D-Link DIR-657 manual Firewall Settings

Page 62

Section 3 - Configuration

Firewall Settings

A firewall protects your network from the outside world. The D-Link DIR-657 offers a firewall type functionality. The SPI feature helps prevent cyber attacks. Sometimes you may want a computer exposed to the outside world for certain types of applications. If you choose to expose a computer, you cam enable DMZ. DMZ is short for Demilitarized Zone. This option will expose the chosen computer completely to the outside world.

Enable SPI: SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through the session conforms to the protocol.

NAT Endpoint Select one of the following for TCP and UDP ports: Filtering: Endpoint Independent - Any incoming traffic sent to

an open port will be forwarded to the application that opened the port. The port will close if idle for 5 minutes.

Address Restricted - Incoming traffic must match the IP address of the outgoing connection.

Address + Port Restriction - Incoming traffic must match the IP address and port of the outgoing connection.

Enable DMZ Host: If an application has trouble working from behind the router, you can expose one computer to the Internet and run the application on that computer.

Note: Placing a computer in the DMZ may expose that computer to a variety of security risks. Use of this option is only recommended as a last resort.

IP Address: Specify the IP address of the computer on the LAN that you want to have unrestricted Internet communication. If this computer obtains it’s IP address automatically using DHCP, be sure to make a static reservation on the Basic

>DHCP page so that the IP address of the DMZ machine does not change.

D-Link DIR-657 User Manual

57

Image 62

Contents Page Initial release PrefaceRevision Date Description Table of Contents Wireless Basics Wireless SecurityTroubleshooting 111 113ProductPackageOverviewContents Browser Requirements System RequirementsComputer with the following Introduction Total PerformanceFeatures Other Features Include Hardware Overview ConnectionsFront View LEDs Installation Before you BeginWireless Installation Considerations Getting Started Configuration Web-based Configuration UtilitySetup Wizard Click Wireless Connection Setup Wizard to begin. Skip toPage Page Page My Internet Connection Host Name Use Unicasting Manual ConfigurationDynamic Cable MAC AddressInternet Setup PPPoE DSLReconnect Mode Select either Always-on,On-Demand, or Manual PptpAddress Address ModeUsername Password Reconnect Mode DNS ServersStatic assigned by ISP Wireless Settings ScheduleNetwork Settings IP Address Subnet MaskDhcp Server Settings NetBIOS ScopeDhcp Reservation Dynamic Dhcp IP addresses ClientsMedia Server IPv6 Internet Connection IPv6 Manual Setup Auto DetectionAutoconfiguration Type Select Stateful DHCPv6 Static IPv6 StatefulSelect either Slaac + Rdnss or Slaac + Stateless DHCPv6 My IPv6 Connection WAN IPv6 Address SettingsStatic IPv6 Stateless Autoconfiguration Stateful My IPv6 Connection IPv6 DNS SettingsAutoconfiguration Stateless PPPoE Stateful Autoconfiguration Type Select Stateful DHCPv6 PPPoE Stateless Configuration IPv6 in IPv4 Tunneling Stateful IPv6 in IPv4 Tunneling Stateless Enter the IPv6 Address Lifetime in minutes To 4 Tunneling StatefulEnter the primary and secondary DNS server addresses To 4 Tunneling Stateless Lifetime6rd Stateless Lifetime minutes6rd Stateful Link-Local Connectivity Parental Controls Virtual Server Name IP Address Inbound Filter SchedulePort Forwarding TCP/UDPFirewall Application RulesName Trigger Manual Uplink Speed Enable Traffic ShapingQoS Engine Automatic Classification Dynamic FragmentationConfiguration Network Filters MAC Address Dhcp Client ClearAccess Control Access Control WizardPage Page Configure Website Select Allow or Deny Filter Below Website FiltersInbound Filters Action Select Allow or DenyFirewall Settings Application Level Gateway Configuration Routing Advanced Wireless Settings Automatic Wish Rules Wish SettingsEnable Wish Add Wireless Station Wi-Fi Protected Setup WPSPIN Settings Current PIN Reset PIN to Default Device WizardAdvanced Network Settings Guest Zone Between Zones zones createdIPv6 Firewall IPv6 Routing Administrator Settings ServerTime Settings SysLog Email Settings NotificationReboot Device System SettingsLoad Settings from Local Hard Drive Update Firmware Ddns System Check Schedules General Wireless LANDevice Information Clear Email Now Save Log LogWhat to View View Levels Stats Active SessionsWireless IPv6 Support Wireless Security What is WPA?Wi-PnP Wireless Setup Page Wireless Security Setup Wizard Wireless Security Setup WizardPage Configure WPA-Personal PSK Configure WPA-Enterprise Radius Page Using Windows 7 and WPS for Wireless Configuration Security Double-click the DIR-657 router Page Page Connect to a Wireless Network Using WindowsPage Page Using Windows Vista Configure Wireless Security Page Using Windows XP Configure WPA-PSK Page Troubleshooting Why can’t I access the web-based configuration utility?What can I do if I forgot my password? Ping url -f -l MTU value Page Wireless Basics What is Wireless?Home Small Office and Home OfficeSecurity Centralize your router or Access PointEliminate Interference Wireless Modes Networking Basics Check your IP addressStep Step Highlight Internet Protocol TCP/IP and click PropertiesTechnical Specifications Trademarks FCC CautionRadiation Exposure Statement FCC Radiation Exposure StatementIndustry Canada Statement