138, Icmp | ZyXEL Communications NBG-417N specs

Chapter 13 Firewall

Click Security > Firewall > Services. The screen appears as shown next.

Figure 77 Security > Firewall > Services

The following table describes the labels in this screen.

Table 51 Security > Firewall > Services

LABEL	DESCRIPTION
ICMP	Internet Control Message Protocol is a message control and error-
	reporting protocol between a host server and a gateway to the Internet.
	ICMP uses Internet Protocol (IP) datagrams, but the messages are
	processed by the TCP/IP software and directly apparent to the
	application user.

Respond to Ping	The NBG-417N will not respond to any incoming Ping requests when
on	Disable is selected. Select LAN to reply to incoming LAN Ping requests.
	Select WAN to reply to incoming WAN Ping requests. Otherwise select
	LAN & WAN to reply to all incoming LAN and WAN Ping requests.

Do not respond	Select this option to prevent hackers from finding the NBG-417N by
to requests for	probing for unused ports. If you select this option, the NBG-417N will
unauthorized	not respond to port request(s) for unused ports, thus leaving the
services	unused ports and the NBG-417N unseen. By default this option is not
	selected and the NBG-417N will reply with an ICMP Port Unreachable
	packet for a port probe on its unused UDP ports, and a TCP Reset
	packet for a port probe on its unused TCP ports.
	Note that the probing packets must first traverse the NBG-417N's
	firewall mechanism before reaching this anti-probing mechanism.
	Therefore if the firewall mechanism blocks a probing packet, the NBG-
	417N reacts based on the firewall policy, which by default, is to send a
	TCP reset packet for a blocked TCP packet. You can use the command
	"sys firewall tcprst rst [onoff]" to change this policy. When the firewall
	mechanism blocks a UDP packet, it drops the packet without sending a
	response packet.

Apply	Click Apply to save the settings.

Reset	Click Reset to start configuring this screen again.

