Home » ZyXEL Manuals » Networking » ZyXEL EX5510-B0 » Manual Viewer

ZyXEL EX5510-B0 User Guide - Page 204

DoS Settings

Add to My Manuals
Save this manual to your list of manuals

Page 204 highlights

Chapter 16 Firewall Table 81 Access Control: Add/Edit (continued) LABEL DESCRIPTION Destination IP Address IP Type Select Service Enter the destination IP address. Select whether your IP type is IPv4 or IPv6. Select the transport layer protocol that defines your customized port from the drop-down list box. The specific protocol rule sets you add in the Security > Firewall > Protocol > Add screen display in this list. Protocol If you want to configure a customized protocol, select Specific Service. This field is displayed only when you select Specific Service in Select Service. Custom Source Port Choose the IP port (TCP/UDP, TCP, UDP, ICMP, or ICMPv6) that defines your customized port from the drop-down list box. This field is displayed only when you select Specific Service in Select Service and have either TCP or UDP in the Protocol field. Custom Destination Port Enter a single port number or the range of port numbers of the source. This field is displayed only when you select Specific Service in Select Service and have either TCP or UDP in the Protocol field. TCP flag Enter a single port number or the range of port numbers of the destination. This field is displayed only when you select Specific Service in Select Service and have TCP in the Protocol field. Type Select one of the following TCP flags: SYN (Synchronize), ACK (Acknowledge), URG (Urgent), PSH (Push), RST (Reset), or FIN (Finished). This field is displayed only when you select Specific Service in Select Service and ICMPv6 in the protocol field. Policy Direction Enable Rate Limit From the drop-down list box, select which ICMPv6 type you would like to use. Use the drop-down list box to select whether to discard (DROP), deny and send an ICMP destination-unreachable message to the sender of (REJECT) or allow the passage of (ACCEPT) packets that match this rule. Use the drop-down list box to select the direction of traffic to which this rule applies. Select this check box to set a limit on the upstream/downstream transmission rate for the specified protocol. Scheduler Rules Cancel OK Specify how many packets per minute or second the transmission rate is. Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new schedule rule by click Add New Rule. This will bring you to the Security > Scheduler Rules screen. Click Cancel to restore the default or previously saved settings. Click OK to save your changes. 16.5 DoS Settings DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. EX5510-B0 User's Guide 204

