1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-2612HNU-F1F PLDT
    5. /
  5. 44
Page 216 / 424 Scroll up to view Page 211 - 215
Chapter 13 Firewall
P-2612HNU-Fx User’s Guide
216
Note: These rules specify which computers on the LAN can access which computers
or services on the WAN.
Figure 84
Security > Firewall > Services
Each field is described in the following table.
Table 51
Security > Firewall > Services
LABEL
DESCRIPTION
LAN-to-WAN
Services
Blocking
Select
Enable
to activate service blocking.
Available
Services
This is a list of pre-defined services (destination ports) you may prohibit
your LAN computers from using. Select the port you want to block, and
click
Add
to add the port to the
Blocked Services
field.
A custom port is a service that is not available in the pre-defined
Available Services
list. You must define it using the
Type
and
Port
Number
fields. See
Appendix E on page 387
for some examples of
services.
Blocked
Services
This is a list of services (ports) that are inaccessible to computers on
your LAN when service blocking is effective. To remove a service from
this list, select the service, and click
Delete
.
Type
Select
TCP
,
UDP
or
TCP and UDP
, based on which one the custom port
uses.
Port Number
Enter the range of port numbers that defines the service. For example,
suppose you want to define the Gnutella service. Select
TCP
type and
enter a port range of
6345-6349
.
Add
Click this to add the selected service in
Available Services
to the
Blocked Services
list. Note that the service is blocked immediately
after clicking this.
Page 217 / 424
Chapter 13 Firewall
P-2612HNU-Fx User’s Guide
217
13.4
Firewall Technical Reference
This section provides some technical background information about the topics
covered in this chapter.
13.4.1
Guidelines For Enhancing Security With Your Firewall
1
Change the default password via web configurator.
2
Think about access control before you connect to the network in any way.
3
Limit who can access your ZyXEL Device.
4
Don't enable any local service (such as Telnet or FTP) that you don't use. Any
enabled service could present a potential security risk. A determined hacker might
be able to find creative ways to misuse the enabled services to access the firewall
or the network.
5
For local services that are enabled, protect against misuse. Protect by configuring
the services to communicate only with specific peers, and protect by configuring
rules to block packets for the services at specific interfaces.
6
Keep the firewall in a secured (locked) room.
13.4.2
Security Considerations
Note: Incorrectly configuring the firewall may block valid access or introduce security
risks to the ZyXEL Device and your protected network. Use caution when
creating or deleting firewall rules and test your rules after you configure them.
Consider these security ramifications before creating a rule:
1
Does this rule stop LAN users from accessing critical resources on the Internet?
For example, if IRC is blocked, are there users that require this service?
Delete
Select a service in the
Blocked Services
, and click this to remove the
service from the list.
Clear All
Click this to remove all the services in the
Blocked Services
list.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to restore your previously saved settings.
Table 51
Security > Firewall > Services (continued)
LABEL
DESCRIPTION
Page 218 / 424
Chapter 13 Firewall
P-2612HNU-Fx User’s Guide
218
2
Is it possible to modify the rule to be more specific? For example, if IRC is blocked
for all users, will a rule that blocks just certain users be more effective?
3
Does a rule that allows Internet users access to resources on the LAN create a
security vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from the
Internet to the LAN, Internet users may be able to connect to computers with
running FTP servers.
4
Does this rule conflict with any existing rules?
Once these questions have been answered, adding rules is simply a matter of
entering the information into the correct fields in the web configurator screens.
Page 219 / 424
P-2612HNU-Fx User’s Guide
219
C
HAPTER
14
MAC Filter
14.1
Overview
This chapter discusses MAC address filtering.
You can configure the ZyXEL Device to permit access to clients based on their MAC
addresses in the
MAC Filter
screen. This applies to wired and wireless
connections.
14.1.1
What You Need to Know
Every Ethernet device has a unique MAC (Media Access Control) address. The MAC
address is assigned at the factory and consists of six pairs of hexadecimal
characters, for example, 00:A0:C5:00:00:02. You need to know the MAC address
of the devices to configure this screen.
Page 220 / 424
Chapter 14 MAC Filter
P-2612HNU-Fx User’s Guide
220
14.2
The MAC Filter Screen
Use the
MAC Filter
screen to allow wireless clients access to the ZyXEL Device. To
change your ZyXEL Device’s MAC filter settings, click
Security
>
MAC Filter
. The
screen appears as shown.
Figure 85
Security > MAC Filter
The following table describes the labels in this menu.
Table 52
Security > MAC Filter
LABEL
DESCRIPTION
MAC
Address
Filter
Select
Enable
to activate MAC address filtering.
Set
This is the index number of the MAC address.
Allow
Select
Allow
to permit access to the ZyXEL Device. MAC addresses not
listed will be denied access to the ZyXEL Device.
If you clear this, the
MAC Address
field for this set clears.
MAC
Address
Enter the MAC addresses of the wireless station that are allowed access to
the ZyXEL Device in these address fields. Enter the MAC addresses in a
valid MAC address format, that is, six hexadecimal character pairs, for
example, 12:34:56:78:9a:bc.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to restore your previously saved settings.

Rate

3.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top