D-Link Router DGL-4300 User Manual
Have a look at the manual D-Link Router DGL-4300 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 48 D-Link manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Using the Configuration Interface 31 D-Link Systems, Inc. Gaming The Gaming section is used to open multiple ports or a range of ports in your router and redirect data through those ports to a single PC on your network. This feature allows you to enter ports in various formats: Add/Edit Game Rule Give the Gaming Rule a name that is meaningful to you, such as Game Server. You can also select from a list of pre-defined rules for many popular games. If you have any trouble with pre-defined rules, verify whether the port values have changed since the list was created. You also must fill in the IP address field. Enter the local network IP address of the system hosting the game server, such as 192.168.0.50. Enter the TCP ports to open, such as 6159-6180, 99 Enter the UDP ports to open, such as 6159-6180, 99 Select a schedule for when this rule is in effect. If you do not see the schedule you need in the list of schedules, go to the Tools -> Schedules screen and create a new schedule. Saves the new rule or modified existing rule to the Rules list. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. Game Rules List Entries on this list can be enabled/disabled by toggling the Enable checkbox. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. Rule Name: IP Address: TCP Ports To Open: UDP Ports To Open: Schedule: Save: Advanced > Gaming
Using the Configuration Interface 32 D-Link Systems, Inc. Enable GameFuel: Automatic Classification: Dynamic Fragmentation: Max. IP Fragment Size: Uplink Speed: GameFuel™ The GameFuel™ option helps improve your network gaming performance by prioritizing applications. By default the GameFuel settings are disable and application priority is not automatically classified. GameFuel™ Setup This option is disabled by default. Enable this option for better performance and experience with online games and other interactive applications, such as VoIP. This option is enabled by default when the GameFuel option is enabled. This option will allow your router to automatically determine which programs should have network priority. This option should be enabled when you have a slot Internet uplink. It helps to reduce the impact that large low priority network packets can have on more urgent ones. If Dynamic Fragmentation is enabled, you can fine tune the fragment size. The default value is 576. Select a smaller size if you have a slow uplink and VoIP quality is not optimal; select a larger size for faster uplinks. The speed at which data can be transferred from the router to your ISP. This is determined by your ISP. ISP’s often speed as a download/upload pair. For example, 1.5Mbits/284Kbits. Using this example, you would enter 284. Alternatively you can test your uplink speed with a service such as www.dslreports.com. Advanced > GameFuel
Using the Configuration Interface 33 D-Link Systems, Inc. Name: Priority: Protocol: Source IP Range: Source Port Range: Destination IP Range: Destination Port Range: Save: Add/Edit GameFuel™ Rule Automatic classification should be adequate for most applications. GameFuel rules identify a specific message flow and assign priority to that flow. Create a name for the rule that is meaningful to you. The priority of the message flow is entered here. O receives the highest priority (most urgent) and 255 receives the lowest priority. The protocol used by the messages. The rule applies to a flow of messages whose LAN-side IP address is within the range set here. The rule applies to a flow of messages whose LAN-side port number is within the range set here. The rule applies to a flow of messages whose WAN-side IP address is within the range set here. The rule applies to a flow of messages whose WAN-side port number is within the range set here. Saves the new rule or modified existing rule to the Rules list. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. GameFuel Rules List Entries on this list can be enabled/disabled by toggling the Enable checkbox. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button.
