Manuals / Planet Technology / Computer Equipment / Network Router

Planet Technology VRT-401 Data Security Options Screen, SPI Firewall Enable DoS, Threshold

Models: VRT-401

1 125

Download 125 pages 14.86 Kb

Page 69

Security Configuration

Security Options

This screen allows you to set Firewall and other security-related options.

Figure 40: Security Options Screen

Data - Security Options Screen

SPI Firewall

	Enable DoS	If enabled, DoS (Denial of Service) attacks will be detected and
	Firewall	blocked. The default is enabled. It is strongly recommended that
	Firewall	this setting be left enabled.
		this setting be left enabled.
		Note:
		∙ A DoS attack does not attempt to steal data or damage your
		PCs, but overloads your Internet connection so you can not
		use it - the service is unavailable.
		∙ This device uses "Stateful Inspection" technology. This
		system can detect situations where individual TCP/IP pack-
		ets are valid, but collectively they become a DoS attack.
	Threshold	This setting affects the number of "half-open" connections al-
		lowed.
		∙ A "half-open" connection arises when a remote client con-
		tacts the Server with a connection request, but then does not
		reply to the Server's response.
		∙ While the optimum number of "half-open" connections
		allowed (the "Threshold") depends on many factors, the
		most important factor is the available bandwidth of your
		Internet connection.
		∙ Select the setting to match the bandwidth of your Internet
		connection.

65

Image 69

Planet Technology VRT-401 user manual Data Security Options Screen, SPI Firewall Enable DoS, Threshold

