Special AP

Some applications require multiple connections, like Internet games, Video conferencing, Internet

telephony, etc. Because of the firewall function, these applications cannot work with a pure NAT

router. The Special Applications feature allows some of these applications to work with this product. If

the mechanism of Special Applications fails to make an application work, try setting your computer as

the DMZ host instead.

1. Trigger: the outbound port number issued by the application..

2. Incoming Ports: when the trigger packet is detected, the inbound packets sent to the specified port

numbers are allowed to pass through the firewall.

This product provides some predefined settings Select your application and click Copy to to add the

predefined setting to your list.

Note! At any given time, only one PC can use each Special Application tunnel.

28

Downloaded from

www.Manualslib.com

manuals search engine

Miscellaneous Items

IP Address of DMZ Host

DMZ (Demilitarized Zone) Host is a host without the protection of firewall. It allows a computer to be

exposed to unrestricted 2-way communication for Internet games, Video conferencing, Internet

telephony and other special applications.

NOTE: This feature should be used only when needed.

Non-standard FTP port

You have to configure this item if you want to access an FTP server whose port number is not 21.

This setting will be lost after rebooting.

Xbox Support

The Xbox is a video game console produced by Microsoft Corporation. Please enable this function

when you play games.

UpnP Setting

Downloaded from

www.Manualslib.com

manuals search engine

The device also supports this function. If the OS supports this function enable it.

Security Settings

30

Downloaded from

www.Manualslib.com

manuals search engine

Packet Filter

Packet Filter enables you to control what packets are allowed to pass the router. Outbound filter

applies on all outbound packets. However, Inbound filter applies on packets that destined to Virtual

Servers or DMZ host only. You can select one of the two filtering policies:

1. Allow all to pass except those match the specified rules

2. Deny all to pass except those match the specified rules

You can specify 8 rules for each direction: inbound or outbound. For each rule, you can define the

following:

• Source IP address

• Source port address

• Destination IP address

• Destination port address

• Protocol: TCP or UDP or both.

• Use Rule#

Downloaded from

www.Manualslib.com

manuals search engine

For source or destination IP address, you can define a single IP address (4.3.2.1) or a range of IP

addresses (4.3.2.1-4.3.2.254). An empty implies all IP addresses.

For source or destination port, you can define a single port (80) or a range of ports (1000-1999). Add

prefix "T" or "U" to specify TCP or UDP protocol. For example, T80, U53, U2000-2999. No prefix

indicates both TCP and UDP are defined. An empty implies all port addresses.

Packet Filter

can

work with

Scheduling Rules

, and give user more flexibility on Access control. For Detail, please refer

to

Scheduling Rule

.

Each rule can be enabled or disabled individually.

Inbound Filter:

To enable

Inbound Packet Filter

click the check box next to

Enable

in the

Inbound Packet Filter

field.

Suppose you have SMTP Server (25), POP Server (110), Web Server (80), FTP Server (21), and

News Server (119) defined in Virtual Server or DMZ Host.

Example 1:

32

Downloaded from

www.Manualslib.com

manuals search engine