Page 61 / 241 Scroll up to view Page 56 - 60
Vigor2130 Series User’s Guide
53
Remove
You can remove any item listed in
IP Bind List
. Simply click
and select the one, and click
Remove
. The selected item will be
removed from the
IP Bind List
.
Note:
Before you select
Strict Bind
, you have to bind one set of IP/MAC address for one
PC. If not, no one of the PCs can access into Internet. And the web configurator of the router
might not be accessed.
3.3 NAT
Usually, the router serves as an NAT (Network Address Translation) router. NAT is a
mechanism that one or more private IP addresses can be mapped into a single public one.
Public IP address is usually assigned by your ISP, for which you may get charged. Private IP
addresses are recognized only among internal hosts.
When the outgoing packets destined to some public server on the Internet reach the NAT
router, the router will change its source address into the public IP address of the router, select
the available public port, and then forward it. At the same time, the router shall list an entry in
a table to memorize this address/port-mapping relationship. When the public server response,
the incoming traffic, of course, is destined to the router’s public IP address and the router will
do the inversion based on its table. Therefore, the internal host can communicate with external
host smoothly.
The benefit of the NAT includes:
z
Save cost on applying public IP address and apply efficient usage of IP address.
NAT allows the internal IP addresses of local hosts to be translated into one public IP
address, thus you can have only one IP address on behalf of the entire internal hosts.
z
Enhance security of the internal network by obscuring the IP address.
There are
many attacks aiming victims based on the IP address. Since the attacker cannot be aware
of any private IP addresses, the NAT function can protect the internal network.
On NAT page, you will see the private IP address defined in RFC-1918. Usually we use the
192.168.1.0/24 subnet for the router. As stated before, the NAT facility can map one or
more IP addresses and/or service ports into different specified services. In other words, the
NAT function can be achieved by using port mapping methods.
Below shows the menu items for NAT.
3.3.1 Hardware NAT
Hardware-base Acceleration Engine, also named Protocol Processing Engine API is the
function that Draytek provides to extremely speed up the NAT performance.
While the hardware acceleration mechanism is activated, most of the bandwidth usage will
be concentrated on the specific sessions which increase transmission speed to get ultimately
accelerated.
With Hardware NAT, LAN to WAN NAT throughput can be over 900M bps. But be sure that
your PC has Giga Ethernet and connect with CAT6 Ethernet cable.
Page 62 / 241
Vigor2130 Series User’s Guide
54
3.3.2 Open Ports
Open Ports
allows you to open a range of
ports for the traffic of special applications.
Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella,
WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application
involved up-to-date to avoid falling victim to any security exploits.
To add a new open port, click
Add new entry
.
Name
Specify the name for the defined network service.
Protocol
Specify the transport layer protocol. It could be
TCP
,
UDP
and
TCP+UDP
.
Start Port
Specify the starting port number of the service offered by the
local host.
End Port (optional)
Specify the ending port number of the service offered by the
local host.
Local Host
Enter the private IP address of the local host.
Page 63 / 241
Vigor2130 Series User’s Guide
55
Local Port (optional)
If it is configured, the forwarded traffic is mapped to this port
on the local host.
3.3.3 DMZ Host
Vigor router provides a facility
DMZ Host
that maps ALL unsolicited data on any protocol to
a single host in the LAN. Regular web surfing and other such Internet activities from other
clients will continue to work without inappropriate interruption.
DMZ Host
allows a defined
internal user to be totally exposed to the Internet, which usually helps some special
applications such as Netmeeting or Internet Games etc.
Note:
The security properties of NAT are somewhat bypassed if you set up DMZ host. We
suggest you to add additional filter rules or a secondary firewall.
Click
DMZ Host
to open the following page:
Enable
Check to enable the DMZ Host function.
DMZ IP
Enter the private IP address of the DMZ host, or click
Choose
PC
to select one.
Page 64 / 241
Vigor2130 Series User’s Guide
56
3.4 Bandwidth Management
Below shows the menu items for Bandwidth Management.
3.4.1 Session Limit
A PC with private IP address can access to the Internet via NAT router. The router will
generate the records of NAT sessions for such connection. The P2P (Peer to Peer) applications
(e.g., BitTorrent) always need many sessions for procession and also they will occupy over
resources which might result in important accesses impacted. To solve the problem, you can
use limit session to limit the session procession for specified Hosts.
In the
Bandwidth Management
menu, click
Sessions Limit
to open the web page.
To activate the function of limit session, simply click
Enable
and set the default session limit.
Disable
Click this button to close the function of limit session.
Enable
Click this button to activate the function of limit session.
Default Session Limit
Defines the default session number used for each computer in
LAN.
Limitation List
Displays a list of specific limitations that you set on this web
page.
Page 65 / 241
Vigor2130 Series User’s Guide
57
Start IP
Defines the start LAN IP address for limit session.
End IP
Defines the end LAN IP address for limit session.
Sessions Limit
Defines the available session number for each host in the
specific range of IP addresses. If you do not set the session
number in this field, the system will use the default session limit
for the specific limitation you set for each index.
Add
Adds the specific session limitation onto the list above.
Edit
Allows you to edit the settings for the selected limitation.
Delete
Remove the selected settings existing on the limitation list.
When you finish adding a new session limit, simply click
OK
.
3.4.2 Bandwidth Limit
The downstream or upstream from FTP, HTTP or some P2P applications will occupy large of
bandwidth and affect the applications for other programs. Please use Limit Bandwidth to make
the bandwidth usage more efficient.
In the
Bandwidth Management
menu, click
Bandwidth Limit
to open the web page.
To activate the function of limit bandwidth, simply click
Enable
and set the default or
user-defined upstream and downstream limit.
Disable
Click this button to close the function of limit bandwidth.
Enable
Click this button to activate the function of limit bandwidth.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top