Manuals / Brands / Computer Equipment / Network Router / Asus / Computer Equipment / Network Router

Asus RX3141 icmp, allow, rule=1, OUTBOUND, klogd: fw, Jan 1 00:03:11, 9.7.1Log Format, System Security Log Example:, Figure 9.11 Sample Firewall Log

1 102

Download 102 pages, 1.88 Mb

Chapter 9. Configuring Firewall/NAT Settings

RX3141 User’s Manual

Figure 9.11 Sample Firewall Log9.7.1Log Format

Two types of log are supported by the RX3141 – system security log and firewall access control log. They are designated by the two keywords, sys and fw respectively. The log format is best explained by examples:System Security Log Example:

Jan 1 00:01:22 2000 klogd: sys: TCP XMAS/NULL packet from 192.168.1.100.

Explanation: Jan 1 00:01:22 2000 indicates the time of the attack; klogd: sys, this attack is detected by the system security model; TCP XMAS/NULL, the type of attack detected; 192.168.1.100, source of the attack.

Firewall Access Control Log Example:

Jan 1 00:03:11 2000 klogd: fw: OUTBOUND rule=1 allow icmp from 192.168.1.100 to 211.1.1.1 type=8

code=0 id=512Explanation: Jan 1 00:03:11 2000 indicates the time of the access; klogd: fw, indicates the log is related to firewall access control; OUTBOUND, the direction of the traffic; rule=1, the rule that matches the IP information of the traffic; allow, action taken by the firewall; icmp, protocol type of the traffic; 192.168.1.100, source of the traffic; 211.1.1.1, destination of the traffic; type=8, ICMP message type; code=0, ICMP message code; id=512, ICMP message ID.

