Manuals / Garmin / Computer Equipment / Modem

Garmin HM210DP/DI manual Field, Description, Max Half open TCP Conn, Max ICMP Conn

Models: HM210DP/DI

1 135

Download 135 pages 7.76 Kb

Page 87

Blacklist Status:

Configuring Firewall Settings

Field

Blacklist Status:

Blacklist Period(min):

Attack Protection:

DOS Protection:

Max Half open TCP Conn.:

Description

If you want the device to maintain and use a black list, click Enable. Click Disable if you do not want to maintain a list.

Specifies the number of minutes that a computer’s IP address will remain on the black list.

Select Enable to use the build-in firewall protections that prevent the following common types of attacks:

IP Spoofing – Sending packets over the WAN interface using an internal LAN IP address as the source address.

Tear Drop – Sending packets that contain over- lapping fragments.

Smurf and Fraggle – Sending packets that use the WAN or LAN IP broadcast address as the source address.

Land Attack – Sending packets that use the same address as the source and destination address.

Ping of Death – Illegal IP packets length.

Click the Enable radio button to use the following denial of service protections:

SYN DoS, ICMP DoS and Per-host DoS protection.

Sets the percentage of concurrent IP sessions that can be in the half-open state. In ordinary TCP communication, packets are in the half-open state only briefly as a connection is being initiated; the state changes to active when packets are being exchanged, or closed when the exchange is complete. TCP connections in the half-open state can use up the available IP sessions.

If the percentage is exceeded, then the half-open sessions will be closed and replaced with new sessions as they are initiated.

Max ICMP Conn.:

Sets the percentage of concurrent IP sessions that can be used for ICMP messages.

If the percentage is exceeded, older ICMP IP sessions will be replaced by new sessions as

EN/LZT 108 6492 R2 - October 2003

79

Image 87

Garmin HM210DP/DI Field, Description, Blacklist Status Blacklist Periodmin Attack Protection DOS Protection, Max ICMP Conn

