Page 31 / 52 Scroll up to view Page 26 - 30
58
Advanced Setup Method
Advanced Setup Method
59
section
2
1
3
4
5
6
7
Stateful Packet Inspection:
This option allows you to select different application types that are
using dynamic port numbers. If you wish to use Stateful Packet
Inspection (SPI) for blocking packets, click on the Yes radio button in
the “Enable SPI and Anti-DoS firewall protection” field and then check
the inspection type that you need, such as Packet Fragmentation,
TCP Connection, UDP Session, FTP Service, H.323 Service, and TFTP
Service.
It is called a “stateful” packet inspection because it examines the
contents of the packet to determine the state of the communication;
i.e. it ensures that the stated destination computer has previously
requested the current communication. This is a way of ensuring
that all communications are initiated by the recipient computer and
are taking place only with sources that are known and trusted from
previous interactions. In addition to being more rigorous in their
inspection of packets, stateful inspection firewalls also close off ports
until a connection to the specific port is requested.
When particular types of traffic are checked, only the particular
type of traffic initiated from the internal LAN will be allowed. For
example, if the user only checks FTP Service in the Stateful Packet
Inspection section, all incoming traffic will be blocked except for FTP
connections initiated from the local LAN.
DoS Detect Criteria
Total incomplete TCP/UDP sessions HIGH:
Defines the rate of new un-established sessions that will cause the
software to start deleting half-open sessions.
Total incomplete TCP/UDP sessions LOW:
Defines the rate of new un-established sessions that will cause the
software to stop deleting half-open sessions.
Incomplete TCP/UDP sessions (per min.) HIGH:
Maximum number of allowed incomplete TCP/UDP sessions per
minute.
Incomplete TCP/UDP sessions (per min.) LOW:
Minimum number of allowed incomplete TCP/UDP sessions per
minute.
Maximum incomplete TCP/UDP sessions number from same host:
Maximum half-open fragmentation packet number from same host
Network attacks that deny access to a network device are called
DoS attacks. DoS attacks are aimed at devices and networks with a
connection to the Internet. Their goal is not to steal information, but to
disable a device or network so users no longer have access to network
resources.
The VoIP Router protects against DoS attacks including: Ping of Death
(Ping flood) attack, SYN flood attack, IP fragment attack (Teardrop
Attack), Brute-force attack, Land Attack, IP Spoofing attack, IP with
zero length, TCP null scan (Port Scan Attack), UDP port loopback,
Snork Attack.
Note:
The firewall does not significantly affect system performance, so
we advise enabling the prevention features to protect your network.
Parameter Description
Enable SPI and Anti-DoS firewall protection:
The Intrusion Detection feature of the VoIP Router limits the access of
incoming traffic at the WAN port. When the Stateful Packet Inspection
(SPI) feature is turned on, all incoming packets are blocked except
those types marked with a check in the Stateful Packet Inspection
section at the top of the screen.
Page 32 / 52
60
Advanced Setup Method
Advanced Setup Method
61
section
2
1
3
4
5
6
7
SNMP
On this page you can enable the SNMP (Simple Network Management
Protocol) functions for LAN, WAN or both LAN and WAN. By default it
is set to disabled.
Community
Incomplete TCP/UDP sessions detect sensitive time period:
Length of time before an incomplete TCP/UDP session is detected as
incomplete.
Maximum half-open fragmentation packet number from same
host:
Maximum number of incomplete TCP/UDP sessions from the same
host.
Half-open fragmentation detect sensitive time period:
Length of time before a half-open fragmentation session is detected
as half-open.
DMZ
If you have a client PC that cannot run an Internet application
properly from behind the firewall, you can open the client up to
unrestricted two-way Internet access. Enter the IP address of a DMZ
(Demilitarized Zone) host on this screen. Adding a client to the DMZ
may expose your local network to a variety of security risks, so only
use this option as a last resort.
Page 33 / 52
62
Advanced Setup Method
Advanced Setup Method
63
section
2
1
3
4
5
6
7
to prevent unauthorized individuals from reading information on your
system.
Version:
Sets the trap status to disabled, or enabled with V1 or V2c.
The v2c protocol was proposed in late 1995 and includes
enhancements to v1 that are universally accepted. These include
a get-bulk command to reduce network management traffic when
retrieving a sequence of MIB variables, and a more elaborate set of
error codes for improved reporting to a Network Management Station.
ADSL
ADSL Parameters
We recommend leaving the Operation Mode at the default Automatic
setting unless having line sync issues, to automatically negotiate with
remote DSLAM.
Parameter Description
Operation Mode
Automatic
T1.413 Issue 2
G.992.1 (G.DMT)
Use the SNMP configuration screen to display and modify parameters
for the Simple Network Management Protocol (SNMP). A computer
attached to the network, called a Network Management Station
(NMS), can be used to access this information. Access rights to the
agent are controlled by community strings. To communicate with the
