Home » ZyXEL Manuals » Hubs & Switches » ZyXEL GS-105I » Manual Viewer

ZyXEL GS-105I User Guide - Page 205

DoS Settings

Add to My Manuals
Save this manual to your list of manuals

Page 205 highlights

Chapter 16 Firewall Table 80 Access Control: Add/Edit (continued) LABEL DESCRIPTION Select Destination Device Destination IP Address IP Type Select Service Select the destination device to which the ACL rule applies. If you select Specific IP Address, enter the destiniation IP address in the field below. Enter the destination IP address. Select whether your IP type is IPv4 or IPv6. Select the transport layer protocol that defines your customized port from the drop-down list box. The specific protocol rule sets you add in the Security > Firewall > Protocol > Add screen display in this list. Protocol If you want to configure a customized protocol, select Specific Service. This field is displayed only when you select Specific Service in Select Service. Custom Source Port Choose the IP port (TCP/UDP, TCP, UDP, ICMP, or ICMPv6) that defines your customized port from the drop-down list box. This field is displayed only when you select Specific Service in Select Service and have either TCP or UDP in the Protocol field. Custom Destination Port Enter a single port number or the range of port numbers of the source. This field is displayed only when you select Specific Service in Select Service and have either TCP or UDP in the Protocol field. TCP flag Enter a single port number or the range of port numbers of the destination. This field is displayed only when you select Specific Service in Select Service and have TCP in the Protocol field. Type Select one of the following TCP flags: SYN (Synchronize), ACK (Acknowledge), URG (Urgent), PSH (Push), RST (Reset), or FIN (Finished). This field is displayed only when you select Specific Service in Select Service and ICMPv6 in the protocol field. Policy Direction Enable Rate Limit From the drop-down list box, select which ICMPv6 type you would like to use. Use the drop-down list box to select whether to discard (DROP), deny and send an ICMP destination-unreachable message to the sender of (REJECT) or allow the passage of (ACCEPT) packets that match this rule. Use the drop-down list box to select the direction of traffic to which this rule applies. Select this check box to set a limit on the upstream/downstream transmission rate for the specified protocol. Scheduler Rules Cancel OK Specify how many packets per minute or second the transmission rate is. Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new schedule rule by click Add New Rule. This will bring you to the Security > Scheduler Rules screen. Click Cancel to exit this screen without saving. Click OK to save your changes. 16.5 DoS Settings DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. PX7511-B0 User's Guide 205

