Manuals / Brands / Computer Equipment / Network Router / Asus / Computer Equipment / Network Router

Asus RX3141 9.3ACL Rule Configuration Parameters, Log, Mave, deny, Field, allow, Action, Protocol, not allow, Source IP, Description, source network

1 102

Download 102 pages, 1.88 Mb

Chapter 9. Configuring Firewall/NAT Settings

RX3141 User’s Manual

9.3ACL Rule Configuration Parameters

9.3.1ACL Rule Configuration Parameters

Table 9.3 describes the configuration parameters firewall inbound, outbound and self-access ACL rules.

	Table 9.3. ACL Rule Configuration Parameters

Field	Description
ID
Add New	Click on this option to add a new ACL rule.

Rule Number	Select a rule from the drop-down list, to modify its settings.

Mave

This option allows you to set a priority for this rule. The RX3141 Firewall acts on packets based on the priority of the rules. Set a priority by specifying a number for its position in the list of rules:

1 (First)	This number marks the highest priority.

Other numbers	Select other numbers to indicate the priority you wish to assign to the rule.

Action

Allow	Select this button to configure the rule as an allow rule.
	This rule when bound to the Firewall will allow matching packets to pass
	through.

Deny	Select this button to configure the rule as a deny rule.
	This rule when bound to the Firewall will not allow matching packets to
	pass through.

Route to (only for outbound ACL)

This field is used for policy routing needed for PPPoE unnumbered or PPPoE multi-session. Available options include AUTO, ppp0 (unnumbered), ppp1 (1st PPPoE session), ppp2 (2nd PPPoE session). These options are selectable from the drop-down list. If AUTO is selected, the router will route the packets based on the information in the routing table.

Log

Select or deselect the check box to enable or disable logging for this ACL rule.

Protocol

This option allows you to select protocol type from a drop-down list. Available settings are All, TCP, UDP, ICMP, IGMP, AH and ESP.

Source IP

This option allows you to set the source network to which this rule should apply. Use the drop-down list to select one of the following options:

Any	This option allows you to apply this rule to all the computers in the source
	network, such as those on the Internet for the inbound traffic or all the
	computers in the local network for outbound traffic.
IP Address	This option allows you to specify an IP address on which this rule will be
	applied.
IP Address	Specify the appropriate network address

