Page 51 / 251 Scroll up to view Page 46 - 50
Vigor2920 Series User’s Guide
41
2nd Subnet -
Select the router to change the RIP information of the
2nd subnet with neighboring routers.
DHCP Server
Configuration
DHCP stands for Dynamic Host Configuration Protocol. The router
by factory default acts a DHCP server for your network so it
automatically dispatch related IP settings to any local user
configured as a DHCP client. It is highly recommended that you
leave the router enabled as a DHCP server if you do not have a
DHCP server for your network.
If you want to use another DHCP server in the network other than
the Vigor Router’s, you can let Relay Agent help you to redirect the
DHCP request to the specified location.
Enable Server -
Let the router assign IP address to every host in the
LAN.
Disable Server –
Let you manually assign IP address to every host
in the LAN.
Relay Agent – (1
st
subnet/2
nd
subnet)
Specify which subnet that
DHCP server is located the relay agent should redirect the DHCP
request to.
Start IP Address -
Enter a value of the IP address pool for the
DHCP server to start with when issuing IP addresses. If the 1st IP
address of your router is 192.168.1.1, the starting IP address must be
192.168.1.2 or greater, but smaller than 192.168.1.254.
IP Pool Counts -
Enter the maximum number of PCs that you want
the DHCP server to assign IP addresses to. The default is 50 and the
maximum is 253.
Gateway IP Address -
Enter a value of the gateway IP address for
the DHCP server. The value is usually as same as the 1st IP address
of the router, which means the router is the default gateway.
DHCP Server IP Address for Relay Agent -
Set the IP address of
the DHCP server you are going to use so the Relay Agent can help to
forward the DHCP request to the DHCP server.
DNS Server
Configuration
DNS stands for Domain Name System. Every Internet host must
have a unique IP address, also they may have a human-friendly,
easy to remember name such as www.yahoo.com. The DNS server
converts the user-friendly name into its equivalent IP address
.
Force DNS manual setting -
Force Vigor router to use DNS servers
in this page instead of DNS servers given by the Internet Access
server (PPPoE, PPTP, L2TP or DHCP server).
Primary IP Address -
You must specify a DNS server IP address
here because your ISP should provide you with usually more than
one DNS Server. If your ISP does not provide it, the router will
automatically apply default DNS Server IP address: 194.109.6.66 to
this field.
Secondary IP Address -
You can specify secondary DNS server IP
address here because your ISP often provides you more than one
DNS Server. If your ISP does not provide it, the router will
automatically apply default secondary DNS Server IP address:
194.98.0.1 to this field.
The default DNS Server IP address can be found via Online Status:
VoIPon
www.voipon.co.uk
Tel: +44 (0)1245 808195
Fax: +44 (0)1245 808299
Page 52 / 251
Vigor2920 Series User’s Guide
42
If both the Primary IP and Secondary IP Address fields are left empty,
the router will assign its own IP address to local users as a DNS
proxy server and maintain a DNS cache.
If the IP address of a domain name is already in the DNS cache, the
router will resolve the domain name immediately. Otherwise, the
router forwards the DNS query packet to the external DNS server by
establishing a WAN (e.g. DSL/Cable) connection.
There are two common scenarios of LAN settings that stated in Chapter 5. For the
configuration examples, please refer to that chapter to get more information for your necessity.
3.3 NAT
Usually, the router serves as an NAT (Network Address Translation) router. NAT is a
mechanism that one or more private IP addresses can be mapped into a single public one.
Public IP address is usually assigned by your ISP, for which you may get charged. Private IP
addresses are recognized only among internal hosts.
When the outgoing packets destined to some public server on the Internet reach the NAT
router, the router will change its source address into the public IP address of the router, select
the available public port, and then forward it. At the same time, the router shall list an entry in
a table to memorize this address/port-mapping relationship. When the public server response,
the incoming traffic, of course, is destined to the router’s public IP address and the router will
do the inversion based on its table. Therefore, the internal host can communicate with external
host smoothly.
The benefit of the NAT includes:
z
Save cost on applying public IP address and apply efficient usage of IP address.
