Page 31 / 48 Scroll up to view Page 26 - 30
Example: Special Applications
If you need to run applications that require multiple connections, then specify the port (outbound) normally associated with
that application in the "Trigger Port" field. Then select the protocol type (TCP or UDP) and enter the public ports associated
with the trigger port to open them up for inbound traffic.
Example:
ID
Trigger Port
Trigger Type
Public Port
Public Type
Comment
1
28800
UDP
2300-2400, 47624
TCP
MSN Game Zone
2
6112
UDP
6112
UDP
Battle.net
In the example above, when a user trigger’s port 28800 (outbound) for MSN Game Zone then the router will allow incoming
packets for ports 2300-2400 and 47624 to be directed to that user.
Note
: Only one LAN client can use a particular special
application at a time.
2.4.4 ALG Settings
You can select applications that need “Application Layer Gateway” to support.
Parameter
Default
Description
Enable
You can select to enable “Application Layer
Gateway” of an application and then the router will
let that application correctly pass though the NAT
gateway.
Click <
Apply>
at the bottom of the screen to save the above configurations. You can now configure other advance sections
or start using the router (with the advance settings in place)
31
Page 32 / 48
2.5 Firewall
The Broadband router provides extensive firewall protection by restricting connection parameters, thus limiting the risk of
hacker attack, and defending against a wide array of common Internet attacks. However, for applications that require
unrestricted access to the Internet, you can configure a specific client/server as a Demilitarized Zone (DMZ).
Note
: To enable the Firewall settings select
Enable
and click
Apply
Parameter
Description
Access Control
Access Control allows you to specify which hosts users can or cannot have access to
certain Internet applications
URL Blocking
URL Blocking allow you to specify which URLs can not be accessed by users.
DoS
The Broadband router's firewall can block common hacker attacks and can log the attack
activities.
DMZ
The DMZ function allows you to re-direct all packets going to your WAN port IP address
to a particular IP address in your LAN.
Click on one of the firewall selections and proceed to the manual’s relevant sub-section
2.5.1 Access Control
If you want to restrict users from accessing certain Internet applications/services (e.g. Internet websites, email, FTP etc.),
then this is the place to set that configuration. Access Control allows users to define the traffic type permitted in your LAN.
You can control which PC client can have access to these services.
Parameter
Description
Filter client PCs by IP
Fill “IP Filtering Table” to filter PC clients by IP.
32
Page 33 / 48
Add PC
You can click Add PC to add an access control rule for users by IP addresses.
Remove PC
If you want to remove some PC from the "IP Filtering Table", select the PC you want to
remove in the table and then click "Delete Selected". If you want remove all PCs from the
table, just click "Delete All" button.
Filter client PC by MAC
address
Check “Enable MAC Filtering” to enable MAC Filtering.
Add PC
Fill in “Client PC MAC Address” and “Comment” of the PC that is allowed to access the
Internet, and then click “Add”. If you find any typo before adding it and want to retype
again, just click "Reset" and the fields will be cleared.
Remove PC
If you want to remove some PC from the "MAC Filtering Table", select the PC you want
to remove in the table and then click "Delete Selected". If you want remove all PCs from
the table, just click "Delete All" button. If you want to clear the selection and re-select
again, just click “Reset”.
You can now configure other advance sections or start using the router (with the advance settings in place)
Add PC
Parameter
Description
Client PC Description
The description for this client PC rule.
Client PC IP Addresses
Enter the IP address range that you wish to apply this Access Control rule. This is the
user’s IP address(es) that you wish to setup an Access Control rule. You can select a
range of users simply by inputting the starting users’ IP address and the last user’s IP
address in the appropriate boxes. If you want to select only one user then input the user’s
IP address in both boxes.
Note:
You need to give your LAN PC clients a fixed/static IP address for the Access
Control rule to work properly.
Client PC Service
You can block the clients from accessing some Internet services by checking the services
you want to block.
Protocol
This allows you to select UDP, TCP or both protocol type you want to block.
Port Range
You can assign up to five port ranges. The router will block clients from accessing
Internet services that use these ports.
Apply Changes
Click “Apply Changes” to save the setting.
Reset
Click “Reset” to clear all fields.
33
Page 34 / 48
Click <
Apply Changes>
at the bottom of the screen to save the above configurations. You can now configure other
advance sections or start using the router (with the advance settings in place)
Example: Access Control
In the example below, LAN client A can only access websites that use Port 80. However, LAN client B is able to access
websites and any other service that uses ports between 80 and 999.
34
Page 35 / 48
2.5.2 URL Blocking
You can block access to some Web sites from particular PCs by entering a full URL address or just keyword of the Web site.
Parameter
Description
Enable URL Blocking
Enable/disable URL Blocking
Add URL Keyword
Fill in “URL/Keyword” and then click “Add”. You can enter the full URL address or the
keyword of the web site you want to block. If you find any typo before adding it and want
to retype again, just click "Reset" and the field will be cleared.
Remove URL Keyword
If you want to remove some URL keyword from the "Current URL Blocking Table", select
the URL keyword you want to remove in the table and then click "Delete Selected". If you
want remove all URL keyword from the table, just click "Delete All" button. If you want to
clear the selection and re-select again, just click “Reset”.
You can now configure other advance sections or start using the router (with the advance settings in place)
2.5.3 Denial of Service (DoS)
The Broadband router's firewall can block common hacker attacks, including Denial of Service, Ping of Death, Port Scan
and Sync Flood.
If Internet attacks occur the router can log the events.
Parameter
Description
Intrusion Detection
Feature
Ping of Death
Protections from Ping of Death attack
Discard Ping From WAN
The router’s WAN port will not respond to any Ping requests
Port Scan
Protection the router from Port Scan.
Sync Flood
Protection the router from Sync Flood attack.
Click <
Apply>
at the bottom of the screen to save the above configurations. You can now configure other advance sections
or start using the router (with the advance settings in place)
35

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top