| Advanced |
Virtual Server
The device can be configured as a virtual server so that remote
users accessing services such as Web or FTP services via the public (WAN)
IP address can be automatically redirected to local servers in the LAN network.
Depending on the requested service (TCP/UDP port number), the device redirects
the external service request to the appropriate server within the LAN network.
At the bottom of the screen, there are already defined well-known virtual
services. To use them, click on the edit icon. You will only need to input
the LAN IP address of the computer running the service and enable it.
Name - The name referencing the virtual service.
Private IP - The server computer
in the LAN network that will be providing the virtual services.
Private Port - The port number of the service used by the
Private IP computer.
Protocol Type - The protocol used for the virtual service.
Public Port - The port number on the WAN side that will be
used to access the virtual service.
Schedule - The schedule of time when the virtual service will
be enabled.
Example:
If you have a Web server that you wanted Internet users to access at all
times, you would need to enable it. Web (HTTP) server is on LAN computer
192.168.0.25. HTTP uses port 80, TCP.
Name: Web Server
Private IP: 192.168.0.25
Protocol Type: TCP
Private Port: 80
Public Port: 80
Schedule: Always
|
 |

|
Click on this icon to
edit the virtual service. |
 |
Click
on this icon to delete the virtual service. |
|
Applications
Some applications require multiple connections, such as Internet
gaming, video conferencing, Internet telephony and others. These applications
have difficulties working through NAT (Network Address Translation). If
you need to run applications that require multiple connections, specify
the port normally associated with an application in the "Trigger Port" field,
select the protocol type as TCP (Transmission Control Protocol) or UDP (User
Datagram Protocol), then enter the public ports associated with the trigger
port to open them for inbound traffic. At the bottom of the screen, there
are already defined well-known special applications. To use them, click
on the edit icon and enable the service.
Name - This is the name
referencing the special application.
Trigger Port - This is the port used to trigger the application.
It can be either a single port or a range of ports.
Trigger Type - This is the protocol used to trigger the special
application.
Public Port - This is the port number on the WAN side that
will be used to access the application. You may define a single port or
a range of ports. You can use a comma to add multiple ports or port ranges.
Public Type - This is the protocol used for the special application. |
| |
Filters
Filters are used to deny or allow LAN computers from accessing
the Internet. Within the local area network, the unit can be setup to deny
Internet access to computers using the assigned IP or MAC addresses. The
unit can also block users from accessing restricted web sites. |
| |
Filter - IP Filters
Use IP Filters to deny particular LAN IP addresses from accessing
the Internet. You can deny specific port numbers or all ports for a specific
IP address. The screen will display well-known ports that are defined. To
use them, click on the edit icon. You will only need to input the LAN IP
address(es) of the computer(s) that will be denied Internet access.
IP - The IP address of the
LAN computer that will be denied access to the Internet. You can also add
a range of IP addresses.
Port - The single port or port range that will be denied access
to the Internet. If no port is specified, all ports will be denied access.
Protocol Type -
This is the protocol type that will be used
with the Port that will be blocked.
Schedule - This is the schedule of time when the IP Filter
will be enabled. |
| |
Filters - MAC Filters
Use MAC Filters to deny computers within the local area network
from accessing the Internet. You can either manually add a MAC address or
select the MAC address from the list of clients that are currently connected
to the unit.
Select "Only allow computers with MAC address listed below to
access the network" if you only want selected computers to have network
access and all other computers not to have network access.
Select "Only deny computers with MAC address listed below to
access the network" if you want all computers to have network access
except those computers in the list.
Name: The name referencing the MAC filter.
MAC Address: The MAC address of the computer in the LAN (Local
Area Network) to be used in the MAC filter table.
DHCP Client: DHCP clients will have their host name and MAC
address listed here. You can select the client computer you want to add
to the MAC filter and click Clone. This will automatically add that
computer's MAC address to the MAC Address section |
| |
Parental Control - URL Blocking
URL Blocking is used to deny computers within the LAN (Local
Area Network) from accessing specific web sites by its URL (Uniform Resource
Locator). A URL is a specially formatted text string that defines a location
on the Internet. If any part of the URL contains the blocked word, the site
will not be accessible and the web page will not be displayed.
Example:
If you wanted to block LAN users from any website containing a URL pertaining
to shopping, you would need to enter "shopping" into the URL Blocking
list. Sites like these will be denied access to LAN users because they contain
the keyword in the URL.
http://www.yahoo.com/shopping/stores.html
http://www.msn.com/search/shopping-spree.html |
| |
Parental Control - Domain Blocking
Domain Blocking is used to deny or allow computers within
the LAN (Local Area Network) from accessing specific domains on the Internet.
Domain blocking will deny or allow all requests such as http and ftp to
a specific domain.
Select Allow users to access all domains except "Blocked Domains"
if you allow users to access all domains except the domains in the Blocked
Domains list.
Select Deny users to access all domains except "Permitted
Domains" if you only want users to access Permitted
Domains.
Example:
If you want your children to only access particular sites, you would
then choose Deny users to access all domains except "Permitted
Domains". Then enter in the domains you want your children to have
access to.
-
Disney.com
-
Cartoons.com
-
DiscoveryChannel.com
|
| |
Firewall Rules
Firewall Rules is an advance feature used to deny or allow
traffic from passing through the device. It works in the same way as IP
Filters with additional settings. You can create more detailed rules for
the device. Please refer to the manual for more details and examples. |
| |
DMZ
If you have a computer that cannot run Internet applications
properly from behind the device, then you can allow the computer to have
unrestricted Internet access. Enter the IP address of that computer as a
DMZ (Demilitarized Zone) host with unrestricted Internet access. Adding
a client to the DMZ may expose that computer to a variety of security risks;
so only use this option as a last resort. |
| |
Dynamic DNS
Dynamic DNS (Domain Name Service) is a method of keeping a domain name
linked to a changing (dynamic) IP address. With most Cable and DSL
connections, you are assigned a dynamic IP address and that address is used
only for the duration of that specific connection. With the , you can
setup your DDNS service and the will automatically update your DDNS
server every time it receives a different IP address. |
| |
QoS
QoS (Quality of Service). The support the QoS control by Physical Port,
MAC Address, IP Address and Application (Protocal/Port based). |
| |