Cisco Dpq3925x User Manual
Have a look at the manual Cisco Dpq3925x User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
4021193 Rev C 71 Control Access to the Gateway Use the Keyword List to enter the keywords you wish to block. If any of these keywords appears in the URL of a website, access to the site will be blocked. Note that only the URL is check, not the content of each webpage. Access Restrictions > Time of Day Rules Use the Access Restrictions Time of Day Rules page to configure web access filters to block all Internet traffic to and from specific network devices based on day of week and time of day settings that you select. Select the Time of Day Rules tab to open the Access Restrictions Time of Day Rules Page. The following illustration is an example of the Access Restrictions Time of Day Rules page. Note: The residential gateway uses the network time of day clock that is managed by your data service provider. The time of day clock must be accurate and represent the time of day in your time zone for this feature to operate properly. Verify that the Status and Set Time pages reflect the correct time of day. If they do not reflect the correct time of day, contact your data service provider. You can also adjust your settings to account for the difference. Access Restrictions Time of Day Rules Page Description Use the descriptions and instructions in the following table to configure the time of day rules for your residential gateway. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel.
72 4021193 Rev C Control Access to the Gateway Section Field Description Tod Filter Add Allows you to add a new Time of Day access filter or rule. Enter the name of the filter and click the Add key to add the filter to the list. Time of Day rules are used to restrict Internet access based on the day and time. Remove Removes the selected filter from the Time of Day filter list Schedule Days to Block Allows you to control access based on days of the week Time to Block Allows you to control access based on time of day Access Restrictions > User Setup Use the Access Restrictions User Setup page to set up additional accounts and user profiles for household members. Each profile can be assigned customized levels of Internet access as defined by the access rules assigned to that users profile. Important: These additional accounts do not grant administrative access to the gateway. Note: Once you define and enable user profiles, each user must sign-on each time they wish to access the Internet. The user can sign-on when the pop-up sign-on screen appears in their Web browser. The user must enter their correct user name and password in order to gain Internet access. Select the User Setup tab to open the Access Restrictions User Setup page.
4021193 Rev C 73 Control Access to the Gateway Access Restrictions User Setup Page Description Use the descriptions and instructions in the following table to configure the user setup for your residential gateway. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description User Configure Add User Allows you to add a new user profile. Enter the name of the user and click the Add User button to add the user to the list. User Settings Allows you to edit a user profile by using the drop-down menu to edit a user profile. The drop-down menu allows you to recall the profile to be edited. User names and passwords are case-sensitive. Make sure to check the Enable box to activate the user profile. If a profile is not active, that user will not have any access to the Internet. To remove a user profile, use the drop-down menu to select the user to be removed and click the Remove User button. Password Enter the selected users password in this field. Each user must enter their User Name and Password each time they use the Internet. User names and passwords are case-sensitive. Note: The residential gateway will allow each user access to the Internet, subject to the rules selected on this page for that user. Re-Enter Password Re-enter the same password for confirmation of the password in the previous field. Trusted User Check this box if the currently selected user is to be designated a trusted user. Trusted users are not subject to Internet access rules. Content Rule Select the Content Rule for the current user profile. Content Rules must first be defined by going to the Rules Configuration page. You can access the Rule Configuration page by clicking on the ―Basic Rules‖ tab on this page. Time Access Rule Select the Time Access Rule for the current user profile. Time Access Rules must first be defined by going to the Time of Day Rules page. You can access the Time of Day Rules page by clicking on the ―Time of Day Rules‖ tab on this page. Session Duration 1440 minutes [Factory default when a user is created. Otherwise, it is 0 (zero)]. Enter the amount of time in minutes that the user will be granted Internet access beginning at the time they sign on using their User Name and Password. Note: Set the Session Duration to 0 (zero) to prevent session timeout.
74 4021193 Rev C Control Access to the Gateway Section Field Description Inactivity Time 60 minutes [Factory default when a user is created. Otherwise, it is 0 (zero)]. Enter the amount of time during a user session where there is no Internet access activity, indicating that the user is no longer online. If the inactivity timer is triggered, the user session will be closed automatically. In order to regain Internet access, the user must log in again with their User Name and Password. Note: Set the Inactivity time value to 0 (zero) to prevent session timeout. Access Restrictions > Local Log This page allows you to track, by user, any attempts made by that user to access Internet sites that are restricted. From this page you can also view events captured by the parental control event-reporting feature. Select the Local Log tab to open the Access Restrictions Local Log page. The following illustration is an example of the Access Restrictions Local Log page. Section Field Description Local Log Parental Control - Event Log Last Occurence Displays the time of the most recent attempt to access a restricted Internet site Action Displays the action taken by the system Target Displays the URL of the restricted site User Displays the user who attempted a restricted site Source Displays the IP address of the PC that was used when attempting to access a restricted website
4021193 Rev C 75 Configure Applications and Gaming Configure Applications and Gaming Overview Most well-known Internet applications are supported by Application Layer Gateways (ALGs). ALGs automatically adjust the gateway firewall to allow data to pass without making any custom settings. We recommend that you test your application before making changes in this section. Applications & Gaming > Port Filtering Use this window to configure transmission control protocol (TCP) and user datagram protocol (UDP) port filters. These filters prevent a range of TCP/UDP ports from accessing the Internet. You can also prevent PCs from sending outgoing TCP/UDP traffic to the WAN on specific IP port numbers. This filter is not IP address- or MAC address- specific. The system blocks the specified port ranges for all PCs. Select the Port Filtering tab to open the Applications & Gaming Port Filtering page. Applications and Gaming Port Filtering Page Description Use the descriptions and instructions in the following table to configure the port filtering for applications and gaming features used on your residential gateway. Click the Enable checkbox to enable port forwarding for the relevant application. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel.
