1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. CBVG834G
    5. /
  5. 10
Page 46 / 82 Scroll up to view Page 41 - 45
Wireless Cable Voice Gateway Model CBVG834G Adminstrators User Manual
3-6
Protecting Your Network
v1.0, February 2008
Enabling or Disabling Content Filtering Services
You can use the Services screen to disable or enable certain gateway features. From the main
menu, select Services. The Services screen displays:
Selecting the check box for a service enables it. Clearing the check box disables the corresponding
service. If you make changes, then you must click
Apply
in order for the changes to take effect.
The services are described as follows:
Firewall Features
.
Enabled by default. The gateway will perform stateful packet inspection
(SPI) and protect against Denial of Service (DoS) attacks.
Ipsec Pass-Through
. Enabled by default. IPSec and PPTP traffic will be forwarded. When it
is disabled, this traffic will be blocked.
PPTP Pass-Through
. Enabled by default. PPTP traffic will be forwarded. When it is disabled,
this traffic will be blocked.
Multicast.
Enabled by default. The gateway can pass multicasting streams through the
firewall.
Web Features
. Disabled by default. If enabled, certain Web-oriented features such as cookies,
java scripts, or pop-up windows will be blocked by the firewall. For example, if you enable
Filter Cookies
, many websites will not allow you to access their site.
Note:
To go to the Services screen, you must be logged in as
MSO
.
Figure 3-4
Page 47 / 82
Wireless Cable Voice Gateway Model CBVG834G Adminstrators User Manual
Protecting Your Network
3-7
v1.0, February 2008
Using MAC Filtering to Block Access
By default, any computer has access to the Internet through your gateway. MAC Filtering allows
you to block access to the Internet to any computer on your LAN based on the hardware MAC
address of its Ethernet or wireless adapter.
To configure MAC Filtering:
1.
Log in to the gateway at its default LAN address by entering
, the parent
user name
MSO
, and default password of
changeme
; or use whatever password and LAN
address you have chosen for the gateway.
2.
Under the Advanced heading on the main menu, select MAC Filtering. The MAC Filtering
screen displays:
The Trusted Devices table is at the top of this screen. It shows devices that are currently connected
to the wireless voice gateway.
Note:
To configure MAC Filtering, you must be logged in as
MSO
.
Figure 3-5
Page 48 / 82
Wireless Cable Voice Gateway Model CBVG834G Adminstrators User Manual
3-8
Protecting Your Network
v1.0, February 2008
To add a device to the Trusted Devices table:
1.
Select a device using one of the following methods:
If the device is in the Trusted Devices table, click the radio button of that PC to capture is
MAC address.
If the device is not in the Trusted Devices table, you can manually enter the MAC address
of the PC you want to block. If no Device Name displays when you enter its MAC
address, you can type a descriptive name in the
Device Name
field.
2.
Click
Add
. The device is listed in the Trusted Devices table.
To delete a device from the Trusted Devices table:
1.
Select the MAC address of the PC from the Trusted Devices table.
2.
Click
Delete
to delete the entry.
3.
Click
Apply
to activate the settings.
Inbound and Outbound Rules
You can use firewall rules to block or allow specific traffic passing through from one side to the
other. Inbound rules (WAN to LAN) restrict access by outsiders to private resources, selectively
allowing only specific outside users to access specific resources. Outbound rules (LAN to WAN)
determine what outside resources local users can have access to.
A firewall has two default rules, one for inbound traffic and one for outbound. The default rules of
the gateway are:
Inbound:
Block all access from outside except responses to requests from the LAN side.
Instructions for setting up inbound rules can be found in
“Port Forwarding” on page 3-10
Outbound:
Allow all access from the LAN side to the outside. Use Port Blocking to set up
outbound rules (see
“Enabling or Disabling Content Filtering Services” on page 3-6
).
You may define more rules that specify exceptions to the default rules. By adding custom rules,
you can block or allow access based on the service or application, source or destination IP
addresses, and time of day.
Page 49 / 82
Wireless Cable Voice Gateway Model CBVG834G Adminstrators User Manual
Protecting Your Network
3-9
v1.0, February 2008
Port Blocking
You can use Port Blocking to block outbound traffic on specific ports.
To configure port blocking:
1.
Under the Advanced heading on the main menu, select Port Blocking. The Port Blocking
screen displays.
2.
Select the service that you want to block from the
Add Predefined Services
drop-down list. If
the service that you want to block is not in the predefined list, you can add a custom service.
3.
Enter the range of ports that you want to block and select whether the ports are TCP, UDP or
Both.
4.
Enter the Local IP Address for the computer to which this rule will apply.
5.
Click
Add
. The selected service is added to the Port Filter List
Blocking a Rule by Day or Time
To specify specific days or times to block a rule:.
1.
From the
Port Filter List
, select a rule, and then select the corresponding
Enable
check box.
2.
Select the check box for the
Day(s) to Block
when you want to apply the rule.
Figure 3-6
Page 50 / 82
Wireless Cable Voice Gateway Model CBVG834G Adminstrators User Manual
3-10
Protecting Your Network
v1.0, February 2008
3.
For the time of day, either select the
All Day
check box or specify a
Start Time
and
End Time
from the pull-down menus.
4.
Click
Add
. The new Port Blocking rule is in the Outbound Rules table.
To delete an existing rule:
1.
Select the rule from the
Port Filter List
.
2.
Click
Delete
.
Port Forwarding
You can use port forwarding to set up a rule that directs inbound traffic for a particular service to a
local server (for example, a Web server or game server) based on the destination port. This makes
the server visible and available to the Internet.
Unless you set up port forwarding, the gateway prevents this type of traffic.The gateway uses
Network Address Translation (NAT). NAT presents a single IP address for your network to the
Internet. Outside users cannot directly address your local computers.
Before setting up Port Forwarding, consider the following:
If the IP address of the local server PC is assigned by DHCP, it may change when the PC is
rebooted. To avoid this, you can assign a static IP address to your server outside the range that
is assigned by DHCP, but in the same subnet as the rest of your LAN. By default, the IP
addresses in the range of 192.168.0.2 through 192.168.0.9 are reserved for this.
Local computers must access the local server using the local LAN address of the computer
(192.168.0.XXX, by default). Attempts by local computers to access the server using the
external WAN IP address will fail.
Remember that allowing inbound services opens holes in your firewall. Only enable those ports
that are necessary for your network.
Note:
Some residential broadband ISP accounts do not allow you to run any server
processes (such as a Web or FTP server) from your location. Your ISP may check
for servers and may suspend your account if it discovers active services at your
location. If you are unsure, refer to the acceptable use policy of your ISP.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top