Section	Page
PX7511-B0	1
Document Conventions	3
Contents Overview	4
Table of Contents	6
User’s Guide	16
Introducing the Zyxel Device	17
1.1 Overview	17
1.1.1 Multi-Gigabit	17
1.2 Example Applications	17
1.2.1 Internet Access	18
1.2.2 Dual-Band WiFi	18
1.2.3 VoIP Application	19
1.3 Ways to Manage the Zyxel Device	19
1.4 Good Habits for Managing the Zyxel Device	19
1.5 Hardware	20
1.5.1 Front Panel	20
1.5.2 Rear Panel	21
1.5.3 The WPS Button	22
1.5.4 The RESET Button	23
1.5.5 The UPS Port	23
The Web Configurator	24
2.1 Overview	24
2.1.1 Accessing the Web Configurator	24
2.2 Web Configurator Layout	26
2.2.1 Navigation Panel	27
Quick Start Wizard	32
3.1 Overview	32
3.2 Wizard Setup	32
3.2.1 Time Zone	32
3.2.2 Internet	33
3.2.3 WiFi	35
Tutorials	37
4.1 Overview	37
4.2 Setting Up a Secure Wireless Network	37
4.2.1 Configuring the Wireless Network Settings	37
4.2.2 Using WPS	39
4.2.3 Without WPS	43
4.3 Setting Up Multiple Wireless Groups	44
4.4 Configuring Static Route for Routing to Another Network	49
4.5 Configuring QoS Queue and Class Setup	51
4.6 Access the Zyxel Device Using DDNS	55
4.6.1 Registering a DDNS Account on www.dyndns.org	55
4.6.2 Configuring DDNS on Your Zyxel Device	56
4.6.3 Testing the DDNS Setting	56
4.7 Configuring the MAC Address Filter	57
Technical Reference	59
Connection Status	60
5.1 Overview	60
5.1.1 Layout Icon	61
5.1.2 Connectivity	61
5.1.3 System Info	62
5.2 WiFi Settings	65
5.3 Guest WiFi Settings	67
5.4 LAN Settings	68
5.5 Parental Control	70
5.5.1 Create/Edit a Parental Control Profile	71
5.5.2 Define a Schedule	72
Broadband	74
6.1 Overview	74
6.1.1 What You Can Do in this Chapter	74
6.1.2 What You Need to Know	74
6.1.3 Before You Begin	77
6.2 Broadband Settings	77
6.2.1 Add/Edit Internet Connection	78
6.3 Technical Reference	84
Wireless	88
7.1 Wireless Overview	88
7.1.1 What You Can Do in this Chapter	88
7.1.2 What You Need to Know	88
7.2 Wireless General Settings	89
7.2.1 No Security	92
7.2.2 More Secure (Recommended)	92
7.3 Guest/More AP	94
7.3.1 The Edit Guest/More AP Screen	94
7.4 MAC Authentication	97
7.4.1 Add/Edit MAC Addresses	98
7.5 WPS Settings	99
7.6 WMM Settings	100
7.7 Others Settings	101
7.8 Channel Status Settings	104
7.9 Technical Reference	104
7.9.1 Wireless Network Overview	104
7.9.2 Additional Wireless Terms	106
7.9.3 Wireless Security Overview	106
7.9.4 Signal Problems	108
7.9.5 BSS	108
7.9.6 MBSSID	109
7.9.7 Preamble Type	109
7.9.8 WiFi Protected Setup (WPS)	110
Home Networking	117
8.1 Home Networking Overview	117
8.1.1 What You Can Do in this Chapter	117
8.1.2 What You Need To Know	117
8.1.3 Before You Begin	119
8.2 LAN Setup	119
8.3 LAN Static DHCP	123
8.4 UPnP Settings	125
8.4.1 Turning on UPnP in Windows 7 Example	126
8.4.2 Turning on UPnP in Windows 10 Example	128
8.5 LAN Additional Subnet	130
8.6 STB Vendor ID	132
8.7 Wake on LAN	133
8.8 TFTP Server Name	133
8.9 Technical Reference	134
8.9.1 LANs, WANs and the Zyxel Device	134
8.9.2 DHCP Setup	135
8.9.3 DNS Server Addresses	135
8.9.4 LAN TCP/IP	135
Routing	137
9.1 Overview	137
9.2 Static Route Settings	137
9.2.1 Add/Edit Static Route	138
9.3 DNS Route	140
9.3.1 Add DNS Route	140
9.4 Policy Route	141
9.4.1 Add/Edit Policy Route	143
9.5 RIP Settings	144
Quality of Service (QoS)	145
10.1 QoS Overview	145
10.1.1 What You Can Do in this Chapter	145
10.2 What You Need to Know	146
10.3 Quality of Service General Settings	147
10.4 Queue Setup	149
10.4.1 Adding a QoS Queue	150
10.5 QoS Classification Setup	151
10.5.1 Add/Edit QoS Class	152
10.6 QoS Shaper Setup	156
10.6.1 Add/Edit a QoS Shaper	157
10.7 QoS Policer Setup	157
10.7.1 Add/Edit a QoS Policer	158
10.8 Technical Reference	160
Network Address Translation (NAT)	165
11.1 NAT Overview	165
11.1.1 What You Can Do in this Chapter	165
11.1.2 What You Need To Know	165
11.2 Port Forwarding	166
11.2.1 Add/Edit Port Forwarding	168
11.3 Port Triggering	170
11.3.1 Add/Edit Port Triggering Rule	172
11.4 DMZ Settings	173
11.5 ALG Settings	174
11.6 Address Mapping	175
11.6.1 Add/Edit Address Mapping Rule	176
11.7 NAT Sessions	177
11.8 Technical Reference	178
11.8.1 NAT Definitions	178
11.8.2 What NAT Does	179
11.8.3 How NAT Works	179
11.8.4 NAT Application	180
Dynamic DNS Setup	182
