Custom IP Filter Rules | Efficient Networks 5100 Series guide

SpeedStream Router User Guide

machine that will be accessible to inbound traffic. - or -

Select Enable DMZ with this Host name; then select the host name from the drop-down list.

3.Select how long you want the settings to remain permanently, until the next reboot, or for a specified number of minutes.

4.To accept the settings, click Apply.

Custom IP Filter Rules

You can configure the SpeedStream Router firewall to perform IP filtering and stateful inspection of packets. The firewall supports a rules database to allow sophisticated access tailoring. A network conversation is first authorized by verifying the packet against the current rules database configured within the firewall. If the first packet of a conversation is allowed, then a dynamic state engine takes over and tracks that conversation. All protocols are tracked whether they are stream-based or not; i.e., ICMP, UDP, TCP, GRE.

The filtering rules database gives you control over the configurable firewall rules. Rules can be filter- based on any of the following:

•Source and destination router interfaces

•IP protocols

•Direction of traffic flow

•Source and destination network/host IP address

•Protocol-specific attributes such as ICMP message types

•Source and destination port ranges (for protocols that support them), and support for port comparison operators such as less than, greater than, and equal to.

Rules can specifically allow or deny packets to flow through the router. Default actions taken when no specific rule applies can also be configured.

Note You must have previously selected Custom Level in the Firewall - Simple Setup & Control window.