VoIP Router, the NMS must first submit a valid community string for
authentication.
Parameter
Description
Community
A community name authorized for management access.
Access
Management access is restricted to Read or Write.
Valid
Enables or disables the entry.
Note:
Up to 5 community names may be entered.
Trap
Parameter Description
IP Address:
Traps are sent to this address when errors or specific
events occur on the network.
Community:
A community string (password) specified for trap
management. Enter a word, something other than public or private,
Page 34 / 52
64
Advanced Setup Method
Advanced Setup Method
65
section
2
1
3
4
5
6
7
Output Power:
Maximum fluctuation in the output power.
Attenuation Upstream:
Maximum reduction in the strength of the
upstream signal.
Attenuation Downstream:
Maximum reduction in the strength of the
downstream signal.
There are two latency paths that may be used: fast and Correction
interleaved. For either path a forward error correction (FEC) scheme
is employed to ensure higher data integrity. For maximum noise
immunity, an interleaver may be used to supplement FEC. Interleaved
Path An interleaver is basically a buffer used to introduce a delay,
FEC Correction allowing for additional error correction techniques to
handle noise. Interleaving slows the data flow and may not be optimal
for real-time signals such as video transmission.
Fast Path CRC indicates the number of Fast Path Cyclic Redundancy
Check Error errors. Interleaved Path indicates the number of
Interleaved Path Cyclic Redundancy Error Check errors.
Loss of Signal Momentary signal discontinuities. Defect Loss of Frame
Failures due to loss of frames.
Loss of Power Defect:
Failures due to loss of power.
Fast Path HEC Error:
Fast Path Header Error Concealment errors.
Interleaved Path HEC Error:
Interleaved Path Header Error
Concealment errors.
Statistics:
(Superframes represent the highest level of data
presentation. Each superframe contains regular ADSL frames, one of
which is used to provide superframe synchronization, identifying the
start of a superframe. Some of the remaining frames are also used for
special functions.)
Received Cells:
Number of interleaved superframes received
Interleaved
Transmitted Cells:
Number of interleaved super frames transmitted.
Superframes Interleaved
Received Number of fast super frames received.
Superframes Fast
Transmitted Number of fast super frames transmitted.
Superframes Fast
G.922.2 (G.Lite)
G.922.3 (ADSL2)
G.922.5 (ADSL2+)
Status
The Status page displays ADSL status information.
Parameter Description
Status
Line Status:
Shows the current status of the ADSL line.
Data Rate
Upstream:
Actual and maximum upstream data rate.
Downstream:
Actual and maximum downstream data rate.
Operation Data/Defect Indication:
Noise Margin Upstream:
Minimum noise margin upstream.
Downstream:
Minimum noise margin downstream.
Page 35 / 52
66
Advanced Setup Method
Advanced Setup Method
67
section
2
1
3
4
5
6
7
SIP Setting
Configure your SIP parameters on this page, and click “SAVE
SETTINGS” to apply them.
SIP, the Session Initiation Protocol, is a signaling protocol for
Internet conferencing, telephony, presence, events notification and
instant messaging. The call waiting feature allows the user to take
an incoming call, even though the user is already on the phone. The
user upon hearing the new call can put the original caller on hold and
speak to the new caller. When the user hasn’t finished talking to the
new caller, he can resume his conversation with the original caller.
According to the SIP RFC, a proxy server is “An intermediary entity
that acts as both a server and a client for the purpose of making
requests on behalf of other clients. A proxy server primarily plays the
role of routing, which means its job is to ensure that request is sent to
another entity ‘closer’ to the targeted user”.
The proxy server therefore, is an intermediate device that receives
SIP requests from a client and then forwards the requests on the
client’s behalf. Proxy servers receive SIP messages and forward them
to the next SIP server in the network. A series of proxy and redirect
servers receive requests from a client and decide where to send these
requests. Proxy servers can provide functions such as authentication,
authorization, network access control, routing, reliable request
retransmission, and security.
VoIP
Note:
It is advised to leave all default settings unless instructed
otherwise.
Port Setting
Configure the port settings on this page, and click “SAVE SETTINGS”
to save the parameters. VoIP providers operate SIP proxies that allow
you to register your VoIP Router on their system so that your can call
friends, family and business associates. Your Belkin/iiNet modem
comes pre-configured for the iiNet VoIP service.
iiNet and Belkin will
only provide support for use with the iiNet VoIP service.
See the table below for a description of the parameters.
Parameter Description
Phone 1/2 Enable:
Enable/disable phone 1 and/or 2.
Phone Number:
Your phone number.
Display Name:
Your name, often the same as your phone number.
SIP Domain:
(From your VoIP provider.)
Sip Server:
(From your VoIP provider.)
Username:
(From your VoIP provider.)
Password:
(From your VoIP provider.)

Rate

4 / 5 based on 1 vote.

Popular iiNet Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top