Manualshelf

User Manual

ManualsBrandsU-MEDIA Communications ManualsElectronics2.4GHz Wireless 802.11n(DRAFT) Giga Router
41424344454647484950
44
rather like a selective DMZ, where incoming traffic targeted at one or more ports is forwarded
to a specific LAN host (thereby not exposing as many ports as a DMZ host). Port triggering is a
special form of port forwarding, which is activated by outgoing traffic, and for which ports are
only forwarded while the trigger is active.
Few applications truly require the use of the DMZ host. Following are examples of when a
DMZ host might be required:
A host needs to support several applications that might use overlapping ingress ports
such that two port forwarding rules cannot be used because they would potentially be in
conflict.
To handle incoming connections that use a protocol other than ICMP, TCP, UDP, and
IGMP (also GRE and ESP, when these protocols are enabled by the PPTP and IPSec
ALGs ).
Enable DMZ
Putting a computer in the DMZ may expose that computer to a variety of security risks.
Use of this option is only recommended as a last resort.
DMZ IP Address
Specify the LAN IP address of the LAN computer that you want to have unrestricted Internet
communication. If this computer obtains its address Automatically using DHCP, then you may
want to make a static reservation on the Basic Network Settings page so that the IP address
of the DMZ computer does not change.
Non-UDP/TCP/ICMP LAN Sessions
When a LAN application that uses a protocol other than UDP, TCP, or ICMP initiates a session
to the Internet, the router's NAT can track such a session, even though it does not recognize
the protocol. This feature is useful because it enables certain applications (most importantly a
single VPN connection to a remote host) without the need for an ALG.
Note that this feature does not apply to the DMZ host (if one is enabled). The DMZ host always
handles these kinds of sessions.
Enable
Enabling this option (the default setting) enables single VPN connections to a remote host.
(But, for multiple VPN connections, the appropriate VPN ALG must be used.) Disabling this
option, however, only disables VPN if the appropriate VPN ALG is also disabled.
Application Level Gateway (ALG) Configuration
Here you can enable or disable ALGs. Some protocols and applications require special
handling of the IP payload to make them work with network address translation (NAT).
Each ALG provides special handling for a specific protocol or application. A number of
ALGs for common applications are enabled by default.
PPTP
Allows multiple machines on the LAN to connect to their corporate networks using PPTP
protocol. When the PPTP ALG is enabled, LAN computers can establish PPTP VPN
connections either with the same or with different VPN servers. When the PPTP ALG is
disabled, the router allows VPN operation in a restricted way -- LAN computers are typically
able to establish VPN tunnels to different VPN Internet servers but not to the same server. The