Home » ZyXEL Manuals » Wireless » ZyXEL SBG3300-N Series » Manual Viewer

ZyXEL SBG3300-N Series User Guide - Page 184

The Access Control Screen

View all ZyXEL SBG3300-N Series manuals

Add to My Manuals
Save this manual to your list of manuals

Page 184 highlights

Chapter 14 Firewall Table 75 Service: Add/Edit (continued) LABEL DESCRIPTION Service Description Enter a description for your customized port. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 14.4 The Access Control Screen Click Security > Firewall > Access Control to display the following screen. This screen displays a list of the configured incoming or outgoing filtering rules. Figure 102 Security > Firewall > Access Control The following table describes the labels in this screen. Table 76 Security > Firewall > Access Control LABEL Rules Storage Space usage Direction DESCRIPTION This bar shows the percentage of the Device's space has been used. If the usage is almost full, you may need to remove an existing filter rule before you create a new one. This is the direction of travel of packets. Select from which zone the packets come and to which zone they go and click Show to display the related firewall ACL rules. For example, From LAN To WAN means packets traveling from a computer or subnet on the LAN zone to the WAN zone. From All displays all the firewall ACL rules for traffic going to the selected To zone. To All displays all the firewall ACL rules for traffic coming from the selected From zone. From All To All displays all of the firewall ACL rules. From Any displays all the firewall ACL rules for traffic coming from the WAN, LAN, WLAN, DMZ, and EXTRA zones (but not the ROUTER zone) to the selected To zone. To Any (excl. Router) displays all the firewall ACL rules for traffic coming from the selected From zone to the WAN, LAN, WLAN, DMZ, and EXTRA zones (but not the ROUTER zone). EXTRA is a local zone to use as needed depending on your network topology. Add new ACL rule # En To ROUTER firewall ACL rules apply to traffic destined for the Device and control which computers can manage the Device. Click this to go to add a filter rule for incoming or outgoing IP traffic. This is the index number of the entry. The icon is lit up when the ACL rule is enabled and grayed out when the rule is disabled. 184 SBG3300-N Series User's Guide

