46
Chapter 6: Setting up and Configuring the Router
Firewall Tab - General
10/100 16-Port VPN Router
Firewall Tab - General
Using the screens of the Firewall tab, you can configure the Router to block or allow Internet access for specific
internal users. You can also configure the Router to block or allow access to internal servers for specific Internet
users. On the Access Rules screen, you can set up different packet filters for various users located on the internal
network (LAN) or external network (WAN or Internet) based on their IP addresses or their network port numbers.
Firewall. The firewall is enabled by default. If you disable the firewall, then the SPI, DoS, and Block WAN Request
features as well as the Access Rules and Content Filters will also be disabled, and the Remote Management
feature will be enabled.
SPI (Stateful Packet Inspection). The SPI feature is enabled by default. The Router's firewall uses Stateful Packet
Inspection to review the information that passes through the firewall. It will inspect all packets based on the
established connection, prior to passing the packets for processing through a higher protocol layer.
DoS (Denial of Service). The DoS feature is enabled by default. It protects internal networks from Internet attacks,
such as SYN Flooding, Smurf, LAND, Ping of Death, IP Spoofing, and reassembly attacks.
Block WAN Request. This feature is enabled by default and is designed to prevent attacks through the Internet.
When it is enabled, the Router will drop both unaccepted TCP request and ICMP packets from the WAN side.
Hackers will not find the Router by pinging the WAN IP address. If the Router’s DMZ feature is enabled, then the
Block WAN Request feature will be disabled.
Remote Management. The Router supports remote management. This feature is disabled by default. If you want
to manage this Router through a WAN connection, click Enable. Then select the port number you want to use
(port 80 or port 8080 is usually used for remote management).
Multicast Pass Through. IP Multicasting occurs when a single data transmission is sent to multiple recipients at
the same time. This feature is disabled by default. If it is enabled, then the Router allows IP multicast packets to
be forwarded to the appropriate computers.
MTU (Maximum Transmission Unit). This feature specifies the largest packet size permitted for network
transmission. It is recommended that you use the Auto option; however, you may manually set the MTU value. The
default MTU size is 1500 bytes.
Click the Save Settings button to save your changes, or click the Cancel Changes button to undo your changes.
Figure 6-43: General Firewall