12.1 DNS Overview	182
12.1.1 What You Can Do in this Chapter	182
12.1.2 What You Need To Know	182
12.2 DNS Entry	183
12.2.1 Add/Edit DNS Entry	183
12.3 Dynamic DNS	184
IGMP/MLD	186
13.1 IGMP/MLD Overview	186
13.1.1 What You Need To Know	186
13.2 IGMP/MLD Settings	186
VLAN Group	189
14.1 Overview	189
14.1.1 What You Can Do in this Chapter	189
14.2 The VLAN Group Screen	190
14.2.1 Add/Edit a VLAN Group	190
Interface Grouping	192
15.1 Interface Grouping Overview	192
15.1.1 What You Can Do in this Chapter	192
15.2 Interface Grouping Setup	192
15.2.1 Interface Group Configuration	194
15.2.2 Interface Grouping Criteria	196
Firewall	198
16.1 Firewall Overview	198
16.1.1 What You Can Do in this Chapter	198
16.1.2 What You Need to Know	199
16.2 Firewall Settings	199
16.3 Protocol Settings	201
16.3.1 Add New/Edit Protocol Entry	201
16.4 Access Control	202
16.4.1 Add/Edit an ACL Rule	203
16.5 DoS Settings	205
MAC Filter	207
17.1 MAC Filter Overview	207
17.2 MAC Filter Settings	207
Parental Control	209
18.1 Parental Control Overview	209
18.2 Parental Control Settings	209
18.2.1 Add/Edit a Parental Control Profile	210
Scheduler Rule	215
19.1 Scheduler Rule Overview	215
19.2 Scheduler Rule Settings	215
19.2.1 Add/Edit a Schedule Rule	215
Certificates	217
20.1 Certificates Overview	217
20.1.1 What You Can Do in this Chapter	217
20.2 What You Need to Know	217
20.3 Local Certificates	217
20.3.1 Create Certificate Request	218
20.3.2 View Certificate Request	219
20.4 Trusted CA	221
20.4.1 View Trusted CA Certificate	222
20.4.2 Import Trusted CA Certificate	223
VoIP	224
21.1 Overview	224
21.1.1 What You Can Do in this Chapter	224
21.1.2 What You Need to Know About VoIP	225
21.2 Before You Begin	225
21.3 The SIP Account Screen	226
21.3.1 The SIP Account Add/Edit Screen	226
21.4 The SIP Service Provider Screen	230
21.4.1 The SIP Service Provider Add/Edit Screen	231
21.5 The Phone Device Screen	235
21.5.1 The Phone Device Edit Screen	236
21.6 The Phone Region Screen	238
21.7 The Call Rule Screen	238
21.8 The Call History Screen	239
21.9 Technical Reference	240
21.9.1 Quality of Service (QoS)	248
21.9.2 Phone Services Overview	249
Log	254
22.1 Log Overview	254
22.1.1 What You Can Do in this Chapter	254
22.1.2 What You Need To Know	254
22.2 System Log	255
22.3 Security Log	256
Traffic Status	257
23.1 Traffic Status Overview	257
23.1.1 What You Can Do in this Chapter	257
23.2 WAN Status	257
23.3 LAN Status	258
23.4 NAT Status	259
VoIP Status	261
24.1 The VoIP Status Screen	261
ARP Table	264
25.1 ARP Table Overview	264
25.1.1 How ARP Works	264
25.2 ARP Table Settings	264
Routing Table	266
26.1 Routing Table Overview	266
26.2 Routing Table Settings	266
Multicast Status	269
27.1 Multicast Status Overview	269
27.2 IGMP Status	269
27.3 MLD Status	270
WLAN Station Status	271
28.1 WLAN Station Status Overview	271
xPON Status	273
29.1 Overview	273
29.2 xPON Status Screen	273
System	274
30.1 System Overview	274
30.2 System Settings	274
User Account	275
31.1 User Account Overview	275
31.2 User Account Settings	275
31.2.1 User Account Add/Edit	276
Remote Management	278
32.1 Remote Management Overview	278
32.2 MGMT Services	278
32.3 Trust Domain	279
32.3.1 Add Trust Domain	280
SNMP	281
33.1 SNMP Overview	281
33.2 SNMP Settings	282
Time Settings	284
34.1 Time Settings Overview	284
34.2 Time	284
Email Notification	287
35.1 Email Notification Overview	287
35.2 Email Notification Settings	287
35.2.1 Email Notification Edit	288
Log Setting	290
36.1 Logs Setting Overview	290
36.2 Log Settings	290
36.2.1 Example Email Log	292
Firmware Upgrade	294
37.1 Firmware Upgrade Overview	294
37.2 Firmware Upgrade Settings	294
Backup and Restore	296
38.1 Backup/Restore Overview	296
38.2 Backup/Restore Settings	296
38.3 Reboot	298
Diagnostic	299
39.1 Diagnostic Overview	299
39.1.1 What You Can Do in this Chapter	299
39.2 Diagnostic Screen	299
GPON	301
40.1 Overview	301
40.2 SLID	301
Troubleshooting and Appendices	302
Troubleshooting	303
41.1 Power, Hardware Connections, and LEDs	303
41.2 Zyxel Device Access and Login	304
41.3 Internet Access	305
41.4 Wireless Internet Access	306
41.5 UPnP	307
Customer Support	308
IPv6	314
Services	322
Legal Information	326

