Mobile Broadband
Table 9. WAN Setup Settings
Setting | Description |
|
|
Disable SPI Firewall | This check box is usually clear so that the firewall protects your LAN |
| against port scans and denial of service (DOS) attacks. This check |
| box should be selected only in special circumstances. |
|
|
Default DMZ Server | This feature is sometimes helpful when you are using some online |
| games and videoconferencing. Be careful when using this feature |
| because it makes the firewall security less effective. See “Setting Up |
| a Default DMZ Server” on page 48. |
|
|
Respond to Ping on Internet | If you want the router to respond to a ping from the Internet, select |
| this check box. This should be used only as a diagnostic tool, since it |
| allows your router to be discovered. Do not select this check box |
| unless you have a specific reason to do so. |
|
|
MTU Size | Maximum Transmit Unit (MTU) value. For most Ethernet networks |
| this is 1500 bytes, or 1492 bytes for PPPoE connections, or 1436 |
| bytes for PPTP connections. |
|
|
NAT Filtering | This is set to Secured to provide a secure firewall to protect |
| computers on the LAN from attacks from the Internet. The Open |
| setting is less secure. |
|
|
Disable SIP Alg | Some VoIP applications do not work well with SIP ALG. Selecting |
| this check box might help your VoIP devices create or accept a call |
| through the router. |
|
|
Setting Up a Default DMZ Server
WARNING!
For security reasons, you should avoid using the default DMZ server feature. When a computer is designated as the default DMZ server, it loses much of the protection of the firewall, and is exposed to many exploits from the Internet. If compromised, the computer can be used to attack your network.
The default DMZ server feature is helpful when you are using some online games and videoconferencing applications that are incompatible with NAT. The router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well. In some cases, one local computer can run the application properly if that computer’s IP address is entered as the default DMZ server.
Incoming traffic from the Internet is normally discarded by the router unless the traffic is a response to one of your local computers or a service that you have configured in the Ports screen. Instead of discarding this traffic, you can have it forwarded to one computer on your network. This computer is called the default DMZ server.
48 Chapter 5: Advanced
