Advanced
Virtual Server
The device can be configured as a virtual server so that remote users accessing services such as Web or FTP services via the public (WAN) IP address can be automatically redirected to local servers in the LAN network. Depending on the requested service (TCP/UDP port number), the device redirects the external service request to the appropriate server within the LAN network. At the bottom of the screen, there are already defined well-known virtual services. To use them, click on the edit icon. You will only need to input the LAN IP address of the computer running the service and enable it.
Name - The name referencing the virtual service.

Private IP - The server computer in the LAN network that will be providing the virtual services.
Private Port - The port number of the service used by the Private IP computer.
Protocol Type - The protocol used for the virtual service.
Public Port - The port number on the WAN side that will be used to access the virtual service.
Schedule - The schedule of time when the virtual service will be enabled.

Example:
If you have a Web server that you wanted Internet users to access at all times, you would need to enable it. Web (HTTP) server is on LAN computer 192.168.0.25. HTTP uses port 80, TCP.

Name: Web Server
Private IP: 192.168.0.25
Protocol Type: TCP
Private Port: 80
Public Port: 80
Schedule: Always


Click on this icon to edit the virtual service.
Click on this icon to delete the virtual service.
Applications
Some applications require multiple connections, such as Internet gaming, video conferencing, Internet telephony and others. These applications have difficulties working through NAT (Network Address Translation). If you need to run applications that require multiple connections, specify the port normally associated with an application in the "Trigger Port" field, select the protocol type as TCP (Transmission Control Protocol) or UDP (User Datagram Protocol), then enter the public ports associated with the trigger port to open them for inbound traffic. At the bottom of the screen, there are already defined well-known special applications. To use them, click on the edit icon and enable the service.
Name - This is the name referencing the special application.
Trigger Port - This is the port used to trigger the application. It can be either a single port or a range of ports.
Trigger Type - This is the protocol used to trigger the special application.
Public Port - This is the port number on the WAN side that will be used to access the application. You may define a single port or a range of ports. You can use a comma to add multiple ports or port ranges.
Public Type - This is the protocol used for the special application.
 
Filters
Filters are used to deny or allow LAN computers from accessing the Internet. Within the local area network, the unit can be setup to deny Internet access to computers using the assigned IP or MAC addresses. The unit can also block users from accessing restricted web sites.
 
Filter - IP Filters
Use IP Filters to deny particular LAN IP addresses from accessing the Internet. You can deny specific port numbers or all ports for a specific IP address. The screen will display well-known ports that are defined. To use them, click on the edit icon. You will only need to input the LAN IP address(es) of the computer(s) that will be denied Internet access.
IP - The IP address of the LAN computer that will be denied access to the Internet. You can also add a range of IP addresses.
Port - The single port or port range that will be denied access to the Internet. If no port is specified, all ports will be denied access.
Protocol Type
- This is the protocol type that will be used with the Port that will be blocked.
Schedule - This is the schedule of time when the IP Filter will be enabled.
 
Filters - MAC Filters
Use MAC Filters to deny computers within the local area network from accessing the Internet. You can either manually add a MAC address or select the MAC address from the list of clients that are currently connected to the unit.
Select "Only allow computers with MAC address listed below to access the network" if you only want selected computers to have network access and all other computers not to have network access.
Select "Only deny computers with MAC address listed below to access the network" if you want all computers to have network access except those computers in the list.
Name: The name referencing the MAC filter.
MAC Address: The MAC address of the computer in the LAN (Local Area Network) to be used in the MAC filter table.
DHCP Client: DHCP clients will have their host name and MAC address listed here. You can select the client computer you want to add to the MAC filter and click Clone. This will automatically add that computer's MAC address to the MAC Address section
 
Parental Control - URL Blocking
URL Blocking is used to deny computers within the LAN (Local Area Network) from accessing specific web sites by its URL (Uniform Resource Locator). A URL is a specially formatted text string that defines a location on the Internet. If any part of the URL contains the blocked word, the site will not be accessible and the web page will not be displayed.
Example:

If you wanted to block LAN users from any website containing a URL pertaining to shopping, you would need to enter "shopping" into the URL Blocking list. Sites like these will be denied access to LAN users because they contain the keyword in the URL.
http://www.yahoo.com/shopping/stores.html
http://www.msn.com/search/shopping-spree.html
 
Parental Control - Domain Blocking
Domain Blocking is used to deny or allow computers within the LAN (Local Area Network) from accessing specific domains on the Internet. Domain blocking will deny or allow all requests such as http and ftp to a specific domain.
Select Allow users to access all domains except "Blocked Domains" if you allow users to access all domains except the domains in the Blocked Domains list.
Select Deny users to access all domains except "Permitted Domains" if you only want users to access
Permitted Domains.

Example: If you want your children to only access particular sites, you would then choose Deny users to access all domains except "Permitted Domains". Then enter in the domains you want your children to have access to.

  • Disney.com
  • Cartoons.com
  • DiscoveryChannel.com
 
Firewall Rules
Firewall Rules is an advance feature used to deny or allow traffic from passing through the device. It works in the same way as IP Filters with additional settings. You can create more detailed rules for the device. Please refer to the manual for more details and examples.
 
DMZ
If you have a computer that cannot run Internet applications properly from behind the device, then you can allow the computer to have unrestricted Internet access. Enter the IP address of that computer as a DMZ (Demilitarized Zone) host with unrestricted Internet access. Adding a client to the DMZ may expose that computer to a variety of security risks; so only use this option as a last resort.
 
Dynamic DNS
Dynamic DNS (Domain Name Service) is a method of keeping a domain name linked to a changing (dynamic) IP address. With most Cable and DSL connections, you are assigned a dynamic IP address and that address is used only for the duration of that specific connection. With the , you can setup your DDNS service and the will automatically update your DDNS server every time it receives a different IP address.
 
QoS
QoS (Quality of Service). The support the QoS control by Physical Port, MAC Address, IP Address and Application (Protocal/Port based).