Page 26 / 94 Scroll up to view Page 21 - 25
21
4.4 Advanced
4.4.1 Basic Setting
Downloaded from
www.Manualslib.com
manuals search engine
Page 27 / 94
22
Discard PING from WAN side
When this feature is enabled, any host on the WAN cannot ping this product.
SPI Mode
When this feature is enabled, the router will record the packet information pass through the router like IP address,
port address, ACK, SEQ number and so on. And the router will check every incoming packet to detect if this packet
is valid.
DoS Attack Detection
When this feature is enabled, the router will detect and log the DoS attack comes from the Internet. Currently, the
router can detect the following DoS attack: SYN Attack, WinNuke, Port Scan, Ping of Death, Land Attack etc.
4.4.2 MAC Address Control
MAC Address Control allows you to assign different access right for different users and to assign a specific IP
address to a certain MAC address.
MAC Address Control
Check
Enable
to enable the
MAC Address Control
. All of the settings in this page
will take effect only when
Enable
is checked.
Connection control
Check "Connection control" to enable the controlling of which wired and wireless
clients can connect to this device. If a client is denied to connect to this device, it
means the client can't access to the Internet either. Choose "allow" or "deny" to allow
or deny the clients, whose MAC addresses are not in the "Control table" (please see
below), to connect to this device.
Association control
Check "Association control" to enable the
Downloaded from
www.Manualslib.com
manuals search engine
Page 28 / 94
23
controlling of which wireless client can
associate to the wireless LAN. If a client is
denied to associate to the wireless LAN, it
means the client can't send or receive any data
via this device. Choose "allow" or "deny" to
allow or deny the clients, whose MAC
addresses are not in the "Control table", to
associate to the wireless LAN.
Control table
"Control table" is the table at the bottom of the "MAC Address Control" page. Each
row of this table indicates the MAC address and the expected IP address mapping of a
client. There are four columns in this table:
MAC Address
MAC address indicates a specific client.
IP Address
Expected IP address of the corresponding
client. Keep it empty if you don't care its IP
address.
C
When "
Connection control
" is checked,
check "
C
" will allow the corresponding client
to connect to this device.
A
When "
Association control
" is checked,
check "
A
" will allow the corresponding client
to associate to the wireless LAN.
In this page, we provide the following Combobox and button to help you to input the MAC address.
You can select a specific client in the
DHCP clients
Combobox, and then click on the
Copy to
button to copy the
Downloaded from
www.Manualslib.com
manuals search engine
Page 29 / 94
24
MAC address of the client you select to the ID selected in the
ID
Combobox.
Previous page and Next Page
To make this setup page simple and clear, we have divided the
Control table
into several pages. You can use these buttons to navigate to different pages.
4.4.3 Packet Filtering
Packet Filter enables you to control what packets are allowed to pass the router. Outbound filter applies on all
outbound packets. However, Inbound filter applies on packets that destined to Virtual Servers or DMZ host only. You
can select one of the two filtering policies:
1.
Allow all to pass except those match the specified rules
2.
Deny all to pass except those match the specified rules
You can specify 8 rules for each direction: inbound or outbound. For each rule, you can define the following:
Source IP address
Source port address
Destination IP address
Destination port address
Protocol: TCP or UDP or both.
Use Rule#
Downloaded from
www.Manualslib.com
manuals search engine
Page 30 / 94
25
For source or destination IP address, you can define a single IP address (4.3.2.1) or a range of IP addresses
(4.3.2.1-4.3.2.254). An empty implies all IP addresses.
For source or destination port, you can define a single port (80) or a range of ports (1000-1999). Add prefix "T" or
"U" to specify TCP or UDP protocol. For example, T80, U53, U2000-2999. No prefix indicates both TCP and UDP
are defined. An empty implies all port addresses.
Packet Filter
can work with
Scheduling Rules
, and give user
more flexibility on Access control. For Detail, please refer to
Scheduling Rule
.
Each rule can be enabled or disabled individually.
Inbound Filter:
To enable
Inbound Packet Filter
click the check box next to
Enable
in the
Inbound Packet Filter
field.
Suppose you have SMTP Server (25), POP Server (110), Web Server (80), FTP Server (21), and News Server (119)
defined in Virtual Server or DMZ Host.
Example 1:
(1.2.3.100-1.2.3.149) They are allow to send mail (port 25), receive mail (port 110), and browse the Internet (port
80)
Downloaded from
www.Manualslib.com
manuals search engine

Rate

3.5 / 5 based on 2 votes.

Popular MSI Models

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top