Home » ZyXEL Manuals » Bridges & Routers » ZyXEL NBG6716 » Manual Viewer

ZyXEL NBG6716 User Guide - Page 145

General Screen, Services Screen

Add to My Manuals
Save this manual to your list of manuals

Page 145 highlights

Chapter 17 Firewall 4 Don't enable any local service (such as NTP) that you don't use. Any enabled service could present a potential security risk. A determined hacker might be able to find creative ways to misuse the enabled services to access the firewall or the network. 5 For local services that are enabled, protect against misuse. Protect by configuring the services to communicate only with specific peers, and protect by configuring rules to block packets for the services at specific interfaces. 6 Protect against IP spoofing by making sure the firewall is active. 7 Keep the firewall in a secured (locked) room. 17.2 General Screen Use this screen to enable or disable the NBG6716's firewall, and set up firewall logs. Click Security > Firewall to open the General screen. Figure 90 Security > Firewall > General l The following table describes the labels in this screen. Table 57 Security > Firewall > General LABEL DESCRIPTION Enable Firewall Select this check box to activate the firewall. The NBG6716 performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated. Apply Click Apply to save the settings. Cancel Click Cancel to start configuring this screen again. 17.3 Services Screen If an outside user attempts to probe an unsupported port on your NBG6716, an ICMP response packet is automatically returned. This allows the outside user to know the NBG6716 exists. Use this screen to prevent the ICMP response packet from being sent. This keeps outsiders from discovering your NBG6716 when unsupported ports are probed. You can also use this screen to enable service blocking, enter/delete/modify the services you want to block and the date/time you want to block them. Click Security > Firewall > Services. The screen appears as shown next. NBG6716 User's Guide 145