52

Contents

Page Table of Contents Quick Start Guide Using the Configuration Manager Router Connection Setup DHCP Server Configuration Configuring Static Routes Configuring DDNS Configuring Firewall/NAT Settings Virtual Sever and Special Application System Management 12IP Addresses, Network Masks, and Subnets Troubleshooting Index List of Figures Page List of Tables Page 1 Introduction 1.1Features 1.2System Requirements 1.3Using this Document 2 Getting to Know RX3141 2.1Parts List 2.2Hardware Features 2.3Software Features 2.3.2.1Stateful Packet Inspection 2.3.2.2Packet Filtering – ACL (Access Control List) 2.3.2.3Defense against DoS Attacks 2.4.1.1Application Level Gateway (ALG) 2.4.1.2Log 2.4Finding Your Way Around 2.4.2Rear Panel Figure 2.2. Rear Panel Connectors Table 2.3. Rear Panel Labels and LEDs Label LAN Ports 2.4.3 Bottom View Wall Mount Slots Magnets 2.5Placement Options Page 3 Quick Start Guide 3.1Part 1 — Connecting the Hardware 3.1.3Step 3. Attach the AC adapter Step 4. Power on RX3141, the ADSL or cable modem and power up your computers Internet Cable or ADSL Modem RX3141i 3.2Part 2 — Configuring Your Computers Protocol <Add Internet Protocol (TCP/IP) Network and Dial-up 3.2.5Windows® NT 4.0 workstations: Protocols <Yes Obtain an IP address from a DHCP server 3.2.6Assigning static IP addresses to your PCs 3.3Part 3 — Quick Configuration of the RX3141 Figure 3.3. System Status Page 3.3.2Testing Your Setup 3.3.3Default Router Settings Table 3.2. Default Settings Summary Option Default Setting Explanation/Instructions 4 Using the Configuration Manager 4.1Log into the Configuration Manager 4.2Functional Layout 4.2.2Commonly Used Buttons and Icons Table 4.1. Description of Commonly Used Buttons and Icons Button/Icon Function Trash 4.3Overview of System Configuration 5 Router Connection Setup 5.1LAN Configuration 5.1.3Configuring the LAN IP Address Figure 5.1. Router Connection Setup Configuration – LAN Configuration 5.2WAN Configuration 5.2.2PPPoE Figure 5.3. WAN – PPPoE Configuration 5.2.2.1WAN PPPoE Configuration Parameters 5.2.2.2Configuring PPPoE for WAN 5.2.2.3Configuring PPPoE Multi-sessionfor WAN Figure 5.5. WAN – PPPoE0 Settings Packets to PPPOE1 Session PPPOE1 Session Page 5.2.3PPPoE Unnumbered Figure 5.11. WAN – PPPoE Unnumbered Configuration 5.2.3.1WAN PPPoE Unnumbered Configuration Parameters 5.2.3.2Configuring PPPoE Unnumbered for WAN 5.2.4.1Configuring Dynamic IP for WAN 5.2.5.1WAN Static IP Configuration Parameters 5.2.5.2Configuring Static IP for WAN 6 DHCP Server Configuration 6.1DHCP (Dynamic Host Control Protocol) Figure 6.1. DHCP Server Configuration Page Table 6.1. DHCP Configuration Parameters Field IP Address Pool Begin/End FieldDescription WINS Server IP Address (optional) 6.1.4Viewing Current DHCP Address Assignments Current DHCP Lease Table Page 7 Configuring Static Routes 7.1Overview of IP Routes 7.2Static Route 7.2.2Adding Static Routes Figure 7.2. Static Route Configuration Static Route Destination IP Address 7.2.3Deleting Static Routes Figure 7.3. Sample Routing Table 7.2.4Viewing the Static Routing Table 8 Configuring DDNS 8.1DDNS Configuration Parameters 8.2Configuring HTTP DDNS Client Page 9 Configuring Firewall/NAT Settings 9.1Firewall Overview 9.1.3.1Priority Order of ACL Rule 9.1.3.2ACL Rule and Connection State Tracking 9.2Router Security Settings 9.2.2.1DoS Protection Configuration Parameters 9.2.2.2Configuring DoS Settings 9.3ACL Rule Configuration Parameters Destination IP destination network Source Port Destination Port ICMP (available only when protocol type is set to ICMP) 9.4Configuring Inbound ACL Rules Figure 9.3. Inbound ACL Configuration Example 9.4.2Figure 9.4. Sample Inbound ACL List TableModify Inbound ACL Rules 9.4.3Delete Inbound ACL Rules 9.5Configuring Outbound ACL Rules Figure 9.6. Outbound ACL Configuration Example Figure 9.7. Sample Outbound ACL List Table 9.5.2Modify Outbound ACL Rules 9.6Configuring Self-AccessACL Rules – (Router Setup Î Self-AccessACL) Figure 9.8. Self-AccessACL Configuration Page 9.6.1Add a Self-AccessRule Self Access ACL Example Figure 9.9. Self-AccessACL Configuration Example 9.7Firewall Log – (Router Setup Î Log) Figure 9.11 Sample Firewall Log 9.7.1Log Format System Security Log Example: Firewall Access Control Log Example: Jan 1 00:03:11 10 Virtual Sever and Special Application 10.1 NAT Overview 10.2 Configure Virtual Server Table 10.1. Virtual Server Configuration Parameters Redirect Port Range To IP Address Table 10.2. Port Numbers for Popular Applications Application Netmeeting or VOIP NEWS PC Anywhere POP3 Powwow Chat 9.4 Configuring Inbound ACL Rules Same as “To IP Address” Same as “Redirect Port Range” Application Name Outgoing (Trigger) Port Range Incoming Incoming Port Range Special Application 9.5 Configuring Outbound ACL Rules Figure 10.6. Special Application Example – Outbound ACL Rule Default Outbound ACL Rule Figure 10.7. Outbound ACL Rule Table 11 System Management 11.1 Login Password and System-WideSettings Router Setup Î Administration 11.2 Viewing System Information 11.3 Setup Date and Time 11.4 Reset to Factory Default Settings 11.5 Firmware Upgrade Figure 11.8. File Manager Figure 11.9. Firmware Upgrade Confirmation Figure 11.10. Firmware Upgrade Status Figure 11.11. Firmware Upgrade Count Down Timer 11.6 System Reboot 11.7 . System Configuration Management Enter desired filename Figure 11.17. System Configuration Backup Page – Save As Dialog Figure 11.18. System Configuration Backup Status 11.7.2 Restore System Configuration System Configuration Backup/Restore Backup/Restore Figure 11.19. System Configuration Restore Page Figure 11.20. System Configuration Restore Page – Choose File Dialog Figure 11.21. System Configuration Restore Status 12 IP Addresses, Network Masks, and Subnets 12.1 IP Addresses 12.2 Network classes 12.3 Subnet masks Page 13 Troubleshooting 13.1 Diagnosing Problem using IP Utilities Figure 13.1. Using the ping Utility 13.1.2 nslookup nslookup Figure 13.2. Using the nslookup Utility exit 14 Index