1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. VFG6005N
    5. /
  5. 10
Page 46 / 162 Scroll up to view Page 41 - 45
37
6.3
WPS
WIFI PROTECTED SETUP
1.
Click on [Wireless]
[WPS] tab. You will see the following screen.
To connect a computer using WPS, click
Push Button
. Then you will have two minutes to go to your computer, select the
wireless network and connect. If your computer asks for a WPS PIN Code, that can be generated by clicking the
Generate
PIN Code
button. If you are connecting to a device that has a WPS button, first click the WPS
Push Button
and then press
the WPS button on that device within 2 minutes. This will connect the two devices together.
WPS Enable
Select Enable or Disable to activate or deactivate WPS.
WPS Router PIN Code
Click ―Generate PIN Code‖ to automatically generate a random WPS PIN code.
WPS Push Button
Click this button to start the WPS process.
WPS Client PIN Code Connect
Use this to manually connect a client that has generated a PIN code.
Page 47 / 162
38
CHAPTER7 SECURITY SETTINGS
7.1
FIREWALL SETUP
1.
Click on [Security]
[Firewall] tab. You will see the following screen.
2.
Configure Security Settings following the instructions below.
SPI Firewall Protection
Select Enable to enable SPI Firewall Protection.
Select Disable to disable SPI Firewall Protection.
TCP SYN DoS
Protection
Check to enable TCP SYN DoS Protection.
Uncheck to disable TCP SYN DoS Protection.
TCP SYN DoS attack sends a flood of TCP/SYN packets. Each of these packets
are like a connection request, causing the server to consume computing
resources (e.g. memory, CPU) to reply and to continuously wait for the incoming
packets. Without TCP SYN Dos Protection, the resources in the server will be
easily consumed completely. This will then consequently result in the dysfunction
of the server.
The ZyXEL VFG6005 Series VPN Firewall Gateway is able to detect TCP SYN
DoS attacks and limits the resource consumption by lowering the incoming
request rate by fast recycling the resource. Therefore, the ZyXEL VFG6005
Series VPN Firewall Gateway is still able to serve normal traffic while it is under
such an attack.
ICMP Broadcasting
Protection
Check to enable ICMP Broadcasting Protection.
Uncheck to disable ICMP Broadcasting Protection.
ICMP broadcasting attack is a type of DoS attacks. A flood of ICMP broadcasting
packets is generated and sent to a server (like the ZyXEL VFG6005 Series VPN
Page 48 / 162
39
Firewall Gateway). Consequently, this server will suffer from a huge amount of
interruptions and consumption of computing resources.
The ZyXEL VFG6005 Series VPN Firewall Gateway is able to stop responding to
ICMP broadcasting echo packets in order to avoid a potential ICMP broadcasting
DoS attack.
ICMP Redirect
Protection
Check to enable ICMP Redirect Protection.
Uncheck to disable ICMP Redirect Protection.
An ICMP redirect message is a way to change the existing routing path.
Generally, ICMP redirect packets should not be sent, and so when there is the
occurrence that ICMP redirect packets are sent, it is important to note that it is
very likely to be used as a means for a network attack.
Page 49 / 162
40
7.2
ACCESS CONTROL LIST (ACL) SETUP
7.2.1
ACL Settings
1.
Click on [Security]
[Access Control] tab. You will see the following screen.
Please do not change the parameters unless you wish to customize it by yourself.
2.
Configure Access Control List (ACL) Settings following the instructions below.
ACL
Select Enable to enable ACL.
Select Disable to disable ACL.
Default ACL
Action
Check Enable to enable a specific MAC Filter rule.
Uncheck Enable to disable a specific MAC Filter rule.
Type the MAC address to permit a device to access to the network.
* Enabling MAC filtering blocks all MAC addresses which are not listed in the MAC Filter Rule.
Be aware that adding the MAC address of your managing computer is required in order to
access to the ZyXEL VFG6005 Series VPN Firewall Gateway.
Page 50 / 162
41
3.
Click on [Add] tab. You will see the following screen.
4.
Configure [Add Access Control List (ACL)] Settings following the instructions below
Sequence Number
This defines the sequence of the ACL rules. If a packet fits the conditions set
by the ACL rules, the packet will then be sorted according to the first ACL rule
from the top of the list.
Rule Name
Name of the ACL rule.
Rule Enable
Enable/Disable this ACL rule
External Interface
Please select which External Interface (WAN1 or WAN2) you want a packet to
go through, IF the packet fits the condition of this ACL rule.
Internal IP Range
Set up the internal IP range for this ACL rule.
External IP Range
Set up the external IP range for this ACL rule.
Protocol
Set up the protocol (TCP or UDP) for the ACL to be enabled.
Service Port Range
Set up the Service Port Range (e.g., HTTP is TCP/80) for the ACL to be
enabled.
Action
Select ALLOW / DENY

Rate

4 / 5 based on 1 vote.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top