|
Host IP Help
Host IP:
The main purpose of this section is to define hosts on your LAN, and assign them to groups. Groups are used by the Access Filter and Block URL features. You can also bind multiple pppoe sessions to individual hosts on the LAN.
Host Network Identity:
Host Name:
This should be your computer name.
MAC Address:
This is your computer's network adapter address. You can find this address by typing ipconfig /all under the command prompt mode of window NT /2000/XP, or winipcfg under window/95/98/Me's command prompt mode.
Select Group:
Select a groupto assign the host to. Reserve in DHCP, will, if enabled, ensure that the DHCP Server will always assign the same IP address to the host. This means when you enter an IP address as a reserved IP address, the DHCP server will keep this IP address for the host every time.
Reserve in DHCP:
To determine whether if an DHCP IP address is reserved for this host or not.
Reserved IP Address:
The IP address you wish to assign to this host.
Host Network binding:
This is used only if you have multiple PPPoE sessions. Use this to ensure that a particular host always uses the same PPPoE session.
Strict Binding:
Only the bound interface is allowed to send packets for the specified host. If the bound interface is not available, no packet from the specified host can be sent.
Loose Binding:
In normal case, the packets from the specified host will be sent via the bound interface. If the bound interface is not available, the other interfaces are alternative.
Host & Group List:
All the host entries you have made will be listed here.
Static Routing Help
Static Routing:
If there is more than one router on a network, this Routing table must be configured because the router needs to know what packet goes to which router. A routing table entry is required for each LAN segment on the network.
Network Address:
Network Address is the address of the destination network segment.
Netmask:
The subnet mask used to select the bits from an IP Address that corresponds to the subnet.
Gateway:
The IP router that the packets destined to the subnet with Network Address will be forwarded to.
Interface:
The device's port that the packets destined to the subnet with Network Address will be passed through.
Metric:
the number of routers that must be traversed to reach the destination network segment.
Virtual Server Help
Virtual Server:
This feature allows the servers (web server, mail server, FTP server, DNS, ... etc) on your LAN to be accessed from the Internet.
Enable:
To activate or deactivate current entry.
Server Name:
An unique name to identify the virtual server.
Private IP:
Enter the IP address of the server on device's LAN side. The hosts used as Virtual Servers needs static IP address or a reserved IP address. (Use the Host IP screen to reserve an IP address.).
Protocol Type:
Select the protocol (either TCP or UDP) used by the server software.
Private Port Range:
The range of port numbers used by the server. If only one port number is used, fill the same number in both starting and ending fields. (Example: LAN port range From 9 To 9)
Interface Binding:
The WAN port that the virtual server is bound on.
Public Port Range:
The range of port numbers for users in public to access the virtual server. If only one port number is used, fill the same number in both starting and ending fields. (Example: LAN port range From 9 To 9)
Allowed Remote IP:
The range of IP addresses that are allowed to access the virtual server.
Special Application Help
Special Application:
There are many special network applications that normally do not work behind a firewall. Due to network security considerations, only a few ports are open. Traffic using other ports is blocked. Here, you can choose to open other ports and allow the traffic which uses those ports. To find out what ports you need to open, you should check the application's support section.(Some applications may need more than one entry.)
Special Application Configuration:
This section lets you enter the configuration data for the special application.
Enable:
To activate or deactivate current entry.
Name:
The name to identify the Special Application.
Trigger Port Range:
The port number range to trigger the Special Application.
Trigger Type:
The protocol to trigger the Special Application.
Public Port Range:
The port number range used in the connection from the Special Application server.
Public Type:
The protocol used in the connection from the Special Application server.
Special Application List:
To list all the entries that have been built.
Multi DMZ Help
Multi DMZ (De-Militarized Zone):
This special function allows multiple Hosts on your LAN to be exposed to the Internet without any restrictions. This is useful for some network games, net meeting, or special applications. In order to enable these functions, you have to map one LAN IP address to one WAN IP address. However, because of the security risk, you should activate these functions only if they are necessary.
Enable:
To activate or deactivate current DMZ entry.
WAN:
The WAN port applied for current DMZ entry.
Name:
To identify current DMZ entry.
PPPoE Sess:
The PPPoE session that current DMZ entry is bound on.
Private IP (LAN):
The IP address of the server in DMZ.
Access Group:
To specify which Access Group will be applied. Each Access Group has its own access rules.
- None
is default value, means no access restriction.
- Default
means to apply the access rules for Default Group.
- Group1~Group4
means to apply the access rules for Group1~Group4, respectively.
