Page 56 / 127 Scroll up to view Page 51 - 55
45
Chapter 6: Setting up and Configuring the Router
Port Management Tab - Port Status
10/100 16-Port VPN Router
Port Management Tab - Port Status
To see the status information and settings for a specific port, select its ID number or name from the
Port ID
drop-down menu.
For the selected port, the Summary table will show these settings: Type, Interface, Link Status, Port Activity,
Priority, Speed Status, Duplex Status, and Auto negotiation.
For the selected port, the Statistics table will show these statistics: number of packets received, number of
packet bytes received, number of packets transmitted, number of packet bytes transmitted, and number of
packet errors.
Click the
Refresh
button to retrieve the most recent settings and statistics.
Figure 6-42: Port Status
Downloaded from
www.Manualslib.com
manuals search engine
Page 57 / 127
46
Chapter 6: Setting up and Configuring the Router
Firewall Tab - General
10/100 16-Port VPN Router
Firewall Tab - General
Using the screens of the Firewall tab, you can configure the Router to block or allow Internet access for specific
internal users. You can also configure the Router to block or allow access to internal servers for specific Internet
users. On the
Access Rules
screen, you can set up different packet filters for various users located on the internal
network (LAN) or external network (WAN or Internet) based on their IP addresses or their network port numbers.
Firewall. The firewall is enabled by default. If you disable the firewall, then the SPI, DoS, and Block WAN Request
features as well as the Access Rules and Content Filters will also be disabled, and the Remote Management
feature will be enabled.
SPI (Stateful Packet Inspection). The SPI feature is enabled by default. The Router's firewall uses Stateful Packet
Inspection to review the information that passes through the firewall. It will inspect all packets based on the
established connection, prior to passing the packets for processing through a higher protocol layer.
DoS (Denial of Service). The DoS feature is enabled by default. It protects internal networks from Internet attacks,
such as SYN Flooding, Smurf, LAND, Ping of Death, IP Spoofing, and reassembly attacks.
Block WAN Request. This feature is enabled by default and is designed to prevent attacks through the Internet.
When it is enabled, the Router will drop both unaccepted TCP request and ICMP packets from the WAN side.
Hackers will not find the Router by pinging the WAN IP address. If the Router’s DMZ feature is enabled, then the
Block WAN Request feature will be disabled.
Remote Management. The Router supports remote management. This feature is disabled by default. If you want
to manage this Router through a WAN connection, click
Enable
. Then select the port number you want to use
(port 80 or port 8080 is usually used for remote management).
Multicast Pass Through. IP Multicasting occurs when a single data transmission is sent to multiple recipients at
the same time. This feature is disabled by default. If it is enabled, then the Router allows IP multicast packets to
be forwarded to the appropriate computers.
MTU (Maximum Transmission Unit). This feature specifies the largest packet size permitted for network
transmission. It is recommended that you use the Auto option; however, you may manually set the MTU value. The
default MTU size is
1500
bytes.
Click the
Save Settings
button to save your changes, or click the
Cancel Changes
button to undo your changes.
Figure 6-43: General Firewall
Downloaded from
www.Manualslib.com
manuals search engine
Page 58 / 127
47
Chapter 6: Setting up and Configuring the Router
Firewall Tab - Access Rules
10/100 16-Port VPN Router
Firewall Tab - Access Rules
Access Rules evaluate network traffic to decide whether or not it is allowed to pass through the Router’s firewall.
Access Rules look specifically at a data transmission’s source IP address, destination IP address, and IP protocol
type, and you can apply each Access Rule according to a different schedule.
With the use of custom rules, it is possible to disable all firewall protection or block all access to the Internet, so
use extreme caution when creating or deleting Access Rules.
The Router has the following Default Rules:
All traffic from the LAN to the WAN is allowed.
All traffic from the WAN to the LAN is denied.
All traffic from the LAN to the DMZ is allowed.
All traffic from the DMZ to the LAN is denied.
All traffic from the WAN to the DMZ is allowed.
All traffic from the DMZ to the WAN is allowed.
Custom rules can be created to override the above Default Rules, but there are four additional default rules that
will be always active and cannot be overridden by any custom rules.
HTTP service from the LAN to the Router is always allowed.
DHCP service from the LAN is always allowed.
DNS service from the LAN is always allowed.
Ping service from the LAN to the Router is always allowed.
Except for the Default Rules, all configured Access Rules are listed in the Access Rules table, and you can set the
priority for each custom rule. The Access Rules table lists the following information for each Access Rule: Priority,
Enable status, Action, Service, Source Interface, Source, Destination, Time, and Day. Click the
Edit
button to edit
an Access Rule, and click the
Trash Can
icon to delete an Access Rule. If the Access Rules table has multiple
pages, select a different page to view from the
Jump to
drop-down menu. If you want more or fewer entries listed
per page, select a different number from the
entries per page
drop-down menu.