62

Contents

Page Table of Contents Quick Start Guide Using the Configuration Manager Router Connection Setup DHCP Server Configuration Configuring Static Routes Configuring DDNS Configuring Firewall/NAT Settings Virtual Sever and Special Application System Management 12IP Addresses, Network Masks, and Subnets Troubleshooting Index List of Figures Page List of Tables Page 1 Introduction 1.1Features 1.2System Requirements 1.3Using this Document 2 Getting to Know RX3141 2.1Parts List 2.2Hardware Features 2.3Software Features 2.3.2.1Stateful Packet Inspection 2.3.2.2Packet Filtering – ACL (Access Control List) 2.3.2.3Defense against DoS Attacks 2.4.1.1Application Level Gateway (ALG) 2.4.1.2Log 2.4Finding Your Way Around 2.4.2Rear Panel Figure 2.2. Rear Panel Connectors Table 2.3. Rear Panel Labels and LEDs Label LAN Ports 2.4.3 Bottom View Wall Mount Slots Magnets 2.5Placement Options Page 3 Quick Start Guide 3.1Part 1 — Connecting the Hardware 3.1.3Step 3. Attach the AC adapter Step 4. Power on RX3141, the ADSL or cable modem and power up your computers Internet Cable or ADSL Modem RX3141i 3.2Part 2 — Configuring Your Computers Protocol <Add Internet Protocol (TCP/IP) Network and Dial-up 3.2.5Windows® NT 4.0 workstations: Protocols <Yes Obtain an IP address from a DHCP server 3.2.6Assigning static IP addresses to your PCs 3.3Part 3 — Quick Configuration of the RX3141 Figure 3.3. System Status Page 3.3.2Testing Your Setup 3.3.3Default Router Settings Table 3.2. Default Settings Summary Option Default Setting Explanation/Instructions 4 Using the Configuration Manager 4.1Log into the Configuration Manager 4.2Functional Layout 4.2.2Commonly Used Buttons and Icons Table 4.1. Description of Commonly Used Buttons and Icons Button/Icon Function Trash 4.3Overview of System Configuration 5 Router Connection Setup 5.1LAN Configuration 5.1.3Configuring the LAN IP Address Figure 5.1. Router Connection Setup Configuration – LAN Configuration 5.2WAN Configuration 5.2.2PPPoE Figure 5.3. WAN – PPPoE Configuration 5.2.2.1WAN PPPoE Configuration Parameters 5.2.2.2Configuring PPPoE for WAN 5.2.2.3Configuring PPPoE Multi-sessionfor WAN Figure 5.5. WAN – PPPoE0 Settings Packets to PPPOE1 Session PPPOE1 Session Page 5.2.3PPPoE Unnumbered Figure 5.11. WAN – PPPoE Unnumbered Configuration 5.2.3.1WAN PPPoE Unnumbered Configuration Parameters 5.2.3.2Configuring PPPoE Unnumbered for WAN 5.2.4.1Configuring Dynamic IP for WAN 5.2.5.1WAN Static IP Configuration Parameters 5.2.5.2Configuring Static IP for WAN 6 DHCP Server Configuration 6.1DHCP (Dynamic Host Control Protocol) Figure 6.1. DHCP Server Configuration Page Table 6.1. DHCP Configuration Parameters Field IP Address Pool Begin/End FieldDescription WINS Server IP Address (optional) 6.1.4Viewing Current DHCP Address Assignments Current DHCP Lease Table Page 7 Configuring Static Routes 7.1Overview of IP Routes 7.2Static Route 7.2.2Adding Static Routes Figure 7.2. Static Route Configuration Static Route Destination IP Address 7.2.3Deleting Static Routes Figure 7.3. Sample Routing Table 7.2.4Viewing the Static Routing Table 8 Configuring DDNS 8.1DDNS Configuration Parameters 8.2Configuring HTTP DDNS Client Page 9 Configuring Firewall/NAT Settings 9.1Firewall Overview 9.1.3.1Priority Order of ACL Rule 9.1.3.2ACL Rule and Connection State Tracking 9.2Router Security Settings 9.2.2.1DoS Protection Configuration Parameters 9.2.2.2Configuring DoS Settings 9.3ACL Rule Configuration Parameters Destination IP destination network Source Port Destination Port ICMP (available only when protocol type is set to ICMP) 9.4Configuring Inbound ACL Rules Figure 9.3. Inbound ACL Configuration Example 9.4.2Figure 9.4. Sample Inbound ACL List TableModify Inbound ACL Rules 9.4.3Delete Inbound ACL Rules 9.5Configuring Outbound ACL Rules Figure 9.6. Outbound ACL Configuration Example Figure 9.7. Sample Outbound ACL List Table 9.5.2Modify Outbound ACL Rules 9.6Configuring Self-AccessACL Rules – (Router Setup Î Self-AccessACL) Figure 9.8. Self-AccessACL Configuration Page 9.6.1Add a Self-AccessRule Self Access ACL Example Figure 9.9. Self-AccessACL Configuration Example 9.7Firewall Log – (Router Setup Î Log) Figure 9.11 Sample Firewall Log 9.7.1Log Format System Security Log Example: Firewall Access Control Log Example: Jan 1 00:03:11 10 Virtual Sever and Special Application 10.1 NAT Overview 10.2 Configure Virtual Server Table 10.1. Virtual Server Configuration Parameters Redirect Port Range To IP Address Table 10.2. Port Numbers for Popular Applications Application Netmeeting or VOIP NEWS PC Anywhere POP3 Powwow Chat 9.4 Configuring Inbound ACL Rules Same as “To IP Address” Same as “Redirect Port Range” Application Name Outgoing (Trigger) Port Range Incoming Incoming Port Range Special Application 9.5 Configuring Outbound ACL Rules Figure 10.6. Special Application Example – Outbound ACL Rule Default Outbound ACL Rule Figure 10.7. Outbound ACL Rule Table 11 System Management 11.1 Login Password and System-WideSettings Router Setup Î Administration 11.2 Viewing System Information 11.3 Setup Date and Time 11.4 Reset to Factory Default Settings 11.5 Firmware Upgrade Figure 11.8. File Manager Figure 11.9. Firmware Upgrade Confirmation Figure 11.10. Firmware Upgrade Status Figure 11.11. Firmware Upgrade Count Down Timer 11.6 System Reboot 11.7 . System Configuration Management Enter desired filename Figure 11.17. System Configuration Backup Page – Save As Dialog Figure 11.18. System Configuration Backup Status 11.7.2 Restore System Configuration System Configuration Backup/Restore Backup/Restore Figure 11.19. System Configuration Restore Page Figure 11.20. System Configuration Restore Page – Choose File Dialog Figure 11.21. System Configuration Restore Status 12 IP Addresses, Network Masks, and Subnets 12.1 IP Addresses 12.2 Network classes 12.3 Subnet masks Page 13 Troubleshooting 13.1 Diagnosing Problem using IP Utilities Figure 13.1. Using the ping Utility 13.1.2 nslookup nslookup Figure 13.2. Using the nslookup Utility exit 14 Index