Home » ZyXEL Manuals » Wireless » ZyXEL LTE7485-S905 » Manual Viewer

ZyXEL LTE7485-S905 User Guide - Page 126

DoS, Select Service, TCP/UDP, ICMPv6, Reject, Accept, WAN to LAN, WAN to Router

Add to My Manuals
Save this manual to your list of manuals

Page 126 highlights

Chapter 11 Firewall Table 46 Security > Firewall > Access Control > Add New ACL Rule (continued) LABEL DESCRIPTION IP Type Select between IPv4 or IPv6. Compared to IPv4, IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. The Zyxel Device can use IPv4/IPv6 dual stack to connect to IPv4 and IPv6 networks, and supports IPv6 rapid deployment (6RD). Select Service Select a service from the Select Service box. Protocol Select the protocol (ALL, TCP/UDP, TCP, UDP, ICMP, or ICMPv6) used to transport the packets for which you want to apply the rule. Custom Source Port This is a single port number or the starting port number of a range that defines your rule. Custom Destination Port This is a single port number or the ending port number of a range that defines your rule. TCP Flag Select the TCP Flag (SYN, ACK, URG, PSH, RST, FIN). Policy Use the drop-down list box to select whether to discard (Drop), deny and send an ICMP destination-unreachable message to the sender (Reject), or allow the passage of (Accept) packets that match this rule. Direction Select WAN to LAN to apply the rule to traffic from WAN to LAN. Select LAN to WAN to apply the rule to traffic from LAN to WAN. Select WAN to Router to apply the rule to traffic from WAN to router. Select LAN to Router to apply the rule to traffic from LAN to router. Enable Rate Limit Click to enable (switch turns blue) the setting of maximum number of packets per maximum number of minute/second to limit the throughput of traffic that matches this rule. If not, the next item will be disabled. Scheduler Rules packet(s) per (1-512) Enter the maximum number of packets (1-512) per minute/second. Add New Rule Select a schedule rule for this ACL rule from the drop-down list box. You can configure a new schedule rule by clicking Add New Rule. OK Click this to save your changes. Cancel Click this to exit this screen without saving. 11.6 DoS DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. Figure 97 Security > Firewall > DoS LTE Series User's Guide 126