Click the
Save Settings
button to save your changes, or click the
Cancel Changes
button to undo your changes.
Click
Add New Rule
button to add new Access Rules, and the
Add a New Access Rule
screen will appear. Click
the
Restore to Default Rules
button to restore the Default Rules and delete the custom Access Rules.
Figure 6-44: Access Rules
Downloaded from
www.Manualslib.com
manuals search engine
Page 59 / 127
48
Chapter 6: Setting up and Configuring the Router
Firewall Tab - Access Rules
10/100 16-Port VPN Router
Add a New Rule
Services. If you need help to set up the Access Rules, click the
Wizard
button. For more details, see the Wizard
Tab section. Otherwise, follow these instructions:
1.
For the Action setting, select
Allow
or
Deny
from the pull-down menu, depending on the purpose of the
Access Rule.
2.
Select the service you want from the
Service
pull-down menu. If the Service you need is not listed in the
menu, click the
Service Management
button to add the new service. A new screen will appear. Enter a name
in the
Service Name
field. From the
Protocol
drop-down menu, select the protocol it uses. Enter its range in
the
Port Range
fields. Click the
Add to List
button. Then, click the
Save Setting
button to save your changes.
Click the
Cancel Changes
button to cancel your changes. Click the
Exit
button to return to the
Add a New
Access Rule
screen.
If you want to modify a service you have created, select it and click the
Update this service
button. Then,
click the
Save Setting
button to save your changes. Click the
Exit
button to return to the
Add a New Access
Rule
screen.
If you want to delete a service you have created, select it and click the
Delete selected service
button. Then,
click the
Save Setting
button to save your changes. Click the
Exit
button to return to the
Add a New Access
Rule
screen.
If you want to add another service, click the
Add New
button. Enter a name in the
Service Name
field. From
the
Protocol
drop-down menu, select the protocol it uses. Enter its range in the
Port Range
fields. Click the
Add to List
button. Then, click the
Save Setting
button to save your changes. Click the
Cancel Changes
button to cancel your changes. Click the
Exit
button to return to the
Add a New Access Rule
screen.
3.
For this service, you can decide whether or not you want the Router to keep a log tracking this type of activity.
To keep a log, select
Log packets matching this access rule
. If you don’t want a log, select
Do not log
packets matching this access rule
.
4.
Select the appropriate Source Interface (LAN, DMZ, Any, WAN1, WAN2...) from the pull-down menu. (The WAN
ports available depend on the number of WAN ports set on the
Network
or
Port Management
screen.)
5.
Select the Source IP address(es) for this Access Rule. If it can be any IP address, select
Any
. If it is one IP
address, select
Single
and enter the IP address in the
Source IP
fields. If it is a range of IP addresses, select
Range
, and enter the IP addresses in the
Source IP
fields.
Figure 6-45: Add a New Access Rule
Downloaded from
www.Manualslib.com
manuals search engine
Page 60 / 127
49
Chapter 6: Setting up and Configuring the Router
Firewall Tab - Content Filter
10/100 16-Port VPN Router
6.
Select the Destination IP address(es) for this Access Rule. If it can be any IP address, select
Any
. If it is one IP
address, select
Single
and enter the IP address in the
Destination IP
fields. If it is a range of IP addresses,
select
Range
, and enter the IP addresses in the
Destination IP
fields.
7.
Decide when you want this Access Rule to be enforced, and enter the hours and minutes in 24-hour format.
The default condition for any new rule is to always enforce it.
Decide which days of the week you want the Access Rule to be enforced, and select the appropriate days.
Click the
Save Settings
button to save your changes, or click the
Cancel Changes
button to undo your changes.
Click the
Back
button to return to the
Access Rules
screen.
Firewall Tab - Content Filter
Use this screen to block specific domains during the designated days and times.
When the
Block Forbidden Domains
checkbox is selected, the Router will forbid access to websites on the
Forbidden Domains list. To add a domain to the list, enter the address of the domain in the
Add
field, and then
click the
Add to list
button. To remove a domain from the list, select the domain, and click the
Delete selected
domain
button.
When will this content filter be in effect? If you want the content filter enforced 24 hours a day, keep the default,
always
,
or enter a range of hours and minutes to designate the enforcement period. Then select the day(s) of the
week you want the content filter enforced. If you want the content filter enforced daily, then keep the default,
Everyday
. For example, you could configure the Router to filter employee Internet access during normal business
hours, but allow unrestricted access at night and on weekends. The default condition is to always enforce it.
Click the
Save Settings
button to save your changes, or click the
Cancel Changes
button to undo your changes.
Figure 6-46: Content Filter
Downloaded from
www.Manualslib.com
manuals search engine

Rate

4.7 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top