Manuals / Motorola / Computer Equipment / Network Router

Motorola SVG2500 manual Firewall, Dmz, Port Triggering

Models: SVG2500

1 175

Download 175 pages 63.49 Kb

Page 31

1 OVERVIEW

Firewall

The SVG2500 firewall protects the SVG2500 LAN from undesired attacks and other intrusions from the Internet. It provides an advanced, integrated stateful-inspectionfirewall supporting intrusion detection, session tracking, and denial-of-service attack prevention. The firewall:

•Maintains state data for every TCP/IP session on the OSI network and transport layers

•Monitors all incoming and outgoing packets, applies the firewall policy to each one, and screens for improper packets and intrusion attempts

•Provides comprehensive logging for all:

•User authentications

•Rejected internal and external connection requests

•Session creation and termination

•Outside attacks (intrusion detection)

You can configure the firewall filters to set rules for port usage. For information about choosing a predefined firewall policy template, see Section 7, SVG2500 Firewall Pages.

DMZ

A de-militarized zone (DMZ) is one or more computers logically located outside the firewall between an SVG2500 LAN and the Internet. A DMZ prevents direct access by outside users to private data.

For example, you can set up a web server on a DMZ computer to enable outside users to access your website without exposing confidential data on your network.

A DMZ can also be useful to play interactive games that may have a problem running through a firewall. You can leave a computer used for gaming only exposed to the Internet while protecting the rest of your network. For more information, see Gaming Configuration Guidelines.

Port Triggering

When you run an application that accesses the Internet, it typically initiates communications with a computer on the Internet. For some applications, especially gaming, the computer on the Internet also initiates communications with your computer. Because NAT does not normally allow these incoming connections:

•The SVG2500 has preconfigured port triggers for common applications.

•If needed, you can configure additional port triggers on the Advanced Port Triggers Page.