NAT allows the internal IP addresses of local hosts to be translated into one public IP
address, thus you can have only one IP address on behalf of the entire internal hosts.
z
Enhance security of the internal network by obscuring the IP address.
There are
many attacks aiming victims based on the IP address. Since the attacker cannot be aware
of any private IP addresses, the NAT function can protect the internal network.
On NAT page, you will see the private IP address defined in RFC-1918. Usually we use the
192.168.1.0/24 subnet for the router. As stated before, the NAT facility can map one or
more IP addresses and/or service ports into different specified services. In other words, the
NAT function can be achieved by using port mapping methods.
Below shows the menu items for NAT.
VoIPon
www.voipon.co.uk
Tel: +44 (0)1245 808195
Fax: +44 (0)1245 808299
Page 53 / 251
Vigor2920 Series User’s Guide
43
3.3.1 Port Redirection
Port Redirection
is
usually set up for server related service inside the local network (LAN),
such as web servers, FTP servers, E-mail servers etc. Most of the case, you need a public IP
address for each server and this public IP address/domain name are recognized by all users.
Since the server is actually located inside the LAN, the network well protected by NAT of the
router, and identified by its private IP address/port, the goal of Port Redirection function is to
forward all access request with public IP address from external users to the mapping private IP
address/port of the server.
The port redirection can only apply to incoming traffic.
To use this function, please go to
NAT
page and choose
Port
Redirection
web page. The
Port Redirection Table
provides 20 port-mapping entries for the internal hosts.
Press any number under Index to access into next page for configuring port redirection.
VoIPon
www.voipon.co.uk
Tel: +44 (0)1245 808195
Fax: +44 (0)1245 808299
Page 54 / 251
Vigor2920 Series User’s Guide
44
Enable
Check this box to enable such port redirection setting.
Mode
Two options (Single and Range) are provided here for you to choose.
To set a range for the specific service, select
Range
. In Range mode,
if the public port (start port and end port) and the starting IP of
private IP had been entered, the system will calculate and display the
ending IP of private IP automatically.
Service Name
Enter the description of the specific network service.
Protocol
Select the transport layer protocol (TCP or UDP).
WAN IP
Select the WAN IP used for port redirection. There are eight WAN
IP alias that can be selected and used for port redirection. The
default setting is
All
which means all the incoming data from any
port will be redirected to specified range of IP address and port.
Public Port
Specify which port can be redirected to the specified
Private IP and
Port
of the internal host. If you choose
Range
as the port redirection
mode, you will see two boxes on this field. Simply type the required
number on the first box. The second one will be assigned
automatically later.
Private IP
Specify the private IP address of the internal host providing the
service. If you choose
Range
as the port redirection mode, you will
see two boxes on this field. Type a complete IP address in the first
box (as the starting point) and the fourth digits in the second box (as
the end point).
Private Port
Specify the private port number of the service offered by the internal
host.
Note that the router has its own built-in services (servers) such as Telnet, HTTP and FTP etc.
Since the common port numbers of these services (servers) are all the same, you may need to
reset the router in order to avoid confliction.
VoIPon
www.voipon.co.uk
Tel: +44 (0)1245 808195
Fax: +44 (0)1245 808299
Page 55 / 251
Vigor2920 Series User’s Guide
45
3.3.2 DMZ Host
As mentioned above,
Port Redirection
can redirect incoming TCP/UDP or other traffic on
particular ports to the specific private IP address/port of host in the LAN. However, other IP
protocols, for example Protocols 50 (ESP) and 51 (AH), do not travel on a fixed port. Vigor
router provides a facility
DMZ Host
that maps ALL unsolicited data on any protocol to a
single host in the LAN. Regular web surfing and other such Internet activities from other
clients will continue to work without inappropriate interruption.
DMZ Host
allows a defined
internal user to be totally exposed to the Internet, which usually helps some special
applications such as Netmeeting or Internet Games etc.
The security properties of NAT are somewhat bypassed if you set up DMZ host. We suggest
you to add additional filter rules or a secondary firewall.
Click
DMZ Host
to open the following page:
VoIPon
www.voipon.co.uk
Tel: +44 (0)1245 808195
Fax: +44 (0)1245 808299

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top