Section	Page
SBG3300-N Series	1
Contents Overview	3
Table of Contents	5
User’s Guide	15
Introducing the Device	17
1.1 Overview	17
1.2 Ways to Manage the Device	17
1.3 Good Habits for Managing the Device	17
1.4 Applications for the Device	18
1.4.1 Internet Access	18
1.4.2 Device’s USB Support	19
1.5 LEDs (Lights)	20
1.6 The RESET Button	21
1.7 Wireless Access	21
1.7.1 Using the WLAN Button	22
The Web Configurator	23
2.1 Overview	23
2.1.1 Accessing the Web Configurator	23
2.2 Web Configurator Layout	25
2.2.1 Title Bar	25
2.2.2 Main Window	26
2.2.3 Navigation Panel	26
Quick Start	31
3.1 Overview	31
3.2 Quick Start Setup	31
Technical Reference	35
Status Screens	37
4.1 Overview	37
4.2 The Status Screen	37
Broadband	41
5.1 Overview	41
5.1.1 What You Can Do in this Chapter	41
5.1.2 What You Need to Know	42
5.1.3 Before You Begin	45
5.2 The Broadband Screen	45
5.2.1 Add/Edit Internet Connection	47
5.3 The 3G WAN Screen	55
5.4 The Add New 3G Dongle Screen	58
5.4.1 Add 3G Dongle Information	59
5.5 The Advanced Screen	59
5.6 The 802.1x Screen	60
5.6.1 Edit 802.1x Settings	61
5.7 The multi-WAN Screen	62
5.7.1 Add/Edit multi-WAN	63
5.7.2 How to Configure multi-WAN for Load Balancing and Failover	64
5.8 Technical Reference	65
Wireless	71
6.1 Overview	71
6.1.1 What You Can Do in this Chapter	71
6.1.2 What You Need to Know	72
6.2 The General Screen	72
6.2.1 No Security	75
6.2.2 Basic (WEP Encryption)	75
6.2.3 More Secure (WPA(2)-PSK)	77
6.2.4 WPA(2) Authentication	78
6.3 The More AP Screen	79
6.3.1 Edit More AP	81
6.4 MAC Authentication	83
6.5 The WPS Screen	84
6.6 The WMM Screen	85
6.7 The Others Screen	86
6.8 The Channel Status Screen	88
6.9 The Scheduling Screen	88
6.9.1 Add Schedule	89
6.10 Technical Reference	90
6.10.1 Wireless Network Overview	90
6.10.2 Additional Wireless Terms	92
6.10.3 Wireless Security Overview	92
6.10.4 Signal Problems	94
6.10.5 BSS	95
6.10.6 MBSSID	95
6.10.7 Preamble Type	96
6.10.8 WiFi Protected Setup (WPS)	96
LAN	103
7.1 Overview	103
7.1.1 What You Can Do in this Chapter	103
7.1.2 What You Need To Know	104
7.1.3 Before You Begin	105
7.2 The LAN Setup Screen	105
7.3 The Static DHCP Screen	109
7.4 The UPnP Screen	110
7.5 Installing UPnP in Windows Example	111
7.6 Using UPnP in Windows XP Example	114
7.7 The Additional Subnet Screen	120
7.8 The 5th Ethernet Port Screen	121
7.9 Technical Reference	121
7.9.1 LANs, WANs and the Device	122
7.9.2 DHCP Setup	122
7.9.3 DNS Server Addresses	122
7.9.4 LAN TCP/IP	123
Routing	125
8.1 Overview	125
8.1.1 What You Can Do in this Chapter	125
8.2 The Routing Screen	126
8.2.1 Add/Edit Static Route	127
8.3 The Policy Forwarding Screen	127
8.3.1 Add/Edit Policy Forwarding	129
8.4 The RIP Screen	129
Quality of Service (QoS)	131
9.1 Overview	131
9.1.1 What You Can Do in this Chapter	131
9.2 What You Need to Know	132
9.3 The Quality of Service General Screen	133
9.4 The Queue Setup Screen	134
9.4.1 Adding a QoS Queue	136
9.5 The Class Setup Screen	136
9.5.1 Add/Edit QoS Class	138
9.6 The QoS Policer Setup Screen	141
9.6.1 Add/Edit a QoS Policer	142
9.7 The QoS Monitor Screen	143
9.8 Technical Reference	144
Network Address Translation (NAT)	149
10.1 Overview	149
10.1.1 What You Can Do in this Chapter	149
10.1.2 What You Need To Know	149
10.2 The Port Forwarding Screen	150
10.2.1 Add/Edit Port Forwarding	152
10.3 The Applications Screen	153
10.3.1 Add New Application	154
10.4 The Port Triggering Screen	154
10.4.1 Add/Edit Port Triggering Rule	156
10.5 The Default Server Screen	157
10.6 The ALG Screen	158
10.7 The Address Mapping Screen	158
10.7.1 Add/Edit Address Mapping Rule	159
10.8 Technical Reference	160
10.8.1 NAT Definitions	160
10.8.2 What NAT Does	161
10.8.3 How NAT Works	162
10.8.4 NAT Application	163
Dynamic DNS Setup	165
11.1 Overview	165
11.1.1 What You Can Do in this Chapter	165
11.1.2 What You Need To Know	166
11.2 The DNS Entry Screen	166
11.2.1 Add/Edit DNS Entry	167
11.3 The Dynamic DNS Screen	167
Interface Group/VLAN	169
12.1 Overview	169
12.2 The Interface Group/VLAN Screen	169
12.2.1 Interface Group Configuration	170
12.2.2 Interface Grouping Criteria	172
USB Service	175
13.1 Overview	175
13.1.1 What You Can Do in this Chapter	175
13.1.2 What You Need To Know	175
13.2 The File Sharing Screen	176
13.2.1 Before You Begin	176
Firewall	179
14.1 Overview	179
14.1.1 What You Can Do in this Chapter	179
14.1.2 What You Need to Know	180
14.2 The Firewall Screen	181
14.3 The Service Screen	181
14.3.1 Add/Edit a Service	183
14.4 The Access Control Screen	184
14.4.1 Add/Edit an ACL Rule	185
14.5 The DoS Screen	187
MAC Filter	189
15.1 Overview	189
15.2 The MAC Filter Screen	189
User Access Control	191
16.1 Overview	191
16.2 The User Access Control Screen	191
16.2.1 Add/Edit a User Access Control Rule	192
Scheduler Rules	195
17.1 Overview	195
17.2 The Scheduler Rules Screen	195
17.2.1 Add/Edit a Schedule	196
Certificates	197
18.1 Overview	197
18.1.1 What You Can Do in this Chapter	197
18.2 What You Need to Know	197
18.3 The Local Certificates Screen	198
18.3.1 Create Certificate Request	199
18.3.2 Load Signed Certificate	200
18.4 The Trusted CA Screen	201
18.4.1 View Trusted CA Certificate	202
18.4.2 Import Trusted CA Certificate	203
IPSec VPN	205
19.1 Overview	205
19.2 What You Can Do in this Chapter	205
19.3 What You Need To Know	206
19.4 The Setup Screen	206
19.4.1 Add/Edit VPN Rule	207
19.4.2 The VPN Connection Add/Edit Screen	208
19.4.3 The Default_L2TP_VPN IPSec VPN Rule	214
19.5 The IPSec VPN Monitor Screen	215
19.6 The Radius Screen	215
19.7 Technical Reference	216
19.7.1 IPSec Architecture	217
19.7.2 Encapsulation	218
19.7.3 IKE Phases	219
19.7.4 Negotiation Mode	219
19.7.5 IPSec and NAT	220
19.7.6 VPN, NAT, and NAT Traversal	220
19.7.7 ID Type and Content	221
19.7.8 Pre-Shared Key	222
19.7.9 Diffie-Hellman (DH) Key Groups	223
PPTP VPN	225
20.1 Overview	225
20.2 What You Can Do in this Chapter	225
20.3 PPTP VPN Setup	226
20.4 The PPTP VPN Monitor Screen	227
20.5 PPTP VPN Troubleshooting Tips	227
L2TP VPN	231
21.1 Overview	231
21.1.1 What You Can Do in this Chapter	231
21.2 L2TP VPN Screen	232
21.3 The L2TP VPN Monitor Screen	233
21.4 L2TP VPN Troubleshooting Tips	233
Log	237
22.1 Overview	237
22.1.1 What You Can Do in this Chapter	237
22.1.2 What You Need To Know	237
22.2 The System Log Screen	238
22.3 The Security Log Screen	239
Network Status	241
23.1 Overview	241
23.1.1 What You Can Do in this Chapter	241
23.2 The WAN Status Screen	241
23.3 The LAN Status Screen	242
ARP Table	245
24.1 Overview	245
24.1.1 How ARP Works	245
24.2 ARP Table Screen	245
Routing Table	247
25.1 Overview	247
25.2 The Routing Table Screen	247
IGMP Status	249
26.1 Overview	249
26.2 The IGMP Group Status Screen	249
xDSL Statistics	251
27.1 The xDSL Statistics Screen	251
User Account	255
28.1 Overview	255
28.2 The User Account Screen	255
28.2.1 Add/Edit a Users Account	256
Remote Management	259
29.1 Overview	259
29.2 The Remote MGMT Screen	259
TR-069 Client	261
30.1 Overview	261
30.2 The TR-069 Client Screen	261
SNMP	263
31.1 The SNMP Agent Screen	263
Time	265
32.1 Overview	265
32.2 The Time Screen	265
E-mail Notification	269
33.1 Overview	269
33.2 The Email Notification Screen	269
33.2.1 Email Notification Edit	270
Logs Setting	271
34.1 Overview	271
34.2 The Log Setting Screen	271
34.2.1 Example E-mail Log	272
Firmware and WWAN Package Upgrade	275
35.1 Overview	275
35.2 The Firmware Screen	275
Configuration	279
36.1 Overview	279
36.2 The Configuration Screen	279
36.3 The Reboot Screen	281
Diagnostic	283
37.1 Overview	283
37.1.1 What You Can Do in this Chapter	283
37.2 What You Need to Know	283
37.3 Ping & TraceRoute & NsLookup	284
37.4 802.1ag	285
37.5 OAM Ping Test	286
Troubleshooting	289
38.1 Power, Hardware Connections, and LEDs	289
38.2 Device Access and Login	290
38.3 Internet Access	292
38.4 Wireless Internet Access	293
38.5 USB Device Connection	294
38.6 UPnP	294
Customer Support	297
Legal Information	303