Contents

ADSL Modem HM210dp/diUser Guide Trademark List CopyrightDisclaimer AbstractIntroduction Hardware Description and InstallationLocal PC Configuration Getting Started with the Configuration ManagerBasic Configuration Configuring IP RoutesConfiguring DHCP Configuring NAT Configuring DNS Server AddressesConfiguring RIP Viewing DSL Line Information Configuring Firewall SettingsAdministration Tasks TroubleshootingGlossary Page 1.2 About the ADSL Modem HM210d 1.2.1 Features1 Introduction 1.1 About this User Guide2.1 Before You Start Hardware Description and Installation2.1.1 Package Contents 2.1.2 Subscription for ADSL ServiceStatus/Description 2.2.1 Front Panel and LED Indicators2.2 Physical Appearance Label2.2.2 Back Panel and Connectors 2.3 Choosing a Place for the RouterFigure 2 - Back Panel of the HM210dp/di to a hub/switch’s uplink port 2.4 Connecting the Hardware2. Connect to a PC or hub/switch to a single PC to a hub/switch192.168.1.1 Local PC Configuration3.1 Configuring PCs as DHCP Clients 3.1.1 In Windows 95, 98/98SE and Me3.1.3 In Windows XP 3.1.2 In Windows3.2.1 In Windows 95, 98/98SE and Me 3.2 Assigning Static IP Addresses to your PCs3.2.3 In Windows XP 3.2.2 In Windowshttp//192.168.1.1 Getting Started with the Configuration4.1 Accessing the Configuration Manager ManagerTask bar 4.2 Functional LayoutButton / Symbol 4.2.1 Commonly Used Buttons and IconsDescription 4.3 The Home Page and System View Table Table Heading Device DSL WAN Interfaces LAN Interfaces Services SummaryDescription 4.4 Commiting Changes and Rebooting 4.4.1 Rebooting the HM210dp/di using Options SettingDescription Reboot from Minimum Configuration Getting Started with the Configuration ManagerEN/LZT 108 6492 R2 - October 4.5 Quick Configuration Enabled/Disabled FieldUse DHCP Default Route Gateway IP Address Username Password Use DNSPrimary/Secondary DNS Server Getting Started with the Configuration ManagerField Description5.1.1 Adding ATM VCs Basic Configuration5.1 Configuring the ATM Virtual Circuit 1. Select ATM ATM VC to display the ATM VC Configuration pageField DescriptionSelect a VC interface from the available interfaces, e.g. aal5-0 5.1.2 Modifying ATM VCs 5.2.1 Adding PPP Interfaces 5.2 Configuring PPP InterfacesPPP Interface FieldDescription This setting defines the type of firewallStart - To establish a connection whenever you turn on the HM210dp/di Status Protocol Service Name Use DHCP Use DNS Default Route5.2.2 Checking Your Connection Status Security InformationSelect PAP or CHAP as required by your ISP 5.2.3 Modifying and Deleteing PPP Interfaces 5.3.1 Adding EoA Interfaces 5.3 Configuring EoA InterfacesDescription This setting defines the type of firewallavailable for both public and in-network accesses FieldSelect an ATM VC interface previously created, e.g. aal5-0 EN/LZT 108 6492 R2 - October Basic ConfigurationField 5.4 Configuring IPoA Interfaces1. Select WAN IPoA to display the IPoA Configuration page 5.4.1 Adding IPoA InterfacesGateway IP Address Interface Sec Type Netmask RFC Use DHCP Default RouteEnable / Disable Enable / DisableBasic Configuration 5.4.2 Checking Your Connection Status5.5.1 Defining Bridge Interfaces 5.5 Bridging Connection Mode5.5.3 Deleting a Bridge Interface 5.5.2 Check Your Connection Status6.1 Overview of IP Routes Configuring IP Routes6.2 Viewing the IP Routing Table Displays and icon you can click to delete a route FieldDescription Destination Netmask NextHop IFName Route Type Route Origin Action6.3 Adding IP Routes DHCP Server 7 Configuring DHCP7.1 Overview of DHCP 7.2 DHCP Modes7.3 Configuring DHCP Server DHCP Relay AgentDHCP Client 7.3.1 Creating DHCP Server Address Pools Field DescriptionStart IP Address End IP Address Mac Address 7.3.2 Enabling DHCP Server Mode 7.3.4 Viewing, Modifying and Deleting Address Pools 7.3.3 Configuring Your PCs as DHCP Clients7.3.6 Viewing Current DHCP Address Assignments 7.3.5 Excluding IP Addresses from a PoolDescription 7.4 Configuring DHCP Relay7.4.1 Defining the DHCP Relay Interfaces Field7.4.2 Enabling DHCP Relay Mode 7.4.3 Configuring Your PCs as DHCP Clients 8.1 Overview of NAT 8 Configuring NATConfiguration page appears 8.2 Viewing NAT ConfigurationEnable/Disable radio buttons, which allow you to turn on or off the FieldDescription 8.3 Viewing NAT Rules and Rule Statistics The NAT Rule Configuration table displays a row containing basic information for each rule. For a description of these fields, refer to the instructions for adding rules in section 0 “Adding NAT