Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2

Normally, this option is Enabled, so that an Internet connection will be made automatically whenever Internet-bound traffic is detected. In locations where Internet access is billed by the minute, if this causes high connection costs, you can disable this setting.

If disabled, you must connect manually, using the sub-screen accessed from the Router Status menu “Show WAN Status” screen.

Setting Up a Default DMZ Server

Note: DMZ servers pose a security risk. A computer designated as the default DMZ server loses much of the protection of the firewall, and is exposed to attacks from the Internet. If compromised, the DMZ server can be used to attack your network.

The use of the term ‘DMZ’ has become common, although it is a misnomer. In traditional firewalls, a DMZ is actually a separate physical network port. A true DMZ port is for connecting servers that require greater access from the outside, and will therefore be provided with a different level of security by the firewall. A better term for our application is Exposed Host.

The default DMZ server feature is helpful when using some online games and videoconferencing applications that are incompatible with NAT. The router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well. In some cases, one local computer can run the application properly if that computer’s IP address is entered as the default DMZ server.

Incoming traffic from the Internet is normally discarded by the router unless the traffic is a response to one of your local computers or a service that you have configured in the Ports menu. Instead of discarding this traffic, you can have it forwarded to one computer on your network. This computer is called the Default DMZ Server.

The WAN Setup menu lets you configure a Default DMZ Server.

To assign a computer or server to be a Default DMZ server, follow these steps:

1.Click WAN Setup link on the Advanced section of the main menu.

2.Type the IP address for that server. To remove the default DMZ server, replace the IP address numbers with all zeros.

3.Click Apply.

Respond to Ping on Internet WAN Port

If you want the router to respond to a 'ping' from the Internet, click the ‘Respond to Ping on Internet WAN Port’ check box. This should only be used as a diagnostic tool, since it allows your router to be discovered. Do not check this box unless you have a specific reason to do so.

10-2

Advanced Configuration

201-10301-02, May 2005

Page 172
Image 172
NETGEAR FWG114P v2 manual Setting Up a Default DMZ Server, Respond to Ping on Internet WAN Port