Luxul XBR-2300 Router Manual PDF (Setup & Configuration Guide)

Page 31 / 52 Scroll up to view Page 26 - 30

luxul.com

|

357 South 670 West

|

Suite 160

|

Lindon, UT 84042

|

p: 801-822-5450

|

f: 801-822-5460

User Guide

31

±

Schedule:

The name of the desired Schedule

±

URL String:

The String you would like to ﬁlter (i.e. test, yahoo, facebook, etc)

±

Extension:

Domains or extension sufﬁx (i.e. .com, .biz, .org, .exe, .rar, etc.)

NOTE:

The conﬁgured Client Filter will only affect the devices in the

range of the speciﬁed IP Group during the schedule you have

selected. All other trafﬁc will be allowed to pass.

Example:

If you do not want the computers with IP addresses of 192.168.0.20 to

192.168.0.30 (IP Group=Test) to visit HTTP websites associated with “Yahoo” from

06:00-19:00 (Schedule=work days) Monday through Friday, you would set the Client

Filter rule as follows:

This is what the created Rule will look like after clicking on “Save”

5.4.5 Bandwidth/NAT

The Bandwidth/NAT section has two submenus: Bandwidth Settings and NAT

Settings. These settings allow for the control of how much Bandwidth is available

to client devices, as well as which WAN IP Address is used for NAT on a speciﬁc

range of devices.

5.4.5.1 Bandwidth Settings

Bandwidth Settings allows the control of bandwidth allocated to each device on

the network. The XBR-2300 can control the bandwidth for up to 256 individual

client devices. IP address ranges are also supported.

Page 32 / 52

User Guide

32

±

Enable:

Enables or Disables Bandwidth control for the speciﬁed device(s)

±

IP Address:

Sets the IP Address(es) for bandwidth controlled devices

±

Uplink Range:

Maximum upload data rate per device

±

Downlink Range:

Maximum download data rate per device

±

Uplink /Downlink Mode:

Selects whether the speciﬁed limits are to be shared

by devices in the range or if each individual device is allocated this limit

±

Uplink/Downlink Policy:

Selects whether or not surplus bandwidth can be used

NOTE:

if you choose “when the bandwidth has a surplus, you can use

more bandwidth”, the XBR-2300 will automatically manage the

upload and download ﬂow.

±

Description:

Name of Bandwidth Control Rule

5.4.5.2 NAT Settings

NAT Settings allow for the speciﬁcation of the maximum number of NAT Table

entries created by a device or group of devices on the network. This basically limits

the number of websites a device can visit at any given time.

Page 33 / 52

luxul.com

|

357 South 670 West

|

Suite 160

|

Lindon, UT 84042

|

p: 801-822-5450

|

f: 801-822-5460

User Guide

33

±

Starting IP Address/Ending IP Address:

Enter the IP address range you would

like to control

±

Type:

Select the NAT Setting control type (Independent or Shared)

w

Independent: Takes effect on each IP address and controls the maximum NAT

entries of each device

w

Shared: Takes effect on the whole IP group and controls the total entries of

the devices within the IP group

±

NAT Connection Limit:

Indicates the maximum NAT entries allowed. This can be

a range from 1 to 9999

±

Enable:

Enables the NAT Connection Limit function

NOTE:

In order for the new NAT Settings to take effect, the XBR-2300

must be rebooted .

5.5 Security

The Security section consists of the following submenus:

±

5.5.1 MAC Filter

±

5.5.2 ARP Defense

±

5.5.3 WAN Attack Defense

±

5.5.4 LAN Attack Defense

±

5.5.5 IP-MAC Binding

±

5.5.6 Attack List

5.5.1 MAC Filter

The XBR-2300 has the ability to limit Internet access by MAC Address. This function

can be used to block unknown devices from accessing the Internet.

Page 34 / 52

User Guide

34

±

Internet Access:

Enable or Disable the Internet Access of a speciﬁed device

w

Disable: Blocks the MAC Address listed from connecting to the Internet

w

Enable: Allows the MAC Address listed access to the Internet

±

Remark:

Name of the MAC Address ﬁlter (user deﬁned)

±

MAC:

The MAC Address of the device to be ﬁltered

±

Time:

The Start and End time of the rule. The default value is 000-2400 hours

±

Day:

Selects the days of the week the ﬁlter should be in effect

5.5.2 ARP Defense

This function helps prevent ARP attacks and cheats. To protect the network, the

ARP defense is enabled by default within the XBR-2300. The default ARP broadcast

interval is one second and can be set from 1-60 seconds.

5.5.3 WAN Attack Defense

The XBR-2300 can block the following primary types of attacks: Scan Attacks, DoS

Attacks, Suspicious Packets, Packets Containing IP Options and Other Attacks (i.e.

Shockwave, Sasser, and other Viruses).

Page 35 / 52

luxul.com

|

357 South 670 West

|

Suite 160

|

Lindon, UT 84042

|

p: 801-822-5450

|

f: 801-822-5460

User Guide

35

Scan Attacks Defense

±

IP Scan:

A source IP sends ICMP request packets to 10 different destination IP

addresses within the deﬁned time limit. The XBR-2300 drops all ICMP requests

once the limit is reached

±

Port Scan:

A source IP sends TCP SYN request packets to 10 different ports of

one destination address within the deﬁned time limit. The XBR-2300 drops all

request packets once the limit is reached

±

IP Cheat:

Attempts to block LAN devices using an Internet Proxy to bypass

access restrictions.

NOTE:

This function takes effect on LAN ports

Denial of Service (DoS) Attacks Defense

±

ICMP Flood:

If ICMP request packets exceed the speciﬁed limit, all ICMP

trafﬁc will be blocked

±

UDP Flood:

If UDP packets exceed the speciﬁed limit, all UDP trafﬁc will

be blocked

±

SYN Flood:

If TCP SYN packets targeted to a speciﬁc IP Address exceed the

speciﬁed limit, all TCP SYN requests will be blocked

±

LAND Attack:

When enabled, the XBR-2300 will attempt to drop all trafﬁc

that matches the following deﬁnition: SYN packets that include the device’s IP

address as both the source and destination IP address

Rate

Popular Luxul Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share