Page 61 / 115
Scroll up to view Page 56 - 60
61
For example
, if you would like to block all PCs on the private LAN from accessing HTTP
sites (or “web surfing”):
1
Set the Start Port to
80
, the End Port to
80
.
2
Set the protocol to
TCP
.
3
Check the
Enable
box to the right of the entry to store settings.
4
Click
Apply
button to activate the filter rules.
Table 11. Port Filtering Menu Option
Option
Description
Start/End Port
Enters the start and end port of the port filter range
Protocol
Filter either both TCP and UDP traffic or just UDP or just TCP.
Forwarding
The Forwarding page allows you to run a publicly accessible server from your LAN by
specifying the mapping of TCP/UDP ports to a local PC. It allows incoming requests to
specific port numbers to reach a web server, FTP server, mail server, etc.
To access the
Forwarding
page,
1
Click
Advanced
in the menu bar.
2
Then click the
Forwarding
submenu.
3
To add a new rule, click on the
Create Rule
button.
Figure 17 shows an example of the menu and Table 12 describes the items you can
select.
Page 62 / 115
62
Figure 17. Example of Forwarding Page
To activate the port forwarding:
1
Enter the port range of the Internet traffic that you want to forward, and the IP
address of the server to which you want to forward that traffic.
2
Select the protocol(s) to be forwarded.
3
Check the
Enable
box to the right of the entry to store settings.
4
Click the
Apply
button to activate the forwarding rules.
Table 12. Forwarding Menu Option
Option
Description
Local IP
Address
Enter the IP address to which forwarded traffic should be sent.
Start/End Port
Enter the range of port numbers (start and end port) to forward. If
only a single port is desired, enter the same port number in the
Start
and
End
locations.
Protocol
Select the protocol(s) to be forwarded.
Note:
You may need to assign static IP addresses to devices on your LAN to insure that
the port forwarding you have set up will always apply to them.
Page 63 / 115
63
Port Triggers
The Port Triggers page allows you to configure dynamic triggers to specific devices on
the LAN. This allows for special applications that require specific port numbers with
bi-directional traffic to function properly. Applications such as video conferencing, voice,
gaming, and some messaging program features may require these special settings.
Port Triggers are similar to Port Forwarding except that they are not static ports held
open all the time. With the port triggering function, the Cable Modem/Router detects
outgoing data on a specific IP port number and opens corresponding target ports for
incoming data. If no outgoing traffic is detected on the Trigger Range ports for 10
minutes, the Target Range ports will close.
To access the
Port Triggers
page:
1
Click
Advanced
in the menu bar.
2
Then click the
Port Triggers
submenu.
Figure 18 shows an example of the menu and Table 13 describes the items you can
select.
Figure 18. Example of port Triggers Page
To activate a port trigger
1
Enter the trigger and target ports range for the Internet traffic to forward to.
Page 64 / 115
64
2
Select the forwarding protocol(s).
3
Enter a name for your port triggering rule.
4
Check the
Enable
box to the right of the entry to store settings.
5
Click the
Apply
button to activate the forwarding rules.
Table 13. Port Triggers Menu Option
Option
Description
Trigger Range
(Start / End
Port)
Enter the trigger range (starting and ending ports) of the application
for which you want to enable port triggering. The application will
send data from these ports.
Target Range
(Start / End
Port)
Enter the target range (starting and ending ports) to open for the
same application. The application will receive data on these ports.
Protocol
Select the protocol for this rule.
DMZ Host
The DMZ (De-militarized Zone) Host page allows you to configure a network device (e.g.
a PC) to be exposed or visible directly to the Internet. This may be used if an application
doesn’t work with port triggers. If you have an application that won’t run properly behind
the NAT firewall, you can configure it for unrestricted two-way Internet access by defining
it as a virtual DMZ host. Adding a client to the DMZ may expose your local network to
various security risks because the client is not protected, so use this option as a last
resort.
To access the
DMZ Host
page:
1
Click
Advanced
in the menu bar.
2
Then click the
DMZ Host
submenu.
Figure 19 shows an example of the menu.
Page 65 / 115
65
Figure 19. Example of DMZ Host Page
To configure DMZ settings:
1
Enter the last byte of the LAN IP address of the PC or other device on your network
that you want to configure as a DMZ host.
2
Click
Apply
.
Note:
If a specific PC is set as a DMZ Host, remember to set this back to “0” when
finished with the needed application, since this PC will be effectively exposed to the
public Internet.
Note:
You may need to assign your DMZ host a static IP address on your LAN to
insure that it will always be at that address.
RIP Setup
The RIP Setup page allows you to configure RIP (Router Information Protocol)
parameters. RIP automatically identifies and uses the best known and quickest route to
any given destination address to help reduce network congestion and delays.
RIP is a protocol that requires negotiation from both sides of the network (e.g. both the
Cable Modem/Router and your service provider’s CMTS (Cable Modem Termination
System)). Your service provider will normally set this up based on their knowledge of