Section	Page
LTE Series	1
Document Conventions	3
Contents Overview	4
Table of Contents	5
User’s Guide	12
Introduction	13
1.1 Overview	13
1.2 Application for the Zyxel Device	14
1.3 Manage the Zyxel Device	14
1.4 Good Habits for Managing the Zyxel Device	15
1.5 Front and Bottom Panels	15
1.5.1 LEDs (Lights)	17
1.5.2 Panel Ports & Buttons	17
1.5.3 Turning On/Off WiFi	18
1.5.4 The RESET Button	19
The Web Configurator	21
2.1 Overview	21
2.1.1 Access the Web Configurator	21
2.2 Web Configurator Layout	23
2.2.1 Settings Icon	23
2.2.2 Widget Icon	27
Quick Start	30
3.1 Overview	30
3.2 Quick Start Setup	30
3.3 Time Zone	30
3.4 The Internet Connection Setup	31
3.4.1 Successful Internet Connection	31
3.4.2 Unsuccessful Internet Connection	32
3.5 Quick Start Setup-Wireless	32
3.6 Quick Start Setup-Finish	33
Tutorials	34
4.1 Overview	34
4.2 Set Up a Wireless Network Using WPS	34
4.2.1 Push Button Configuration (PBC)	35
4.2.2 PIN Configuration	36
4.3 Connect to the Zyxel Device’s WiFi Network	37
4.4 Configure a Firewall Rule	40
4.5 Configure MAC Filter	41
4.6 Upgrade Firmware on the Zyxel Device	42
4.7 Back up a Configuration File	43
4.8 Restore Configuration	43
4.9 Configure DHCP	44
4.9.1 Add Devices to Your Static DHCP List	45
4.10 Configure Static Route for Routing to Another Network	46
4.11 Access the Zyxel Device Using DDNS	48
4.11.1 Register a DDNS Account on www.dyndns.org	49
4.11.2 Configure DDNS on Your Zyxel Device	49
4.11.3 Test the DDNS Settings	50
Technical Reference	51
Connection Status	52
5.1 Connection Status Overview	52
5.1.1 Connectivity	52
5.1.2 System Info	53
5.1.3 Cellular Info	55
5.1.4 WiFi Settings	59
5.1.5 LAN	60
Broadband	63
6.1 Overview	63
6.1.1 What You Can Do in this Chapter	63
6.1.2 What You Need to Know	64
6.1.3 Before You Begin	64
6.2 Broadband	64
6.3 Cellular WAN	65
6.4 Cellular APN	66
6.5 Cellular SIM Configuration	67
6.6 Cellular Band Configuration	68
6.7 Cellular PLMN Configuration	69
6.8 Cellular IP Passthrough	72
6.9 Cellular Lock	73
Home Networking	75
7.1 Overview	75
7.1.1 What You Can Do in this Chapter	75
7.1.2 What You Need To Know	75
7.2 LAN Setup	76
7.3 Static DHCP	80
7.3.1 Before You Begin	80
7.4 UPnP	82
7.5 Technical Reference	83
7.6 Turn on UPnP in Windows 7 Example	84
7.6.1 Auto-discover Your UPnP-enabled Network Device	85
7.7 Turn on UPnP in Windows 10 Example	87
7.7.1 Auto-discover Your UPnP-enabled Network Device	89
7.8 Web Configurator Easy Access in Windows 7	92
7.9 Web Configurator Easy Access in Windows 10	94
Routing	97
8.1 Overview	97
8.2 Configure Static Route	97
8.2.1 Add/Edit Static Route	98
8.3 DNS Route	100
8.3.1 Add/Edit DNS Route	100
8.4 Policy Route	101
8.4.1 Add/Edit Policy Route	103
8.5 RIP Overview	104
8.5.1 RIP	104
Network Address Translation (NAT)	105
9.1 Overview	105
9.1.1 What You Can Do in this Chapter	105
9.1.2 What You Need To Know	105
9.2 Port Forwarding Overview	106
9.2.1 Port Forwarding	107
9.2.2 Add/Edit Port Forwarding	107
9.3 Port Triggering	109
9.3.1 Add/Edit Port Triggering Rule	111
9.4 DMZ	112
9.5 ALG	113
Dynamic DNS Setup	115
10.1 DNS Overview	115
10.1.1 What You Can Do in this Chapter	115
10.1.2 What You Need To Know	115
10.2 DNS Entry	116
10.2.1 Add/Edit DNS Entry	116
10.3 Dynamic DNS	117
Firewall	119
11.1 Overview	119
11.1.1 What You Need to Know About Firewall	119
11.2 Firewall	120
11.2.1 What You Can Do in this Chapter	120
11.3 Firewall General Settings	120
11.4 Protocol (Customized Services)	122
11.4.1 Add Customized Service	122
11.5 Access Control (Rules)	123
11.5.1 Add New ACL Rule Screen	124
11.6 DoS	126
11.7 Firewall Technical Reference	127
11.7.1 Firewall Rules Overview	127
11.7.2 Guidelines For Security Enhancement With Your Firewall	128
11.7.3 Security Considerations	128
MAC Filter	130
12.1 MAC Filter Overview	130
12.2 MAC Filter	130
12.2.1 Add New Rule	131
Certificates	132
13.1 Certificates Overview	132
13.1.1 What You Can Do in this Chapter	132
13.2 Local Certificates	132
13.2.1 Create Certificate Request	133
13.2.2 View Certificate Request	134
13.3 Trusted CA	136
13.4 Import Trusted CA Certificate	137
13.5 View Trusted CA Certificate	137
13.6 Certificates Technical Reference	138
13.6.1 Verify a Certificate	139
Log	141
14.1 Log Overview	141
14.1.1 What You Can Do in this Chapter	141
14.1.2 What You Need To Know	141
14.2 System Log	142
14.3 Security Log	142
Traffic Status	144
15.1 Traffic Status Overview	144
15.1.1 What You Can Do in this Chapter	144
15.2 WAN Status	144
15.3 LAN Status	145
ARP Table	147
16.1 ARP Table Overview	147
16.1.1 How ARP Works	147
16.2 ARP Table	148
Routing Table	149
17.1 Routing Table Overview	149
17.2 Routing Table	149
Cellular WAN Status	152
18.1 Cellular WAN Status Overview	152
18.2 Cellular WAN Status	152
System	157
19.1 System Overview	157
19.2 System	157
User Account	158
20.1 User Account Overview	158
20.2 User Account	158
20.2.1 User Account Add/Edit	159
Remote Management	161
21.1 Overview	161
21.2 MGMT Services	161
21.3 MGMT Services for IP Passthrough	162
21.4 Trust Domain	163
21.5 Add Trust Domain	164
21.6 Trust Domain for IP Passthrough	164
21.7 Add Trust Domain	165
Time Settings	166
22.1 Time Settings Overview	166
22.2 Time	166
E-mail Notification	169
23.1 E-mail Notification Overview	169
23.2 E-mail Notification	169
23.2.1 E-mail Notification Edit	170
Log Setting	172
24.1 Log Setting Overview	172
24.2 Log Setting	172
Firmware Upgrade	175
25.1 Overview	175
25.2 Firmware Upgrade	175
Backup/Restore	177
26.1 Backup/Restore Overview	177
26.2 Backup/Restore	177
26.3 Reboot	178
Diagnostic	180
27.1 Diagnostic Overview	180
27.2 Ping/TraceRoute/Nslookup Test	180
Troubleshooting	182
28.1 Overview	182
28.2 Power and Hardware Connections	182
28.3 Zyxel Device Access and Login	182
28.4 Internet Access	184
28.5 UPnP	185
28.6 SIM Card	186
28.7 Cellular Signal	186
Appendices	188
Customer Support	189
IPv6	195
Legal Information	202

