching the rule, and

that does not match further rules, will be passed through.

Branch to other Filter Set

If the packet matches the filter rule, the next filter rule will

branch to the specified filter set. Select next filter rule to

branch from the drop-down menu. Be aware that the router

will apply the specified filter rule for ever and will not return

to previous filter rule any more.

Sessions Control

The number typed here is the total sessions of the packets that

do not match the filter rule configured in this page. The default

setting is 60000.

MAC Bind IP

Strict

–

Make the MAC address and IP address settings

Page 164 / 357

Vigor2830 Series User’s Guide

152

configured in

IP Object

for

Source IP

and

Destination IP

be

bound for applying such filter rule.

No-Strict -

no limitation.

Quality of Service

Choose one of the QoS rules to be applied as firewall rule. For

detailed information of setting QoS, please refer to the related

section later.

Load-Balance policy

Choose the WAN interface for applying Load-Balance Policy.

User Management

uch item is available only when

Rule-Based

is selected in

User

Management>>General Setup

. The general firewall

rule will be applied to the user/user group/all users specified

here.

Note:

When there is no user profile or group profile

existed,

Create New User

or

Create New Group

item will

appear for you to click to create a new one.

APP Enforcement

Select an

APP Enforcement

profile for global IM/P2P

application blocking. If there is no profile for you to selelct,

please choose

[Create New]

from the drop down list in this

page to create a new profile. All the hosts in LAN must follow

the standard configured in the

APP Enforcement

profile

selected here. For detailed information, refer to the section of

APP Enforcement

profile setup. For troubleshooting needs,

you can specify to record information for IM/P2P by checking

the Log box. It will be sent to Syslog server. Please refer to

section

Syslog/Mail Alert

for more detailed information.

URL Content Filter

Select one of the

URL Content Filter

profile settings (created

in

CSM>> URL Content Filter

) for applying with this router.

Please set at least one profile for choosing in

CSM>> URL

Content Filter

web page first. Or choose

[Create New]

from

the drop down list in this page to create a new profile. For

troubleshooting needs, you can specify to record information

for

URL Content Filter

by checking the Log box. It will be

sent to Syslog server. Please refer to section

Syslog/Mail Alert

for more detailed information.

Web Content Filter

Select one of the

Web Content Filter

profile settings (created

in

CSM>> Web Content Filter

) for applying with this router.

Please set at least one profile for anti-virus in

CSM>> Web

Page 165 / 357

Vigor2830 Series User’s Guide

153

Content Filter

web page first. Or choose

[Create New]

from

the drop down list in this page to create a new profile. For

troubleshooting needs, you can specify to record information

for

Web Content Filter

by checking the Log box. It will be

sent to Syslog server. Please refer to section

Syslog/Mail Alert

for more detailed information.

Advance Setting

Click

Edit

to open the following window. However, it is

strongly recommended

to use the default settings here.

Codepage

- This function is used to compare the characters

among different languages. Choose correct codepage can help

the system obtaining correct ASCII after decoding data from

URL and enhance the correctness of URL Content Filter. The

default value for this setting is ANSI 1252 Latin I. If you do

not choose any codepage, no decoding job of URL will be

processed. Please use the drop-down list to choose a codepage.

If you do not have any idea of choosing suitable codepage,

please open Syslog. From Codepage Information of Setup

dialog, you will see the recommended codepage listed on the

dialog box.

Window size

– It determines the size of TCP protocol

(0~65535). The more the value is, the better the performance

Rate

Popular DrayTek Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share