SMC Networks SMCWHSG44-G manual Network Security

Page 21

Virtual server - Exposing servers on the intranet to the Internet.

PPTP, IPSec, and L2TP pass-through - Passing VPN (Virtual Private Network) packets through the intranet-Internet boundary. PPTP means Point-to-Point Tunneling Protocol, IPSec means IP Security, and L2TP means Layer 2 Tunneling Protocol.

DMZ (DeMilitarized Zone) - All unrecognized IP packets from the Internet can be forwarded to a specific computer on the intranet.

MSN Messenger support - Supporting Microsoft MSN Messenger for chat, file transfer, and real-time communication applications.

Session monitoring. Latest 50 incoming sessions and 50 outgoing sessions are shown for monitoring user traffic.

DSL/Cable Modem Support - Supporting dynamic IP address assignment by PPPoE (Point-to-Point Protocol over Ethernet) or DHCP and static IP address assignment.

Multiple DSL/Cable connections support - Supporting up to 4 DSL/cable- based In-ternet connections. All outgoing traffic load from the internal network is shared among the multiple Internet connections, so that total outgoing throughput is increased.

Load Balancing - The SMCWHSG44-G provides multiple WAN port Load Balancing mechanism for balancing the incoming data traffic between every enabled WAN port. The balancing mechanism can also be defined by Port or IP range policy.

Zero Client Reconfiguration - The SMCWHSG44-G provides 'Zero Client Reconfiguration' function to allow wireless clients that associate to the SMCWHSG44-G the ability to not have to change any network setting.

Network Security

Packet address and port filtering - Filtering outgoing packets based on IP address and port number. (Incoming packet filtering is performed by NAT.)

URL filtering - Preventing client users from accessing defined Web sites. The HTTP (Hyper Text Transfer Protocol) traffic to the specified Web sites identified by URLs (Universal Resource Locators) is blocked.

WAN ICMP request blocking - Some DoS (Denial of Service) attacks are based on ICMP requests with large payloads. Such kind of attacks can be blocked.

Stateful Packet Inspection (SPI) - Analyzing incoming and outgoing packets based on a set of criteria for abnormal content. Therefore, SPI can detect hacker attacks, and can summarily reject an attack if the packet fits a suspicious profile.

Wireless-to-Ethernet-LAN traffic blocking capability - Traffic between the wireless interface and the Ethernet LAN interface can be blocked.

Configurable MAC Address of the Ethernet WAN Interface - Some ADSL modems work only with Ethernet cards provided by the ISP. If SMCWHSG44-G is used in such an environment, the MAC address of the WAN interface of the Router has to be changed to the MAC address of the ISP-provided Ethernet network card.

20

Page 20 Page 22
Image 21
Page 20 Page 22
Contents SMCWHSG44-G Page Trademarks CopyrightLimited Warranty Page Federal Communication Commission Interference Statement FCC Radiation Exposure StatementIndustry Canada Class B EC Conformance Declaration Power Cord Safety Safety ComplianceSchuko Page Wichtige Sicherheitshinweise Germany Schuko Page Table of Contents System Page SMCWHSG44-G SMCWHS-POS Introduction Overview Features User Authentication, Authorization, and Accounting AAAIeee 802.11b/g Compliant Wireless Operation Internet Connection Sharing Network Security Firmware Tools Package Checklist LED DefinitionRear Panel POE enabled LAN Port Position Selecting a Power Supply MethodMounting the SMCWHSG44-G on a Wall Changing the TCP/IP Settings of the Managing Computer Preparing for ConfigurationEntering the Password Configuring the SMCWHSG44-GHome Setup Wizard Selecting an Operational ModePage Router with a Static-IP DSL/Cable Connection Router with a DHCP-Based DSL/Cable ConnectionRouter with Multiple DSL/Cable Connections Setup Wizard Configuring Ieee 802.11 Settings Setup Wizard Configuring Dhcp Server SettingsWeb Redirection Configuring User Authentication SettingsAuthentication protocol Local Authentication SeverPage Account Table List How to Setup the Mini-POS Ticket PrinterIeee Radius Settings Allowable Authentication Modes Configuring Radius SettingsDeploying the SMCWHSG44-G Setting up Client ComputersConfiguring Ieee 802.11-Related Settings To establish a wireless link to an APConfiguring TCP/IP-Related Settings Page Authentication Success Overview Menu StructureLogout Page Save, Save & Restart, and Cancel Commands Home and Refresh CommandsStatus Associated Wireless Clients Account Table Authenticated UsersManaged LAN Devices Session ListSystem Specifying Operational ModeManaging Firmware Changing PasswordBacking up and Restoring Configuration Settings by Http To upgrade firmware of the SMCWHSG44-G by HttpUpgrading Firmware by Http Upgrading Firmware by Tftp To upgrade firmware of the SMCWHSG44-G by TftpTo back up configuration of the SMCWHSG44-G by Tftp Backing up and Restoring Configuration Settings by TftpTo restore configuration of the SMCWHSG44-G by Tftp Resetting Configuration to Factory Defaults Configuring TCP/IP Related Settings AddressTime Zone Router with a DHCP-Based DSL/Cable Connection Router with a Static-IP DSL/Cable Connection DNS DNS Proxy NAT Basic Host Address ResolutionTo expose preset internal servers Virtual Server MappingsDhcp Server Ii. Static Dhcp Mappings Dhcp Server BasicDhcp Relay Load BalancingTo always assign an IP address to a specific Dhcp client Configuring Ieee 802.11-Related Settings Wireless Basic Zero Client ReconfigurationWireless Distribution System To enable a WDS link Wireless Distribution System SettingsNetwork Topology Containing a Loop SecurityPage MAC-Address-Based Access Control Settings MAC-Address-Based Access ControlTo deny wireless clients access to the wireless network To grant wireless clients access to the wireless networkIeee 802.1x/RADIUS Ieee 802.1x/RADIUS Settings Configuring Authentication Settings AAA Basic Default Authentication Failure Warning To specify an uncontrolled computer by MAC address Unrestricted ClientsRadius Basic Walled GardenRobustness Log-On Page Customization Settings Authentication Session ControlAuthentication Success Page Customization Settings Ddns Advertisement Links SettingsIcmp TCP UDP Vlan FirewallTo set a rule for packet filtering URL Filters Management BasicTo block Http traffic to an unwelcome Web site System Log UPnPSnmp Access RulesLAN Device Management Unrestricted Host MAC Address SettingsTo specify a LAN device to manage Example for LAN Device ManagementAppendix a Default SettingsLED Definitions TCP/IP Setting Problems Page Other Problems Wireless Settings ProblemsAppendix C Distances and Data Rates Transmission output Power Network ConfigurationConfiguration and Management StandardsKeypad Authentication Access PointBasic Service Set BSS Ad HocExtended Service Set ESS Dynamic Host Configuration Protocol DhcpExtensible Authentication Protocol EAP EncryptionPower over Ethernet PoE Inter Access Point Protocol IappInfrastructure Local Area Network LANWireless Distribution System WDS Service Set Identifier SsidWi-Fi Protected Access Session KeyWPA Pre-shared Key PSK Wired Equivalent Privacy WEPPage For Technical SUPPORT, Call
Top Page Image Contents