Contents

Broadband VPN Router Copyright Table of Contents Remote Administration 111 Using Certificates 101106 107Internet Access Features VRT-401 FeaturesConfiguration & Management LAN FeaturesSecurity Features Advanced Internet FunctionsPackage Contents Front-mounted LEDs Physical DetailsRear Panel To Clear All Data and restore the factory default valuesChoose an Installation Site ProcedureRequirements Connect LAN CablesPower Up Using the DMZ PortConnect WAN Cable Check the LEDsTo Do this Refer to OverviewUsing UPnP Configuration ProgramUsing your Web Browser PreparationIf you cant connect Password DialogCommon Connection Types Config WizardCable Modems DSL ModemsOther Modems e.g. Broadband Wireless Big Pond Cable AustraliaSingTel RAS Navigation & Data Input Home ScreenData LAN Screen LAN ScreenUsing another Dhcp Server Using VRT-401’s Dhcp ServerTo Configure your PCs to use Dhcp What Dhcp DoesWindows Clients TCP/IP Settings OverviewChecking TCP/IP Settings Windows 9x/ME Using DhcpUsing Specify an IP Address Gateway Tab Win 95/98 Windows NT4.0 TCP/IP Checking TCP/IP Settings Windows NT4.0Specify an IP Address Obtain an IP address from a Dhcp ServerWindows NT4.0 Add Gateway Windows NT4.0 DNS Network Configuration Win Checking TCP/IP Settings WindowsTCP/IP Properties Win Using a fixed IP Address Use the following IP AddressNetwork Configuration Windows XP Checking TCP/IP Settings Windows XPTCP/IP Properties Windows XP Accessing AOL Internet AccessFor Windows 9x/ME/2000 For Windows XPLinux Clients Macintosh ClientsOther Unix Systems Fixed IP AddressStatus Screen OperationData Status Screen Data PPPoE Screen Connection Status PPPoEConnection Physical Address PPPoE Link StatusConnection Log Messages Operation and Status Data Pptp Screen Connection Status PptpConnection Physical Ad DressData Telstra Big Pond Screen Connection Status Telstra Big PondConnection Status Connection Details SingTel RASData SingTel RAS Screen Connection Details Fixed/Dynamic IP Address Data Fixed/Dynamic IP address ScreenInternet Physical Ad Buttons Release/Renew Internet Screen Advanced Internet ScreenCommunication Applications Special ApplicationsSpecial Applications Screen Using a Special Application Data Special Applications ScreenCheckbox Name Incoming Ports Outgoing Ports URL Filter DMZData URL Filter Screen URL Filter ScreenService works as follows Dynamic DNS Domain Name ServerDynamic DNS Screen Password Domain Name Ddns ServiceData Dynamic DNS Screen Ddns Data User NameIP Address seen by Internet Users Virtual ServersUsing the DMZ port for Virtual Servers Virtual Servers ScreenData Virtual Servers Screen Backup DNS IP Address Connecting to the Virtual ServersOptions Defining your own Virtual ServersMTU size MTUAdmin Login Screen Admin LoginPassword Dialog Access Control Access Control ScreenTo use this feature Data Access Control Screen View Log Group Members Screen Access Control LogSecurity Configuration This feature is for advanced administrators only Firewall RulesFirewall Rules Screen Data Firewall Rules Screen Data Define Firewall Rule Screen Define Firewall RuleType Source IPDest IP ActionLog Logs Enable Logs DoS AttacksData Logs Screen Internet ConnecSyslog Server Enable Syslog Access ControlFirewall Rules TimezoneInclude Security Options SPI Firewall Enable DoSData Security Options Screen FirewallAllow IPsec Options Respond toAllow Pptp Allow L2TPScheduling Define Schedule ScreenData Define Schedule Screen Data Services Screen ServicesButtons Delete VRT-401 does not support Transport Mode VRT-401 always uses Tunnel ModeIPSec Policies VPN ConfigurationCommon VPN Situations VPN Pass-throughClient PC to VPN Gateway Connecting 2 VPN Gateways Connecting 2 LANs via VPNVPN Configuration VPN Policies ScreenData VPN Policies Screen Able/Disable Copy Adding a New PolicyOperations Add Enable Policy General SettingsEndpoint KeysLocal IP addresses Type VPN Wizard Traffic SelectorManual Key Exchange Remote IP addresses TypeManually assigned Keys Tication is enabledESP Encryption ESP AuthenticaIKE Phase Local IdentityRemote Identity Encryption AuthenticationIKE Exchange ModeAH Authentication IKE Phase 2 IPsec SA IPsec SA LifeTime IPSec PFSConfiguration Settings Example 1 Connecting 2 VRT-401sSetting LAN a Gateway LAN B Gateway ExamplesIPSec SA Parameters DESVRT-401 Configuration Setting ValueExample 2 Windows 2000/XP Client to LAN Windows 2000/XP Local Security Settings Windows Client ConfigurationWindows 2000/XP Policy Properties Filter Properties Addressing New Rule Properties Filter Action Modify Security Method VPN Setting Windows SettingTunnel Setting Windows 2000/XP Client to VRT-401 Filter List Filter Action Modify Security Method DUT to Win2K Properties Properties General Tab IKE Security Algorithms Key Exchange Security MethodsExample 3 Windows 2000 Server to VPN Gateway Setting Single Client Server/GatewayWindows 2000 Server Addressing Windows 2000 Server ConfigurationUsing Certificates Adding a Self Certificate Adding a Trusted CertificateSignature Algorithm Hash AlgorithmSignature Key LengthTo add a New CRL CRLsUpload CRL Upgrade Administra Tion RoutingPC Database RemotePC Database Screen PC DatabaseData PC Database Screen PC Database Admin Data PC Database Admin ScreenPC Properties Name ∙ Dchp Client Reserved IP Address Select this if the PC Update SeButtons Add as New EntryRemote Administration Data Remote Administration ScreenTo connect from a remote PC via the Internet Routing Using this ScreenOverview Routing ScreenEnable RIP Data Routing ScreenStatic Routing Static Routing Table Entries Local Router Configuring Other Routers on your LANStatic Routing Example For Router As Default RouteOther Routers on the Local LAN For VRT-401’s Routing TableFirmware Upgrade For Router Bs Default RouteTo perform the Firmware Upgrade Data Upnp Screen General Problems Internet AccessProblem 1 Cant connect to VRT-401 to configure it 119 FCC Statement VRT-401FCC Radiation Exposure Statement CE Marking Warning