Page 46 / 83 Scroll up to view Page 41 - 45
B
6 • Advanced Pages
36
servers, FTP servers, mail servers, etc. so that they can be accessible from the public
Internet.
Commonly used Port numbers:
HTTP: 80
FTP: 20, 21
Secure Shell: 22
Telnet: 23
SMTP e-mail: 25
SNMP: 161
To map a port, enter the range of port numbers that should be forwarded locally and the
IP address to which traffic to those ports should be sent. To map only a single port, enter
the same port number in the “start” and “end” locations for that IP address.
Page 47 / 83
B
6 • Advanced Pages
37
Advanced Port Triggers Page
Configure dynamic triggers to specific devices on the LAN. This allows for special
applications that require specific port numbers with bi-directional traffic to function
properly. Applications such as video conferencing, voice, gaming, and some messaging
program features may require these special settings.
The Advanced Port Triggers are not static ports held open all the time. When the
Configuration Manager detects outgoing data on a specific IP port number set in the
“Trigger Range,” the resulting ports set in the “Target Range” are opened for incoming
or bi-directional data. If no outgoing traffic is detected on the “Trigger Range” ports for
10 minutes, the “Target Range” ports close. This is a safer method for opening specific
ports for special applications (e.g. video conferencing programs, interactive gaming, file
transfer in chat programs, etc.) because they are dynamically triggered and not held open
constantly or erroneously left open via the router administrator and exposed for potential
hackers to discover.
Field Descriptions for the Advanced Port Triggers Page
Field
Description
Trigger Range
Start Port
End Port
Starting port number of the Port Trigger range.
Ending port number of the Port Trigger range.
Target Range
Start Port
End Port
Starting port number of the Port Trigger range.
Ending port number of the Port Trigger range.
Protocol
Select
TCP
,
UDP
, or
Both
from the drop-down list.
Enable
Select checkbox to activate the IP port triggers.
Page 48 / 83
B
6 • Advanced Pages
38
Advanced DMZ Host Page
Specify the default recipient of WAN traffic that NAT is unable to translate to a known
local PC. The DMZ (De-militarized Zone) is a computer or small sub-network located
outside the firewall, between the trusted internal private LAN and the untrusted public
Internet, that prevents direct access by outside users to private data.
For example, you can set up a web server on a DMZ computer to enable outside users
to access your website without exposing confidential data on your network.
A DMZ is also useful to play interactive games that may have a problem running through
a firewall. You can leave a computer used for gaming only exposed to the Internet while
protecting the rest of your network.
You can configure one PC to be the DMZ host. This setting is generally used for PCs
using problem applications that use random port numbers and do not function correctly
with specific port triggers or the port forwarding setups. If you set up a PC as a DMZ
Host, set this back to zero when you are finished with the needed application, since this
PC will be effectively exposed to the public Internet, though still protected from Denial of
Service (DoS) attacks via the Firewall.
Setting Up the DMZ Host
1.
Enter the computer’s IP address.
2.
Click
Apply
to activate the selected computer as the DMZ host.
Advanced Routing Information Protocol Setup
Page
Configure Routing Information Protocol (RIP) parameters related to authentication,
destination IP address/subnet mask, and reporting intervals. RIP automatically identifies
and uses the best and quickest route to any given destination address. The RIP protocol
requires negotiation from both sides (CMRG and CMTS) of the network. The ISP usually
sets this up to match their CMTS settings with the configuration in the CMRG.
Note:
RIP messaging is sent upstream only when running in Static IP
Addressing mode on the Basic Setup page. You must enable Static IP
Addressing and then set the WAN IP network information! RIP is normally
a function that is tightly controlled via the ISP. RIP Authentication Keys
and IDs are normally held as secret information from the end user to
prevent unauthorized RIP settings.
Page 49 / 83
B
6 • Advanced Pages
39
Field Descriptions for the Advanced RIP Setup Page
Field
Description
RIP Enable
Enables or disables the RIP protocol.
RIP helps the router dynamically adapt to the changes in the
network. Now obsolete by newer routing protocols, such as
OSPF and ISIS.
RIP Authentication
Adds a plain text password or a shared key to the RIP packet
for the CPE and the wireless router to authenticate each
other.
RIP Authentication Key
Encrypts the plain text password that is enclosed in each RIP
packet.
If you are using the shared key authentication in RIP, you
need to provide a key.
RIP Authentication Key ID
Identifies the key to create the authentication data for the RIP
packet and indicates the authentication algorithm.
RIP Reporting Interval
Determines how long before a RIP packet is sent to the CPE.
RIP Destination IP Address
Sets location where the RIP packet is sent to update the
routing table in your CPE.
RIP Destination IP Subnet
Mask
Specifies which CPE you want to receive the RIP packet.
Page 50 / 83
B
7 • Firewall Pages
40
7
Firewall Pages
Use the Firewall Pages to configure the firewall filters and firewall alert notifications. The
firewall protects the SVG1501 LAN from undesired attacks and other intrusions from the
Internet. The firewall:
Maintains state data for every TCP/IP session on the OSI network and transport
layers.
Monitors all incoming and outgoing packets, applies the firewall policy to each one,
and screens for improper packets and intrusion attempts.
Provides comprehensive logging for all:
User authentications
Rejected internal and external connection requests
Session creation and termination
Outside attacks (intrusion detection)
You can configure the firewall filters to set rules for port usage.
Firewall Web Content Filter Page
Configure the firewall by enabling or disabling various Web filters related to blocking or
exclusively allowing different types of data through the Configuration Manager from the
WAN to the LAN.
You can block Java Applets, Cookies, ActiveX controls, popup windows, and Proxies.
Firewall Protection turns on the Stateful Packet Inspection (SPI) firewall features.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top