1. Home
    2. /
  2. Manuals
    3. /
  3. Ping-Communication
    4. /
  4. RGW208EN
    5. /
  5. 8
Page 36 / 92 Scroll up to view Page 31 - 35
3.7.4
Add/Edit Web Site
This is where you can add Web sites to the
Allowed Web List
. The
Allowed Web
List
is used for systems that have the
Web filter
option enabled in
Access Control
.
Enable:
Entries in the Allowed Web Site List can be activated or deactivated with
this checkbox. New entries are activated by default.
Web Site:
Enter the URL (address) of the web site that you want to allow (such as
google.com
). Enter the most inclusive domain name. For instance, entering
dlink.com will give you access to www.dlink.com and support.dlink.com.
Do not enter
the
http://
preceding the URL.
Note: Many web sites construct pages with images and content from other web sites.
Access will be forbidden if you do not enable all of the web sites used to construct a
page. For example, to access my.yahoo.com, you must enable access to yahoo.com,
yimg.com, and doubleclick.net.
Save:
Saves the new or modified
Allowed Web Site
in the
Allowed Web Site List
.
When you are done editing the settings, you must click the
Save Settings
button at
the top of the page to make the changes effective and permanent.
Page 36 of 92
Page 37 / 92
3.7.5
Allowed Web Site List
The section lists the
currently allowed web sites
. An
allowed web site
can be changed
by clicking the
Edit
icon, or deleted by clicking the
Delete
icon. When you click the
Edit
icon, the item is highlighted, and the "
Edit Web Site
" section is activated for
editing. After you’ve completed all modifications or deletions, you must click the
Save Settings
button at the top of the page to save your changes. The router must
reboot before new settings will take effect. You will be prompted to
Reboot the
Device
or
Continue
. If you need to make additional settings changes, click
Continue
.
If you are finished with your configuration settings, click the
Reboot the Device
button.
3.8
MAC Address Filter
The MAC (Media Access Controller) Address filter option is used to control network
access based on the MAC Address of the network adapter. A MAC address is a unique
ID assigned by the manufacturer of the network adapter. This feature can be
configured to ALLOW or DENY network/Internet access for devices based on their
MAC address.
3.8.1
MAC Filtering Setup
Enable MAC Address Filter:
When this is enabled, depending on the mode
selected, computers are granted or denied network access based on their MAC
address.
Page 37 of 92
Page 38 / 92
Note: Misconfiguration of this feature can prevent any device from accessing the
network. In such a situation, you can regain access by activating the factory defaults
button on the router itself.
Mode:
When "
only allow listed machines
" is selected, only computers with
MAC
addresses
listed in the
MAC Address List
are granted network access. When "
only
deny listed machines
" is selected, any computer with a
MAC address
listed in the
MAC Address List
is refused access to the network.
3.8.2
Add/ Edit MAC Address
In this section, you can add entries to the
MAC Address List
below, or edit existing
entries.
MAC Address:
Enter the MAC address of the desired computer or connect to the
router from the desired computer and click Copy Your PC’s MAC Address button.
Save:
Saves the new or modified MAC address in the MAC Address List. When you
are done editing the settings, you must click the Save Settings button at the top of
the page to make the changes effective and permanent.
3.8.3
MAC Address List
This section lists the current
MAC Address filters
. A
MAC Address entry
can be
changed by clicking the
Edit
icon, or deleted by clicking the
Delete
icon. When you
click the
Edit
icon, the item is highlighted, and the "
Edit MAC Address
" section is
activated for editing. After you’ve completed all modifications or deletions, you must
click the
Save Settings
button at the top of the page to save your changes. The
router must reboot before new settings will take effect. You will be prompted to
Reboot the Device
or
Continue
. If you need to make additional settings changes,
click
Continue
. If you are finished with your configuration settings, click the
Reboot
the Device
button.
3.9
Firewall
A firewall protects your network from the outside world. The RGW208EN provides a
tight firewall by virtue of the way NAT works. Unless you configure the router to the
contrary, the NAT does not respond to unsolicited incoming requests on any port,
thereby making your LAN invisible to Internet cyber attackers. However, some
network applications cannot run with a tight firewall. Those applications need to
selectively open ports in the firewall to function correctly. The options on this page
control several ways of opening the firewall to address the needs of specific types of
applications.
Page 38 of 92
Page 39 / 92
3.9.1
Firewall Settings
Enable SPI:
SPI (Stateful Packet Inspection, also known as dynamic packet
filtering) helps to prevent cyber attacks by tracking more state per session. It
validates that the traffic passing through the session conforms to the protocol. When
SPI is enabled, the extra state information will be reported on the Status > Active
sessions page.
Whether
SPI
is enabled or not, the router always tracks TCP connection states and
ensures that each TCP packet's flags are valid for the current state.
3.9.2
NAT Endpoint Filtering
The NAT Endpoint Filtering options controls how the router's NAT manages incoming
connection requests to ports that are already being used.
Endpoint Independent:
Once a LAN-side application has created a connection
through a specific port, the NAT will forward any incoming connection requests with
the same port to the LAN-side application regardless of their origin. This is the least
restrictive option, giving the best connectivity and allowing some applications (P2P
applications in particular) to behave almost as if they are directly connected to the
Internet.
Address Restricted:
The NAT forwards incoming connection requests to a LAN-side
host only when they come from the same IP address with which a connection was
established. This allows the remote application to send data back through a port
different from the one used when the outgoing session was created.
Page 39 of 92
Page 40 / 92
Port and Address Restricted:
The NAT does not forward any incoming connection
requests with the same port address as an already establish connection.
Note that some of these options can interact with other port restrictions. Endpoint
Independent Filtering takes priority over inbound filters or schedules, so it is possible
for an incoming session request related to an outgoing session to enter through a
port in spite of an active inbound filter on that port. However, packets will be
rejected as expected when sent to blocked ports (whether blocked by schedule or by
inbound filter) for which there are no active sessions. Port and Address Restricted
Filtering ensures that inbound filters and schedules work precisely, but prevents
some level of connectivity, and therefore might require the use of port triggers,
virtual servers, or port forwarding to open the ports needed by the application.
Address Restricted Filtering gives a compromise position, which avoids problems
when communicating with certain other types of NAT router (symmetric NATs in
particular) but leaves inbound filters and scheduled access working as expected.
UDP Endpoint Filtering:
Controls endpoint filtering for packets of the UDP protocol.
TCP Endpoint Filtering:
Controls endpoint filtering for packets of the TCP protocol.
3.9.3
Various
NAT Port Preservation:
NAT Port preservation (on by default) tries to ensure that,
when a LAN host makes an Internet connection, the same LAN port is also used as
the Internet visible port. This ensures best compatibility for internet communications.
Under some circumstances it may be desirable to turn off this feature.
Anti-Spoof checking:
Enabling this option can provide protection from certain kinds
of "spoofing" attacks. However, enable this option with care. With some modems,
the WAN connection may be lost when this option is enabled. In that case, it may be
necessary to change the LAN subnet to something other than 192.168.0.x
(192.168.2.x, for example), to re-establish the WAN connection.
3.9.4
DMZ Host
The
DMZ (Demilitarized Zone)
option lets you set a single computer on your network
outside of the router. If you have a computer that cannot run Internet applications
successfully from behind the router, then you can place the computer into the
DMZ
for unrestricted Internet access.
Page 40 of 92

Rate

3.5 / 5 based on 2 votes.

Popular Ping-Communication Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top