76 4021193 Rev C Configure Applications and Gaming Section Field Description Port Filtering Start Port: This is the beginning of the port range. Enter the beginning of the range of port numbers (external ports) used by the server or Internet application. Check with the software documentation of the Internet application for more information if necessary. End Port: This is the end of the port range. Enter the end of the range of port numbers (external ports) used by the server or Internet application. Check with the software documentation of the Internet application for more information if necessary. Protocol Select one of the following protocols: TCP UDP Both Enable: Check this box to enable filtering on the specified ports. Applications & Gaming > Port Range Forwarding Important: The gateway normally implements a feature called Port Translation. Port Translation monitors what ports are actually being used by your PCs or other devices on your LAN. This monitoring provides an added level of security beyond what the firewall provides. However, there are some applications that require the gateway to use specific ports to connect over the Internet. Use Port Range Forwarding to forward ports from the public Internet to specific IP addresses in your local network. Select the Port Range Forwarding tab to open the Applications & Gaming Port Range Forwarding page. For the Start and End Port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Type the port number or range in both boxes. In the IP Address box type the name of the computer‘s IP address to which this is to apply. Note: Port Range Forwarding continually exposes the selected ports to the public Internet. This means that the gateway‘s firewall is no longer active on these ports. The device with the forwarding IP address can be exposed to hacker attacks while the port range is being forwarded.
4021193 Rev C 77 Configure Applications and Gaming Applications and Gaming Port Range Forward Page Description Use the descriptions and instructions in the following table to configure the port range forwarding for the residential gateway. Select enable for each. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description Port Range Forwarding Start For the Start port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. End For the End port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Protocol Select one of the following protocols: TCP UDP Both IP Address Enter the computer‘s IP address to which this is to apply. Enable Check this box to enable port forwarding for the specified ports and IP addresses.
78 4021193 Rev C Configure Applications and Gaming Applications & Gaming > Port Range Triggering Port range triggering is a way to dynamically forward ports to a LAN PC that needs them at a particular time. That particular time is when it runs a certain application that performs some event that trigger the router. This event must be an outbound access of a particular port range. Select the Port Range Triggering tab to open the Applications & Gaming Port Range Triggering page. Applications and Gaming Port Range Triggering Page Description Use the descriptions and instructions in the following table to configure the port range triggering for the residential gateway. Select enable for each. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description Port Range Triggering Triggered Range Start Port For the Start port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. End Port For the End port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Forwarded Range Start Port For the Start port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded.
4021193 Rev C 79 Configure Applications and Gaming Section Field Description End Port For the End port, select a port from the recommended 49152 - 65535 range. Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Protocol Select one of the following protocols: TCP UDP Both Enable Click the Enable checkbox to enable port range triggering for the relevant application. Applications & Gaming > DMZ Use this page to configure an IP address whose ports are directly exposed to the public Internet or to the Wide Area Network (WAN). Demilitarized Zone (DMZ) hosting is commonly referred to as exposed host, and allows you to specify a recipient of WAN traffic that Network Address Translation (NAT) is unable to translate to a known local PC. A DMZ is typically used by a company that wants to host its own Internet server. DMZ allows one IP address to be placed on the Internet side of the gateway firewall while others remain protected behind the firewall. The DMZ allows a device to be directly accessible to Internet traffic, such as a web (HTTP) server, an FTP server, an SMTP (e-mail) server, and a domain name system (DNS) server. Select the DMZ tab to open the Applications & Gaming DMZ page.
80 4021193 Rev C Configure Applications and Gaming Applications and Gaming DMZ Page Description Use the descriptions and instructions in the following table to configure the port range triggering for the residential gateway. Select enable for each DMZ Host IP address. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description DMZ DMZ Hosting Select the desired option: Enable Disable (factory default) DMZ Host IP Address DMZ allows one IP address to be unprotected while others remain protected. Enter the IP address of the computer you want to expose to the Internet in this field.