Manuals / Brands / Computer Equipment / Network Router / Asus / Computer Equipment / Network Router

Asus RX3141 9.2Router Security Settings, NAT, Field, Firewall, Security, Description, Stealth Mode, Router Setup, Log Port Probing, 9.2.2DoS Configuration

1 102

Download 102 pages, 1.88 Mb

RX3141 User’s Manual

Chapter 9. Configuring Firewall/NAT Settings

9.2Router Security Settings

9.2.1Basic Router Security Configuration Parameters

Table 9.1 describes the configuration parameters available for basic router security configuration.

	Table 9.1. Basic Router Security Configuration Parameters

Field		Description
Firewall		Check or uncheck this box to enable or disable firewall.
NAT		Check or uncheck this box to enable or disable NAT.

Log Port Probing		Connection attempt to closed ports will be logged if this option is enabled.

Stealth Mode		If enabled, RX3141 will not respond to remote peer’s attempt to connect to
		the closed TCP/UDP ports.

To configure firewall basic settings, follow the instructions below:

1.Open the Router Security configuration page as shown in Figure 9.1 by double clicking on Router Setup Î Security menu.

2.Check or uncheck individual check box for each security option.

3.Click to save the settings.

9.2.2DoS Configuration

The RX3141 has an Attack Defense Engine that protects internal networks from Denial of Service (DoS) attacks such as IP spoofing, LAND, Ping of Death, smurf and all re-assembly attacks. It can drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the RX3141 Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems. For a complete list of DoS protection provided by the RX3141, please see Tables 2.1 and 9.2.