Match case Limit results 1 per page

Chapter 11 Firewall

LTE Series User’s Guide

126

11.6

DoS

DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection

requests, using so much bandwidth and so many resources that Internet access becomes unavailable.

Use the

DoS

screen to activate protection against DoS attacks.

Click

Security > Firewall > DoS

to display the following screen.

Figure 97

Security > Firewall > DoS

IP Type

Select between

IPv4

IPv6

. Compared to

IPv4

IPv6

(Internet Protocol version 6), is

designed to enhance IP address size and features. The increase in

IPv6

address size to

128 bits (from the 32-bit

IPv4

address) allows up to 3.4 x 1038 IP addresses. The Zyxel

Device can use

IPv4

IPv6

dual stack to connect to

IPv4

and

IPv6

networks, and supports

IPv6

rapid deployment (6RD).

Select Service

Select a service from the

Select Service

box.

Protocol

Select the protocol (

ALL

TCP/UDP

TCP

UDP

ICMP

, or

ICMPv6

) used to transport the

packets for which you want to apply the rule.

Custom Source Port

This is a single port number or the starting port number of a range that defines your rule.

Custom Destination

Port

This is a single port number or the ending port number of a range that defines your rule.

TCP Flag

Select the TCP Flag (SYN, ACK, URG, PSH, RST, FIN).

Policy

Use the drop-down list box to select whether to discard (

Drop

), deny

and send an ICMP

destination-unreachable message to the sender (

Reject

), or allow the passage of

(

) packets that match this rule.

Direction

Select

WAN to LAN

to apply the rule to traffic from WAN to LAN. Select

LAN to WAN

apply the rule to traffic from LAN to WAN. Select

WAN to Router

to apply the rule to traffic

from WAN to router. Select

LAN to Router

to apply the rule to traffic from LAN to router.

Enable Rate Limit

Click to enable (switch turns blue) the setting of maximum number of packets per

maximum number of minute/second to limit the throughput of traffic that matches this

rule. If not, the next item will be disabled.

Scheduler Rules

packet(s) per (1-512)

Enter the maximum number of

packets (1-512) per minute

second

Add New Rule

Select a schedule rule for this ACL rule from the drop-down list box. You can configure a

new schedule rule by clicking

Add New Rule

Click this to save your changes.

Cancel

Click this to exit this screen without saving.

Table 46

Security > Firewall > Access Control > Add New ACL Rule (continued)

LABEL

DESCRIPTION