D-Link DSR-150N DSR-150 User Manual - Page 103

Application Rules

Get D-Link DSR-150N PDF manuals and user guides View all D-Link DSR-150N manuals
Add to My Manuals
Save this manual to your list of manuals

Page 103 highlights

Unified Services Router Figure 62 : Pas s through options for VPN tunne ls User Manual 5.8 Application Rules Advanced > Application Rules > Application Rules Application rules are als o referred to as p ort triggering . This feature allows devices o n t h e LA N o r DM Z t o req u es t o n e o r mo re p o rt s t o b e fo rward ed t o t h em. Po rt t rig g erin g wait s fo r an o u t b o u n d req u es t fro m t h e LA N/ DM Z o n o n e o f t h e d efin ed o u t g o ing p ort s, an d t h en o pens an in co min g p ort fo r t h at s pecified t y pe o f t raffic. This can b e t h o u g h t o f as a fo rm o f d y n amic p o rt fo rward in g wh ile an ap p licat io n is t ran s mit t in g d at a o v er t h e o p en ed o u t g o in g o r in co min g p o rt (s ). Po rt t rig g erin g ap plicat ion ru les are mo re flexib le t h an s t at ic p o rt fo rward in g t h at is an available option when configuring firewall rules . This is becaus e a port triggering ru le d o es n o t h ave t o referen ce a s p ecific LA N IP o r IP ran g e. A s well p o rt s are n o t left open when not in us e, thereby providing a level of s ecurity that port forwarding does not offer.  Po rt t rig g erin g is n o t ap p ro p riat e fo r s erv ers o n t h e LA N, s in ce t h ere is a d ep en d en cy o n t h e LA N d ev ice makin g an o u t g o in g co n n ect io n b ef o re in co min g ports are opened. So me ap p licat io n s req uire t h at wh en ext ern al d ev ices co n n ect t o t h em, t h ey receiv e d at a o n a s p ecific p o rt o r ran g e o f p o rts in o rd er t o fu n ct ion p rop erly . Th e ro u ter mu s t s en d all in co min g d at a fo r t h at ap p licat io n o n ly o n t h e req u ired p o rt o r ran g e o f p o rts. Th e ro u t er h as a lis t o f co mmo n ap p licat io n s and g ames wit h co rresp ond ing o ut bou n d an d in b o u nd p ort s t o o p en. Yo u can als o sp ecify a p o rt t rig gerin g ru le b y d efin ing t h e t y p e o f t raffic (TCP o r UDP) an d t h e ran g e o f in co min g an d o u t g o in g p o rt s t o o p en when enabled. 101

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
Unified Services Router
User Manual
101
Figure 62: Passthrough options for VPN tunnels
5.8 Application Rules
Advanced > Application Rules > Application Rules
Application rules are also referred to as port triggering. This feature allows devices
on the LAN or DMZ to request one or more ports to be forwarded to them. Port
triggering waits for an outbound request from the LAN/DMZ on one of the defined
outgoing ports, and then opens an incoming port for that specified type of traffic. This
can be thought of as a form of dynamic port forwarding while an application is
transmitting data over the opened outgoing or incoming port(s).
Port triggering application rules are more flexible than static port forwarding that is
an available option when configuring firewall rules. This is because a port triggering
rule does not have to reference a specific LAN IP or IP range. As well ports are not
left open when not in use, thereby providing a level of security that port forwarding
does not offer.
Port triggering is not appropriate for servers on the LAN, since there is a
dependency on the LAN device making an outgoing connection before incoming
ports are opened.
Some applications require that when external devices connect to them, they receive
data on a specific port or range of ports in order to function properly. The router must
send all incoming data for that application only on the required port or range of ports.
The router has a list of common applications and games with corresponding outbound
and inbound ports to open. You can also specify a port triggering rule by defining the
type of traffic (TCP or UDP) and the range of incoming and outgoing ports to open
when enabled.