Multitech RF820-AP, RF830 Packet Filter Icmp, Packet Filter Packet Filter Log, Icmp Forwarding

Page 59

Chapter 5 – Configuration Using Web Management Software

Packet Filters > ICMP

Packet Filter > ICMP

ICMP (Internet Control Message Protocol) is used to test the network connections and the functionality of the RouteFinder. It is also used for diagnostic purposes.

ICMP-on-Firewalland ICMP Forwarding always apply to all IP addresses (Any). When these are enabled, all IP hosts can PING the RouteFinder (ICMP-on-Firewall) or the network behind it (ICMP Forwarding). Unique IP addresses can then no longer be ruled out with packet filter rules. If the ICMP settings are disabled, separate IP hosts and networks can be allowed to send ICMP packets through the RouteFinder firewall by using appropriate user defined packet filter rules.

Screen Notes: The RF830/RF830-AP screen includes a field for ICMP on WAN2.

With the AP build, an additional screen option for ICMP on WLAN displays.

ICMP Forwarding

Check the ICMP Forward checkbox to enable the forwarding of ICMP packets through the firewall into the local network and all connected DMZs. The default is Enabled.

ICMP on Firewall

ICMP on LAN

Check the ICMP on LAN checkbox to enable the forwarding of ICMP packets through the firewall into the local network and all connected DMZs. The default is Enabled.

ICMP on WAN1

Check the ICMP on WAN1 checkbox to enable the transfer of ICMP packets on the WAN1 interface.

Packet Filter > Packet Filter Log

Use this section to enable or disable Packet Filter Logs.

All Access Requests Traversing Firewall Violating Security Policy

Check this box to enable the logging of all access requests from private (LAN) and public (WAN) network clients to traverse the RouteFinder that violate the configured security policy.

All Access Requests to Firewall Violating Security Policy

Check this box to enable the logging of all access requests from private (LAN) and public (WAN) network clients to send traffic to the RouteFinder itself that violate the configured security policy.

Log Access to Administrative Access Port

Check this box to enable the logging of all access requests from private (LAN) and public (WAN) network clients to send traffic to the RouteFinder itself on the administrative access port.

Multi-Tech Systems, Inc. RouteFinder SOHO RF820/RF820-AP & RF830/RF830-AP User Guide (S000399E)

