2Wire 3800HGV-B manual Configure Firewall Rules

Page 72

Configuring Mulitple Static IP Addresses

For devices using the Public Network addresses, simply configure the device to use the IP address (subnet mask and default gateway) as assigned by the ISP. The gateway will automatically detect the usage of a broadband IP address on the LAN network and correctly route the return traffic to the appropriate LAN device. Once a broadband IP address has been detected by the gateway as being statically coded on the device, its entry in the Address Allocation page will no longer be displayed.

Note: The ability to use DHCP in assigning WAN addresses to LAN devices is different from how some other routers operate. These other routers usually require that the address be hard coded on the LAN device.

Upon successful configuration of the gateway, refresh the IP address of the network device (this may require restarting that device). It should now have the desired public, or private, IP address assigned by the 3700HGV-B. Confirm proper configuration by attempting to access the public Internet.

Figure 2

Step 3: Configure Firewall Rules

LAN devices using addresses from the Public Network are still protected by the gateway firewall. To allow unsolicited inbound traffic to any of these LAN devices, you must modify the firewall settings specified for that device. That is, a LAN device can receive inbound traffic associated with outbound traffic (e.g., web browsing) but needs to have a firewall rule established to function as a server.

To change the firewall settings, access the Firewall - Settings page of the MDC or the Firewall Settings page of the standard web pages to configure the Hosted applications allowed for each device to be used with unsolicited traffic.

Note: This is different from how some other routers operate. These other routers automatically allow all traffic to pass through from the WAN to the LAN devices configured with WAN IP addresses.

The type of traffic to be received by the device determines the type of firewall configuration required:

If the device only requires the public IP address then no rules need to be established.

In some cases, all broadband traffic destined for a device is the 3700HGV-B should be configured to Allow all applications

to be passed to that device. In this case, for the specific device.

In other cases, only the traffic associated with a specific application (e.g., ftp server) is to be passed to a device. In this case, the “hosted application” feature of the 3700HGV-B will be used to configure which traffic to send to the device.

Note: The 2Wire firewall only allows traffic for a public network IP address to be directed to a local LAN device with the same public network IP address. That is, except for traffic sent to the single broadband IP address assigned to the router and shared through NAPT, traffic sent to other specific broadband IP addresses associated with the connection cannot be directed to local LAN devices that may be using private IP addresses.

70

Page 71 Page 73
Image 72
Page 71 Page 73
Contents Contents Page 3800HGV-B Overview HGV-B, Rear View802.1x Setup Page Installation Requirements Connect the Computer to the Gateway Choose a Computer and Connection TypeEthernet Connection Wireless Connection Non-2Wire Wireless Adapter Configuration Locating the Serial Number and Wireless Encryption KeyConfiguring the Adapter Install the 2Wire Gateway USB Driver Windows USB to PC ConnectionInstall the 2Wire Gateway USB Driver Macintosh Connecting to Vdsl via CoAX Connect the Broadband InterfaceSetting Up Iptv Connect to IptvGateway User Interface Gateway System PagesViewing Your System Summary Setting a System Password Changing Your Time Zone SettingsBroadband Link Pages Viewing System DetailsViewing Your Broadband Link Summary Viewing Broadband Link Details Using Broadband Diagnostics From Jeff M Need to show Ethernet broadband exampleViewing Statistics Using Broadband Link Advanced Settings Home Network Pages Viewing Your Home Network SummaryLocal Devices Monitoring Your Wireless Settings Status at a Glance PanelPage Configuring Additional Settings Customizing Security SettingsConfiguring Advanced Settings Editing Address Allocation Settings Firewall Pages Viewing Your Firewall SummaryPage Configuring Firewall Settings Configuring Advanced Firewall Settings Enabling Advanced SecurityAllowing Inbound and Outbound Traffic Disabling Attack DetectionPage Access the Management and Diagnostic Console Accessing the Management and Diagnostic ConsoleSystem Summary Vdsl Broadband Link Summary Broadband Link Statistics Broadband Link Detailed Statistics Broadband Link Configuration Local Network Status Specifies whether a USB device is present Active on Local Network Statistics Local Network Device List Local Network Wireless Settings Local Network Configuration Enabling Router Behind Router AlertLocal Network Address Allocation Local Network Configure the MoCA Network Local Network MoCA Statistics Firewall Settings Firewall Detailed Information Firewall Advanced Settings Troubleshooting DSL Diagnostics Analyzing General InformationReviewing Training History Reviewing Bitloading Troubleshooting Event Log Page Troubleshooting Network Tests Troubleshooting Upgrade History Troubleshooting Resets Advanced Syslog Settings Advanced Provisioning Info Advanced Configure Time Services Advanced Configure Services Advanced DNS Resolve Advanced Link Manager States Advanced Detailed Log Upgrade the Software Page Configuring Multiple Static IP Addresses Enable Public Network Mode Allocate Public IP Addresses to the LAN Clients CidrConfigure Firewall Rules Sample Configuration Figure *. Sample NetworkPage Vpnsrv Vpnsrv Select the Allow individual applications option LEDs LED overviewIpcp Glossary Regulatory Information PhoneRegulatory Information
Top Page Image Contents