Advanced Security
Use the Advanced Security features of the Router to globally enable or disable NAT and Firewall protection for any WAN connection, enable or disable DMZ IP addresses, enable or disable remote Telnet or web management from specified IP addresses, and enable/disable ICMP ping packets from the WAN.
Figure 4-8. Advanced Security menu
Follow the instructions below to set up the Advanced Security features. To enable ICMP Ping packets from the WAN, click to check the Allow Incoming ICMP Ping selection box and click the Apply button. The ICMP (Internet Control Message Protocol) Ping packet is used to test connectivity of IP devices. Keep in mind that when this is enabled, the Router may be vulnerable to denial of service type attacks.
Enable/Disable NAT and Firewall
NAT and basic Firewall protection can be enabled or disabled for any WAN connection. These may also be enabled or disabled when configuring the WAN connection for any connection type except Bridge connections. By default, they are enabled for WAN connections (except Bridge connections) when they are first set up. Firewall protection includes the previously discussed Port Forwarding and Access Control. Therefore, this must be enabled to use these features.
To enable NAT and Firewall protection for any WAN connection including Bridge type connections, check the Enable NAT and Firewall Services selection box and click the Apply button. Be sure to save the changes in the System Commands menu or the settings will be lost.
To disable NAT and Firewall Services, deselect it and click the Apply button. Be aware that this remove basic security and expose your LAN to potentially malicious agents form the WAN.
Remember to save the configuration changes.
DMZ IP Address
A DMZ address is used for a device that is not given basic protection of NAT and Firewall services. You may select an IP address from the
50