Page 71 / 139
Scroll up to view Page 66 - 70
ADSL2/2+ Router
4.2.7 DMZ Host
Once a PC on a LAN is set as a DMZ host, it can implement network
communication with Internet without limit.
±
DMZ Host IP Address: the IP address of a PC to be set as a DMZ
host. DMZ host must be connected to the router’s LAN port.
Note:
The router’s firewall cannot have effect on the DMZ host once it
is enabled. Therefore, network security problem may occur. Thus, we
recommend you to enable this function only when necessary and delete
the corresponding settings as soon as you are not using it.
For example, if you want the PC at the IP address of
192.168.1.100
from your router’s LAN side to be shared by Internet users for data and
other resources. For configurations, follow the instructions below:
Click “Advanced Setup”----“NAT”---“DMZ Host” to configure the page
below:
- 71 -
Page 72 / 139
ADSL2/2+ Router
Supposing that the router’s WAN IP address is 183.37.227.201, then
the Internet user only needs to enter http
:
//183.37.227.201 in Web
browser address field to access your Web server.
4.2.8 Security
IP Filter
IP filter function can block LAN PCs from communicating with Internet
PCs by preventing specific IP addresses from accessing external
network through router via specific a port number or range.
1)
Click “Advanced Setup”
→
“Security”
→
“IP Filtering” to display the
page above and then click the “Add” button to enter the page
- 72 -
Page 73 / 139
ADSL2/2+ Router
below to add filtering rules.
Filter Name:
Enter the defined filtering name.
IP Version:
Only Ipv4 is provided.
Protocol:
TCP/UDP; TCP; UDP; ICMP available for your option.
Source IP address [/prefix length]:
Enter the LAN IP address to be
filtered.
Source Port (port or port: port):
The port number or range used by
LAN PCs in accessing Internet.
Destination IP address [/prefix length]:
The external network IP
address to be accessed by LAN PC.
Destination Port:
The port number or range used by LAN PCs in
accessing external network.
Note:
±
Packets filtered in this function are transferred from LAN to WAN.
±
If you are not familiar with all parameters to be configured, you
can just configure some of them and keep the left unchanged. And
- 73 -
Page 74 / 139
ADSL2/2+ Router
the filtering function can also be implemented.
For example:
If you want to filter the PC at the IP address of 192.168.1.200 and make
it unable to access Internet. Then follow the instructions below:
First, click “Advanced Setup”
→
“Security”
→
“IP Filtering” to enter the
IP filtering setup page and then click the “Add” button to enter the page
below to configure needed parameters as below:
Then click the “Apply/Save” button to save your setting.
Note:
±
Principle of using “IP Filter” funciton to prohibit BT download:
when you use BT software to download data, it needs to send
request for connectting “seed” server, and when this request
passes the router, the router’s IP Filter function will hold it up and
ignore the request so that BT fails to connect the server and
- 74 -
Page 75 / 139
ADSL2/2+ Router
download will be aborted.
±
The ports that BT “seed” server frequently uses are in the range of
6900-8100 such as 6969
,
8000 and 7373. Therefore, we can block
this port range by creating proper rules to stop BT software from
connecting the server. However, some Non-BT “seed” servers are
also using port 8080, thus, in order not to affect other servers, we
must divide the port range of
6900-8100 to be blocked into 2
groups: 6900-8079 and 8081-8100.
±
The protocols that BT uses are TCP/UDP, so we need to block
both of them.
URL Filter
URL filter function blocks all LAN PCs from accessing specific domain
names on Internet. It rejects all requests to access the specific
domains.
For example, if you want to prevent all LAN PCs from accessing
www.sina.com.cn, then follow the instructions below:
Click “Advanced Setup”
Æ
“Security”
Æ
“URL Filter” to the page above
- 75 -