29

Chapter 5: Configuring the Wireless-G Home Router

The Security Tab - VPN Passthrough

Wireless-G Home Router

When you finish making changes to this screen, click the

Save Settings

button to save the changes, or click the

Cancel Changes

button to undo your changes. Help information is shown on the right-hand side of the screen.

For additional help, click

More

.

The Security Tab - VPN Passthrough

Use the settings on this tab to allow VPN tunnels using IPSec, PPTP, or L2TP protocols to pass through the

Router’s firewall.

IPSec Passthrough

. Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange

of packets at the IP layer. To allow IPSec tunnels to pass through the Router, click

Enable

.

IPSec Pass-Through is

enabled by default.

PPTP Passthrough

. Point-to-Point Tunneling Protocol (PPTP) allows the Point-to-Point Protocol (PPP) to be

tunneled through an IP network. To allow PPTP tunnels to pass through the Router, click

Enable

. PPTP Pass-

Through is enabled by default.

L2TP Passthrough

. Layer 2 Tunneling Protocol is the method used to enable Point-to-Point sessions via the

Internet on the Layer 2 level. To allow L2TP tunnels to pass through the Router, click

Enable

. L2TP Pass-Through

is enabled by default.

When you finish making changes to this screen, click the

Save Settings

button to save the changes, or click the

Cancel Changes

button to undo your changes. Help information is shown on the right-hand side of the screen.

For additional help, click

More

.

The Security Tab - ARP

Prevent ARP attack

. Enable/Disable the Prevent ARP attack.

ARP Broadcast Rate

. Set frequency for Router to broadcast the MAC address. If "Random" is selected, the

frequency is 1 to 9 times per second. To manually specify the number of broadcast per second, choose "Fixed

schedule". "0" value means that the broadcast will not be sent out.

Edit IP-MAC mapping list

. Click on "Edit IP-MAC mapping list" to enter into IP-MAC binding page. To add a new

IP-MAC address mapping list, enter the IP address and MAC Address accordingly on the top section. Then click

the "Add" button to add it into the list below.

Note that if the entry of IP-MAC address mapping list already exists, the Router will ignore the new add-in. If the

IP address is already entered, the Router will replace it with the new MAC address.

Figure 5-29: Security Tab - VPN Passthrough

Figure 5-30: Security Tab - ARP

30

Chapter 5: Configuring the Wireless-G Home Router

The Access Restrictions Tab - Internet Access

Wireless-G Home Router

Figure 5-31: Access Restrictions Tab - Internet Access

Figure 5-32: Internet Policy Summary

Figure 5-33: List of PCs

The lower portion of this page is the list of IP-MAC mapping entries. To delete one entry, select first the checkbox

of entry that you want to delete. Then click on "Delete" button.

User can also utilize the ARP Search button to automatically search for the current IP-MAC address mapping list

in the ARP table. Click the checkbox of the entries that you want to add into the mapping list. Then click on "Add"

button to add it into the list.

Finally, click

Save

to save all the changes.

The Access Restrictions Tab - Internet Access

The

Internet Access

screen allows you to block or allow specific kinds of Internet usage and traffic, such as

Internet access, designated services, websites, and inbound traffic during specific days and times.

Default Policy

. Allows or denies the client PCs that are not in the Internet Access Policy table.

Internet Access Policy.

This feature allows you to customize up to ten different Internet Access Policies for

specified PCs, which are identified by their IP or MAC addresses, during the days and time periods specified. Click

Delete

to delete a policy or

Summary

to view a summary of the policy.

To create or edit a policy, follow these instructions:

1.

Select the policy number (1-10) in the drop-down menu.

2.

Enter a name in the

Enter Profile Name

field.

3.

Click the

Edit List of PCs

button.

4.

On the List of PCs screen, specify PCs by IP address or MAC address. Enter the appropriate IP addresses into

the IP fields. If you have a range of IP addresses to filter, complete the appropriate IP Range fields. Enter the

appropriate MAC addresses into the MAC fields.

5.

Click the

Apply

button to save your changes. Click the Cancel button to cancel your unsaved changes. Click

the Close button to return to the Filters screen.

6.

If you want to block the listed PCs from Internet access during the designated days and time, then keep the

default setting, Disable Internet Access for Listed PCs. If you want the listed PCs to be able to access the

Internet during the designated days and time, then click the radio button next to

Enable Internet Access

for

Listed PCs

.

7.

Set the days when access will be filtered. Select Everyday or the appropriate days of the week.

31

Chapter 5: Configuring the Wireless-G Home Router

The Access Restrictions Tab - Internet Access

Wireless-G Home Router

8.

Set the time when access will be filtered. Select

24 Hours

, or check the box next to

From

and use the drop-

down boxes to designate a specific time period.

9.

Click the

Add to Policy

button to save your changes and active it.

10. To create or edit additional policies, repeat steps 1-9.

Status

. Enable or disable a policy.

Policy Name

. You may assign a name to your policy.

Days

. Choose the day of the week you would like your policy to be applied.

Timing Control

. Enter the time of the day you would like your policy to apply. The Router is not designed to have

a built-in battery mechanism for a real time clock, so shutting down or rebooting the Router will cause the Router

clock to be out-of-date. The Router will automatically check the NTP and correct the time when its internet

connection resumes. In case that the NTP is unreachable, you will have to reconfigure the Router clock to ensure

that all these time-specific functions will work properly. Because of the interval of the page refresh timing, the

clock may have a maximum of two minutes variance.

