Page 56 / 93
Scroll up to view Page 51 - 55
11N Wireless Broadband Router
51
example, port 21 for ftp service.
¾
Internal Port:
This is the port number of LAN
computer set by the Router. The Internet traffic
from the external port will forward to the internal
port. For example
:
you can set the internal port
NO.66 to act as the external port NO.21 for ftp
service.
¾
IP Address:
Enter the IP address of the PC where
you want to set the applications.
¾
Protocol:
Select the protocol (TCP/UDP/Both) for
the application.
¾
Delete/Enable:
Click to check it for corresponding
operation.
¾
Well-Known Service Port:
Select the well-known
services as DNS, FTP from the drop-down menu to
add to the configured one above.
NOTE:
If you set the virtual server of the service port as 80,
you must set the Web management port on Remote
Web Management page to be any value except 80
such as 8080. Otherwise, there will be a conflict to
disable the virtual server.
Page 57 / 93
11N Wireless Broadband Router
52
8.2
Port Range Forwarding
This section deals with the port range forwarding mainly.
The Port Range Forwarding allows you to set up a range
of public services such as web servers, ftp, e-mail and
other specialized Internet applications to an assigned IP
address on your LAN.
¾
Start/End Port:
Enter the start/end port number
which ranges the External ports used to set the
server or Internet applications.
¾
IP Address:
Enter the IP address of the PC where
you want to set the applications.
Page 58 / 93
11N Wireless Broadband Router
53
¾
Protocol:
Select the protocol (TCP/UDP/Both) for
the application.
¾
Delete/Enable:
Click to check it for corresponding
operation.
¾
Well-Known Service Port:
Select the well-known
services as DNS, FTP from the drop-down menu to
add to the configured one above.
¾
Add:
Add the selected well-known port to the
policy ID.
NOTE:
If you set the virtual server of the service port as 80,
you must set the Web management port on Remote
Web Management page to be any value except 80
such as 8080. Otherwise, there will be a conflict to
disable the virtual server.
Page 59 / 93
11N Wireless Broadband Router
54
8.3 ALG Service Settings
In the context of computer networking, an ALG or
application layer gateway consists of a security
component that augments a firewall or NAT employed in
a computer network. It allows customized NAT traversal
filters to be plugged into the gateway to support
address and port translation for certain application layer
"control/data" protocols such as FTP, BitTorrent, SIP,
RTSP, file transfer applications etc.
In order for these protocols to work through NAT or a
firewall, either the application has to know about an
address/port number combination that allows incoming
packets, or the NAT has to monitor the control traffic
and open up port mappings (firewall pinhole)
dynamically as required. Legitimate application data
can thus be passed through the security checks of the
firewall or NAT that would have otherwise restricted the
Page 60 / 93
11N Wireless Broadband Router
55
traffic for not meeting its limited filter criteria.
Usually allowing client applications to use dynamic
ephemeral TCP/ UDP ports to communicate with the
known ports used by the server applications, even
though a firewall-configuration may allow only a limited
number of known ports. In the absence of an ALG,
either the ports would get blocked or the network
administrator would need to explicitly open up a large
number of ports in the firewall; rendering the network
vulnerable to attacks on those ports.
In the default ALG settings, the following protocols have
enabled. It is recommended to keep the settings
unchanged.
1. FTP
2. TFTP
3. PPTP
4. IPSec
5. L2TP
8.4 DMZ Settings
The DMZ function is to allow one computer in LAN to be
exposed to the Internet for a special-purpose service as
Internet gaming or videoconferencing.
19216811.live