1. Home
    2. /
  2. Manuals
    3. /
  3. Hitron Technologies
    4. /
  4. CVE-30360
    5. /
  5. 10
Page 46 / 98 Scroll up to view Page 41 - 45
46
HITRON CVE-30360 USER’S GUIDE
LAN
Page 47 / 98
47
FIREWALL
4
FIREWALL
This chapter describes the screens that display when you click
Firewall
in the
toolbar.
4.1
FIREWALL OVERVIEW
This section describes some of the concepts related to the
Firewall
screens.
4.1.1
FIREWALL
The term “firewall” comes from a construction technique designed to prevent the
spread of fire from one room to another. Similarly, your CVE-30360’s firewall
prevents intrusion attempts and other undesirable activity originating from the WAN,
keeping the computers on your LAN safe. You can also use filtering techniques to
specify the computers and other devices you want to allow on the LAN, and prevent
certain traffic from going from the LAN to the WAN.
4.1.2
INTRUSION DETECTION SYSTEM
An intrusion detection system monitors network activity, looking for policy violations,
and malicious or suspicious activity.
4.1.3
PING
The CVE-30360 allows you to use the ping utility on the LAN (in the
LAN
>
Debug
screen) and also on the WAN (in the
Firewall
>
Firewall Options
screen). For more
information, see
Debugging (Ping and Traceroute)
on page
40
.
4.1.4
MAC FILTERING
Every networking device has a unique Media Access Control (MAC) address that
identifies it on the network. When you enable MAC address filtering on the CVE-
30360’s firewall, you can set up a list of MAC addresses, and then specify whether
you want to:
Page 48 / 98
48
HITRON CVE-30360 USER’S GUIDE
FIREWALL
Deny the devices on the list access to the CVE-30360 and the network (in which
case all other devices can access the network)
or
Allow the devices on the list to access the network (in which case no other
devices can access the network)
4.1.5
IP FILTERING
IP filtering allows you to prevent computers on the LAN from sending certain types of
data to the WAN. You can use this to prevent unwanted outgoing communications.
Specify the IP address of the computer on the LAN from which you want to prevent
communications, and specify the port range of the communications you want to
prevent. The CVE-30360 discards outgoing data packets that match the criteria you
specified.
4.1.6
PORT FORWARDING
Port forwarding allows a computer on your LAN to receive specific communications
from the WAN. Typically, this is used to allow certain applications (such as gaming)
through the firewall, for a specific computer on the LAN. Port forwarding is also
commonly used for running a public HTTP server from a private network.
You can set up a port forwarding rule for each application for which you want to open
ports in the firewall. When the CVE-30360 receives incoming traffic from the WAN
with a destination port that matches a port forwarding rule, it forwards the traffic to the
LAN IP address and port number specified in the port forwarding rule.
NOTE:
For information on the ports you need to open for a particular application,
consult that application’s documentation.
NOTE:
This feature is not available when the DS-lite function is enabled.
4.1.7
PORT TRIGGERING
Port triggering is a means of automating port forwarding. The CVE-30360 scans
outgoing traffic (from the LAN to the WAN) to see if any of the traffic’s destination
ports match those specified in the port triggering rules you configure. If any of the
ports match, the CVE-30360 automatically opens the incoming ports specified in the
rule, in anticipation of incoming traffic.
NOTE:
This feature is not available when the DS-lite function is enabled.
Page 49 / 98
49
HITRON CVE-30360 USER’S GUIDE
FIREWALL
4.1.8
DMZ
In networking, the De-Militarized Zone (DMZ) is a part of your LAN that has been
isolated from the rest of the LAN, and opened up to the WAN. The term comes from
the military designation for a piece of territory, usually located between two opposing
forces, that is isolated from both and occupied by neither.
NOTE:
This feature is not available when the DS-lite function is enabled.
4.2
THE FIREWALL OPTIONS SCREEN
Use this screen to turn firewall features on or off, and to configure your network’s
Demilitarized Zone (DMZ). You can enable or disable the CVE-30360’s intrusion
detection system, and allow or prevent responses to ICMP requests from the WAN.
NOTE:
Only one device can be on the DMZ at a time.
Click
Firewall
>
Firewall Options
. The following screen displays.
FIGURE 14:
The Firewall > Firewall Options Screen
Page 50 / 98
50
HITRON CVE-30360 USER’S GUIDE
FIREWALL
The following table describes the labels in this screen.
4.3
THE MAC FILTERING SCREEN
Use this screen to configure Media Access Control (MAC) address filtering on the
LAN.
NOTE:
To configure MAC address filtering on the wireless network, see The Access
Control Screen on page 82.
You can set the CVE-30360 to allow only certain devices to access the CVE-30360
and the network, or to deny certain devices access.
NOTE:
To see a list of all the computers connected to the CVE-30360 on the LAN,
click the
Connected Computers
button in the
Firewall
>
IP Filtering
,
Forwarding
,
Port Triggering
or
Firewall Options
screens.
Click
Firewall
>
MAC Filtering
. The following screen displays.
TABLE 14:
The Firewall > Firewall Options Screen
Intrusion Detection
System
Select this to turn the intrusion detection system off.
Deselect this to turn the intrusion detection system
on.
Ping on WAN Interface
Select this to prevent responses to ICMP requests
originating from the WAN.
Select this to allow responses to ICMP requests
originating from the WAN.
Enable DMZ Host
Use this field to turn the DMZ on or off.
Select the checkbox to enable the DMZ.
Deselect the checkbox to disable the DMZ.
Computers that were previously in the DMZ are now
on the LAN.
Connected Computers
Click this to see a list of the computers currently
connected to the CVE-30360 on the LAN.
[...] IP Address [...]
Enter the IP address of the computer that you want to
add to the DMZ.
Apply
Click this to save your changes to the fields in this
screen.
Cancel
Click this to return the fields in this screen to their last-
saved values without saving your changes.
Help
Click this to see information about the fields in this
screen.

Rate

4.5 / 5 based on 2 votes.

Popular Hitron Technologies Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top