Huawei SmartAX-MT882 Router Manual PDF (Setup & Configuration Guide)

Page 71 / 111 Scroll up to view Page 66 - 70

Huawei Technologies Proprietary

61

4.11.4

Domain Blocking

Domain Blocking is used to deny or allow the computers within

the LAN accessing specific domains on the Internet. That is, it will

deny or allow all requests such as http and ftp to a specific domain.

I. Configuration page

Figure 4-18

Domain Blocking Configuration

II. Parameter explanation

z

Disabled Domain Blocking:

choose to it to disable

Domain Blocking.

Page 72 / 111

Huawei Technologies Proprietary

62

z

Allow:

select it for allowing users to access all domains

except "Blocked Domains" if you allow the users to access

all domains except the domains on the Blocked Domains

list.

z

Deny:

select it for denying users to access all domains

except "Permitted Domains" if you only want the users to

access Permitted Domains.

z

Domain Name:

enter the domain name that is needed to

be allowed or denied.

III. Save

z

Click the

Apply

button to save the settings in the RAM.

z

To save these configuration changes permanently, enter

the

Tools>System Setting

page, and click

Save &

Restart

button to save new settings.

4.12

Firewall Rules

Click the

Firewall Rules

of

Advanced

in the Wizard Column to

set the rules of firewall. The Firewall enables you to protect the

system against denial of service (DoS) attacks and other types of

malicious accesses to your LAN. You can also specify how to

monitor attempted attacks, and who should be automatically notified.

Page 73 / 111

Huawei Technologies Proprietary

63

I. Configuration page

Figure 4-19

Firewall Configuration

II. Parameter explanation

z

Blacklist Status:

if you want the device to maintain and

use a black list, click

Enable

. Click

Disable

if you do not

want to maintain a list.

z

Block Duration:

specifies the number of minutes that a

computer's IP address will remain on the black list (i.e., all

traffic originating from that computer will be blocked from

passing through any interface on the MT882). For more

information, see Managing the Black List below.

z

Use Attack Protection

: click the

Allow

button to use the

built-in firewall protections that prevent the following

common types of attacks:

Page 74 / 111

Huawei Technologies Proprietary

64

z

IP Spoofing

: sending packets over the WAN interface

using an internal LAN IP address as the source

address

z

Tear Drop

: sending packets that contain overlapping

fragments

z

Smurf and Fraggle

: sending packets that use the

WAN or LAN IP broadcast address as the source

address

z

Land Attack

: sending packets that use the same

address as the source and destination address

z

Ping of Death

: illegal IP packet length.

z

Use DoS Protection

: click the

Allow

button to use the

following denial of service protections: SYN DoS, ICMP

DoS, Per-host DoS protection

z

Max

TCP

Open

Handshaking

Count

:

sets

the

percentage of concurrent IP sessions that can be in the

open state. In ordinary TCP communication, packets are in

the open handshaking state only briefly as a connection is

being initiated; the state changes to active when packets

are being exchanged, or closed when the exchange is

complete. TCP connections in the open handshaking state

can use up the available IP sessions. If the percentage is

exceeded, then the open handshaking sessions will be

closed and replaced with new sessions as they are

initiated.

z

Max ICMP Count

: sets the percentage of concurrent IP

sessions that can be used for ICMP messages. If the

percentage is exceeded, then older ICMP IP sessions will

be replaced by new sessions as they are initiated.

Page 75 / 111

Huawei Technologies Proprietary

65

z

Max Host Count

: sets the max number of concurrent IP

session that can originate from the computer. This number

should take into account the number of hosts on the LAN.

III. Save

z

Click the

Submit

button to save the settings in the RAM.

z

To save these configuration changes permanently, enter

the

Tools>System Setting

page, and then click

Save &

Restart

button to save new settings.

4.13

RIP

Click the

RIP

of

Advanced

in the Wizard Column to set the

rules of firewall. The MT882 supports RIP v1 and RIP v2 used to

share routing tables with other Layer 3 routing devices on your local

network or remote LAN. If your network does not employ another IP

routing device, it will not be necessary to enable RIP.

I. Configuration page

Figure 4-20

RIP Configuration

Rate

Popular Huawei Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share