Direction:
To specify that the Access Group will be applied in which way:
Filters Help
URL Blocking:
If the URL, IP address or keyword entered here is found in the web page access packet from LAN users, the web page access will be blocked. You can have different restrictions for different groups. (Use the Host IP screen to assign Hosts to groups.)
Select One Group:
The Group that current rule is applied for.
Access Filters:
To control the Internet access by LAN users.
Select One Group:
The Group that current rule is applied for.
To apply restrictions to everyone, select the Default group. All users (Hosts) are in the default group unless moved to another group on the Host IP screen.
No Filtering:
To allow all Internet access by LAN users.
Allow Selected Access only:
To apply the rules defined in User-Defined Ports To Filter.
Block All Access:
To prohibit all Internet access by LAN users.
Block Selected Access only:
To apply the rules defined in User-Defined Ports To Filter.
ICMP Filters:
To limit the ICMP activities initialized from LAN.
Block Selected Packet Types:
To prohibit the selected types of ICMP packets from LAN to be passed through the device.
Packet Types:
The types of the ICMP packets that could be blocked.
User-defined Ports To Filter:
This lets you define custom ports to be filtered.
Enable:
To activate or deactivate current rule.
Name:
An unique name to identify current rule.
Protocol Type:
The protocol to be filtered.
Port No. Range:
The port number range to be filtered. (for TCP and UDP only )
If only one port number is used, enter the same port number in both fields.
QoS Setup Help
Enable QoS:
Users can choose to Enable QoS (Quality of Service).
If set to "enable" QoS,
the QoS will allow higher priority packets to pass through the device.
Queuing Method:
The methods for managing your queue. "Priority Queuing" is one of the first queuing variations to be
widely implemented. This is based on the concept that certain types of traffic can be identified and shuffled to the front of the output queue so that some
traffic is always transmitted ahead of other types of traffic.
Process TOS Field:
An 8 bits field in the IP packet header designed to contain values indicating how each packet should be handled in the network. If you choose "enable" then it will enable this function to process
the IP Type of Service field.
Overwrite Policy Priority:
Choose "Yes" to enable the IP packet TOS field
priority to overwrite the priority defined in the policy configuration.
QoS Policy Help
Setting the QoS policy can assign received packets a higher/lower
priority (based on your configuration) to pass through this device. You can
define some policies which classify received packets based on local/remote IP addresses, ports and protocol type. This feature is useful when
the WAN link is very busy or congested or
when using special applications that need real time services such as Internet phone, video conference...etc.
Policy Name:
The mnemonic name of a policy which is used to
classify the received packets based on the following rules.
Local/Remote Address:
Specify a packet based on local/remote IP address. By default, the address is 0.0.0.0 for all IP Addresses.
Port and Protocol Type define all packets for special applications.
Protocol Type:
This field is defined for which type of packet. It has some values such as IP, TCP and UDP.
Source/Destination Port:
Specify the port number ranges if TCP or UDP protocol is selected.
Priority Queue:
This device supports four queues. When a packet meets a policy rule
requirement, it will
be put into the responding queue. Otherwise
it is assigned the lowest priority to pass through.
NAT Help
NAT (Network Address Translation) Configuration:
NAT Routing:
To enable or disable NAT routing by checking or unchecking the checkbox. If you disable NAT routing, this device will act as a Bridge or Static Router. Most features, including Load Balance, will be unavailable. If some packets whose port number cannot be translated for special applications, you must input value in port range for Disable Port Translation.
TCP Timeout:
During the time that TCP expects to receive the acknowledgement from the destination.
UDP Timeout:
During the time that UDP expects to receive the acknowledgement from the destination.
TCP Window Limit:
The maxmimum number of outstanding packets before TCP receiving an acknowledgement.
TCP MSS Limit:
The largest amount of data that can be transmitted in one TCP packet.
NAT Port Options:
Port Range:
The Source Port Number Range for TCP and UDP protocol.
Non-Port-Translation:
To keep the source port number unchanged for TCP/UDP sessions on the specified Port Range. Some special applications do not allow the source port number to be translated.
Specific TCP / UDP Timeout:
To define specific Timeout for TCP/UDP sessions on the specified Port Range.
Set NAT Alias:
The link to NAT Alias setting page.
NAT Alias:
For each alias entry , the Wan IP acts as an alias IP of the host with Local Lan IP to internet via the specified WAN port for the specified Protocol packets. i.e. 1-1 NAT.
Enable:
To activate or deactivate current entry.
Local Lan IP:
The IP address of the host in LAN that wants to use the specific WAN IP as its source IP.
Wan IP:
The IP address used as the source IP of the packets out from the specified host.
Protocol:
The protocol that current rule is applied for.
WAN:
The WAN port that current rule is applied for.
Back:
The link to NAT Configuration page.
|
