1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. VMG8924-B30A
    5. /
  5. 41
Page 201 / 412 Scroll up to view Page 196 - 200
Chapter 15 Firewall
VMG8924-B10A and VMG8924-B30A Series User’s Guide
201
The following table describes the labels in this screen.
15.4
The Access Control Screen
Click
Security > Firewall > Access Control
to display the following screen. This screen displays a
list of the configured incoming or outgoing filtering rules.
Figure 119
Security > Firewall > Access Control
The following table describes the labels in this screen.
Table 87
Service: Add/Edit
LABEL
DESCRIPTION
Protocol
Choose the IP protocol (
TCP
,
UDP
,
ICMP
, or
Other
) that defines your customized port from
the drop-down list box. Select
Other
to be able to enter a protocol number.
Source/
Destination Port
These fields are displayed if you select
TCP
or
UDP
as the IP port.
Select
Single
to specify one port only or
Range
to specify a span of ports that define your
customized service. If you select
Any
, the service is applied to all ports.
Type a single port number or the range of port numbers that define your customized
service.
Protocol
Number
This field is displayed if you select
Other
as the protocol.
Enter the protocol number of your customized port.
Add
Click this to add the protocol to the
Rule List
below.
Rule List
Protocol
This is the IP port (
TCP
,
UDP
,
ICMP
, or
Other
) that defines your customized port.
Ports/Protocol
Number
For
TCP
,
UDP
,
ICMP
, or
TCP/UDP
protocol rules this shows the port number or range that
defines the custom service. For other IP protocol rules this shows the protocol number.
Delete
Click the
Delete
icon to remove the rule.
Service Name
Enter a unique name (up to 32 printable English keyboard characters, including spaces) for
your customized port.
Service
Description
Enter a description for your customized port.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to exit this screen without saving.
Table 88
Security > Firewall > Access Control
LABEL
DESCRIPTION
Add new ACL
rule
Click this to go to add a filter rule for incoming or outgoing IP traffic.
#
This is the index number of the entry.
Page 202 / 412
Chapter 15 Firewall
VMG8924-B10A and VMG8924-B30A Series User’s Guide
202
15.4.1
Add/Edit an ACL Rule
Click
Add
new ACL rule
or the
Edit
icon next to an existing ACL rule in the
Access Control
screen. The following screen displays.
Figure 120
Access Control: Add/Edit
Name
This displays the name of the rule.
Src IP
This displays the source IP addresses to which this rule applies. Please note that a blank
source address is equivalent to
Any
.
Dst IP
This displays the destination IP addresses to which this rule applies. Please note that a
blank destination address is equivalent to
Any
.
Service
This displays the transport layer protocol that defines the service and the direction of traffic
to which this rule applies.
Action
This field displays whether the rule silently discards packets (
DROP
), discards packets and
sends a TCP reset packet or an ICMP destination-unreachable message to the sender
(
REJECT
) or allows the passage of packets (
ACCEPT
).
Modify
Click the
Edit
icon to edit the rule.
Click the
Delete
icon to delete an existing rule. Note that subsequent rules move up by one
when you take this action.
Click the
Move To
icon to change the order of the rule. Enter the number in the # field.
Table 88
Security > Firewall > Access Control (continued)
LABEL
DESCRIPTION
Page 203 / 412
Chapter 15 Firewall
VMG8924-B10A and VMG8924-B30A Series User’s Guide
203
The following table describes the labels in this screen.
Table 89
Access Control: Add/Edit
LABEL
DESCRIPTION
Filter Name
Enter a descriptive name of up to 16 alphanumeric characters, not including spaces,
underscores, and dashes.
You must enter the filter name to add an ACL rule. This field is read-only if you are editing
the ACL rule.
Order
Select the order of the ACL rule.
Select Source
Device
Select the source device to which the ACL rule applies. If you select
Specific IP Address
,
enter the source IP address in the field below.
Source IP
Address
Enter the source IP address.
Select
Destination
Device
Select the destination device to which the ACL rule applies. If you select
Specific IP
Address
, enter the destiniation IP address in the field below.
Destination IP
Address
Enter the destination IP address.
IP Type
Select whether your IP type is
IPv4
or
IPv6
.
Select Protocol
Select the transport layer protocol that defines your customized port from the drop-down
list box. The specific protocol rule sets you add in the
Security > Firewall > Service >
Add
screen display in this list.
If you want to configure a customized protocol, select
Specific Service
.
Protocol
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Choose the IP port (
TCP/UDP
,
TCP
,
UDP
,
ICMP
, or
ICMPv6
) that defines your customized
port from the drop-down list box.
Custom Source
Port
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Enter a single port number or the range of port numbers of the source.
Custom
Destination Port
This field is displayed only when you select
Specific Protocol
in
Select Protocol
.
Enter a single port number or the range of port numbers of the destination.
Policy
Use the drop-down list box to select whether to discard (
DROP
), deny and send an ICMP
destination-unreachable message to the sender of (
REJECT
) or allow the passage of
(
ACCEPT
) packets that match this rule.
Direction
Use the drop-down list box to select the direction of traffic to which this rule applies.
Enable Rate
Limit
Select this check box to set a limit on the upstream/downstream transmission rate for the
specified protocol.
Specify how many packets per minute or second the transmission rate is.
Scheduler Rules
Select a schedule rule for this ACL rule form the drop-down list box. You can configure a
new schedule rule by click
Add New Rule
. This will bring you to the
Security > Scheduler
Rules
screen.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to exit this screen without saving.
Page 204 / 412
Chapter 15 Firewall
VMG8924-B10A and VMG8924-B30A Series User’s Guide
204
15.5
The DoS Screen
DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and
connection requests, using so much bandwidth and so many resources that Internet access
becomes unavailable.
Use the
DoS
screen to activate protection against DoS attacks. Click
Security > Firewall > DoS
to display the following screen.
Figure 121
Security > Firewall > DoS
The following table describes the labels in this screen.
Table 90
Security > Firewall > DoS
LABEL
DESCRIPTION
DoS Protection
Blocking
Select
Enable
to enable protection against DoS attacks.
Deny Ping
Response
Select Enable to block ping request packets.
Apply
Click
Apply
to save your changes.
Cancel
Click
Cancel
to exit this screen without saving.
Page 205 / 412
VMG8924-B10A and VMG8924-B30A Series User’s Guide
205
C
HAPTER
16
MAC Filter
16.1
Overview
You can configure the Device to permit access to clients based on their MAC addresses in the
MAC
Filter
screen. This applies to wired and wireless connections. Every Ethernet device has a unique
MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six
pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC
addresses of the devices to configure this screen.
16.2
The MAC Filter Screen
Use this screen to allow wireless and LAN clients access to the Device. Click
Security
>
MAC Filter
.
The screen appears as shown.
Figure 122
Security > MAC Filter

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top