Page 51 / 86 Scroll up to view Page 46 - 50
B
6 •
Advanced Pages
50
automatically identifies and uses the best known and quickest route to any given
destination address. To help reduce network congestion and delays, the Advanced RIP
setup is used in WAN networks to identify and use the best known and quickest route to
given destination addresses.
RIP is a protocol that requires negotiation from both sides of the network (i.e., CMRG
and CMTS). The ISP would normally set this up to match their CMTS settings with the
configuration in the CMRG.
Note:
RIP messaging will only be sent upstream when running in Static
IP Addressing mode on the Basic
Setup page. You must enable Static
IP Addressing and then set the WAN IP network information! RIP is
normally a function that is tightly controlled via the ISP. RIP
Authentication Keys and IDs are normally held as secret information
from the end user to prevent unauthorized RIP settings.
Field Descriptions for the Advanced RIP Setup Page
Field
Description
RIP Enable
Enables or disables the RIP protocol.
This protocol helps the router dynamically adapt to the
changes in the network. RIP is now considered obsolete
since newer routing protocols, such as OSPF and ISIS, have
been introduced.
RIP Authentication
If this field is enabled, a plain text password or a shared key
authentication is added to the RIP packet in order for the CPE
and the wireless router to authenticate each other.
RIP Authentication Key
Used to encrypt the plain text password that is enclosed in
each RIP packet.
If you are using the shared key authentication in RIP, you will
need to provide a key.
RIP Authentication Key ID
An unsigned 8-bit field in the RIP packet. This field identifies
the key used to create the authentication data for the RIP
Page 52 / 86
B
6 •
Advanced Pages
51
Field
Description
packet, and it also indicates the authentication algorithm.
RIP Reporting Interval
Determines how long before a RIP packet is sent out to the
CPE.
RIP Destination IP Address
Location where the RIP packet is sent to update the routing
table in your CPE.
RIP Destination IP Subnet
Mask
Specifies which CPE you want to receive the RIP packet.
Page 53 / 86
B
7 •
Firewall Pages
52
7
Firewall Pages
The SBG901 Firewall Pages allow you to configure the SBG901 firewall filters and
firewall alert notifications. The SBG901 firewall protects the SBG901 LAN from
undesired attacks and other intrusions from the Internet. It provides an advanced,
integrated stateful-inspection firewall supporting intrusion detection, session tracking,
and denial-of-service attack prevention. The firewall:
Maintains state data for every TCP/IP session on the OSI network and transport
layers.
Monitors all incoming and outgoing packets, applies the firewall policy to each one,
and screens for improper packets and intrusion attempts.
Provides comprehensive logging for all:
User authentications
Rejected internal and external connection requests
Session creation and termination
Outside attacks (intrusion detection)
You can configure the firewall filters to set rules for port usage. For information about
choosing a predefined firewall policy template, see the Firewall Pages.
You can click any Firewall submenu option to view or change the firewall configuration
information for that option.
For information about how the firewall can affect gaming, see
Gaming Configuration
Guidelines
.
The predefined policies provide outbound Internet access for computers on the SBG901
LAN. The SBG901 firewall uses
stateful-inspection
to allow inbound responses when
there already is an outbound session running that corresponds to the data flow. For
example, if you use a web browser, outbound HTTP connections are permitted on port
80. Inbound responses from the Internet are allowed because an outbound session is
established.
When required, you can configure the SBG901 firewall to allow inbound packets without
first establishing an outbound session. You also need to configure a port forwarding
entry on the
Advanced Port Forwarding Page
or a DMZ client on the
Advanced DMZ
Host Page
.
Page 54 / 86
B
7 •
Firewall Pages
53
Firewall Web Content Filter Page
This page allows you to configure the firewall by enabling or disabling various Web filters
related to blocking or exclusively allowing different types of data through the
Configuration Manager from the WAN to the LAN.
Java Applets, Cookies, ActiveX controls, popup windows, and Proxies can be blocked
from this page. Firewall Protection turns on the Stateful Packet Inspection (SPI) firewall
features. Block Fragmented IP packets prevent all fragmented IP packets from passing
through the firewall. Port Scan Detection detects and blocks port scan activity originating
on both the LAN and WAN. IP Flood Detection detects and blocks packet floods
originating on both the LAN and WAN.
Checkmark
Enable
for each Web filter you want to set for the firewall, and then click
Apply
. The Web filters will activate without having to reboot the SBG901 Configuration
Manager.
Note:
At least one Web filter or feature must be enabled for the firewall
to be active. Make sure the firewall is not disabled.
Page 55 / 86
B
7 •
Firewall Pages
54
Firewall Local Log Page
This page allows you to set up how to send notification of the firewall event log in either
of the following formats:
Individual e-mail alerts sent out automatically each time the firewall is under attack
Local log is stored within the modem and displayed in table form on the Local Log
page
Field Descriptions for the Firewall Local Log Page
Field
Description
Contact Email Address
Your email address
SMTP Server Name
Name of the e-mail (Simple Mail Transfer Protocol)
server.
The firewall page needs your email server name to
send a firewall log to your email address. You can
obtain the SMTP server name from your Internet
service provider.
E-mail Alerts
Enable or disable e-mailing firewall alerts.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top