Mobile Broadband Wireless-N Router MBRN3000

Table 9. WAN Setup Settings

Setting

Description

 

 

Disable SPI Firewall

This check box is usually clear so that the firewall protects your LAN

 

against port scans and denial of service (DOS) attacks. This check

 

box should be selected only in special circumstances.

 

 

Default DMZ Server

This feature is sometimes helpful when you are using some online

 

games and videoconferencing. Be careful when using this feature

 

because it makes the firewall security less effective. See “Setting Up

 

a Default DMZ Server” on page 48.

 

 

Respond to Ping on Internet

If you want the router to respond to a ping from the Internet, select

 

this check box. This should be used only as a diagnostic tool, since it

 

allows your router to be discovered. Do not select this check box

 

unless you have a specific reason to do so.

 

 

MTU Size

Maximum Transmit Unit (MTU) value. For most Ethernet networks

 

this is 1500 bytes, or 1492 bytes for PPPoE connections, or 1436

 

bytes for PPTP connections.

 

 

NAT Filtering

This is set to Secured to provide a secure firewall to protect

 

computers on the LAN from attacks from the Internet. The Open

 

setting is less secure.

 

 

Disable SIP Alg

Some VoIP applications do not work well with SIP ALG. Selecting

 

this check box might help your VoIP devices create or accept a call

 

through the router.

 

 

Setting Up a Default DMZ Server

WARNING!

For security reasons, you should avoid using the default DMZ server feature. When a computer is designated as the default DMZ server, it loses much of the protection of the firewall, and is exposed to many exploits from the Internet. If compromised, the computer can be used to attack your network.

The default DMZ server feature is helpful when you are using some online games and videoconferencing applications that are incompatible with NAT. The router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well. In some cases, one local computer can run the application properly if that computer’s IP address is entered as the default DMZ server.

Incoming traffic from the Internet is normally discarded by the router unless the traffic is a response to one of your local computers or a service that you have configured in the Ports screen. Instead of discarding this traffic, you can have it forwarded to one computer on your network. This computer is called the default DMZ server.

48 Chapter 5: Advanced

Page 49
Image 49
NETGEAR MBRN3000-100NAS user manual Setting Up a Default DMZ Server, Setting Description