Zyxel NBG-418N v2 Router Manual PDF (Setup & Configuration Guide)

Page 116 / 237 Scroll up to view Page 111 - 115

Chapter 12 Static Route

NBG-418N v2 User’s Guide

116

Figure 83

Network > Static Route

The following table describes the labels in this screen.

Table 52

Network > Static Route

LABEL

DESCRIPTION

Enable

Select this to enable this rule.

Destination

Enter the IP network address of the final destination. Routing is always based on network

number. If you need to specify a route to a single host, use a subnet mask of

255.255.255.255 in the subnet mask field to force the network number to be identical to

the host ID.

IP Subnet Mask

Enter the IP subnet mask here.

Gateway

Enter the IP address of the next-hop gateway. The gateway is a router or switch on the

same segment as your NBG-418N v2's interface(s). The gateway helps forward packets to

their destinations.

Metric

The metric represents the "cost of transmission". A router determines the best route for

transmission by choosing a path with the lowest "cost". The smaller the number, the lower

the "cost".

Enter the number of transmission hops (routers) that need to cross from the NBG-418N

v2 to the destination.

Add

Click this to create a new rule.

Update

Click this to modify the selected rule.

Delete

Click this to remove the selected rule.

Delete All

Click this to remove all existing rules.

#

This is the number of an individual static route.

Select

Click this to select a rule to change the rule settings or remove the rule.

State

This field indicates whether the rule is activated or not.

Destination

This parameter specifies the IP network address of the final destination. Routing is always

based on network number.

Subnet Mask

This parameter specifies the IP network subnet mask of the final destination.

NextHop

This is the IP address of the gateway. The gateway is a router or switch on the same

network segment as the device's LAN or WAN port. The gateway helps forward packets to

their destinations.

Metric

This is the number of transmission hops between the NBG-418N v2 and the destination.

Page 117 / 237

NBG-418N v2 User’s Guide

117

C

HAPTER

13

Firewall

13.1

Overview

Use these screens to enable and configure the firewall that protects your NBG-418N v2 and your

LAN from unwanted or malicious traffic.

Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and

control access between the LAN and WAN. By default the firewall:

•

allows traffic that originates from your LAN computers to go to all of the networks.

•

blocks traffic that originates on the other networks from going to the LAN.

The following figure illustrates the default firewall action. User

A

can initiate an IM (Instant

Messaging) session from the LAN to the WAN (

1

). Return traffic for this session is also allowed (

2

).

However other traffic initiated from the WAN is blocked (

3

and

4

).

Figure 84

Default Firewall Action

13.2

What You Can Do

•

Use the

General

screen

to enable or disable the NBG-418N v2’s firewall (

Section 13.4 on page

118

).

•

Use the

Services

screen to enable or disable ICMP and VPN passthrough features (

Section 13.5

on page 119

).

Page 118 / 237

Chapter 13 Firewall

NBG-418N v2 User’s Guide

118

13.3

What You Need To Know

The NBG-418N v2’s firewall feature physically separates the LAN and the WAN and acts as a secure

gateway for all data passing between the networks.

13.3.1

About the NBG-418N v2 Firewall

The NBG-418N v2 firewall is a stateful inspection firewall and is designed to protect against Denial

of Service attacks when activated (click

the

General

tab under

Firewall

and then click the

Enable

Firewall

check box). The NBG-418N v2's purpose is to allow a private Local Area Network (LAN) to

be securely connected to the Internet. The NBG-418N v2 can be used to prevent theft, destruction

and modification of data, as well as log events, which may be important to the security of your

network.

The NBG-418N v2 is installed between the LAN and a broadband modem connecting to the

Internet. This allows it to act as a secure gateway for all data passing between the Internet and the

LAN.

The NBG-418N v2 has one Ethernet WAN port and four Ethernet LAN ports, which are used to

physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the

broadband (cable or DSL) modem to the Internet.

The LAN (Local Area Network) port attaches to a network of computers, which needs security from

the outside world. These computers will have access to Internet services such as e-mail, FTP and

the World Wide Web. However, "inbound access" is not allowed (by default) unless the remote host

is authorized to use a specific service.

13.3.2

VPN Pass Through Features

A Virtual Private Network (VPN) is a way to securely connect two networks over the Internet. For

example a home network and one in a business office. This requires special equipment on both

ends of the connection.

The NBG-418N v2 is not one of the endpoints but it does allow traffic from those endpoints to pass

through. The NBG-418N v2 allows the following types of VPN traffic to pass through:

•

IP security (IPSec)

•

Point-to-Point Tunneling Protocol (PPTP)

13.4

General Firewall Screen

Use this screen to enable or disable the NBG-418N v2’s firewall, and set up firewall logs. Click

Security

>

Firewall

to open the

General

screen.

Page 119 / 237

Chapter 13 Firewall

NBG-418N v2 User’s Guide

119

Figure 85

Security > Firewall > General

The following table describes the labels in this screen.

13.5

Services Screen

Use the

Services

screen to enable or disable ICMP and VPN passthrough features.

Click

Security

>

Firewall

>

Services

. The screen appears as shown next.

Figure 86

Security > Firewall > Services

Table 53

Security > Firewall > General

LABEL

DESCRIPTION

Enable Firewall

Select this option to activate the firewall. The NBG-418N v2 performs access control and

protects against Denial of Service (DoS) attacks when the firewall is activated.

Enable DoS

Select this option to protect against DoS attacks. The NBG-418N v2 will drop sessions that

do not become fully established (half-open sessions) and surpass maximum thresholds.

Apply

Click

Apply

to save the settings.

Reset

Click

Reset

to start configuring this screen again.

Page 120 / 237

Chapter 13 Firewall

NBG-418N v2 User’s Guide

120

The following table describes the labels in this screen.

Table 54

Security > Firewall > Services

LABEL

DESCRIPTION

ICMP

Internet Control Message Protocol

(ICMP)

is a message control and error-reporting

protocol between a host server and a gateway to the Internet. ICMP uses Internet

Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and

directly apparent to the application user.

Respond to Ping

on WAN

The NBG-418N v2 will not respond to any incoming Ping requests when

Disable

is

selected.

Select

Enable

to reply to incoming WAN Ping requests.

VPN Passthrough

Select the checkbox to enable the advanced pass through features:

•

PPTP Passthrough:

Select this option to allow the NBG-418N v2 to pass through

VPN traffic using PPTP.

•

L2TP Passthrough:

Select this option to enable computers on your LAN to make

L2TP VPN connections to servers on the Internet.

•

IPSEC Passthrough:

Select this option to allow the NBG-418N v2 to pass through

VPN traffic using the IPsec protocol.

Apply

Click

Apply

to save the settings.

Reset

Click

Reset

to start configuring this screen again.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share