3-1

v1.0, March 2010

Chapter 3

Protecting Your Network

This chapter describes how to use the basic firewall features of the ADSL2+ Modem Wireless

Router to protect your network.

Protecting Access to Your ADSL2+ Modem Wireless Router

For security reasons, the modem router has its own user name and password. Also, after a period

of inactivity for a set length of time, the administrator login automatically disconnects. When

prompted, enter

adminC

for the modem router user name and

password

for the modem router

password. You can use procedures in the following sections to change the modem router password

and the amount of time for the administrator’s login time-out.

NETGEAR recommends that you change this password to a more secure password. The ideal

password should contain no dictionary words from any language, and should be a mixture of both

upper and lower case letters, numbers, and symbols. Your password can be up to 30 characters.

Changing the Built-In Password

1.

Log in to the modem router at its default LAN address of

with its default

user name of

admin

, default password of

password

, or using whatever password and LAN

address you have chosen for the modem router.

Note:

The user name and password are not the same as a user name or password you

might use to log in to your Internet connection.

Figure 3-1

Wireless ADSL2+ Modem Router DG834Gv5 User Manual

3-2

Protecting Your Network

v1.0, March 2010

2.

From the main menu, under the Maintenance heading, select Set Password to display the Set

Password screen:

3.

To change the password, first enter the old password, and then enter the new password twice.

4.

Click

Apply

to save your changes.

Changing the Administrator Login Time-out

For security, the administrator login to the modem router configuration times out after a period of

inactivity. To change the login time-out period:

1.

In the Set Password screen, type a number in the

Administrator login times out

field. The

suggested default value is 5 minutes.

2.

Click

Apply

to save your changes, or click

Cancel

to keep the current period.

Configuring Basic Firewall Services

Basic firewall services you can configure include access blocking and scheduling of firewall

security. These topics are presented in the following sections.

Figure 3-2

Note:

After changing the password, you must log in again to continue the

configuration. If you have backed up the modem router settings previously,

you should do a new backup so that the saved settings file includes the new

password.

Wireless ADSL2+ Modem Router DG834Gv5 User Manual

Protecting Your Network

3-3

v1.0, March 2010

Blocking Keywords, Sites, and Services

The modem router provides a variety of options for blocking Internet-based content and

communications services. With its content filtering feature, the modem router prevents

objectionable content from reaching your PCs. You can control access to Internet content by

screening for keywords within Web addresses. Content filtering options include:

•

Keyword blocking of HTTP traffic.

•

Outbound service blocking. Limits access from your LAN to Internet locations or services that

you specify as off-limits.

•

Denial of service (DoS) protection. Detects and thwarts denial of service (DoS) attacks such as

Ping of Death, SYN flood, LAND attack, and IP spoofing.

•

Blocking unwanted traffic from the Internet to your LAN.

The following section explains how to configure your

modem router to perform these

functions.

Blocking Keywords and Sites

The

modem router

allows you to restrict access to Internet content based on Web addresses and

Web address keywords.

1.

Log in to the modem router at its default LAN address of

with its default

user name of

admin

, and default password of

password

, or using whatever password and

LAN address you have chosen for the modem router.

Wireless ADSL2+ Modem Router DG834Gv5 User Manual

3-4

Protecting Your Network

v1.0, March 2010

2.

On the main menu, select Block Sites to display the Block Sites screen:

3.

To enable keyword blocking, select one of the following:

•

Per Schedule

. Turn on keyword blocking according to the settings on the Schedule

screen.

•

Always

. Turn on keyword blocking all the time, independent of the setting in the Schedule

screen.

4.

Enter a keyword or domain in the

Keyword

field, click

Add Keyword

, and then click

Apply

.

Some examples of keyword applications are shown in the following chart.

Up to 32 entries are supported in the Keyword list.

Figure 3-3

Keyword

Result

XXX

Block the URL http://www.badstuf.com/xxx.html.

.com

Only websites with other domain suffixes (such as .edu or .gov) can be

viewed.

. ( a period)

Block all Internet browsing access.

Wireless ADSL2+ Modem Router DG834Gv5 User Manual

Protecting Your Network

3-5

v1.0, March 2010

5.

To delete a keyword or domain, select it from the list, click

Delete Keyword

, and then click

Apply

.

6.

To specify a trusted user, enter that computer’s IP address in the

Trusted IP Address

field,

and then click

Apply

.

You can specify one trusted user, which is a computer that will be exempt from blocking and

logging. Since the trusted user will be identified by an IP address, you should configure that

computer with a fixed IP address.

7.

Click

Apply

to save your settings.

Firewall Rules

Firewall rules block or allow specific traffic passing through from one side of the modem router to

the other. Inbound rules (WAN to LAN) restrict access by outsiders to private resources,

selectively allowing only specific outside users to access specific resources. Outbound rules (LAN

to WAN) determine what outside resources local users can have access to.

The default inbound and outbound rules of the

modem router

are:

•

Inbound

. Block all access from outside except responses to requests from the LAN side.

•

Outbound

. Allow all access from the LAN side to the outside.

You can define additional rules that will specify exceptions to the default rules. By adding custom

rules, you can block or allow access based on the service or application, source or destination IP

addresses, and time of day. You can also choose to log traffic that matches or does not match the

rule you have defined.

You can change the order of precedence of rules so that the rule that applies most often will take

effect first. See

“Order of Precedence for Rules”

for more details.

To view or change firewall rules, select Firewall Rules on the main menu.

Note:

If you block sites, you can set up the modem router to log attempts to access

them. See

“Viewing, Selecting, and Saving Logged Information” on page 4-8

.