(Wireless) ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4: Configuration

65

URL Filter

URL (Uniform Resource Locator – e.g. an address in the form of

or

) filter rules allow you to prevent users on your network from

accessing particular websites by their URL. There are no pre-defined URL filter rules; you

can add filter rules to meet your requirements.

Enable/Disable:

To enable or disable URL Filter feature.

Always Block:

Select to always check the URL filter rules (i.e. at all hours of the day).

Block from:

Specify the time period to check the URL filter rules (e.g. during work hours).

Keywords Filtering:

Allows blocking by specific keywords within a particular URL rather

than having to specify a complete URL (e.g. to block any image called “advertisement.gif”).

When enabled, your specified keywords list will be checked to see if any keywords are

present in URLs accessed to determine if the connection attempt should be blocked. Please

note that the URL filter blocks web browser (HTTP) connection attempts using port 80 only.

For example, if the URL is

/abcde.html

, it will be dropped as the keyword “abcde” occurs in

the URL.

(Wireless) ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4: Configuration

66

Domains Filtering:

This function checks the domain name in URLs accessed against your

list of domains to block or allow. If it is matched, the URL request will be sent (Trusted) or

dropped (Forbidden). The checking procedure is:

1. Check the domain in the URL to determine if it is in the trusted list. If yes, the connection

attempt is sent to the remote web server.

2. If not, check if it is listed in the forbidden list, and if present then the connection attempt is

dropped..

3. If the packet does not match either of the above two items, it is sent to the remote web

server.

4. Please be note that the domain only should be specified, not the full URL. For example to

block traffic to

www.sex.com

, enter “sex” or “sex.com” instead of “www.sex.com”. In the

example below, the URL request for

will be sent to the remote web server because it is

listed in the trusted list, whilst the URL request for

www.sex

or

www.sex.com

will be

dropped, because sex.com is in the forbidden list.

Restrict URL Features:

Block Java Applet:

This function can block Web content which including the Java

Applet. It is for preventing someone who wants to damage your system via standard HTTP

protocol.

Block surfing by IP address:

Preventing someone who uses the IP address as URL for

skipping

Domains Filtering

function.

(Wireless) ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4: Configuration

67

Firewall Log

Firewall Log display log information of any unexpected action with your firewall settings.

Check the

Enable

box to activate the logs.

Log information can be seen in the

Status – Event Log

after enabling.

(Wireless) ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4: Configuration

68

VPN (Virtual Private Networks)

Your router support three main types of VPN (Virtual Private Network),

PPTP

,

IPSec

and

L2TP

,

and these are the two major section choices from the menu on the left.

PPTP

There are two types of PPTP VPN supported,

Remote Access

and

LAN-to-LAN

(please

refer below for more information.). Click

Create

to configure a new VPN connection.

(Wireless) ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4: Configuration

69

Remote Access PPTP Connection

Connection Name:

This allows you to identify this particular connection, e.g. “Connection to

office”.

Type:

Check

Dial Out

if you want your router to operate as a client (connecting to a remote

VPN server, e.g. your office server), check

Dial In

operates as a VPN server.

When configuring your router as a Client, enter the remote

Server IP

Address

(or

Hostname)

you wish to connection to.

When configuring your router as a server, enter the

Private IP Address Assigned to

Dial in User

address.

Username:

If you are a Dial-Out user (client), enter the username provided by your Host.

If

you are a Dial-In user (server), enter your own username.

Password:

If you are a Dial-Out user (client), enter the password provided by your Host.

If

you are a Dial-In user (server), enter your own password.

PPP Authentication Type:

Default is

Auto

if you want the router to determine the

authentication type to use, or else manually specify CHAP (Challenge Handshake

Authentication Protocol) or PAP (Password Authentication Protocol) if you know which type

the server is using (when acting as a client), or else the authentication type you want clients

connecting to you to use (when acting as a server). When using PAP, the password is sent

unencrypted, whilst CHAP encrypts the password before sending, and also allows for

challenges at different periods to ensure that the client has not been replaced by an intruder.

Data Encryption:

Data sent over the VPN connection can be encrypted by an MPPE

algorithm. Default is

Auto,

so that this setting is negotiated when establishing a connection,

or else you can manually

Enable

or

Disable

encryption.

Key Length:

The data can be encrypted by MPPE algorithm with 40 bits or 128 bits. Default

is

Auto

, it is negotiated when establishing a connection. 128 bit keys provide stronger

encryption than 40 bit keys.