Page 41 / 91
Scroll up to view Page 36 - 40
Page
41
/
91
3. MAC Filtering
This page enables you to enter the MAC address of specific PCs on your LAN that you do not wish to
have outbound access to the WAN. As with IP filtering, these PCs can still communicate with each other
through the gateway, but packets they send to WAN addresses are blocked.
Fig.2-23 Gateway\Advanced\MAC Filtering
Page 42 / 91
Page
42
/
91
4. Port Filtering
This page allows you to enter ranges of destination ports (applications) that you don’t want your LAN
PCs to send packets to. Any packets your LAN PCs send to these destination ports will be blocked. For
example, you could block access to worldwide web browsing (http = port 80) but still allow email service
(SMTP port 25 and POP-3 port 110). To enable port filtering, set Start Port and End Port for each range,
and click Apply. To block only one port, set both Start and End ports with the same value.
Fig.2-24 Gateway\Advanced\Port Filtering
For example :
Page 43 / 91
Page
43
/
91
To block HTTP (port 80) browse and restrict mail send from POP-3(port 110), setting as following
Fig.2-25 Gateway\Advanced\Port Filtering
Setting port value, block protocol (Both for TCP & UDP), check
‘
Enable
’
then apply.
Page 44 / 91
Page
44
/
91
5. Forwarding
For LAN
WAN communications, the gateway normally only allows you to originate an IP connection
with a PC on the WAN; it will ignore attempts of the WAN PC to originate a connection onto your PC.
This protects you from malicious attacks from outsiders. However, sometimes you may wish for anyone
outside to be able to originate a connection to a particular PC on your LAN if the destination port
(application) matches one you specify.
Fig.2-26 Gateway\Advanced\Forwarding
Press
‘
Create Ipv4
’
button you will see follow options shows on the page. To specify rules, choose
S
ervice Name
or
Port
number range to set up. IP Address 0.0.0.0 means allow all IP address.
Page 45 / 91
Page
45
/
91
Fig.2-27 Gateway\Advanced\Forwarding setting
This page allows you to specify up to rules. For example, to specify that outsiders should have access to
an FTP server you have running at 192.168.0.5, create a rule with that address and Start Port =20 and End
Port =21 (FTP port ranges) and Protocol = TCP (FTP runs over TCP and the other transport protocol,
UDP), and click Apply. This will cause inbound packets that match to be forwarded to that PC rather than
blocked. As these connections are not tracked, no entry is made for them in the Connection Table. The
same IP address can be entered multiple times with different ports.