SMC Networks SMC7204BRA Configuring Firewall Settings, 132

Configuring Firewall Settings132

2. Configure any of the following settings that figure in the

[Firewall Global Information] table:

Field Description

Blacklist Status: If you want the device to maintain and use a black

list,

click [Enable]. Click [Disable] if you do not want

to maintain

a list.

Blacklist Period(min): This field specifies the number of minutes that a

computer's

IP address will remain on the black list (i.e., all

traffic

originating from that computer will be blocked from

passing through any interface on the

ADSL Barricade).

For more information, see

Managing the Black List on

page 134.

Attack Protection: Click the [Enable] radio button to use the built-in firewall

protections that prevent the following common types of

attacks.

IP Spoofing: Sending packets over the WAN interface

using an internal LAN IP address as the source address.

Tear Drop: Sending packets that contain overlapping

fragments.

Smurf and Fraggle: S

ending packets that use the

WAN or

LAN IP broadcast address

as the source address.

Land Attack: Sending packets that use the same address

as the source and destination address.

Ping of Death: Illegal IP packet length.

Dos Protection: Click the [Enable] radio button to use the following denial

of service protections: SYN DoS, ICMP DoS, Per-host

DoS protection.

Max Half open TCP

Conn.: This field sets the percentage of concurrent IP sessions

that can

be in the half-open state. In ordinary TCP

communication,

packets are in the half-open state only

briefly as a connection is being initiated; the state

changes to active when packets are being exchanged, or

closed when the exchange is

complete. TCP connections

in the half-open

state can use up the available IP

sessions.

If the percentage is exceeded, then the half-open

sessions will be closed and replaced with new sessions

as they are initiated.