Rules” 8.4 Viewing Current NAT Translations FieldDescription Translated InAddress In Address Out Address In/Out Pckets In Ports FieldDescription NAT Direction Entry Age8.5.1 The NAPT Rule 8.5 Adding NAT Rules8.5.2 The RDR Rule 2. In the ”Rule Flavor” dropdown list, select RDR 8.5.3 The BASIC Rule 2. In the ”Rule Flavor” dropdown list, select BASIC 8.5.4 The FILTER Rule 2. In the ”Rule Flavor” dropdown list, select FILTER 8. Enter a “Destination Address From/To” … 8.5.5 The BIMAP Rule2. In the ”Rule Flavor” dropdown list, select NAPT 8.5.6 The PASS Rule 5. In the “Local Address From/To” fields, type the lowest and highest IP addresses that define the range of private addresses you want to be passed without translation Dynamically from a DHCP pool 9 Configuring DNS Server Addresses9.1 Assigning DNS Addresses Statically9.2 Overview of DNS Relay 9.3 Configuring DNS RelayConfigured on the HM210dp/di Option 1 - Using a PPP connection to learn the DNSOption 2 - Configuring DNS on the HM210dp/di Configuring DNS Server AddressesEN/LZT 108 6492 R2 - October Configuring DNS Server Addresses Go to Service DNS to display the DNS Configuration page10.1 Overview of RIP 10 Configuring RIP1. Select Services RIP and the RIP Configuration page appears 10.2 Configuring the RIP10.3 Viewing RIP Statistics EN/LZT 108 6492 R2 - October Configuring RIP11.1 Global Firewall Settings 11 Configuring Firewall SettingsMax Half open TCP Conn FieldDescription Blacklist Status Blacklist Periodmin Attack Protection DOS Protectionformat, e.g. j.smith@onecompany.xom 11.2 Configuring IP Filters11.2.1 Viewing Your IP Filter Configuration 11.2.3 Creating IP Filter Rules 11.2.2 Configuring IP Filter Global SettingsConfiguring Firewall Settings 2. Enter or select data for each field that applies to your ruleEN/LZT 108 6492 R2 - October Security Level Blacklist Status Log Tag FieldDescription Rule ID Action Direction Interface In Interface Log OptionEnable if you configure a Log Tag Start/End Time Src IP Address Dest IP Address ProtocolApply Stateful Inspection Yes The rule will be applied only to packets that contain fragments Source Port Dest Port TCP Flag ICMP Type ICMP Code IP Frag PktEnable Default The rule is in effect for the specified time period 11.2.3.1 IP Filter Rule Examples 11.2.4 Viewing IP Filter StatisticsSession Index 11.2.5 Managing Current IP Filter SessionsField Description11.3 Blocking Specific Protocols Protocol The following list describes each of the available protocolsDescription AppleTalk NetBEUI Field 12 Administration Tasks12.1 Changing the System Date and Time 1. Select Home Modify to display the System - Modify page12.2 Configuring User Names and Passwords Manager http//myrouterhttp//myrouter.mydomain.com To add login User Id or change the login password, proceed as follows 12.3 Upgrading the Software 12.4 Using Diagnostics Select the VC on which you want to execute diagnostics and then click the Submit button 12.5.1 Accessing a Server with a Non-Standard Port Number 12.5 Modifying Port Settings12.6 Viewing System Alarms Viewing DSL Line Information 13 Viewing DSL Line InformationYou can click the Clear button to reset all counters to zero, and the The DSL Statistics page reports error data relating to the last 15 minutes interval, the current day, and the previous day 14.1 TroubleshootingIndication/Symptom Troubleshooting Suggestion14.2 Internet Access Indication/SymptomTroubleshooting Suggestion Indication/Symptom 14.3 Configuration Manager Program14.4 Diagnosing Problem Using IP Utilities 14.4.1 How to use WINIPCFG14.4.2 How to use IPCONFIG 14.4.3 How to use PING 15 Important Information 15.1 Product Care and Maintenance15.2.2 Term 15.2.3 Limited Warranty15.2 License Agreement 15.2.1 License15.2.4 Intended Use 15.2.5 Limitation of Liability15.2.6 Governing Law 15.3.1.1 Declaration of Conformity 15.3.2 Safety Approvals15.3 Regulatory Information 15.3.1 EU Directives15.3.2.1 UL 1950 Statement 15.3.3 EMC Approvals15.3.3.1 FCC Part 15 Statement 15.3.4.1 FCC Part 68 Statement 15.3.4 Telecom ApprovalFor EU 15.3.6 Power Supply15.3.5 Caution 15.3.7 Environmental InformationEN/LZT 108 6492 R2 - October 15.3.8 Intended UseThe HM210dp/di is intended for indoor public and private use Important InformationBridging Authenticate16 Glossary ADSLDevice BroadbandBroadcast CHAPEthernet Domain nameDownstream EncapsulationG.lite FirmwareGateway G.dmtIGMP HostHTTP ICMPNAT rule MAC addressPOTS PacketPING PortSNMP RemoteRouting SDNSTFTP T1.413TCP/IP TelnetVPI and VCI Upstream