Page 76 / 152
Scroll up to view Page 71 - 75
76
In the case of Outgoing traffic to the device from the LAN network:
Figure 5-16b IP Filter (Outgoing traffic restriction)
1. Click on
IP Filter
.
2. Configure the following parameters:
3. Set the hook at
Enable
.
4. Choose the protocol (
TCP
or
UDP
or
TCP and UDP
).
5. Enter the name for a new filter in the entry field
.
6. Choose what kind of traffic you need to allow ( e.g. Outgoing PTM Conn-x
Incoming LAN).
7. Enter start source IP address in the entry field
.
8. Enter end source IP address in the entry field
.
9.
Enter
start/end
destination
address
in
the
enty
field
.
10. Enter the start/end source port in the entry field
.
11. Enter the start/end destination port in the entry field
.
Page 77 / 152
77
12. From the available modes (
Discard
or
Permit
) choose the mode
Discard
. By
default, there is no restriction for communication between the LAN clients and
Internet.
13. When you have modified your settings, confirm the changes by clicking the tab
.
To enable ICMP from the WAN inderface to the device:
Figure 5-16c IP Filter (Enable ICMP to the WAN side of Home Gateway)
1. Click on
IP Filter
.
2. Configure the following parameters:
Table 5-8 IP Filter Parameters
Parameter
Description
Enable
Select the check box to enable the IP filter function.
Protocol
Select the protocol that is used for filter packets. The
default is TCP.
Incoming Traffic
Select the traffic.
Start/End Source IP
Address
Enter the addresses for Start/End source IP. Null value is
allowed.
Start/End
Destination IP
Address
Enter the addresses for Start/End destination IP. Null
value is allowed.
Start/End Source
port
Enter the values for Start/End source port. Null value is
allowed.
Start/End
Destination port
Enter the values for Start/End destination port. Null value
is allowed.
Page 78 / 152
78
Mode
Choose either
Discard
or
Permit
.
3. Set the hook at
Enable
.
4. Choose the protocol (
ICMP
).
5. Enter the name for a new filter in the entry field
.
6. Choose incoming traffic
PTM_conn-x.
7. Enter start source IP address in the entry field
.
8. Enter end source IP address in the entry field
.
9. From the available modes (
Discard
or
Permit
) choose
Permit
.
10. When you have modified your settings, confirm the changes by clicking the tab
.
Page 79 / 152
79
5.3.2.3 DMZ
This feature, if enabled, allows the DMZ computer on your LAN to be exposed to all
users on the Internet.
Figure 5-17 DMZ
1. Click on
DMZ
.
2. Configure the following parameters:
Table 5-9 DMZ Host Parameters
Parameter
Description
Enable
Select the check box to enable the DMZ function.
WAN Connection
Select the WAN connection used by the LAN-side host to
provide services.
DMZ Host
Select the IP address of the LAN-side host.
3. Set the hook at
Enable DMZ
.
4. Choose your WAN connection from the list.
5. Choose your DMZ host from the list.
6. When you have modified your settings, confirm the changes by clicking the tab
. If you do not want to save your changes click on the tab
.
Page 80 / 152
80
5.3.2.4 ALG
Configure the settings for the Security-ALG.
Figure 5-18 ALG
1. Click on
ALG
.
2. Set the
hooks
with the protocols. By default, evry protocol function is permitted
3. When you have modified your settings, confirm the changes by clicking the tab
. If you do not want to save your changes click on the tab
.
Notice:
If you are using femtocells or any application software that uses IPSec
protocol you are advised to leave the default values as they are.
5.3.2.5 E-mail abuse detection
The list of secure E-mail server helps for reduction of the worldwide E-mail
spamming. Just the listed E-mail server (Mail outbox server) are cleared for the use
of a local E-mail program (i. e. Microsoft Outlook, Mozilla Thunderbird or Apple
Mail). All other mail outbox servers are being filtered. If you want to use an
additional mail outbox server, you can add up to five additional E-mail servers below
the list.
19216811.live