TRENDnet TEW-633GR Firewall Settings Enable SPI, NAT Endpoint Filtering, Endpoint Independent

Page 42

Firewall Settings

Enable SPI

SPI ("stateful packet inspection" also known as "dynamic packet filtering") helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through that session conforms to the protocol. When the protocol is TCP, SPI checks that packet sequence numbers are within the valid range for the session, discarding those packets that do not have valid sequence numbers.

Whether SPI is enabled or not, the router always tracks TCP connection states and ensures that each TCP packet's flags are valid for the current state.

NAT Endpoint Filtering

The NAT Endpoint Filtering options control how the router's NAT manages incoming connection requests to ports that are already being used.

Endpoint Independent

Once a LAN-side application has created a connection through a specific port, the NAT will forward any incoming connection requests with the same port to the LAN-side application regardless of their origin. This is the least restrictive option, giving the best connectivity and allowing some applications (P2P applications in particular) to behave almost as if they are directly connected to the Internet.

Address Restricted

The NAT forwards incoming connection requests to a LAN-side host only when they come from the same IP address with which a connection was established. This allows the remote application to send data back through a port different from the one used when the outgoing session was created.

Port And Address Restricted

The NAT does not forward any incoming connection requests with the same port address as an already establish connection.

Note that some of these options can interact with other port restrictions. Endpoint Independent Filtering takes priority over inbound filters or schedules, so it is possible for an incoming session request related to an outgoing session to enter through a port in spite of an active inbound filter on that port. However, packets will be rejected as expected when sent to blocked ports (whether blocked by schedule or by inbound filter) for which there are no active sessions. Port and Address Restricted Filtering ensures that inbound filters and schedules work precisely, but prevents some level of connectivity, and therefore might require the use of port triggers, virtual servers, or port forwarding to open the ports needed by the application. Address Restricted Filtering gives a compromise position, which avoids problems when communicating with certain other types of NAT router (symmetric NATs in particular) but leaves inbound filters and scheduled access working as expected.

UDP Endpoint Filtering

Controls endpoint filtering for packets of the UDP protocol.

TCP Endpoint Filtering

Controls endpoint filtering for packets of the TCP protocol.

