D-Link DRO-210i manual Frequently Asked Questions

Page 74

Frequently Asked Questions

Q14. One of the LAN Systems is affected by Virus and is generating huge traffic; which is consuming the entire internet bandwidth. What can I do?

Ans: Use the MAC Filter feature to temporarily block all traffic from the infected system. To configure MAC Filter, enable Firewall on the LAN interface, and set it as a Trusted Interface. Go to Firewall Policy, and click on Out. Enable “MAC Filter” feature and configure the virus-infected system’s MAC Address to be blocked.

After the infected system has been updated with the relevant anti-virus patches and is free from all viruses, remove the MAC blocking to allow internet access to that system.

Q15. My LAN Systems are frequently infected by virus. What measures can I take in the router to avoid this?

Ans: A typical firewall configuration is explained below to take precautionary measures against viruses, intruder attacks etc:

￿Go to Firewall Interface Configuration, and enable Firewall on all interfaces. Set LAN and DMZ to Trusted, and WAN as UnTrusted Interface.

￿Go to Firewall Policy, click on In. Add Port Filters and Permitted IP Rules to allow access to the Company Servers at the LAN or DMZ, which are to be accessible from the internet.

￿Go to Firewall Policy, click on Out. Enable File Extension Filter feature, and block HTTP access to file extensions like .vbs, .exe etc. Files with these extensions are most likely to infect a system with virus.

￿Go to Firewall Policy, click on Out. Enable Web Filter Feature to block Java and ActiveX, since these scripts can contain malicious code that spreads virus.

￿Go to Firewall IDS Configuration, and enable Intrusion Detection for all attacks. This will safeguard the router and LAN systems from the given hacker attacks.

Q16. Why I am unable to access the router’s Web Pages after enabling Firewall?

Ans: This can occur due to any of the below reasons:

￿You are accessing router from WAN side, but have not configured Remote Access feature to allow remote router configuration.

￿You have enabled firewall on LAN interface, and have set LAN as UnTrusted. In

this case, configure Remote Access or add inbould firewall policy rules to allow HTTPS access to the router.

To recover, reboot the router so that your previous settings are lost. And then ensure that Remote Access or Firewall Policy Rules are configured appropriately before enabling Firewall.

Q17. Can I configure the router to block messengers like skype etc?

Dlink DRO-210i User Guide

74

Page 73 Page 75
Image 74
Page 73 Page 75
Contents DRO-210i Table Of Contents Virtual Private Network About This Manual BoldDlink DRO-210i User Guide Product OverviewProduct Overview DRO-210i Package Contents Hardware DetailsFront Panel Rear Panel Software Features RoutingVPN Tools Disabled WAN2/DMZ Port ConfigurationOptional Port Configuration InterfacesDMZ Interface LAN SettingsLAN Interface Forgot LAN IP ?Maximum Transmission Unit DMZ SettingsWAN Interface IP Settings for WAN1 Interface Static ModeDynamic Mode Dhcp Settings for WAN1 InterfacePPPoE Mode Unnumbered InterfacesPPPoE Settings for WAN1 Interface Dhcp Server DHCP, DNS and TimeDhcp DHCP, DNS and TimeDhcp Static Mapping Dhcp Static MappingDhcp Relay Dhcp RelayDNS Proxy Settings DNS ProxySystem Time Settings TimeRouting RoutingStatic Routing Static RoutingDynamic Routing RIP Settings Routing Table Routing TablePolicy Based Routing Policy Based RoutingTo the same destination High Availability Auto BackupBackup Configuration High AvailabilityEthernet Link Detection Load Balancing ConfigurationLoad Balancing Ethernet WAN Link Detection Network Address Translation NAT Interface ConfigurationNAT Interface Configuration NATNAT Exception NAT ConfigurationNAT Configuration Virtual Server/NAPT Virtual ServerNAT Exception SIP ALG Configuration SIP-ALGNAT Table NAT Session TableFirewall Interface ConfigurationFirewall Interface Configuration Firewall PoliciesPolicy Rules Policy RulesInbound Policies Permitted ServicesInbound Policies Permitted Services Inbound PoliciesAdd Permitted IP Rule Outbound PoliciesIP Permitted Rules Outbound Policies Outbound PoliciesIP Blocked Rules Blocked ServicesOutbound Policies Service Blocked Rule Add Blocked IP RuleOutbound Policies Untrusted Domain Domain FilterUntrusted Domain Trusted DomainCookie Filter Web FilterJava Filter ActiveX FilterFile Extension Filter Keyword FilterKeyword Exception Add Blocked MAC Address MAC FilterBlocking Log Blocking Log TableIDS Configuration Intrusion DetectionIDS Configuration Intrusion Log Table Intrusion LogBlack List Black List TableVirtual Private Network Virtual Private NetworkIPSec Passthrough IPSec Tunnel or PassthroughPeer-To-Peer IPSec TunnelVirtual Private Network Same IKE Encryption algorithm on both ends of a VPN tunnel IPSec Server Configurations IPSec ServerMaximum life duration is 86400 seconds Limitation Tunnel Remote ID ConfigurationTunnel Table IPSec Status IPSec StatusIPSec Log IPSec Log TableQuality of Service Quality of ServiceClass Configuration HTB QoS ConfigurationsQuality of Service Filter Configuration QoS Filter ConfigurationsType Of Service/DiffServ TOS/DiffServQuality of Service Device Information AdministrationAdministration Device InfoTraffic Statistics Traffic StatisticsSession Log Session Log Password ChangeSysLog System LogSystem Change PasswordPassword Recovery SystemUpdate Firmware/Configuration Upload/DownloadPing Test Remote AccessRemote Access Ping TestAdministration Dlink DRO-210i User Guide General Frequently Asked QuestionsFrequently Asked Questions Q6. What is the purpose of Dhcp Server Auto Configuration? DHCP, DNSRouting High AvailabilityFirewall Frequently Asked Questions 11.6 NAT Q21. What are the call features supported by SIP-ALG? 11.7 VPN11.8 QoS Frequently Asked Questions
Top Page Image Contents