Page 46 / 73
Scroll up to view Page 41 - 45
42
6.8. Policy
Policy provides a list of control policies. These settings define whether wireless or
wired clients are able to “see” each in the LAN.
°
If you are offering Internet access to your clients, please enable WAN
connection.
°
If you allow communication between Wireless clients please enable the second
item.
°
If you allow communication between Wireless client and Wired client please
enable the last item.
°
Disable WAN connection if you do not provide Internet access.
°
Disable the items if you would like to enhance privacy between clients.
Page 47 / 73
43
7. FIREWALL
7.1. Enable
The Broadband router provides extensive firewall protection by restricting connection
parameters, thus limiting the risk of hacker attacks, and defending against a wide array of
common Internet attacks. However, for applications that require unrestricted access to the
Internet, you can configure a specific client/server as a Demilitarized Zone (DMZ).
Note
: To enable the Firewall settings select Enable and click Apply
Page 48 / 73
44
7.2. Demilitarized Zone (DMZ)
If you have a client PC that cannot run an Internet application (e.g. Games) properly from
behind the NAT firewall, then you can open up the firewall restrictions to unrestricted
two-way Internet access by defining a DMZ Host. The DMZ function allows you to re-direct
all packets going to your WAN port IP address to a particular IP address in your LAN. The
difference between the virtual server and the DMZ function is that the virtual server
re-directs a particular service/Internet application (e.g. FTP, websites) to a particular LAN
client/server, whereas DMZ re-directs all packets (regardless of services) going to your
WAN IP address to a particular LAN client/server.
Enable DMZ:
Enable/disable DMZ
LAN IP Address:
Fill-in the IP address of a particular host in your LAN Network that will
receive all the packets originally going to the WAN port/Public IP address above.
Click
<Apply>
at the bottom of the screen to save the above configurations.
Page 49 / 73
45
7.3. Denial of Service (DoS)
The Broadband router's firewall can block common hacker attacks, including Denial of
Service, Ping of Death, Port Scan and Sync Flood. If Internet attacks occur the router can
log the events.
Ping of Death:
Protections from Ping of Death attack.
Discard Ping From WAN:
The router’s WAN port will not respond to any Ping requests
Port Scan:
Protects the router from Port Scans.
Sync Flood:
Protects the router from Sync Flood attack.
Page 50 / 73
46
7.4. - MAC Filter
If you want to restrict users from accessing certain Internet applications / services (e.g.
Internet websites, email, FTP etc.), and then this is the place to set that configuration.
Access Control allows users to define the traffic type permitted in your LAN. You can
control which PC client can have access to these services.
Enable MAC Filtering:
Check to enable or disable MAC Filtering.
Deny:
If you select “
Deny
” then all clients will be allowed to access Internet accept for the
clients in the list below.
Allow:
If you select “
Allow
” then all clients will be denied to access Internet accept for the
PCs in the list below.