Match case Limit results 1 per page

Chapter 16 Firewall

PX7511-B0 User’s Guide

205

16.5

DoS Settings

DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection

requests, using so much bandwidth and so many resources that Internet access becomes unavailable.

Use the

DoS

screen to activate protection against DoS attacks. Click

Security > Firewall > DoS

to display

the following screen.

Select

Destination

Device

Select the destination device to which the ACL rule applies. If you select

Specific IP Address

enter the destiniation IP address in the field below.

Destination IP

Address

Enter the destination IP address.

IP Type

Select whether your IP type is

IPv4

IPv6

Select Service

Select the transport layer protocol that defines your customized port from the drop-down list

box. The specific protocol rule sets you add in the

Security > Firewall > Protocol > Add

screen

display in this list.

If you want to configure a customized protocol, select

Specific Service

Protocol

This field is displayed only when you select

Specific Service

Select Service

Choose the IP port (

TCP/UDP

TCP

UDP

ICMP

, or

ICMPv6

) that defines your customized port from

the drop-down list box.

Custom Source

Port

This field is displayed only when you select

Specific Service

Select Service

and have either

TCP

UDP

in the

Protocol

field.

Enter a single port number or the range of port numbers of the source.

Custom

Destination Port

This field is displayed only when you select

Specific Service

Select Service

and have either

TCP

UDP

in the

Protocol

field.

Enter a single port number or the range of port numbers of the destination.

TCP flag

This field is displayed only when you select

Specific Service

Select Service

and have

TCP

in the

Protocol

field.

Select one of the following TCP flags:

SYN

(Synchronize),

ACK

(Acknowledge),

URG

(Urgent),

PSH

(Push),

RST

(Reset), or

FIN

(Finished).

Type

This field is displayed only when you select

Specific Service

Select Service

and

ICMPv6

in the

protocol field.

From the drop-down list box, select which ICMPv6 type you would like to use.

Policy

Use the drop-down list box to select whether to discard (

DROP

), deny and send an ICMP

destination-unreachable message to the sender of (

REJECT

) or allow the passage of (

)

packets that match this rule.

Direction

Use the drop-down list box to select the direction of traffic to which this rule applies.

Enable Rate

Limit

Select this check box to set a limit on the upstream/downstream transmission rate for the

specified protocol.

Specify how many packets per minute or second the transmission rate is.

Scheduler Rules

Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new

schedule rule by click

Add New Rule

. This will bring you to the

Security > Scheduler Rules

screen.

Cancel

Click

Cancel

to exit this screen without saving.

Click

to save your changes.

Table 80

Access Control: Add/Edit (continued)

LABEL

DESCRIPTION