Section	Page
EX5510-B0	1
Document Conventions	3
Contents Overview	4
Table of Contents	6
User’s Guide	15
Introducing the Zyxel Device	16
1.1 Overview	16
1.1.1 Multi-Gigabit Ethernet	16
1.2 Example Applications	16
1.2.1 Internet Access	17
1.2.2 Dual-Band WiFi	17
1.3 Ways to Manage the Zyxel Device	18
1.4 Good Habits for Managing the Zyxel Device	19
1.5 Hardware	19
1.5.1 Front Panel	19
1.5.2 Rear Panel	20
1.5.3 WPS Button	21
1.5.4 RESET Button	21
The Web Configurator	22
2.1 Overview	22
2.1.1 Accessing the Web Configurator	22
2.2 Web Configurator Layout	25
2.2.1 Navigation Panel	25
Quick Start Wizard	31
3.1 Overview	31
3.2 Wizard Setup	31
3.2.1 Time Zone	31
3.2.2 Internet	32
3.2.3 WiFi	34
Tutorials	36
4.1 Overview	36
4.2 Setting Up a Secure Wireless Network	36
4.2.1 Configuring the Wireless Network Settings	36
4.2.2 Using WPS	38
4.2.3 Without WPS	42
4.3 Setting Up Multiple Wireless Groups	43
4.4 Configuring Static Route for Routing to Another Network	47
4.5 Configuring QoS Queue and Class Setup	49
4.6 Access the Zyxel Device Using DDNS	53
4.6.1 Registering a DDNS Account on www.dyndns.org	53
4.6.2 Configuring DDNS on Your Zyxel Device	54
4.6.3 Testing the DDNS Setting	54
4.7 Configuring the MAC Address Filter	55
Technical Reference	57
Connection Status	58
5.1 Overview	58
5.1.1 Layout Icon	59
5.1.2 Connectivity	59
5.1.3 System Info	60
5.2 WiFi Settings	63
5.3 Guest WiFi Settings	64
5.4 LAN Settings	66
5.5 Parental Control	67
5.5.1 Create/Edit a Parental Control Profile	68
5.5.2 Define a Schedule	69
Broadband	71
6.1 Overview	71
6.1.1 What You Can Do in this Chapter	71
6.1.2 What You Need to Know	71
6.1.3 Before You Begin	74
6.2 Broadband Settings	74
6.2.1 Add/Edit Internet Connection	75
6.3 Technical Reference	82
Wireless	85
7.1 Wireless Overview	85
7.1.1 What You Can Do in this Chapter	85
7.1.2 What You Need to Know	85
7.2 Wireless General Settings	86
7.2.1 No Security	89
7.2.2 More Secure (Recommended)	89
7.3 Guest/More AP	91
7.3.1 Edit Guest/More AP Settings	92
7.4 MAC Authentication	95
7.4.1 Add/Edit MAC Addresses	96
7.5 WPS Settings	96
7.6 WMM Settings	98
7.7 Others Settings	99
7.8 Channel Status Settings	102
7.9 Band Steering	102
7.10 Technical Reference	103
7.10.1 Wireless Network Overview	103
7.10.2 Additional Wireless Terms	105
7.10.3 Wireless Security Overview	105
7.10.4 Signal Problems	107
7.10.5 BSS	107
7.10.6 MBSSID	108
7.10.7 Preamble Type	108
7.10.8 WiFi Protected Setup (WPS)	109
Home Networking	116
8.1 Home Networking Overview	116
8.1.1 What You Can Do in this Chapter	116
8.1.2 What You Need To Know	116
8.1.3 Before You Begin	118
8.2 LAN Setup	118
8.3 LAN Static DHCP	122
8.4 UPnP Settings	124
8.4.1 Turning on UPnP in Windows 7 Example	125
8.4.2 Turning on UPnP in Windows 10 Example	127
8.5 LAN Additional Subnet	129
8.6 STB Vendor ID	131
8.7 Wake on LAN	131
8.8 TFTP Server Name	132
8.9 Technical Reference	133
8.9.1 LANs, WANs and the Zyxel Device	133
8.9.2 DHCP Setup	133
8.9.3 DNS Server Addresses	134
8.9.4 LAN TCP/IP	134
Routing	136
9.1 Overview	136
9.2 Static Route Settings	136
9.2.1 Add/Edit Static Route	137
9.3 DNS Route	139
9.3.1 Add DNS Route	139
9.4 Policy Route	140
9.4.1 Add/Edit Policy Route	142
9.5 RIP Settings	143
Quality of Service (QoS)	144
10.1 QoS Overview	144
10.1.1 What You Can Do in this Chapter	144
10.2 What You Need to Know	145
10.3 Quality of Service General Settings	146
10.4 Queue Setup	148
10.4.1 Adding a QoS Queue	149
10.5 QoS Classification Setup	150
10.5.1 Add/Edit QoS Class	151
10.6 QoS Shaper Setup	155
10.6.1 Add/Edit a QoS Shaper	156
10.7 QoS Policer Setup	156
10.7.1 Add/Edit a QoS Policer	157
10.8 QoS Monitor	159
10.9 Technical Reference	160
Network Address Translation (NAT)	165
11.1 NAT Overview	165
11.1.1 What You Can Do in this Chapter	165
11.1.2 What You Need To Know	165
11.2 Port Forwarding	166
11.2.1 Add/Edit Port Forwarding	168
11.3 Port Triggering	170
11.3.1 Add/Edit Port Triggering Rule	172
11.4 DMZ Settings	173
11.5 ALG Settings	174
11.6 Address Mapping	175
11.6.1 Add/Edit Address Mapping Rule	176
11.7 NAT Sessions	177
11.8 Technical Reference	178
11.8.1 NAT Definitions	178
11.8.2 What NAT Does	179
11.8.3 How NAT Works	179
11.8.4 NAT Application	180
Dynamic DNS Setup	182
12.1 DNS Overview	182
12.1.1 What You Can Do in this Chapter	182
12.1.2 What You Need To Know	182
12.2 DNS Entry	183
12.2.1 Add/Edit DNS Entry	183
12.3 Dynamic DNS	184
IGMP/MLD	186
13.1 IGMP/MLD Overview	186
13.1.1 What You Need To Know	186
13.2 IGMP/MLD Settings	186
VLAN Group	189
14.1 Overview	189
14.1.1 What You Can Do in this Chapter	189
14.2 VLAN Group Settings	190
14.2.1 Add/Edit a VLAN Group	190
Interface Grouping	192
15.1 Interface Grouping Overview	192
15.1.1 What You Can Do in this Chapter	192
15.2 Interface Grouping Setup	192
15.2.1 Interface Group Configuration	193
15.2.2 Interface Grouping Criteria	195
Firewall	197
16.1 Firewall Overview	197
16.1.1 What You Can Do in this Chapter	197
16.1.2 What You Need to Know	198
16.2 Firewall Settings	198
16.3 Protocol Settings	200
16.3.1 Add New/Edit Protocol Entry	200
16.4 Access Control	201
16.4.1 Add/Edit an ACL Rule	202
16.5 DoS Settings	204
MAC Filter	206
17.1 MAC Filter Overview	206
17.2 MAC Filter Settings	206
Parental Control	208
18.1 Parental Control Overview	208
18.2 Parental Control Settings	208
18.2.1 Add/Edit a Parental Control Profile	209
Scheduler Rule	215
19.1 Scheduler Rule Overview	215
19.2 Scheduler Rule Settings	215
19.2.1 Add/Edit a Schedule Rule	216
Certificates	217
20.1 Certificates Overview	217
20.1.1 What You Can Do in this Chapter	217
20.2 What You Need to Know	217
20.3 Local Certificates	217
20.3.1 Create Certificate Request	219
20.3.2 View Certificate Request	219
20.4 Trusted CA	221
20.4.1 View Trusted CA Certificate	222
20.4.2 Import Trusted CA Certificate	223
Log	224
21.1 Log Overview	224
21.1.1 What You Can Do in this Chapter	224
21.1.2 What You Need To Know	224
21.2 System Log	225
21.3 Security Log	226
Traffic Status	227
22.1 Traffic Status Overview	227
22.1.1 What You Can Do in this Chapter	227
22.2 WAN Status	227
22.3 LAN Status	228
22.4 NAT Status	229
ARP Table	231
23.1 ARP Table Overview	231
23.1.1 How ARP Works	231
23.2 ARP Table Settings	232
Routing Table	233
24.1 Routing Table Overview	233
24.2 Routing Table Settings	233
Multicast Status	236
25.1 Multicast Status Overview	236
25.2 IGMP Status	236
25.3 MLD Status	237
WLAN Station Status	238
26.1 WLAN Station Status Overview	238
System	240
27.1 System Overview	240
27.2 System Settings	240
User Account	241
28.1 User Account Overview	241
28.2 User Account Settings	241
28.2.1 User Account Add/Edit	242
Remote Management	244
29.1 Remote Management Overview	244
29.1.1 What You Can Do in this Chapter	244
29.2 MGMT Services	244
29.3 Trust Domain	246
29.3.1 Add Trust Domain	246
SNMP	248
30.1 SNMP Overview	248
30.2 SNMP Settings	249
Time Settings	251
31.1 Time Settings Overview	251
31.2 Time	251
E-mail Notification	254
32.1 E-mail Notification Overview	254
32.2 E-mail Notification Settings	254
32.2.1 E-mail Notification Edit	255
Log Setting	257
33.1 Logs Setting Overview	257
33.2 Log Settings	257
33.2.1 Example E-mail Log	259
Firmware Upgrade	261
34.1 Firmware Upgrade Overview	261
34.2 Firmware Upgrade Settings	261
Backup/Restore	264
35.1 Backup/Restore Overview	264
35.2 Backup/Restore Settings	264
35.3 Reboot	266
Diagnostic	268
36.1 Diagnostic Overview	268
36.1.1 What You Can Do in this Chapter	268
36.2 What You Need to Know	268
36.3 Ping & TraceRoute & NsLookup	269
36.4 802.1ag (CFM)	270
36.5 802.3ah (OAM)	271
Troubleshooting and Appendices	273
Troubleshooting	274
37.1 Power, Hardware Connections, and LEDs	274
37.2 Zyxel Device Access and Login	275
37.3 Internet Access	276
37.4 Wireless Internet Access	278
37.5 UPnP	278
37.6 IP Address Setup	279
Customer Support	282
IPv6	288
Services	296
Legal Information	300