42

Image 42
Contents Page Important Note FCC Radiation Exposure StatementTable of Contents Getting Started with the TEW-633GR Package Contents Wireless LAN Networking AD-HOCIBSS NetworkPage Roaming in an ESS network diagram Introduction ¾ Hardware Overview LEDs Getting Started Using the Configuration Menu ¾ Click LoginBasic BasicInternetBasicWireless Enable WirelessWEP Example WPA-Personal and WPA-EnterpriseWPA-Personal Advanced Optional Backup Radius Server WPA-EnterpriseRouter Mode BasicNetwork SettingsWAN Port Mode Bridge ModeRIP Operating mode Router SettingsEnable RIP IP AddressRIP Password Act as default routerAllow RIP updates from WAN Dhcp Server SettingsDhcp Lease Time Computer Name Always BroadcastAdd/Edit Dhcp Reservation MAC AddressRevoke Dhcp Reservations ListNumber of Dynamic Dhcp Clients ReserveAdvanced AdvancedVirtual ServerPrivate Port Virtual Server Parameters NameProtocol Public PortSave EnableAdd/Edit Virtual Server Virtual Servers ListApplication AdvancedSpecial ApplicationsParameters for an Application Rule Example Trigger Port RangeInput Protocol Trigger ProtocolInput Port Range Add/Edit Special Applications RuleAdvancedGaming UDP Ports To Open Port Forwarding Fields NameTCP Ports To Open Edit/Add Game RuleStreamEngine Setup Enable StreamEngine AdvancedStreamEngineAutomatic Uplink Speed Automatic ClassificationDynamic Fragmentation Measured Uplink SpeedSource IP Range Add/Edit StreamEngine Rule EnablePriority Source Port RangeAdvancedRouting Add/Edit RoutePolicy Wizard AdvancedAccess ControlRoutes List Add PolicyAdvancedWEB Filter Web Filter Parameters Web SiteAdd/Edit Web Site Allowed Web Site List Enable MAC Address Filter AdvancedMAC Address FilterFilter Wired Clients Filter Settings ModeFilter Wireless Clients Add/Edit MAC AddressAdvancedFirewall Endpoint Independent Firewall Settings Enable SPINAT Endpoint Filtering Address RestrictedEnable DMZ DMZ HostPptp RtspFTP SIPMMS AdvancedInbound Filter Inbound Filter Rules List Add/Edit Inbound Filter RuleAction Allow AllAdvancedAdvanced Wireless Short GI Extra Wireless ProtectionWDS Enable WDS AP MAC AddressAdvancedNetwork Wish Enable WishAdvanced Wish Priority ClassifiersAdd/Edit Wish Rule Windows Media CenterAutomatic Host 1 IP RangeClear Save/UpdateHost 2 Port Range Wish RulesAdvanced Wi-Fi Protected Setup Add Wireless Station Add Wireless Device WizardGenerate New PIN ToolsAdmin ToolsEnable Remote Management Admin PasswordUser Password Remote Admin PortToolsTime Automatic Time Configuration Enable NTP Server NTP Server UsedSet the Date and Time Manually ToolsEmail Settings Email Log When Full or on Schedule On Log Full PasswordVerify Password Account NameRestore To Factory Default Settings Save Settings To Local Hard DriveLoad Settings From Local Hard Drive Reboot The DeviceToolsFirmware Firmware InformationCheck Online Firmware Upgrade UploadToolsDynamic DNS Verify Password or Key TimeoutToolsSystem Check ToolsSchedules Schedule Rules List StatusDevice info Statistics and Active SessionsDhcp Connection LAN Computers PPPoE, PPTP, L2TP ConnectionBigPond Connection Igmp Multicast membershipsStatusWireless SignalRate StatusRouting StatusLogs What to ViewRefresh Apply Log Settings NowView Levels Email NowStatusStatistics External StatusActive SessionsInternal NATOut StateDir Time OutStatusWISH Sessions OriginatorTarget Established or closing TCP connections Adsl Bootp AsciiCAT Dhcp DMZDNS DSL EAPGUI Ieee HttpsIcmp IgmpL2TP IPXISP LANMdix LPR/LPDMDI MIBOfdm NICNTP OSIPOP3 PPPRadius Smtp RIPRSA SnmpTCP SSHSsid TCP/IPUTP URLUSB VlanWisp WlanWPA Limited Warranty
Related manuals
Manual 12 pages 53.04 Kb

TEW-633GR specifications

The TRENDnet TEW-633GR is a versatile wireless router that caters to both home and small office environments, providing reliable connectivity and performance. With its sleek design, the TEW-633GR stands out as a functional device that ensures users can enjoy high-speed internet access across various devices.

One of the main features of the TEW-633GR is its dual-band support. This router operates on both the 2.4GHz and 5GHz frequency bands, allowing users to take advantage of the less congested 5GHz band for activities requiring higher bandwidth, such as streaming and online gaming, while still maintaining compatibility with devices that only use the 2.4GHz band. This dual-band functionality enhances overall network performance and minimizes interference from other wireless devices.

The TEW-633GR delivers impressive wireless speeds, supporting the 802.11n wireless standard with speeds of up to 300 Mbps. This makes it an excellent choice for environments where multiple devices are connected simultaneously. Additionally, the router features three external antennas that help extend the wireless range and improve signal strength, ensuring consistent internet access throughout larger spaces.

In terms of security, the TRENDnet TEW-633GR offers several robust features to safeguard the network. It supports WPA/WPA2 encryption protocols, providing secure access to the wireless network while protecting sensitive data from potential intrusions. The integrated firewall adds an extra layer of security, helping to prevent unauthorized access and attacks.

Installation and setup of the TEW-633GR is user-friendly, with a web-based interface that guides users through the process. The inclusion of WPS (Wi-Fi Protected Setup) allows for quick and easy connections of compatible devices at the push of a button, eliminating the need for complicated configurations.

Moreover, the router incorporates Quality of Service (QoS) settings, which enable users to prioritize bandwidth allocation for specific applications or devices. This feature is particularly beneficial for households or offices with high demands on their internet connection, ensuring that critical tasks receive the necessary bandwidth to function optimally.

Overall, the TRENDnet TEW-633GR combines speed, reliability, and security, making it an ideal solution for users looking to enhance their wireless networking experience. Its dual-band capabilities, ease of installation, and robust security features contribute to its appeal as a modern router suited for diverse internet needs.