16

Image 31

Motorola SVG2500 manual Firewall, Dmz, Port Triggering

Contents

SVG2500 Safety and Regulatory Information Page Safety Requirements for the SVG2500 LITHIUM-ION Battery FCC Statements Important Voip Service InformationFCC Radiation Exposure Statement IC Radiation Exposure Statement Wireless LAN InformationRestrictions on the USE of Wireless Devices Industry Canada IC StatementCaring for the Environment by Recycling International Declaration of ConformityYou may Software LicenseYou may not Viii Warranty Information Page Contents Xii Contents Xiv Overview Overview Easy SetupPowerful Features in a Single Unit Network Connection TypesSample Hybrid LAN Sample Hybrid LAN Optional AccessoriesTelephone Features Supported by the SVG2500 VoIP Telephone Service with Your SVG2500Cell Phone Pairing and the SVG2500 Wi-Fi Feature Key Light Flashing Top PanelName Description AmberKey Description Rear PanelBottom Label on the SVG2500 Wireless LANSVG2500 LAN Choices Sample Wireless Network Connections Sample Ethernet to Computer Connection Wired Ethernet LANSample Ethernet Connection to Hubs or Switches Sample USB Connection USB ConnectionSVG2500 Security Measures SecurityDMZ FirewallPort Triggering Port Forwarding Wireless SecurityVirtual Private Networks SVG2500 Quick Installation Guide InstallationBefore You Begin Wired Ethernet PrecautionsInstallation Wireless LANComputer System Requirements Signing Up for ServiceInstalling the Battery Installation Power Connecting the SVG2500 to the Cable SystemCabling the LAN Installing USB DriversInstalling the Windows 2000 USB Driver Select CD-ROM drives only Installing the Windows XP USB Driver Installation Installing the Windows Vista USB Driver Installation Obtaining an IP Address for an Ethernet Connection Connecting a PC to the SVG2500 USB PortWindows Windows XP Installation Windows Vista Installation Installation Type pump -i dev LinuxMacintosh or Unix Configuring TCP/IPConfiguring TCP/IP in Windows Installation Installation Configuring TCP/IP in Windows XP Installation Configuring TCP/IP in Windows Vista Installation Installation Verifying the IP Address in Windows 2000 or Windows XP Installation Verifying the IP Address in Windows Vista Click All Programs Click AccessoriesInstallation Installation Installing the Telephone for VoIP Wall Mounting Your SVG2500 Wall Mounting Template Installation CautionStarting the SVG2500 Configuration Manager Cmgr Basic ConfigurationBasic Configuration SVG2500 Menu Options Bar SVG2500 Submenu Options Changing the SVG2500 Default PasswordPassword Change Username field, type your new User Name Restore Factory DefaultsGetting Help Configuring a Gaming DMZ Host Gaming Configuration GuidelinesConfiguring the Firewall for Gaming Configuring Port TriggersExiting the SVG2500 Configuration Manager Status Software SVG2500 Status PagesDownstream Channel Field Description Startup ProcedureStatus Connection SVG2500 Status PagesStatus Security Changing the SVG2500 Default PasswordTesting Network Connectivity with the SVG2500 Status DiagnosticsPing Utility Traceroute Utility Field Description Time Status Event LogField Description Napt mode Basic SetupSVG2500 Basic Pages SVG2500 Basic Pages Basic Dhcp Basic Ddns Restoring Your SVG2500 Configuration Basic BackupBacking Up Your SVG2500 Configuration Ipsec PassThrough SVG2500 Advanced PagesAdvanced Options Field Description WAN BlockingSVG2500 Advanced Pages Field Description Remote ConfigurationMulticast Enable UPnP EnableEnd Address EnabledAdvanced IP Filtering Field Description Start AddressAssigned to a PC during manufacturing Setting a MAC Address FilterAdvanced MAC Filtering Field Description MACApply Advanced Port FilteringAdvanced Port Forwarding Field Description Trigger Range Start Port Advanced Port TriggersAdvanced DMZ Host Setting Up the DMZ HostRIP Authentication Key Advanced Routing Information Protocol SetupField Description RIP Enable RIP AuthenticationRIP Destination IP Address Field Description RIP Reporting IntervalTable in your CPE SVG2500 Firewall Pages SVG2500 Firewall Pages Firewall Web Content FilterFirewall log to your email address. You can obtain Smtp server name from your Internet service providerMail Alerts Enable or disable e-mailing firewall alerts Firewall Local LogFirewall Remote Log SVG2500 Parental Control Pages Parental Control User SetupSVG2500 Parental Control Pages Parental Control Basic Setup Parental Control ToD Access Policy Parental Control Event Log Setting Up Your Wireless LAN SVG2500 Wireless PagesEncrypting Wireless LAN Transmissions Wlan SVG2500 Wireless PagesField Description Wireless MAC Address Wireless 802.11b/g BasicNetwork Name Ssid Interface Field Description Network TypeCountry ChannelWireless 802.11b/g Privacy WPA Pre-Shared Key Shared Key Authentication802.1x Authentication WPA/WPA2 EncryptionCurrent Network Key WPS ConfigButton Mode Field Description Network KeyField Description MAC Restrict Mode Wireless 802.11b/g Access ControlConnected Clients Wireless 802.11b/g Advanced Wireless Bridging No-Acknowledgement Wireless 802.11b/g Wi-Fi MultimediaPower Save Support Field Description WMM SupportEdca STA Parameters Field Description Edca AP ParametersWireless 802.11b/g Guest Network Closed Network Field Description Guest NetworkCurrent Guest Network Guest Network Name SsidConfiguring a Wireless Client for WPA Configuring the Wireless ClientsOn the SVG2500 Configuring a Wireless Client with the Network Name Ssid Configuring a Wireless Client for WEPVPN Basic 10 SVG2500 VPN PagesField Description Tunnel Configure each tunnel individuallyVPN IPsec 10 SVG2500 VPN PagesIdentity Type Enable drop-downLocal Endpoint Settings Address group type Field Description NameType Network addressRemote Address Phase 1 authentication Field Description IPsec SettingsPhase 1 DH group Phase 1 encryptionVPN L2TP/PPTP VPN Event Log MTA Status 11 SVG2500 MTA PagesMTA Dhcp 11 SVG2500 MTA Pages MTA QoSMTA Provisioning MTA Event Log Battery Controller 12 SVG2500 Battery PagesBattery Interface Delay Battery UPS12 SVG2500 Battery Pages Solutions TroubleshootingRemoving the USB Driver in Windows Front-Panel Lights and Error ConditionsTroubleshooting Removing USB Drivers124 Removing the USB Driver in Windows XP 126 Double-clickNetwork adapters Removing the USB Driver in Windows Vista 129 130 Contact US Frequently Asked Questions What type of technical support is available? Can I still watch cable TV while using my SVG2500?Frequently Asked Questions What are CableLabs Certified, DOCSIS, and Euro-DOCSIS?North America Outside North America Specifications135 General Network SpecificationsGlossary BER BCPBpkm Broadcast Cable modem configuration fileBridge BroadbandCSMA/CD CmtsCNR CPEDhcp Dsss Term Definition DNSDocsis DSLTerm Definition FCS EAPGUI FECFmda FTPHtml HFCIeee Term Definition IanaIcmp IcsaIKE ISP Term Definition IsakmpIsdn ISOMIB Term Definition LCPLED LNSMTU MpduMsdu MSOOSI NICPDA PATPCI PcmciaPptp PPPPstn RFC Term Definition QAMQpsk Term Definition RASSID Term Definition ROMRTS SDUSsid TCP/IP SyslogTerm Definition Tbcp TCPUTP Term Definition TTLTerm Definition UDP USBWeca VPNWAN WAP