Atlantis Land A02-WRA4-54G manual Firewall

Page 39

I-FLY WIRELESS ROUTER ADSL

3.6.3.4 Firewall

Your router includes a full SPI (Stateful Packet Inspection) firewall for controlling Internet access from your LAN, as well as helping to prevent attacks from hackers. In addition to this, when using NAT (Network Address Translation. Please see the WAN configuration section for more details on NAT) the router acts as a “natural” Internet firewall, as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet.

Firewall: Prevents access from outside your network. The router provides three levels of security support:

NAT natural firewall: This masks LAN users’ IP addresses which are invisible to outside users on the Internet, making it much more difficult for a hacker to target a machine on your network.

This natural firewall is on when NAT function is enabled.

Firewall Security and Policy (General Settings): Inbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing your local network from the Internet.

Intrusion Detection: Enable Intrusion Detection to detect, prevent and log malicious attacks.

Access Control: Prevents access from PCs on your local network:

Firewall Security and Policy (General Settings): Outbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing the Internet.

MAC Filter rules: To prevent unauthorized computers accessing the Internet.

URL Filter: To block PCs on your local network from unwanted websites.

You can find six items under the Firewall section: General Settings, Packet Filter, Intrusion Detection, MAC Address Filter, URL Filter and Firewall Log.

You can choose not to enable Firewall, to add all filter rules by yourself, or enable the Firewall using preset filter rules and modify the port filter rules as required. The Packet Filter is divided into two sections: Port Filters and Address Filters, used to filter packets based-on Applications (Port) or IP addresses.

There are four options when you enable the Firewall, they are:

All blocked/User-defined: no pre-defined port or address filter rules by default, meaning that all inbound (Internet to LAN) and outbound (LAN to Internet) packets will be blocked. Users have to add their own filter rules for further access to the Internet.

High/Medium/Low security level: the pre-defined port filter rules for High, Medium and Low security are displayed in Port Filters of Packet Filter.

Select either High, Medium or Low security level to enable the Firewall. The only difference between these three security levels is the preset port filter rules in the Packet Filter. Firewall functionality is the same for all levels; it is only the list of preset port filter that changes between each setting.

If you choose of the preset security levels and then add custom filters, you may temporarily disable the firewall and recover your custom filter settings by re-selecting the same security level.

The “Block WAN Request” is a stand-alone function and not relate to whether security enable or disable. Mostly it is for preventing any scan tools from WAN site by hacker.

33

Page 38 Page 40
Image 39
Page 38 Page 40
Contents Page Page Copyright CE Mark WarningImportant Note Table of Contents 3.1 Appendix B Broadband Sharing and IP sharing Quality of Service and IP ThrottlingEasy Configuration and Management An Overview of the Adsl Firewall RouterFly Wireless Router Adsl Features Package ContentsFLY Wireless Router Adsl Page Fly Wireless Router Adsl Application Lit when there is a PPPoA/PPPoE connection Lit when successfully connected to an Adsl DslamFront LEDs Cabling Rear PortsConnecting the I-Fly Wireless Router Adsl Before ConfigurationFor Windows 95/98/ME Configuring PC in WindowsFLY Wireless Router Adsl For Windows NT4.0 For Windows Click OK to finish the configuration For Windows XP FLY Wireless Router Adsl Factory Default Settings Username and PasswordLAN and WAN Port Addresses Information from the ISP Configuring with the Web BrowserSave Config to Flash StatusQuick Start Emails in Configuration Advance Configuration Quick Start3.1 LAN Ethernet WirelessEssid Broadcast Wireless SecurityWPA Pre Shared Key Port SettingsDhcp 3.2.1 ISP 3.2 WANPPPoA PPPoE Routed RFC 1483 Bridge Ether Filter TypeAllows all types of ethernet packets through the port RFC 1483 Routed/RFC1 1577IPoA 3.2.2 DNS Adsl SystemTime Zone Remote AccessBackup / Restore Firmware UpgradeFirewall Telnet23 HTTP80DNS FTP21Configuring Packet Filter FLY Wireless Router Adsl Block Duration Intrusion DetectionHacker attack types recognized by the IDS URL Filtering MAC FilteringRestrict URL Features Keywords FilteringDomains Filtering Firewall Log VPN Pptp 3.5 VPNBackground of the Example Application DiagramConfiguring Pptp VPN in Remote Side Configuring Pptp VPN in the Office LAN RouterFLY Wireless Router Adsl FLY Wireless Router Adsl Application Diagram Configuring Pptp VPN in the Office Pptp Status Subnet Mask An Example of Configuring a LAN-to-LAN Pptp VPN ConnectionApplication Diagram Remote LAN Office LAN Product Code Picture Public IPConfiguring Pptp VPN in the Remote Lan Configuring Pptp VPN in the Office LanPptp Status in the Office LAN Proposal VPN IPSecLocal RemoteFLY Wireless Router Adsl FLY Wireless Router Adsl An Example of Configuring a LAN-to-LAN IPSec VPN Connection FLY Wireless Router Adsl Low 3.6 QoSPrioritization HighIP Throttling Virtual Server Static Routing AdvancedCheck EMails Dynamic DNSDevice Management Universal Plug and Play UPnP Embedded Web ServerRFC 1471 PPP/LCP MIB Traps supported Cold Start, Authentication FailureSimple Network Management Protocol Snmp Version SNMPv2c and SNMPv3Save Configuration to Flash LogoutRFC 1474 PPP/Bridge MIB Problem Corrective Action Problems Starting Up the Adsl Firewall RouterProblems with the WAN Interface Problems with the LAN InterfaceTechnical Features Support SupportFLY Wireless Router Adsl
Top Page Image Contents