User's Manual

Table Of Contents

Chapter 3: Router Configuration

300Mbps Wireless N Rouer

Stateful Packet Inspection (SPI): When the SPI firewall is enabled, the system refuses

all requests from the Internet. Only packets that belong to connections that respond

requests from the LAN and for which status database is created can pass the firewall and

access to the LAN. By default, the SPI is enabled. To expose all hosts in the LAN to the

Internet, you can disable SPI.

Virtual Private Network (VPN): VPN provides a safe communication method among

remote computers through WAN. If a host in the LAN wants to connect to the remote VPN

network through the router by using the VPN protocol, such as PPTP, L2TP, or IPSec, you

need to enable the corresponding VPN pass through.

Application Layer Gateway (ALG): ALG supports that some protocols at the application

layer that adopt the control/data mode, such as FTP, TFTP, and H323, help to translate

network addresses and ports at the NAT gateway. You are recommended to enable this

option. The Common Service Port drop-down list contains some common service ports.

You can select one and click Add to add the service port to the virtual server list.

•

Advanced Security Settings

Anti DoS Attack: Check to enable it for attack prevention.

IGMP-Flood Packet Threshold: If the number of ICMP data packets exceeds the

threshold, the defense measures act immediately.

Enable filtering UDP-FLOOD attack: Select it if you want to protect against UDP-

FLOOD attacks.

UDP-Flood Packet Threshold: If the number of UDP data packets exceeds the

threshold, the defense measures act immediately.

Enable filtering TCP-SYN-FLOOD attack: Select it if you want to protect against TCP-

SYN-FLOOD at tacks.

TCP-SYN-Attack Packet Threshold: If the number of TCP-SYN data packets exceeds

the threshold, the defense measures act immediately.