1. Home
    2. /
  2. Manuals
    3. /
  3. DrayTek
    4. /
  4. Vigor-2110
    5. /
  5. 23
Page 111 / 275 Scroll up to view Page 106 - 110
Vigor2110 Series User’s Guide
104
The security properties of NAT are somewhat bypassed if you set up DMZ host. We suggest
you to add additional filter rules or a secondary firewall.
Click
DMZ Host
to open the following page:
If you previously have set up
WAN Alias
for
PPPoE
or
Static or Dynamic IP
mode
,
you will
find them in
Aux. WAN IP
for your selection.
Enable
Check to enable the DMZ Host function.
Private IP
Enter the private IP address of the DMZ host, or click Choose PC to
select one.
Page 112 / 275
Vigor2110 Series User’s Guide
105
Choose PC
Click this button and then a window will automatically pop up, as
depicted below. The window consists of a list of private IP addresses
of all hosts in your LAN network. Select one private IP address in
the list to be the DMZ host.
When you have selected one private IP from the above dialog, the IP
address will be shown on the following screen. Click
OK
to save the
setting.
4.3.3 Open Ports
Open Ports
allows you to open a range of
ports for the traffic of special applications.
Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella,
WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application
involved up-to-date to avoid falling victim to any security exploits.
Click
Open Ports
to open the following page:
Page 113 / 275
Vigor2110 Series User’s Guide
106
Index
Indicate the relative number for the particular entry that you want to
offer service in a local host. You should click the appropriate index
number to edit or clear the corresponding entry.
Comment
Specify the name for the defined network service.
Local IP Address
Display the private IP address of the local host offering the service.
Status
Display the state for the corresponding entry. X or V is to represent
the
Inactive
or
Active
state.
To add or edit port settings, click one index number on the page. The index entry setup page
will pop up. In each index entry, you can specify
10
port ranges for diverse services.
Enable Open Ports
Check to enable this entry.
Comment
Make a name for the defined network application/service.
WAN IP
Specify the WAN IP address that will be used for this entry. This
setting is available when WAN IP Alias is configured.
Local Computer
Enter the private IP address of the local host or click
Choose PC
to
select one.
Choose PC
Click this button and, subsequently, a window having a list of
private IP addresses of local hosts will automatically pop up. Select
the appropriate IP address of the local host in the list.
Protocol
Specify the transport layer protocol. It could be
TCP
,
UDP
, or
-----
(none) for selection.
Start Port
Specify the starting port number of the service offered by the local
host.
End Port
Specify the ending port number of the service offered by the local
host.
Page 114 / 275
Vigor2110 Series User’s Guide
107
4.4 Hardware Acceleration
Hardware-base Acceleration Engine, also named Protocol Processing Engine API is the
function that Draytek provides to extremely speed up the NAT performance.
While the hardware acceleration mechanism is activated, most of the bandwidth usage will
be concentrated on the specific sessions which increase transmission speed to get ultimately
accelerated.
Mode
Disable
- Close hardware acceleration mechanism. It is the default
setting.
Auto
– Choose this option to execute this function automatically.
The router can detect heavy traffic session and accelerate that
session to earn the bandwidth per requested.
Manual
– Choose this option to set rules manually. You have to
specify which protocol will be applied. Then, choose a proper option.
Protocol
In
Manual
mode, there are two protocols provided for you to choose,
TCP and UDP.
Option
In
Manual
mode, there are three options offered for you to apply.
Accelerate most heavy traffic sessions –
This function is the same
as in
Auto
mode.
Apply the Class Rule in Quality of Service –
Rules configured in
QoS will be applied.
Specific Hosts –
You can set five hosts in this page to apply
hardware acceleration. Please check Enable box, type Start port and
End port, and specify Private IP for each host respectively.
When you configure all of the settings, click
OK
to save the configuration.
Note
: Bandwidth allocation to other non-specified session would be affected as the acceleration
engine is activated.
Page 115 / 275
Vigor2110 Series User’s Guide
108
4.5 Firewall
4.5.1 Basics for Firewall
While the broadband users demand more bandwidth for multimedia, interactive applications,
or distance learning, security has been always the most concerned. The firewall of the Vigor
router helps to protect your local network against attack from unauthorized outsiders. It also
restricts users in the local network from accessing the Internet. Furthermore, it can filter out
specific packets that trigger the router to build an unwanted outgoing connection.
Firewall Facilities
The users on the LAN are provided with secured protection by the following firewall facilities:
z
User-configurable IP filter (Call Filter/ Data Filter).
z
Stateful Packet Inspection (SPI): tracks packets and denies unsolicited incoming data
z
Selectable Denial of Service (DoS) /Distributed DoS (DDoS) attacks protection
IP Filters
Depending on whether there is an existing Internet connection, or in other words “the WAN
link status is up or down”, the IP filter architecture categorizes traffic into two:
Call Filter
and
Data Filter
.
z
Call Filter -
When there is no existing Internet connection,
Call Filter
is applied to all
traffic, all of which should be outgoing. It will check packets according to the filter rules.
If legal, the packet will pass. Then the router shall
“initiate a call”
to build the Internet
connection and send the packet to Internet.
z
Data Filter
- When there is an existing Internet connection,
Data Filter
is applied to
incoming and outgoing traffic. It will check packets according to the filter rules. If legal,
the packet will pass the router.
The following illustrations are flow charts explaining how router will treat incoming traffic
and outgoing traffic respectively.

Rate

4.7 / 5 based on 3 votes.

Popular DrayTek Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top