59

Image 59

Contents RouteFinder→ Soho World Headquarters Warranty TrademarksRevision Date Description PatentsContents Introduction Description Key FeaturesFeature Details RouteFinder Documentation RouteFinder Ship Kit ContentsDescription Telecom Warnings for the ModemRF820/RF820-AP Front Panel RF830/RF830-AP Front Panel LEDsRF820 RF820-AP RF830 RF830-AP ConnectorBack Panels Typical Applications VPN SpecificationsSpecifications RF820 and RF820-AP RF830 and RF830-AP RF8230AP and RF830AP Specifications for 802.11b/g InterfaceSpecifications RF820-AP InstallationCabling Your RouteFinder RF820RF830-AP RF830Establish TCP/IP Communication Setting up a Workstation and Starting RouteFinderClick the Properties button To Set a Fixed IP AddressOpen a Web Browser Menu Bar Sub Other Options Screen Name Input Area Navigating the ScreensTable of Menus and Sub-Menus Network Setup WirelessMenu Bar Sub-MenusAbout IPSec Configuring RouteFinderStart the RouteFinder Configuration RouteFinder Initial Configuration Using the Wizard Setup Screen to Configure Your RouteFinderScreen Notes Wizard SetupWAN 1 Static IP Choice ISP SettingsWAN 1 Dhcp Client Choice WAN 1 PPPoE Choice MTU Restart Important Note About Save and RestartSave to Flash Memory Administration System Setup Configuration Using Web Management SoftwareAdministration Administration System SetupEmail Address Auto Reboot TimerConfigure Email Notification Screen Note Administration Administrative AccessAdministrative Access Administration Administrative AccessWeb Interface Inactivity Time Out Change PasswordAdministrative Access Http Port Old Password, New Password, ConfirmationRemote Syslog Administration System LogsAdministration Remote Syslog Administration System Logs Administration Remote SyslogGeneral Configuration Administration Sntp ClientSntp Configuration Administration Sntp ClientDaylight Saving End Time Administration Sntp Client Time Zone ConfigurationDaylight Configuration Daylight Saving Start TimeAdministration Tools Administration ToolsAdministration Tools Administration Factory Defaults Administration Factory DefaultsReset Modem Reset to Factory DefaultsNetworks & Services Network Configuration Networks & ServicesNetworks & Services Network Configuration Important Network Notes RF830/RF830-AP Network Configuration ScreenNetwork Configuration Fields How to Confirm Your EntriesThis is an example of screen with the TCP protocol selected Networks & Services ServicesNetworks & Services Service Configuration AH and ESP Service ConfigurationEditing and Deleting User-Added Services TCP, UDP, and TCP& UDPNetwork Setup IP Settings Network SetupNetwork Setup IP Settings WAN 1 & WAN 2 WAN 2 is for the RF830/RF830-AP only WAN Choice Dhcp Client DefaultDefault Gateway WAN Choice Static IPWAN Choice PPPoE Wlan Settings Network Setup Wireless LANSelect Security Network Setup Wireless LAN Wlan SecuritySecurity Selection Disable Wlan SecurityWPA-PSK/WPA2-PSK Key Network Setup Wireless LAN Wlan Security WEP KeyWEP Key to Index Group Key Rekeying Access Control List Network Setup Wireless LAN Wlan Client FilterNetwork Setup Advanced IP Settings Screen Note This screen applies to the RF820/RF820-AP only Network Setup PPP Cellular/Analog BackupPPP Client for Cellular/Analog Modem Backup Network Setup PPP Cellular/Analog BackupPPP Keep-Alive Parameters Signal Strength only for Cellular ModemsModem Initialization Strings SIM Initialization String only for Cellular ModemsNetwork Setup Load Balancing Network Setup Load BalancingLoad Balancing Weight Configuration Load Balancing Keep Alive URL ConfigurationDdns Failover for the RF830/RF830-AP only Network Setup Dynamic DNSNetwork Setup Dynamic DNS Check IP Server Use WildcardCustom DNS Check IPNetwork Setup IP Masquerading Network Setup Static RoutesService Network Setup SnatNetwork Setup Snat WAN IP Network Setup DnatNetwork Setup Dnat Add Dnat DefinitionPacket Filter Packet Filter Rules Packet FiltersAction ServicesFrom Host/Networks To Host/NetworksPacket Filters Advanced Filters Packet Filters Advanced FiltersIcmp on Firewall Packet Filter IcmpPacket Filter Packet Filter Log Icmp ForwardingAdd a New Connection VPN Virtual Private NetworkVPN IPSec VPN IPSecAdd IKE Connection Add an IKE ConnectionLeft Next Hop NetBIOS BroadcastVPN IPSec Add IKE Connection Key Life Number of RetriesVPN IPSec Add Manual Connection Add a Manual ConnectionAdd Manual Connection Fqdn Select Remote Address Pptp SettingsPptp Status Encryption StrengthAuthentication Type Select Radius User AuthenticationAuthentication Type Http Allowed Networks ProxyProxy Http Proxy Http StatusProxy Custom Filters LAN Status Proxy DNS ProxyDNS Proxy Proxy DNS ProxyDhcp Server on LAN Dhcp Server LAN Subnet SettingsDhcp Server LAN Subnet Settings Dhcp ServerAdd Fixed Address Dhcp Server Wlan Subnet Settings and Wlan Fixed AddressesAdd Fixed Address Backup Utilities BackupUtilities Firmware Upgrade Utilities Backup Utilities Firmware UpgradeRF820/RF820-AP Screen RF830/RF830-AP Screen Statistics & LogsStatistics & Logs System Information Statistics & Logs System InformationStatistics & Logs Packet Filter Log All Access Requests to Firewall Violating Security PolicyLog Access to Administrative Access Port Statistics & Logs Network Interface DetailsStatistics & Logs Dhcp Server Live Log Statistics & Logs IPSec Live LogStatistics & Logs Pptp Live Log Statistics & Logs Wlan Client Live Log Statistics & Logs PPP Cellular/Analog LogStatistics & Logs Log Traces Statistics & Logs Log TracesSystem Diagnostics as a Troubleshooting Tool TroubleshootingProblem #4 Frequently Asked Questions Which modems are compatible with the router? How do I access the Router’s setup pages with a Mac?If all else fails in the installation, what can I do? How will I be notified of new router firmware upgrades?Appendix a Table of Commonly Supported Subnet Addresses Network Number Hosts Available Broadcast Address Mechanical Appendix B Antenna for Wireless RouteFinderAntenna Electrical Characteristics AntennaWeee Appendix C Waste Electrical Electronic Equipment DirectiveAES GlossaryIKE Isdn TA Ssid PingPptp WEP TkipWPA-PSK Wlan Wireless Local Area NetworkData Encryption Standard DES Definition IndexNetwork Setup PPP Cellular/Analog Modem Stats & Logs Dhcp Server Live Log