Page 46 / 80 Scroll up to view Page 41 - 45
Wireless Cable Voice Gateway Model CVG824G Reference Manual
3-10
Protecting Your Network
1.0, November 2006
Port Triggering
Port Triggering is an advanced feature that allows you to dynamically open inbound ports based on
outbound traffic on different ports. This feature can be used for gaming and other Internet
applications.
Port Triggering monitors outbound traffic. When the gateway detects traffic on the specified
outbound port, it remembers the IP address of the computer that sent the data and “triggers” the
incoming port. Incoming traffic on the triggered port is then forwarded to the triggering computer.
For example, port triggering can be used for Internet Relay Chat (IRC). When you connect to an
IRC server, the server tries to connect back on the port to do an Ident lookup. Unless you have
configured Port Forwarding to open that port, the traffic will be blocked. In this example, the
initial login to the server in the range of ports is detected. This triggers the gateway to temporarily
forward the port to the PC that initiated the login.
To configure Port Triggering
1.
Under Advanced on the main menu, select Port Triggering The Port Triggering screen will
display.
2.
In the Trigger Range, enter the outbound ports that will be monitored for activity. This will be
the “trigger.”
3.
In the Target Range, enter the inbound ports that should be forwarded when the trigger occurs.
4.
Select the appropriate protocol: TCP, UDP or Both.
5.
Check the Enable box
6.
Click
Apply
.
Note:
Port Forwarding is similar to port triggering, but it is static and has some
limitations. Ports are open to traffic from the Internet until the port forwarding rule
is removed. Additionally, port forwarding does not work well for some
applications when your WAN IP address is assigned by DHCP, and is changed
frequently. Port Triggering opens an incoming port temporarily and does not
require the server on the internet to track your IP address if it is changed.
Page 47 / 80
Wireless Cable Voice Gateway Model CVG824G Reference Manual
Protecting Your Network
3-11
v1.0, November 2006
To clear a Port Triggering rule:
1.
Either remove the check from the Enable box to temporarily disable the rule, or
2.
Select the rule and click
Delete
.
Setting Up A Default DMZ Host
The Default DMZ Server feature is helpful when using some online games and video conferencing
applications that are incompatible with NAT. The gateway is programmed to recognize some of
these applications and to work properly with them, but there are other applications that may not
function well. In some cases, one local PC can run the application properly if that PC’s IP address
is entered as the Default DMZ Host.
Figure 3-7
Note:
For security, you should avoid using the Default DMZ Server feature. When a
computer is designated as the Default DMZ Server, it loses much of the protection
of the firewall, and is exposed to many exploits from the Internet. If compromised,
the computer can be used to attack your network.
Page 48 / 80
Wireless Cable Voice Gateway Model CVG824G Reference Manual
3-12
Protecting Your Network
1.0, November 2006
Incoming traffic from the Internet is normally discarded by the gateway unless the traffic is a
response to one of your local computers or a service that you have configured in the Port
Forwarding or Port Triggering page. Instead of discarding this traffic, you can have it forwarded to
one computer on your network. This computer is called the Default DMZ Host.
To assign a computer or server to be a DMZ Host:
1.
From the Advanced menu, select DMZ Host.
2.
Enter the IP address of the computer you would like to assign as a DMZ Host.
3.
Click
Apply
.
To disable the DMZ Host, enter “0” and click
Apply
.
If you want the gateway to respond to a “ping” from the Internet, check the “Respond to Ping on
WAN Port” check box. This should only be used as a diagnostic tool, since it allows your gateway
to be discovered. Do not check this box unless you have a specific reason to do so.
Turning On Universal Plug and Play (UPnP)
Universal Plug and Play (UPnP) helps devices, such as Internet appliances and computers, access
the network and connect to other devices as needed. UPnP devices can automatically discover the
services from other registered UPnP devices on the network.
UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP
is disabled. If disabled, the router will not allow any device to automatically control the resources,
such as port forwarding (mapping), of the router.
Other features of UPnP:
Figure 3-8
Page 49 / 80
Wireless Cable Voice Gateway Model CVG824G Reference Manual
Protecting Your Network
3-13
v1.0, November 2006
Advertisement Period
. The number entered in this field (in minutes) determines how often
the router will advertise (broadcast) its UPnP information. This value can range from 1 to 1440
minutes. The default period is for 30 minutes.
Shorter durations will ensure that control points have current device status at the expense
of additional network traffic.
Longer durations may compromise the freshness of the device status but can significantly
reduce network traffic.
Advertisement Time To Live.
The time to live for the advertisement is measured in hops
(steps) for each UPnP packet sent. A hop is the number of steps allowed to propagate for each
UPnP advertisement before it disappears. The number of hops can range from 1 to 255. The
default value for the advertisement time to live is 4 hops, which should be fine for most home
networks. If you notice that some devices are not being updated or reached correctly, then you
may need to increase this value a little.
UPnP Portmap Table.
The UPnP Portmap Table displays the IP address of each UPnP device
that is currently accessing the router and which ports (internal and external) that device has
opened. The UPnP Portmap Table also displays what type of port is opened and if that port is
still active for each IP address.
To activate UPnP:
1.
Check the Turn UPnP On radio box.
2.
Click
Apply.
To Save, Cancel or Refresh the Table:
Click
Apply
to save the new settings to the gateway router.
Click
Cancel
to disregard any unsaved changes.
Click
Refresh
to update the portmap table and to show the active ports that are currently
opened by UPnP devices.
Page 50 / 80
Wireless Cable Voice Gateway Model CVG824G Reference Manual
3-14
Protecting Your Network
1.0, November 2006
Enabling or Disabling Content Filtering Services
You can use the Services page to disable or enable certain gateway features which are described as
follows:
Firewall Features
.
When enabled, the gateway will perform Stateful Packet Inspection (SPI)
and protect against Denial of Service (DoS) attacks. Default is enabled.
VPN Pass-Through
. When enabled, IPSec and PPTP traffic will be forwarded. When it is
disabled, this traffic will be blocked. Default is enabled.
Multicast.
When enabled, the cable gateway has the ability to pass multicasting streams
through the firewall. Default is enabled.
Web Features
. If enabled, certain Web-oriented features such as cookies, java scripts, or pop-
up windows will be blocked by the firewall. The default is disabled. For example, if you
enable “Filter Cookies”, many Web sites will not allow you to access their site.
To disable a feature:
1.
Remove the check from its Enable check box.
Figure 3-9
Note:
To go to the Services page, you must be logged in as a parent.

Rate

4 / 5 based on 3 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top