42

6.8. Policy

Policy provides a list of control policies. These settings define whether wireless or

wired clients are able to “see” each in the LAN.

°

If you are offering Internet access to your clients, please enable WAN

connection.

°

If you allow communication between Wireless clients please enable the second

item.

°

If you allow communication between Wireless client and Wired client please

enable the last item.

°

Disable WAN connection if you do not provide Internet access.

°

Disable the items if you would like to enhance privacy between clients.

43

7. FIREWALL

7.1. Enable

The Broadband router provides extensive firewall protection by restricting connection

parameters, thus limiting the risk of hacker attacks, and defending against a wide array of

common Internet attacks. However, for applications that require unrestricted access to the

Internet, you can configure a specific client/server as a Demilitarized Zone (DMZ).

Note

: To enable the Firewall settings select Enable and click Apply

44

7.2. Demilitarized Zone (DMZ)

If you have a client PC that cannot run an Internet application (e.g. Games) properly from

behind the NAT firewall, then you can open up the firewall restrictions to unrestricted

two-way Internet access by defining a DMZ Host. The DMZ function allows you to re-direct

all packets going to your WAN port IP address to a particular IP address in your LAN. The

difference between the virtual server and the DMZ function is that the virtual server

re-directs a particular service/Internet application (e.g. FTP, websites) to a particular LAN

client/server, whereas DMZ re-directs all packets (regardless of services) going to your

WAN IP address to a particular LAN client/server.

Enable DMZ:

Enable/disable DMZ

LAN IP Address:

Fill-in the IP address of a particular host in your LAN Network that will

receive all the packets originally going to the WAN port/Public IP address above.

Click

<Apply>

at the bottom of the screen to save the above configurations.

45

7.3. Denial of Service (DoS)

The Broadband router's firewall can block common hacker attacks, including Denial of

Service, Ping of Death, Port Scan and Sync Flood. If Internet attacks occur the router can

log the events.

Ping of Death:

Protections from Ping of Death attack.

Discard Ping From WAN:

The router’s WAN port will not respond to any Ping requests

Port Scan:

Protects the router from Port Scans.

Sync Flood:

Protects the router from Sync Flood attack.

46

7.4. - MAC Filter

If you want to restrict users from accessing certain Internet applications / services (e.g.

Internet websites, email, FTP etc.), and then this is the place to set that configuration.

Access Control allows users to define the traffic type permitted in your LAN. You can

control which PC client can have access to these services.

Enable MAC Filtering:

Check to enable or disable MAC Filtering.

Deny:

If you select “

Deny

” then all clients will be allowed to access Internet accept for the

clients in the list below.

Allow:

If you select “

Allow

” then all clients will be denied to access Internet accept for the

PCs in the list below.