Match case Limit results 1 per page

Chapter 14 Firewall

SBG3300-N Series User’s Guide

184

14.4

The Access Control Screen

Click

Security > Firewall > Access Control

to display the following screen. This screen displays a

list of the configured incoming or outgoing filtering rules.

Figure 102

Security > Firewall > Access Control

The following table describes the labels in this screen.

Service

Description

Enter a description for your customized port.

Apply

Click

Apply

to save your changes.

Cancel

Click

Cancel

to exit this screen without saving.

Table 75

Service: Add/Edit (continued)

LABEL

DESCRIPTION

Table 76

Security > Firewall > Access Control

LABEL

DESCRIPTION

Rules Storage

Space usage

This bar shows the percentage of the Device’s space has been used. If the usage is almost

full, you may need to remove an existing filter rule before you create a new one.

Direction

This is the direction of travel of packets. Select from which zone the packets come and to

which zone they go and click

Show

to display the related firewall ACL rules. For example,

From LAN To WAN

means packets traveling from a computer or subnet on the LAN zone to

the WAN zone.

From

All

displays all the firewall ACL rules for traffic going to the selected

zone.

All

displays all the firewall ACL rules for traffic coming from the selected

From

zone.

From

All

displays all of the firewall ACL rules.

From Any

displays all the firewall ACL rules for traffic coming from the WAN, LAN, WLAN,

DMZ, and EXTRA zones (but not the

ROUTER

zone) to the selected

zone.

To Any (excl. Router)

displays all the firewall ACL rules for traffic coming from the

selected

From

zone to the WAN, LAN, WLAN, DMZ, and EXTRA zones (but not the

ROUTER

zone).

EXTRA

is a local zone to use as needed depending on your network topology.

To ROUTER

firewall ACL rules apply to traffic destined for the Device and control which

computers can manage the Device.

Add new ACL

rule

Click this to go to add a filter rule for incoming or outgoing IP traffic.

This is the index number of the entry.

The icon is lit up when the ACL rule is enabled and grayed out when the rule is disabled.