Page 46 / 202 Scroll up to view Page 41 - 45
Vigor2800 Series User’s Guide
40
Protocol
Select the transport layer protocol (TCP or UDP).
Public Port
Specify which port can be redirected to the specified
Private IP
and Port
of the internal host.
Private IP
Specify the private IP address of the internal host providing the
service.
Private Port
Specify the private port number of the service offered by the
internal host.
Active
Check this box to activate the port-mapping entry you have
defined.
Note that the router has its own built-in services (servers) such as Telnet, HTTP and FTP etc.
Since the common port numbers of these services (servers) are all the same, you may need to
reset the router’s in order to avoid confliction.
For example, the built-in web configurator in the router is with default port 80, which may
conflict with the web server in the local network, http://192.168.1.13:80. Therefore, you need
to
change the router’s http port to
any one other than the default port 80
to avoid
conflict, such as 8080. This can be set in the
System Maintenance >>Management Setup
.
You then will access the admin screen of by suffixing the IP address with 8080, e.g.,
http://192.168.1.1:8080 instead of port 80.
3.3.2 DMZ Host
As mentioned above,
Port Redirection
can redirect incoming TCP/UDP or other traffic on
particular ports to the specific private IP address/port of host in the LAN. However, other IP
protocols, for example Protocols 50 (ESP) and 51 (AH), do not travel on a fixed port. Vigor
router provides a facility
DMZ Host
that maps ALL unsolicited data on any protocol to a
single host in the LAN. Regular web surfing and other such Internet activities from other
clients will continue to work without inappropriate interruption.
DMZ Host
allows a defined
internal user to be totally exposed to the Internet, which usually helps some special
applications such as Netmeeting or Internet Games etc.
Page 47 / 202
Vigor2800 Series User’s Guide
41
The inherent security properties of NAT are somewhat bypassed if you set up DMZ
host. We suggest you to add additional filter rules or a secondary firewall.
Click
DMZ Host
to open the following page:
If you previously have set up
WAN Alias
in
Internet Access>>PPPoE/PPPoA
or
Internet
Access>>MPoA,
you will find them in
Aux. WAN IP list
for your selection.
Enable
Check to enable the DMZ Host function.
Private IP
Enter the private IP address of the DMZ host, or click Choose PC
to select one.
Choose PC
Click this button and then a window will automatically pop up, as
depicted below. The window consists of a list of private IP
addresses of all hosts in your LAN network. Select one private IP
address in the list to be the DMZ host.
Page 48 / 202
Vigor2800 Series User’s Guide
42
When you have selected one private IP from the above dialog, the
IP address will be shown on the following screen. Click OK to
save the setting.
3.3.3 Open Ports
Open Ports
allows you to open a range of
ports for the traffic of special applications.
Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella,
WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application
involved up-to-date to avoid falling victim to any security exploits.
Click
Open Ports
to open the following page:
Index
Indicate the relative number for the particular entry that you want to
offer service in a local host. You should click the appropriate index
number to edit or clear the corresponding entry.
Comment
Specify the name for the defined network service.
Aux. WAN IP
Display the private IP address of the local host that you specify in
WAN Alias. If you did not specify any IP address in WAN Alias,
this item will not be shown.
Local IP Address
Display the private IP address of the local host offering the service.
Page 49 / 202
Vigor2800 Series User’s Guide
43
Status
Display the state for the corresponding entry. X or V is to represent
the
Inactive
or
Active
state.
To add or edit port settings, click one index number on the page. The index entry setup page
will pop up. In each index entry, you can specify
10
port ranges for diverse services.
Enable Open Ports
Check to enable this entry.
Comment
Make a name for the defined network application/service.
Local Computer
Enter the private IP address of the local host or click Choose PC to
select one.
Choose PC
Click this button and, subsequently, a window having a list of
private IP addresses of local hosts will automatically pop up. Select
the appropriate IP address of the local host in the list.
Protocol
Specify the transport layer protocol. It could be
TCP
,
UDP
, or
-----
(none) for selection.
Start Port
Specify the starting port number of the service offered by the local
host.
End Port
Specify the ending port number of the service offered by the local
host.
Page 50 / 202
Vigor2800 Series User’s Guide
44
3.4 Firewall
3.4.1 Basics for Firewall
While the broadband users demand more bandwidth for multimedia, interactive applications,
or distance learning, security has been always the most concerned. The firewall of the Vigor
router helps to protect your local network against attack from unauthorized outsiders. It also
restricts users in the local network from accessing the Internet. Furthermore, it can filter out
specific packets that trigger the router to build an unwanted outgoing connection.
The most basic security concept is to set user name and password while you install your
router. The administrator login will prevent unauthorized access to the router configuration
from your router.
If you did not set password during installation; you can go to
System Maintenance
to set up
your password.
Firewall Facilities
The users on the LAN are provided with secured protection by the following firewall
facilities:
z
User-configurable IP filter (Call Filter/ Data Filter).
z
Stateful Packet Inspection (SPI): tracks packets and denies unsolicited incoming data
z
Selectable Denial of Service (DoS) /Distributed DoS (DDoS) attacks protection
z
URL Content Filter

Rate

4.7 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top