Section	Page
NBG6716	1
Contents Overview	3
Table of Contents	5
User’s Guide	13
Introduction	15
1.1 Overview	15
1.1.1 Dual-Band	16
1.2 Applications	16
1.3 Ways to Manage the NBG6716	16
1.4 Good Habits for Managing the NBG6716	17
1.5 Resetting the NBG6716	17
1.5.1 How to Use the RESET Button	17
1.6 The WPS Button	17
1.7 LEDs	18
1.8 Wall Mounting	20
Connection Wizard	21
2.1 Overview	21
2.2 Accessing the Wizard	21
2.3 Connect to Internet	22
2.3.1 Connection Type: IPoE	23
2.3.2 Connection Type: PPPoE	24
2.4 Router Password	26
2.5 Wireless Security	27
2.5.1 Wireless Security: No Security	27
2.5.2 Wireless Security: WPA2-PSK	28
Introducing the Web Configurator	31
3.1 Overview	31
3.2 Accessing the Web Configurator	31
3.2.1 Login Screen	31
3.2.2 Password Screen	32
NBG6716 Modes	35
4.1 Overview	35
4.1.1 Web Configurator Modes	35
4.1.2 Device Modes	35
Easy Mode	37
5.1 Overview	37
5.2 What You Can Do	38
5.3 What You Need to Know	38
5.4 Navigation Panel	39
5.5 Network Map	39
5.6 Control Panel	40
5.6.1 Power Saving	40
5.6.2 Content Filter	41
5.6.3 Firewall	42
5.6.4 Internet Setting	42
5.6.5 Wireless Security	44
5.6.6 WPS	45
5.7 Status Screen in Easy Mode	46
Router Mode	49
6.1 Overview	49
6.2 Router Mode Status Screen	49
6.2.1 Navigation Panel	52
Access Point Mode	57
7.1 Overview	57
7.2 What You Can Do	57
7.3 What You Need to Know	57
7.3.1 Setting your NBG6716 to AP Mode	58
7.3.2 Accessing the Web Configurator in Access Point Mode	58
7.3.3 Configuring your WLAN and Maintenance Settings	59
7.4 AP Mode Status Screen	59
7.4.1 Navigation Panel	61
7.5 LAN Screen	61
Tutorials	65
8.1 Overview	65
8.2 Set Up a Wireless Network with WPS	65
8.2.1 Push Button Configuration (PBC)	65
8.2.2 PIN Configuration	66
8.3 Configure Wireless Security without WPS	67
8.3.1 Configure Your Notebook	69
8.4 Using Multiple SSIDs on the NBG6716	71
8.4.1 Configuring Security Settings of Multiple SSIDs	72
Technical Reference	77
Monitor	79
9.1 Overview	79
9.2 What You Can Do	79
9.3 The Log Screen	79
9.3.1 View Log	79
9.3.2 Log Setting	80
9.4 DHCP Table	80
9.5 Packet Statistics	81
9.6 WLAN Station Status	82
WAN	85
10.1 Overview	85
10.2 What You Can Do	85
10.3 What You Need To Know	85
10.3.1 Configuring Your Internet Connection	86
10.4 Internet Connection	87
10.4.1 IPoE Encapsulation	87
10.4.2 PPPoE Encapsulation	89
10.5 Advanced WAN Screen	91
Wireless LAN	93
11.1 Overview	93
11.1.1 What You Can Do	94
11.1.2 What You Should Know	94
11.2 General Wireless LAN Screen	98
11.3 Wireless Security	100
11.3.1 No Security	100
11.3.2 WEP Encryption	101
11.3.3 WPA-PSK/WPA2-PSK	103
11.3.4 WPA/WPA2	104
11.4 More AP Screen	106
11.4.1 More AP Edit	107
11.5 MAC Filter Screen	109
11.6 Wireless LAN Advanced Screen	111
11.7 Quality of Service (QoS) Screen	111
11.8 WPS Screen	112
11.9 WPS Station Screen	114
11.10 Scheduling Screen	114
LAN	117
12.1 Overview	117
12.2 What You Can Do	117
12.3 What You Need To Know	117
12.3.1 IP Alias	118
12.4 LAN IP Screen	118
12.5 IP Alias Screen	119
DHCP Server	121
13.1 Overview	121
13.1.1 What You Can Do	121
13.1.2 What You Need To Know	121
13.2 DHCP Server General Screen	122
13.3 DHCP Server Advanced Screen	122
13.4 DHCP Client List Screen	124
NAT	127
14.1 Overview	127
14.1.1 What You Can Do	127
14.1.2 What You Need To Know	128
14.2 General	129
14.3 Port Forwarding Screen	130
14.3.1 Port Forwarding Edit Screen	132
14.4 Port Trigger Screen	133
14.5 Technical Reference	134
14.5.1 NATPort Forwarding: Services and Port Numbers	134
14.5.2 NAT Port Forwarding Example	134
14.5.3 Trigger Port Forwarding	135
14.5.4 Trigger Port Forwarding Example	135
14.5.5 Two Points To Remember About Trigger Ports	136
DDNS	137
15.1 Overview	137
15.1.1 What You Need To Know	137
15.2 General	137
Static Route	139
16.1 Overview	139
16.2 IP Static Route Screen	139
16.2.1 Add/Edit Static Route	140
Firewall	143
17.1 Overview	143
17.1.1 What You Can Do	143
17.1.2 What You Need To Know	143
17.2 General Screen	145
17.3 Services Screen	145
Content Filtering	149
18.1 Overview	149
18.1.1 What You Need To Know	149
18.2 Content Filter	149
18.3 Technical Reference	151
18.3.1 Customizing Keyword Blocking URL Checking	151
StreamBoost Management	153
19.1 Overview	153
19.2 What You Can Do	153
19.3 Network Screen	154
19.4 Banwidth Screen	154
19.5 Priorities Screen	156
19.6 Up Time Screen	156
19.7 Downloads Screen	157
19.8 All Events Screen	158
Remote Management	161
20.1 Overview	161
20.2 What You Can Do in this Chapter	161
20.3 What You Need to Know	161
20.3.1 Remote Management and NAT	162
20.3.2 System Timeout	162
20.4 WWW Screen	162
20.5 Telnet Screen	163
20.6 Wake On LAN Screen	163
Universal Plug-and-Play (UPnP)	165
21.1 Overview	165
21.2 What You Need to Know	165
21.2.1 NAT Traversal	165
21.2.2 Cautions with UPnP	165
21.3 UPnP Screen	166
21.4 Technical Reference	166
21.4.1 Using UPnP in Windows XP Example	166
21.4.2 Web Configurator Easy Access	168
USB Media Sharing	171
22.1 Overview	171
22.2 What You Can Do	172
22.3 What You Need To Know	172
22.4 Before You Begin	173
22.5 DLNA Screen	174
22.6 SAMBA Screen	174
22.7 FTP Screen	176
22.8 Example of Accessing Your Shared Files From a Computer	177
22.8.1 Use Windows Explorer to Share Files	177
22.8.2 Use FTP to Share Files	179
Maintenance	181
23.1 Overview	181
23.2 What You Can Do	181
23.3 General Screen	181
23.4 Password Screen	182
23.5 Time Setting Screen	183
23.6 Firmware Upgrade Screen	184
23.7 Configuration Backup/Restore Screen	186
23.8 Restart Screen	187
23.9 Language Screen	187
23.10 System Operation Mode Overview	188
23.11 Sys OP Mode Screen	189
Troubleshooting	191
24.1 Overview	191
24.2 Power, Hardware Connections, and LEDs	191
24.3 NBG6716 Access and Login	192
24.4 Internet Access	193
24.5 Resetting the NBG6716 to Its Factory Defaults	195
24.6 Wireless Connections	195
24.7 USB Device Problems	197
24.8 ZyXEL Share Center Utility Problems	197
Pop-up Windows, JavaScript and Java Permissions	199
Setting Up Your Computer’s IP Address	209
Common Services	237
Legal Information	241

Match case Limit results 1 per page

Chapter 17 Firewall

NBG6716 User’s Guide

145

Don't enable any local service (such as NTP) that you don't use. Any enabled service could present

a potential security risk. A determined hacker might be able to find creative ways to misuse the

enabled services to access the firewall or the network.

For local services that are enabled, protect against misuse. Protect by configuring the services to

communicate only with specific peers, and protect by configuring rules to block packets for the

services at specific interfaces.

Protect against IP spoofing by making sure the firewall is active.

Keep the firewall in a secured (locked) room.

17.2

General Screen

Use this screen to enable or disable the NBG6716’s firewall, and set up firewall logs. Click

Security

Firewall

to open the

General

screen.

Figure 90

Security > Firewall > General l

The following table describes the labels in this screen.

17.3

Services Screen

If an outside user attempts to probe an unsupported port on your NBG6716, an ICMP response

packet is automatically returned. This allows the outside user to know the NBG6716 exists. Use this

screen to prevent the ICMP response packet from being sent. This keeps outsiders from discovering

your NBG6716 when unsupported ports are probed.

You can also use this screen to enable service blocking, enter/delete/modify the services you want

to block and the date/time you want to block them.

Click

Security

Firewall

Services

. The screen appears as shown next.

Table 57

Security > Firewall > General

LABEL

DESCRIPTION

Enable Firewall

Select this check box to activate the firewall. The NBG6716 performs access control and

protects against Denial of Service (DoS) attacks when the firewall is activated.

Apply

Click

Apply

to save the settings.

Cancel

Click

Cancel

to start configuring this screen again.