If you have enabled the

Timing Contro

l on Internet Access function and leave the Router unused (power-off or not

connected to internet) for a long period of time, you will have to check the Router clock and ensure it has the right

time by the time you start to use the Router again. If the Router fails to connect to the NTP servers and can't get

the time updated, you may need to change to different NTP servers. You have to make sure of the right Router

time setting to ensure that

Timing Control

function works correctly.

Blocked Services

. You may choose to block access to certain services. Click

Add/Edit Services

to modify these

settings.

Website Blocking by URL

. You can block access to certain websites by entering their URL.

Website Blocking by Keyword

. You can block access to certain website by the keywords contained in their

webpage.

Default Access Rule

. This is the global control of the Router's default access rule. It has allow or deny options. If

you select allow as the default action, the Router will allow all types of applications at any time to access the

Internet. Also you can set up to 10 access control policies to deny the PC or certain types of Internet services in a

certain time to access the Internet. Aalso known as the Black List.)

If Deny has been selected as a default rule, the Router by default will deny all types of access at any time to

access the internet. Also, you can set up to 10 access control policies to allow the PCs or certain types of Internet

services in a certain time to access the Internet. (Also known as the White List.)

Figure 5-34: Port Services

32

Chapter 5: Configuring the Wireless-G Home Router

The Access Restrictions Tab - Internet Access

Wireless-G Home Router

Note:

1.

The Router factory default setting is allow. Router will automatically create one policy rule (as rule #1 in the

list) "default dns allow". This is to give convenience to allow the basic Internet surfing service application.

This rule is editable. You can edit or remove it. If happens you just key in the rule in the first entry of the list,

the Router will automatically bring it to the 2nd entry of the list.

2.

If the default policy rule has been changed from allow to deny or vice versa, the Router will delete all previous

settings accordingly. Router will only save the current settings of access policy rules.

3.

In service selection menu, if you select the HTTP service, the other Web URL address and Web Keyword

options will become invalid. In order to use Web URL address or Web Keyword options, select

None

in

Services Selection menu.

Click the

Save Settings

button to save the policy’s settings. To cancel the policy’s settings, click the

Cancel

Changes

button.

When you finish making changes to this screen, click the

Save Settings

button to save the changes, or click the

Cancel Changes

button to undo your changes. Help information is shown on the right-hand side of the screen.

For additional help, click

More

.

The Applications and Gaming Tab - Single Port Forward

Single Port Forward

. Certain applications may require to open specific ports in order for it to function correctly.

Examples of these applications include servers and certain online games. Basically, this sets up public services

on your network, such as web servers, ftp servers, e-mail servers, or other specialized Internet applications.

(Specialized Internet applications are any applications that use Internet access to perform functions such as

videoconferencing or online gaming. Some Internet applications may not require any forwarding.)

When users send this type of request to your network via the Internet, the Router will forward those requests to

the appropriate PC. Any PC whose port is being forwarded must have its DHCP client function disabled and must

have a new static IP address assigned to it because its IP address may change when using the DHCP function.

Applications

. Ten applications are preset. For custom applications, enter the name of your application in one of

the available fields.

The preset applications are among the most widely used Internet applications. They include the following:

FTP

(File Transfer Protocol). A protocol used to transfer files over a TCP/IP network (Internet, UNIX, etc.). For

example, after developing the HTML pages for a website on a local machine, they are typically uploaded to the

web server using FTP.

Figure 5-35: Single Port Forward

33

Chapter 5: Configuring the Wireless-G Home Router

The Access Restrictions Tab - Internet Access

Wireless-G Home Router

Telnet

. A terminal emulation protocol commonly used on Internet and TCP/IP-based networks. It allows a user at

a terminal or computer to log onto a remote device and run a program.

SMTP

(Simple Mail Transfer Protocol). The standard e-mail protocol on the Internet. It is a TCP/IP protocol that

defines the message format and the message transfer agent (MTA), which stores and forwards the mail.

DNS

(Domain Name System). The way that Internet domain names are located and translated into IP addresses. A

domain name is a meaningful and easy-to-remember "handle" for an Internet address.

TFTP

(Trivial File Transfer Protocol). A version of the TCP/IP FTP protocol that has no directory or password

capability.

Finger

. A UNIX command widely used on the Internet to find out information about a particular user, such as a

telephone number, whether the user is currently logged on, and the last time the user was logged on. The person

being "fingered" must have placed his or her profile on the system in order for the information to be available.

Fingering requires entering the full user@domain address.

HTTP

(HyperText Transport Protocol). The communications protocol used to connect to servers on the World Wide

Web. Its primary function is to establish a connection with a web server and transmit HTML pages to the client

web browser.

POP3

(Post Office Protocol 3). A standard mail server commonly used on the Internet. It provides a message store

that holds incoming e-mail until users log on and download it. POP3 is a simple system with little selectivity. All

pending messages and attachments are downloaded at the same time. POP3 uses the SMTP messaging protocol.

NNTP

(Network News Transfer Protocol). The protocol used to connect to Usenet groups on the Internet. Usenet

newsreaders support the NNTP protocol.

SNMP

(Simple Network Management Protocol). A widely used network monitoring and control protocol. Data is

passed from SNMP agents, which are hardware and/or software processes reporting activity in each network

device (hub, Router, bridge, etc.) to the workstation console used to oversee the network. The agents return

information contained in a MIB (Management Information Base), which is a data structure that defines what is

obtainable from the device and what can be controlled (turned off, on, etc.).

Ext.Port

. Enter the number of the Ext.Port(the port number seen by users on the Internet).

Protocol

. Select TCP if the application requires TCP. Or select UDP if the application requires UDP. If the

application requires both TCP and UDP, please select Both.

Int.Port

. Enter the number of the Int.Port (the port number used by inter users which corresponds with Ext.Port).