Page 181 / 794 Scroll up to view Page 176 - 180
Vigor2860 Series User’s Guide
167
3.4.2 DMZ Host
As mentioned above,
Port Redirection
can redirect incoming TCP/UDP or other traffic on
particular ports to the specific private IP address/port of host in the LAN. However, other IP
protocols, for example Protocols 50 (ESP) and 51 (AH), do not travel on a fixed port. Vigor
router provides a facility
DMZ Host
that maps ALL unsolicited data on any protocol to a
single host in the LAN. Regular web surfing and other such Internet activities from other
clients will continue to work without inappropriate interruption.
DMZ Host
allows a defined
internal user to be totally exposed to the Internet, which usually helps some special
applications such as Netmeeting or Internet Games etc.
The security properties of NAT are somewhat bypassed if you set up DMZ host. We suggest
you to add additional filter rules or a secondary firewall.
Click
DMZ Host
to open the following page. You can set different DMZ host for each WAN
interface. Click the WAN tab to switch into the configuration page for that WAN.
Available settings are explained as follows:
Page 182 / 794
Vigor2860 Series User’s Guide
168
Item
Description
Choose
Private IP
or
Active True IP
first.
Active True IP
selection is available for WAN1 only.
Private IP
Enter the private IP address of the DMZ host, or click Choose
PC to select one.
Choose PC
Click this button and then a window will automatically pop
up, as depicted below. The window consists of a list of private
IP addresses of all hosts in your LAN network. Select one
private IP address in the list to be the DMZ host.
When you have selected one private IP from the above dialog,
the IP address will be shown on the following screen. Click
OK
to save the setting.
DMZ Host for WAN2, WAN3 or WAN4 is slightly different with WAN1.
Active True IP
selection is available for WAN1 only.
See the following figure.
Page 183 / 794
Vigor2860 Series User’s Guide
169
If you previously have set up
WAN Alias
for
PPPoE
or
Static or Dynamic IP
mode in
WAN2 interface
,
you will find them in
Aux. WAN IP
for your selection.
Available settings are explained as follows:
Item
Description
Enable
Check to enable the DMZ Host function.
Private IP
Enter the private IP address of the DMZ host, or click
Choose PC to select one.
Choose PC
Click this button and then a window will automatically pop
up, as depicted below. The window consists of a list of
private IP addresses of all hosts in your LAN network.
Select one private IP address in the list to be the DMZ host.
When you have selected one private IP from the above
dialog, the IP address will be shown on the screen. Click
OK
to save the setting.
After finishing all the settings here, please click
OK
to save the configuration.
Page 184 / 794
Vigor2860 Series User’s Guide
170
3.4.3 Open Ports
Open Ports
allows you to open a range of
ports for the traffic of special applications.
Common application of Open Ports includes P2P application (e.g., BT, KaZaA, Gnutella,
WinMX, eMule and others), Internet Camera etc. Ensure that you keep the application
involved up-to-date to avoid falling victim to any security exploits.
Click
Open Ports
to open the following page:
Available settings are explained as follows:
Item
Description
Index
Indicate the relative number for the particular entry that you
want to offer service in a local host. You should click the
appropriate index number to edit or clear the corresponding
entry.
Comment
Specify the name for the defined network service.
WAN Interface
Display the WAN interface used by such index.
Aux. WAN IP
Display the IP alias setting used by such index. If no IP
alias setting exists, such field will not appear.
Local IP Address
Display the private IP address of the local host offering the
service.
Status
Display the state for the corresponding entry. X or V is to
represent the
Inactive
or
Active
state.
To add or edit port settings, click one index number on the page. The index entry setup page
will pop up. In each index entry, you can specify
10
port ranges for diverse services.
Page 185 / 794
Vigor2860 Series User’s Guide
171
Available settings are explained as follows:
Item
Description
Enable Open Ports
Check to enable this entry.
Comment
Make a name for the defined network application/service.
WAN Interface
Specify the WAN interface that will be used for this entry.
WAN IP
Specify the WAN IP address that will be used for this entry.
This setting is available when WAN IP Alias is configured.
Private IP
Enter the private IP address of the local host or click
Choose PC
to select one.
Choose PC -
Click this button and, subsequently, a window
having a list of private IP addresses of local hosts will
automatically pop up. Select the appropriate IP address of
the local host in the list.
Protocol
Specify the transport layer protocol. It could be
TCP
,
UDP
,
or
-----
(none) for selection.
Start Port
Specify the starting port number of the service offered by
the local host.
End Port
Specify the ending port number of the service offered by
the local host.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top