Match case Limit results 1 per page

Chapter 16 Firewall

EX5510-B0 User’s Guide

204

16.5

DoS Settings

DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection

requests, using so much bandwidth and so many resources that Internet access becomes unavailable.

Use the

DoS

screen to activate protection against DoS attacks. Click

Security > Firewall > DoS

to display

the following screen.

Destination IP

Address

Enter the destination IP address.

IP Type

Select whether your IP type is

IPv4

IPv6

Select Service

Select the transport layer protocol that defines your customized port from the drop-down list

box. The specific protocol rule sets you add in the

Security > Firewall > Protocol > Add

screen

display in this list.

If you want to configure a customized protocol, select

Specific Service

Protocol

This field is displayed only when you select

Specific Service

Select Service

Choose the IP port (

TCP/UDP

TCP

UDP

ICMP

, or

ICMPv6

) that defines your customized port from

the drop-down list box.

Custom Source

Port

This field is displayed only when you select

Specific Service

Select Service

and have either

TCP

UDP

in the

Protocol

field.

Enter a single port number or the range of port numbers of the source.

Custom

Destination Port

This field is displayed only when you select

Specific Service

Select Service

and have either

TCP

UDP

in the

Protocol

field.

Enter a single port number or the range of port numbers of the destination.

TCP flag

This field is displayed only when you select

Specific Service

Select Service

and have

TCP

in the

Protocol

field.

Select one of the following TCP flags:

SYN

(Synchronize),

ACK

(Acknowledge),

URG

(Urgent),

PSH

(Push),

RST

(Reset), or

FIN

(Finished).

Type

This field is displayed only when you select

Specific Service

Select Service

and

ICMPv6

in the

protocol field.

From the drop-down list box, select which ICMPv6 type you would like to use.

Policy

Use the drop-down list box to select whether to discard (

DROP

), deny and send an ICMP

destination-unreachable message to the sender of (

REJECT

) or allow the passage of (

)

packets that match this rule.

Direction

Use the drop-down list box to select the direction of traffic to which this rule applies.

Enable Rate

Limit

Select this check box to set a limit on the upstream/downstream transmission rate for the

specified protocol.

Specify how many packets per minute or second the transmission rate is.

Scheduler Rules

Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new

schedule rule by click

Add New Rule

. This will bring you to the

Security > Scheduler Rules

screen.

Cancel

Click

Cancel

to restore the default or previously saved settings.

Click

to save your changes.

Table 81

Access Control: Add/Edit (continued)

LABEL

DESCRIPTION