1. Home
    2. /
  2. Manuals
    3. /
  3. Thomson
    4. /
  4. TCW7704
    5. /
  5. 8
Page 36 / 76 Scroll up to view Page 31 - 35
Chapter 2: WEB Configuration
Illustrations contained in this document are for representation only.
29
3. MAC Filtering
This page enables you to enter the MAC address of specific PCs on your LAN that you wish to NOT have
outbound access to the WAN. As with IP filtering, these PCs can still communicate with each other
through the gateway, but packets they send to WAN addresses are blocked.
Fig. 19
Page 37 / 76
Chapter 2: WEB Configuration
30
Illustrations contained in this document are for representation only.
4. Port Filtering
This page allows you to enter ranges of destination ports (applications) that you do
n’t want your LAN
PCs to send packets to. Any packets your LAN PCs send to these destination ports will be blocked. For
example, you could block access to worldwide web browsing (http = port 80) but still allow email service
(SMTP port 25 and POP-3 port 110). To enable port filtering, set Start Port and End Port for each range,
and click Apply. To block only one port, set both Start and End ports the same.
Fig. 20
Page 38 / 76
Chapter 2: WEB Configuration
Illustrations contained in this document are for representation only.
31
5. Forwarding
For LAN
WAN communications, the gateway normally only allows you to originate an IP connection
with a PC on the WAN; it will ignore attempts of the WAN PC to originate a connection onto your PC.
This protects you from malicious attacks from outsiders. However, sometimes you may wish for anyone
outside to be able to originate a connection to a particular PC on your LAN if the destination port
(application) matches one you specify.
This page allows you to specify up to 10 such rules. For example, to specify that outsiders should have
access to an FTP server you have running at 192.168.0.5, create a rule with that address and Start Port
=20 and End Port =21 (FTP port ranges) and Protocol = TCP (FTP runs over TCP and the other transport
protocol, UDP), and click Apply. This will cause inbound packets that match to be forwarded to that PC
rather than blocked. As these connections are not tracked, no entry is made for them in the Connection
Table. The same IP address can be entered multiple times with different ports
.
Fig. 21
Page 39 / 76
Chapter 2: WEB Configuration
32
Illustrations contained in this document are for representation only.
6. Port Triggers
Some Internet activities, such as interactive gaming, require that a PC on the WAN side of your gateway
be able to originate connections during the game with your game playing PC on the LAN side. You could
use the Advanced-Forwarding web page to construct a forwarding rule during the game, and then remove
it afterwards (to restore full protection to your LAN PC) to facilitate this. Port triggering is an elegant
mechanism that does this work for you, each time you play the game.
Fig. 22
Port Triggering works as follows. Imagine you want to play a particular game with PCs somewhere on the
Internet. You make one time effort to set up a Port Trigger for that game, by entering into
Trigger Range
the range of destination ports your game will be sending to, and entering into
Target Range
the range of
destination ports the other player (on the WAN side) will be sending to (ports your PC’s game receives
on). Application programs like games publish this information in user manuals. Later, each time you play
the game, the gateway automatically creates the forwarding rule necessary. This rule is valid until 10
minutes after it sees game activity stop. After 10 minutes, the rule becomes inactive until the next
matched outgoing traffic arrives.
For example, suppose you specify Trigger Range from 6660 to 6670 and Target Range from 113 to 113.
An outbound packet arrives at the gateway with your game-playing PC source IP address 192.168.0.10,
destination port 666 over TCP/IP. This destination port is within the Trigger destined for port 113 to your
game-playing PC at 192.168.0.10.
You can specify up to 10 port ranges on which to trigger.
Page 40 / 76
Chapter 2: WEB Configuration
Illustrations contained in this document are for representation only.
33
7
.
DMZ Host
Use this page to designate one PC on your LAN that should be left accessible to all PCs from the WAN
side, for all ports. For example, if you put an HTTP server on this machine, anyone will be able to access
that HTTP server by using your gateway IP address as the destination. A setting of ―0‖ indicates NO DMZ
PC. ―Host‖ is another Internet term for a PC connected to the Internet.
Fig. 23

Rate

124.8 / 5 based on 304 votes.

Popular Thomson Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top