69

Image 79

Efficient Networks 5100 Series manual Custom IP Filter Rules

Contents

Router User Guide Software License General Provisions Contents Ustomizing R Outer S Ettings Iii Dhcp Iewing S Tatus and S Tatistics Ppendix a C Onfiguration D ATA S Heets 100 Introduction Features and BenefitsAbout the SpeedStream Router Firewall Security Hardware Description General Safety Guidelines Minimum System Requirements Installing the RouterHardware Installation Basic Installation Procedure Installing Line Filters Recording System SettingsIn-Line Filter Wall-Mount Filter Connecting the CablesTwo-to-One Adapter Ethernet Installation Method USB Installation Method Windows 95 / 98 / ME Configuring Computer Network SettingsTCP/IP Properties dialog box displays TCP/IP Properties dialog box, click the IP Address tab Microsoft TCP/IP Properties dialog box displays Windows NT Double-clickNetwork and Dial-up Connections Windows Windows XP Logging On/Off the Web Interface Accessing the Web Management InterfaceAdministrative User Setup window displays Getting Started Do not require admin login Entering the Network PasswordRequire admin login to access entire Web site Require admin login to access configuration pages Logging In with UPnP Logging In after first time SpeedStream Router icon To log in using UPnPNavigating the Web Interface Logging Off Log LevelSnooze IP Filter Rules Window Navigation PPP Configuration Options Customizing Router SettingsPPP Point-to-Point Protocol User Profiles Change PPP SettingsOpen the Profile Wizard Force all users to be identified before surfing Enable ProfilingDelete a User Profile Add a New User Profile Edit an Existing URL Name or Tag Select Content FilteringDeny all access to URLs containing the following Enter a New URL Name or Tag Assign Permissions Select Security AccessDelete a URL Name or Tag Change User Information Change a User ProfileEnter Constant IP Address Finish Click Add Entry Edit an Existing URL Name or Tag Enter or Change the Constant IP Address Navigation WAN Interface Select the Default WAN Interface Access the WAN Interface Configuration WizardEnable a WAN Connection Disable a WAN Connection Table Navigation Step-by-Step ProceduresConfigure ATM Settings Add a New Virtual Connection VC Select WAN Protocol Specify Connection Name Configure RFC-2684 Bridged Protocol Use PPPoE Configure RFC-2684 Bridged/IP ProtocolFinish Enter IP Information Select Interface Options On the Interface Options window, select the desired options Configure RFC-2684 Routed Protocol Enable concurrent NAT and Napt Configure PPPoE Protocol Dial-up Only Configure PPPoE / Client Only Use Idle Timeout Configure PPPoE / Bridge Only On the Interface Options window, select the desired options Configure PPPoE / 2684B Connection NAT/NAPT Dial-up Only Error is resolved. This is like an always on WAN connection Interface PPPoE with Bridge window displays Configure PPPoE / PPPoE Bridge Protocol Version Dial-up Only Use Universal Plug-n-Play Enter User Information Configure PPPoA Protocol Enter Static IP Address Select PPP Options Versions 1 Host Specify the Host Configuration SettingsIP Address Restrictions Dhcp Configuration Options Configure Dhcp Change the User Name or Password Admin User System LoginTime Client Add a Static Route Time Client Configuration OptionsConfigure the Time Client Static Routes NAT/NAPT Configuration Options Access the NAT/NAPT Configuration Window Enable Concurrent NAT/NAPT Disable Both NAT and NaptEnable NAT Only and Specify a Destination IP Address Enable Napt Only Edit/Delete an Existing Mapping Map a New Public IP AddressSet Delete All Port Forwarding Configuration OptionsPort Forwarding Delete Delete All Entries in the Table Edit an Existing Port Forwarding ConfigurationDelete an Existing Entry Add a Port Forwarding Entry Network Connections view FirewallManage Network Address Port Mappings through UPnP Network Neighborhood folder Firewall Security Levels Firewall Simple Setup & Control window displaysSelect the Firewall Security Level Firewall Snooze Control DMZ Settings Firewall DMZ Configuration window displays Disable DMZEnable DMZ On the Firewall DMZ Configuration window, click Disable DMZ Custom IP Filter Rules SpeedStream Router User Guide Define the source and destination Clone a Rule DefinitionCreate Custom IP Filter Rules Fill in the following information Specify Destination Port Operator options Select a protocol to filterIf Icmp chosen in , select the desired Icmp rule options ADS Attack Detection System Firewall LogTo display the Firewall Log window Types of Attack Background ADS Configuration Options Enable ADS UPnP Universal Plug and Play UPnP Configuration Options RIP Routing Information Protocol Bridge ModeConfigure UPnP Settings Enable Bridge Mode Interface RIP Configuration OptionsConfigure RIP Settings Server Ports Dynamic DNS Dynamic DNS Configuration Options Enter the Service Username, Service Password, and Host Names Configure Dynamic DNS System Summary Viewing Status and Statistics Display the System Log System Log Configuration OptionsUpdate the Display System Log ATM/AAL Status/Statistics window displays ATM/AAL Status/StatisticsDSL Status/Statistics Select the Capture Level Ethernet Status/Statistics window displays Ethernet Status/StatisticsUSB Status/Statistics Routes Diagnostics Using System ToolsClick Run Diagnostics at the bottom of the window To display the Interface Map RebootReset Interface Map Update the Router Firmware Firmware Update SpeedStream Router User Guide Steady blink TroubleshootingBasic Troubleshooting Steps Interpreting the LED Display Login Password Error Resolving Specific IssuesLEDs Not Lit Post Failure red pwr LED Contacting Technical Support Attack Detection System Configuration Data SheetsAdministrative User Setup Firewall Custom IP Filter Configuration SpeedStream Router User Guide Firewall Level Firewall DMZ NAT/NAPT Host Port Forwarding PPP Login System Log Static Route UPnP Time Client Technical Specifications Protocol Firewall Security Levels 102 103 Acronyms Acronyms and Technical Concepts Rx Cells Rx ErrorsMAC address Octet Technical Concepts Dhcp Dynamic Host Configuration Protocol Icsa 3.0a-compliancy PPP Point-to-Point Protocol Protocol Selection window Step-by-Step Virtual WAN Configuration VC Wizard Finish Configuration procedures SpeedStream Router User Guide 5e. If you selected the PPPoA protocol Dhcp ADS Index 115 116 117 118 Efficient Networks