138

NBG-417N User’s Guide

Image 138

ZyXEL Communications NBG-417N manual 138, Icmp

Contents

NBG-417N Page Tips for Reading User’s Guides On-Screen About This Users GuideIntended Audience Related Documentation Documentation Feedback Need More Help? Customer Support Document Conventions Syntax Conventions Icons Used in Figures Safety Warnings Contents Overview Contents Overview NBG-417N User’s Guide Table of Contents Part II Network 111 Part III Security 143 Part V Maintenance and Troubleshooting 169 Part VI Appendices and Index Table of Contents NBG-417N User’s Guide Part Page Getting to Know Your NBG-417N OverviewApplications Ways to Manage the NBG-417N Good Habits for Managing the NBG-417NLEDs LED Color Status Description PowerFront Panel LEDs and WPS Button Wlan / WPS Getting to Know Your NBG-417N NBG-417N User’s Guide WPS Button Overview WPS Button NBG-417N User’s Guide Introducing the Web Configurator Accessing the Web Configurator Change Password Screen Resetting the NBG-417N Navigating the Web ConfiguratorProcedure to Use the Reset Button Status Screen Router Mode Status Screen Icon KeyIcon Description Dhcp Web Configurator Status Screen Router ModeLabel Description WPS Navigation Panel Link TAB Function WDS Screens SummaryLAN NAT Summary Dhcp Table WWWMgmt Summary Packet Statistics Summary Packet Statistics Summary Wireless Association List Summary Wlan Station Status This is the index number of an associated wireless station Introducing the Web Configurator NBG-417N User’s Guide Wizard Setup Connection Wizard Connection Wizard System Information System Name Domain Name Wizard System Information Connection Wizard Wireless LAN Ssid Connection Wizard Internet Configuration Extend WPA-PSK or WPA2-PSK Security Connection Description Type Ethernet ConnectionPPPoE Connection Pptp Wizard PPPoE Connection Pptp Connection Wizard Pptp Connection Your IP Address Wizard Your IP Address WAN IP Address Assignment IP Address and Subnet MaskPrivate IP Address Ranges DNS Server Address Assignment WAN IP and DNS Server Address Assignment Wizard WAN IP and DNS Server Addresses WAN MAC Address Wizard WAN MAC Address Connection Wizard Complete Connection Wizard Complete AP Mode Setting your NBG-417N to AP Mode Status Screen AP Mode Maintenance Sys OP Mode General Wlan Menu AP Mode Label Configuring Your Settings LAN Settings Wlan and Maintenance SettingsLAN IP Logging in to the Web Configurator in AP Mode AP Mode NBG-417N User’s Guide How to Connect to the Internet from an AP Tutorials Push Button Configuration PBC NBG-417N Example WPS Process PIN Method Tutorial Network Wireless LAN General WPA-PSK Configure Your Notebook Connecting a Wireless Client to a Wireless Network t Configuring Bandwidth Management by Application Bandwidth Management for your Network Configuring Bandwidth Management by Custom Application Tutorial Priority Queue VDO Live Configuring Bandwidth Allocation by IP or IP RangeRtsp FTP Services and Values Fields Services Real Audio Rtsp VDO Live FTPWAN LAN IP Tutorials NBG-417N User’s Guide Network Page Wireless LAN Example of a Wireless Network Wireless Security Overview What You Can DoWhat You Should Know Ssid WPA Types of Encryption for Each Type of AuthenticationNo Authentication Radius Server WPA-PSK WPA2-PSK General Wireless LAN Screen Network Wireless LAN General No Security WPA2-PSK are available in this field Network Wireless LAN General No Security WEP Encryption WEP Ascii WPA-PSK/WPA2-PSK Security Mode field MAC Filter Network Wireless LAN MAC Filter MAC Wireless LAN Advanced Screen RTS/CTSDtim Quality of Service QoS Screen CTS Network Wireless LAN QoS Application Priority Configuration Network Wireless LAN QoS Application Priority Configuration FTP Network Wireless LAN WPS WPS Screen WPS Station Screen Scheduling Screen Network Wireless LAN Scheduling Whole day Network Wireless LAN WDS WDS Screen Security Mode Static WEP Between the NBG-417N and any wireless clients Method Shared Key ASCII/HEX Security Mode WPA-PSK/WPA2-PSK Network Wireless LAN WDS WPA-PSK/WPA2-PSK Wireless LAN NBG-417N User’s Guide WAN Configuring Your Internet Connection What You Need To Know100 Multicast 101WAN MAC Address NetBIOS over TCP/IP Auto-Bridge102 Internet Connection Ethernet Encapsulation103 PPPoE Encapsulation 104WAN MAC 105 Network WAN Internet Connection PPPoE Encapsulation Pptp Encapsulation 106 107 Network WAN Internet Connection Pptp Encapsulation 108 WAN MAC Address Advanced WAN Screen 109 110 LAN 111 IP Pool Setup LAN TCP/IP112 LAN IP Screen 113 114 Dhcp Server 115 General Screen Advanced Screen116 117 Network Dhcp Server Advanced Client List Screen 118 119 Network Dhcp Server Client List 120 Network Address Translation NAT 121 General NAT Screen 122 NAT Application Screen 123 124 Network NAT Application 125 NAT Advanced Screen 126 Trigger Port Forwarding Example 127 Two Points To Remember About Trigger Ports 128 Dynamic DNS DynDNS