Contents

Main Page i T ABLE OF C Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Getting to Know the ADSL Barricade . . . . . . . . . .5 Quick Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Page Table of Contents iii Configuring DNS Server Addresses . . . . . . . . . .81 Configuring the ATM Virtual Circuit . . . . . . . . . . 99 Configuring IP Routes . . . . . . . . . . . . . . . . . . . . . 85 Page Page I Features System Requirements Using this Document Page G ETTING TO K NOW ADSL B Getting to Know the ADSL Barricade 6 Hardware Description Front Panel (*Alarm LED is optional, and for manufactory only*) Table 1. Front Panel and LEDs Rear Panel Table 2. Rear Panel Connections Q UICK S Connecting the Hardware 8 Step 1. Connect the ADSL cable Configuring Your Computers 10 WindowsXP 11 Windows 2000 12 Windows Me 13 Windows 95, 98 Page 15 Windows NT 4.0 16 Assigning static Internet Information to your PCs 17 Configuring the ADSL Barricade Logging into the ADSL Barricade Quick Configuration Page Page Page 20 Default Router Settings Table 3. Default Settings Summary G ETTING S WITH TARTED Page Functional Layout 25 Functional Layout Commonly used buttons The Home Page and System View Table The Home Page and System View Table 27 Table Heading Description Modifying Basic System Information Modifying Basic System Information 29 30 Committing Changes and Rebooting Committing your changes Committing Changes and Rebooting 31 Rebooting the device using Configuration Manager Page C ONFIGURING LAN P Connecting via Ethernet Configuring the LAN Port IP Address Configuring the LAN Ports 34 Configuring the LAN Port IP Address 35 Configuring the LAN Ports Configuring the LAN Port IP Address 37 VIEWING SYSTEM IP ADDRESSES AND IP P ERFORMANCE S Viewing System IP Addresses and IP Performance Statistics 40 Viewing IP Performance Statistics 41 Viewing IP Performance Statistics 43 C ONFIGURING D H OST C P Overview of DHCP What is DHCP? 44 Why use DHCP? ADSL Barricade DHCP modes Configuring DHCP Server 45 Configuring DHCP Server Guidelines for creating DHCP server address pools Page Page Configuring DHCP Server 49 50 Viewing, modifying, and deleting address pools Page Configuring DHCP Relay Configuring DHCP Relay 53 Setting the DHCP Mode Page C ONFIGURING N A DDRESS T Overview of NAT Page Viewing NAT Global Settings and Statistics 59 Viewing NAT Global Settings and Statistics Page Viewing NAT Global Settings and Statistics 61 Viewing NAT Rules and Rule Statistics Viewing Current NAT Translations For each current NAT Translations session, the table contains the following fields: You can click in the [Action] column to view additional details about a NAT translation session. Viewing Current NAT Translations 65 66 Adding NAT Rules The NAPT rule: Translating between private and public IP addresses Page 68 The RDR rule: Allowing external access to a LAN computer Page Page Page 72 The Basic rule: Performing 1:1 translations Page Page Page 76 The Bimap rule: Performing two-way translations Page Page Page CONFIGURING DNS S ERVER A About DNS Assigning DNS Addresses Configuring DNS Server Addresses 82 Configuring DNS Relay Configuring DNS Relay 83 Configuring DNS Server Addresses 84 85 C ONFIGURING IP R Overview of IP Routes IP routing versus telephone switching 86 Hops and gateways Overview of IP Routes 87 Using IP routes to define default gateways Do I need to define IP routes? Viewing the IP Routing Table Viewing the IP Routing Table 89 Adding IP Routes Page C ONFIGURING THE R I NFORMATION P RIP Overview Configuring the Routing Information Protocol When should you configure RIP? Configuring the ADSL Barricade's Interfaces with RIP Configuring the ADSL Barricade's Interfaces with RIP Configuring the Routing Information Protocol Configuring the ADSL Barricade's Interfaces with RIP Page CONFIGURING THE ATM V IRTUAL C Configuring the ATM Virtual Circuit Adding ATM VCs Adding ATM VCs Configuring the ATM Virtual Circuit Modifying ATM VCs Modifying ATM VCs CONFIGURING PPP Viewing Your Current PPP Configuration Viewing Your Current PPP Configuration 107 The [Point to Point Protocol (PPP) Configuration] page displays the following fields: Page Page Page Viewing PPP Interface Details 111 Adding a PPP Interface Definition Modifying and Deleting PPP Interfaces 113 Modifying and Deleting PPP Interfaces Page CONFIGURING EOA Overview of EOA Viewing Your EOA Setup Viewing Your EOA Setup 117 Adding EOA Interfaces Adding EOA Interfaces 119 Page CONFIGURING IPOA Viewing Your IPoA Interface Setup Configuring IPoA Interfaces 122 The following table describes the fields on this page: Adding IPoA Interfaces 123 Adding IPoA Interfaces Configuring IPoA Interfaces 124 C ONFIGURING B Overview of Bridges Configuring Bridging 126 When to Use the Bridging Feature 127 When to Use the Bridging Feature Defining Bridge Interfaces Configuring Bridging 128 Page C F IREWALL S Configuring Firewall Settings 132 2. Configure any of the following settings that figure in the [Firewall Global Information] table: Configuring Global Firewall Settings 133 Configuring Firewall Settings 134 Managing the Black List C ONFIGURING IP F AND BLOCKED PROTOCOLS Configuring IP Filters 136 Viewing Your IP Filter Configuration 137 Configuring IP Filter Global Settings 138 Creating IP Filter Rules Page Page Page Page Page Page 145 IP filter rule examples Page Page 148 Managing Current IP Filter Sessions Blocked Protocols 149 Blocked Protocols Page Blocked Protocols 151 Protocol Description Page V IEWING DSL L I Viewing DSL Line Information 154 Page Page 157 A DMINISTRATIVE T Configuring User Names and Passwords Changing Login Passwords Page Viewing System Alarms 159 Viewing System Alarms Viewing the Alarm Table Upgrading the Software Using Diagnostics 161 Loading New Software: Using Diagnostics Page Modifying Port Settings 163 Modifying Port Settings Overview of IP port numbers 164 Modifying the ADSL Barricades port numbers Modifying Port Settings 165 167 APPENDIX A IP Addresses Structure of an IP address Appendix A 168 Network classes 169 Network classes Appendix A 170 Subnet masks Page APPENDIX B Binary Numbers Page T Page Page Page Page Page T S Technical Specifications 182 Technical Specifications 183 Page T Page Page Page Page Page Page Page Page Page Page Page Page Page Page i C FCC - Class B FCC - Part 68 ii iii EC Conformance Declaration - Class B iv Safety Compliance v 15. vii L EGAL I AND CONTACTS SMC's Limited Warranty Statement Legal Information and Contacts viii Full Installation Manual Legal Information and Contacts ix Firmware and Drivers Contact SMC Statement of Conditions