49

Contents

Page Table of Contents Quick Start Guide Using the Configuration Manager Router Connection Setup DHCP Server Configuration Configuring Static Routes Configuring DDNS Configuring Firewall/NAT Settings Virtual Sever and Special Application System Management 12IP Addresses, Network Masks, and Subnets Troubleshooting Index List of Figures Page List of Tables Page 1 Introduction 1.1Features 1.2System Requirements 1.3Using this Document 2 Getting to Know RX3141 2.1Parts List 2.2Hardware Features 2.3Software Features 2.3.2.1Stateful Packet Inspection 2.3.2.2Packet Filtering – ACL (Access Control List) 2.3.2.3Defense against DoS Attacks 2.4.1.1Application Level Gateway (ALG) 2.4.1.2Log 2.4Finding Your Way Around 2.4.2Rear Panel Figure 2.2. Rear Panel Connectors Table 2.3. Rear Panel Labels and LEDs Label LAN Ports 2.4.3 Bottom View Wall Mount Slots Magnets 2.5Placement Options Page 3 Quick Start Guide 3.1Part 1 — Connecting the Hardware 3.1.3Step 3. Attach the AC adapter Step 4. Power on RX3141, the ADSL or cable modem and power up your computers Internet Cable or ADSL Modem RX3141i 3.2Part 2 — Configuring Your Computers Protocol <Add Internet Protocol (TCP/IP) Network and Dial-up 3.2.5Windows® NT 4.0 workstations: Protocols <Yes Obtain an IP address from a DHCP server 3.2.6Assigning static IP addresses to your PCs 3.3Part 3 — Quick Configuration of the RX3141 Figure 3.3. System Status Page 3.3.2Testing Your Setup 3.3.3Default Router Settings Table 3.2. Default Settings Summary Option Default Setting Explanation/Instructions 4 Using the Configuration Manager 4.1Log into the Configuration Manager 4.2Functional Layout 4.2.2Commonly Used Buttons and Icons Table 4.1. Description of Commonly Used Buttons and Icons Button/Icon Function Trash 4.3Overview of System Configuration 5 Router Connection Setup 5.1LAN Configuration 5.1.3Configuring the LAN IP Address Figure 5.1. Router Connection Setup Configuration – LAN Configuration 5.2WAN Configuration 5.2.2PPPoE Figure 5.3. WAN – PPPoE Configuration 5.2.2.1WAN PPPoE Configuration Parameters 5.2.2.2Configuring PPPoE for WAN 5.2.2.3Configuring PPPoE Multi-sessionfor WAN Figure 5.5. WAN – PPPoE0 Settings Packets to PPPOE1 Session PPPOE1 Session Page 5.2.3PPPoE Unnumbered Figure 5.11. WAN – PPPoE Unnumbered Configuration 5.2.3.1WAN PPPoE Unnumbered Configuration Parameters 5.2.3.2Configuring PPPoE Unnumbered for WAN 5.2.4.1Configuring Dynamic IP for WAN 5.2.5.1WAN Static IP Configuration Parameters 5.2.5.2Configuring Static IP for WAN 6 DHCP Server Configuration 6.1DHCP (Dynamic Host Control Protocol) Figure 6.1. DHCP Server Configuration Page Table 6.1. DHCP Configuration Parameters Field IP Address Pool Begin/End FieldDescription WINS Server IP Address (optional) 6.1.4Viewing Current DHCP Address Assignments Current DHCP Lease Table Page 7 Configuring Static Routes 7.1Overview of IP Routes 7.2Static Route 7.2.2Adding Static Routes Figure 7.2. Static Route Configuration Static Route Destination IP Address 7.2.3Deleting Static Routes Figure 7.3. Sample Routing Table 7.2.4Viewing the Static Routing Table 8 Configuring DDNS 8.1DDNS Configuration Parameters 8.2Configuring HTTP DDNS Client Page 9 Configuring Firewall/NAT Settings 9.1Firewall Overview 9.1.3.1Priority Order of ACL Rule 9.1.3.2ACL Rule and Connection State Tracking 9.2Router Security Settings 9.2.2.1DoS Protection Configuration Parameters 9.2.2.2Configuring DoS Settings 9.3ACL Rule Configuration Parameters Destination IP destination network Source Port Destination Port ICMP (available only when protocol type is set to ICMP) 9.4Configuring Inbound ACL Rules Figure 9.3. Inbound ACL Configuration Example 9.4.2Figure 9.4. Sample Inbound ACL List TableModify Inbound ACL Rules 9.4.3Delete Inbound ACL Rules 9.5Configuring Outbound ACL Rules Figure 9.6. Outbound ACL Configuration Example Figure 9.7. Sample Outbound ACL List Table 9.5.2Modify Outbound ACL Rules 9.6Configuring Self-AccessACL Rules – (Router Setup Î Self-AccessACL) Figure 9.8. Self-AccessACL Configuration Page 9.6.1Add a Self-AccessRule Self Access ACL Example Figure 9.9. Self-AccessACL Configuration Example 9.7Firewall Log – (Router Setup Î Log) Figure 9.11 Sample Firewall Log 9.7.1Log Format System Security Log Example: Firewall Access Control Log Example: Jan 1 00:03:11 10 Virtual Sever and Special Application 10.1 NAT Overview 10.2 Configure Virtual Server Table 10.1. Virtual Server Configuration Parameters Redirect Port Range To IP Address Table 10.2. Port Numbers for Popular Applications Application Netmeeting or VOIP NEWS PC Anywhere POP3 Powwow Chat 9.4 Configuring Inbound ACL Rules Same as “To IP Address” Same as “Redirect Port Range” Application Name Outgoing (Trigger) Port Range Incoming Incoming Port Range Special Application 9.5 Configuring Outbound ACL Rules Figure 10.6. Special Application Example – Outbound ACL Rule Default Outbound ACL Rule Figure 10.7. Outbound ACL Rule Table 11 System Management 11.1 Login Password and System-WideSettings Router Setup Î Administration 11.2 Viewing System Information 11.3 Setup Date and Time 11.4 Reset to Factory Default Settings 11.5 Firmware Upgrade Figure 11.8. File Manager Figure 11.9. Firmware Upgrade Confirmation Figure 11.10. Firmware Upgrade Status Figure 11.11. Firmware Upgrade Count Down Timer 11.6 System Reboot 11.7 . System Configuration Management Enter desired filename Figure 11.17. System Configuration Backup Page – Save As Dialog Figure 11.18. System Configuration Backup Status 11.7.2 Restore System Configuration System Configuration Backup/Restore Backup/Restore Figure 11.19. System Configuration Restore Page Figure 11.20. System Configuration Restore Page – Choose File Dialog Figure 11.21. System Configuration Restore Status 12 IP Addresses, Network Masks, and Subnets 12.1 IP Addresses 12.2 Network classes 12.3 Subnet masks Page 13 Troubleshooting 13.1 Diagnosing Problem using IP Utilities Figure 13.1. Using the ping Utility 13.1.2 nslookup nslookup Figure 13.2. Using the nslookup Utility exit 14 Index