Wildcard129 Dynamic DNS Screen 130DNS 131 132 Part 133 134 Firewall 135 About the NBG-417N Firewall 136 Services Screen General Firewall Screen137 138 Icmp Restrict Web Features Content FilteringContent Filtering Profiles 139 Filter Screen 140Keyword Blocking URL Checking 141 Technical ReferenceCustomizing Keyword Blocking URL Checking Domain Name or IP Address URL Checking 142 Full Path URL CheckingFile Name URL Checking Management 143 144 Static Route 145 IP Static Route Screen 146 Static Route Setup Screen 147 148 Bandwidth Management 149 General Configuration 150 Advanced Configuration 151 152 Management Bandwidth Mgmt Advanced 153 You can either leave the second port field blank or enterSame port number again User Defined Service Rule Configuration Priority Levels154 Service Description Predefined Bandwidth Management ServicesMedia Bandwidth Management Setup Services 155 Services and Port Numbers 156 Remote Management 157 Remote Management and NAT System TimeoutRemote Management Limitations 158 WWW Screen 159 160 161 How do I know if Im using UPnP?Universal Plug-and-Play UPnP NAT Traversal UPnP Screen 162 Using UPnP in Windows XP Example 163 164 Network Connections Internet Connection Properties Advanced Settings 165 Web Configurator Easy Access 166 167 Network Connections My Network Places 168 Network Connections My Network Places Properties Example Maintenance Troubleshooting 169 170 System System General Screen171 172 Time Setting Screen 173 174 Select User Defined Time Server Address and enter the IP 175 176 Logs 177 View Log Screen 178 Tools Firmware Upload Screen179 Maintenance Tools Firmware 180 Upload Error Message Network Temporarily Disconnected Configuration Screen Backup Configuration182 Restore Configuration Maintenance Restore Configuration183 Back to Factory Defaults Restart Screen184 Sys OP Mode 185Router IP Address in AP Mode 186 Maintenance Sys Op Mode General AP 187 188 Language Language Screen189 190 Troubleshooting Power, Hardware Connections, and LEDs191 NBG-417N Access and Login 192 193 Advanced Suggestions Internet Access 194 Resetting the NBG-417N to Its Factory Defaults 195 Wireless Router/AP Troubleshooting 196 Can access the Web Configurator after I switched to AP mode 197 198 199 Product SpecificationsHardware Features PWR, LAN1-4, WAN, WLAN/WPS Bluetooth enabled devices, and other wireless LANs Firmware FeaturesSuch as microwave ovens, wireless phones 200 201 202 Appendices Index 203 204 Introduction to IP Addresses Structure205 Subnet Mask Identifying Network Number Subnet Masks206 1ST 2ND 3RD 4TH Octet Subnet Masks 207Network Size Binary 1ST 2ND 3RD 4TH Decimal Octet Maximum Host Numbers Notation208 Alternative Subnet Mask Notation Subnetting 209 Example Four Subnets 210 211 IP/SUBNET Mask Network Number Last Octet BIT Value Example Eight Subnets Subnet Planning212 16-bit Network Number Subnet Planning Configuring IP Addresses213 NO. Borrowed Subnet Mask NO. Hosts PER Host Bits Subnets 214 Private IP Addresses Disable pop-up Blockers Internet Explorer Pop-up Blockers215 Enable pop-up Blockers with Exceptions 216 Select Settings…to open the Pop-up Blocker Settings screen 217 JavaScripts 218 219 Internet Options Security Java Permissions 220 221 Java Sun 222 Java Sun Setting up Your Computer’s IP Address 223 Installing Components Windows 95/98/Me224 Configuring 225 Verifying Settings 226 Windows 2000/NT/XP 227 228 Windows XP Control Panel 229 Windows XP Local Area Connection Properties 230 Windows XP Internet Protocol TCP/IP Properties 231 Windows XP Advanced TCP/IP Properties 232 Macintosh OS 8/9 233 234 Macintosh OS 8/9 TCP/IP Macintosh OS 235 Using the K Desktop Environment KDE Linux236 237 Red Hat 9.0 KDE Ethernet Device General Using Configuration Files 238 Red Hat 9.0 Static IP Address Setting in ifconfig-eth0 Red Hat 9.0 DNS Settings in resolv.conf Verifying Settings 240 Wireless LAN Topologies Ad-hoc Wireless LAN Configuration241 Basic Service Set 242 Channel 243 244 RTS/CTS Preamble Type Ieee 802.11g Wireless LANFragmentation Threshold 245 Ieee 802.11g Ieee246 Data Rate Modulation Mbps Types of Radius Messages Types of Authentication247 EAP-MD5 Message-Digest Algorithm EAP-TLS Transport Layer Security EAP-TTLS Tunneled Transport Layer Service248 Peap Protected EAP 249 Comparison of EAP Authentication TypesWPA2 Encryption User Authentication 250 25.0.2 WPA2-PSK Application Example 25.0.3 WPA2 with Radius Application Example251 Security Parameters Summary Wireless Security Relational MatrixAuthentication Encryptio Enter METHOD/ KEY 252 Examples of Services 253Name Protocol Ports Description 254 255 256 257 CopyrightCertifications Disclaimer 258 FCC Radiation Exposure StatementIndustry Canada Statement 259 IC Radiation Exposure StatementViewing Certifications ZyXEL Limited Warranty End-User License Agreement for NBG-417N 260Registration 261 262 263 264 Index 265 266 Essid 267 Radius 268 Ssid 31, 55, 76 269 270