Using the Configuration Interface 34 D-Link Systems, Inc. Routing Add/Edit Route Adds a new route to the IP routing table or edits an existing route. Specifies whether the entry will be enabled or disabled. The IP address or network that the packets will be attempting to access Note: 192.168.1.0 with a Netmask of 255.255.255.0 means traffic will be routed to the entire 192.168.1.x network. Used to specify which portion of the Destination IP signifies the network trying to be accessed and which part signifies the host that the packets will be routed to Note: 255.255.255.255 is used to signify only the host that was entered in the Destination IP field. Specifies the next hop to be taken if this route is used. A gateway of 0.0.0.0 implies there is no next hop, and the IP address matched is directly connected to the router on the interface specified: LAN or WAN. Specifies the interface, LAN or WAN, that the IP packet must use to transit out of the router when this route is used. The amount of hops it will take to reach the Destination IP or network. A hop is considered to be traffic passing through a router from one network to another. If there is only one router between your network and the Destination network, then the Metric value would be 1. Saves the new rule or modified existing rule to the Rules list. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. Route List This section shows the current routing table entries. Certain required routes are predefined and cannot be changed. Entries on this list that can modified can be enabled/disabled by toggling the Enable checkbox. Editable entries can be modified by clicking on the paper and pencil icon. To delete an editable entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. Enable: Destination IP: Netmask: Gateway: Interface: Metric: Save: Advanced > Routing
Using the Configuration Interface 35 D-Link Systems, Inc. Access Control The Access Control section allows you to control access in and out of your network. Use this feature as Parental Controls to only grant access to approved sites, limit web access based on time or dates, and/or block access from applications like P2P utilities or games. Enabled By default the Access Control feature is disabled. If you enable Access Control, every device on the LAN must either have a static IP address (that is one that is not in the DHCP range) or must be in the Static DHCP Client List (see Basic > DHCP). When Access Control is disabled, every device on the LAN is permitted to access the Internet. However, if you enable Access Control, every device on the LAN that needs to access the Internet must have an Access Control rule that explicitly permits it to access the Internet. Devices that do not have an Access Control Rule cannot access the Internet. When Access Control is enabled, the options below will appear: Add/Edit Access Control Rule Create a name for this access control policy that is meaningful to you. Typically this would be a system name or user name such as Rob’s PC. The local network IP address of the machine that you want the access control rule to apply to. Example: 192.168.0.50. Make sure that this is a static IP address or the system is in the static DHCP Client list (See Basic > DHCP). Select a schedule of times when you want the policy to apply. If you do not see the schedule you need in the list of schedules, go to the Tools > Schedules screen and create a new schedule. With this option enabled, the specified system will only have access to the Web sites listed in the Web filter section. If this option is enabled, all of the Web sites visited by the specified machine will be logged. By clicking the Filter Ports >> button you can specify that the rule enables access only to specific IP addresses and ports. Saves the new or edited access control rule in the Access Control Rules List. Repeat the process, creating an Access Control Rule for each of the devices on your LAN that needs access to the Internet. When finished updating Access Control Rules, you must still click the Save Settings button at the top of the page to make changes effective and permanent. Policy Name: Machine IP Address: Schedule: Apply Web Filter: Log Internet Access: Filter Ports: Save: Advanced > Access Control
Using the Configuration Interface 36 D-Link Systems, Inc. Access Control Rules List This section shows the current Access Control rules. Any device that does not have a rule, cannot access the Internet. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. Web Filter The Web Filter section is where you add the Web site to be used for Access Control. Add/Edit Web Site This field is where you can add Web sites to the Allowed Web List. The Allowed Web List is used for systems that have the Web filter option enabled in Access Control. Entries in the Allowed Web Site List can be activated or deactivated with this checkbox. New entries are activated by default. Enter the URL (address) of the web site that you want to allow (such as google.com). Enter the most inclusive domain name. For instance, entering dlink.com will give you access to www.dlink.com and support.dlink.com. Do not enter the http:// preceding the URL. Note: Many web sites construct pages with images and content from other web sites. Access will be forbidden if you do not enable all of the web sites used to construct a page. For example, to access my.yahoo.com, you must enable access to yahoo.com, yimg.com, and doubleclick.net. Saves the new or modified Allowed Web Site in the Allowed Web Site List. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. Allowed Web Site List This section lists the currently allowed web sites. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. Enable: Web Site: Save: Advanced > Web Filter
Using the Configuration Interface 37 D-Link Systems, Inc. Mac Address Filters The MAC (Media Access Controller) Address filter section is used to control network access based on the MAC Address of the network adapter. A MAC address is a unique ID assigned by the manufacturer of a networking device. This feature can be configured to ALLOW or DENY network/ Internet access. Filter Settings When this is enabled, depending on the mode selected, computers are granted or denied network access based on their MAC address. When Allow is selected, only computers with MAC addresses listed in the MAC Address List are granted network access. When Deny is selected, any computer with a MAC address listed in the MAC Address List When this is selected, the MAC address filters will be applied to wireless network clients. When this is selected, the MAC address filters will be applied to wired network clients. Add MAC Address MAC address entries are activated or deactivated with this checkbox. Enter the MAC address of the desired computer or connect to the router from the desired computer and click Copy Your PC’s MAC Address button. Saves the new or modified MAC address in the MAC Address List. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. MAC Address List This section lists the current MAC address filters. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. MAC Filter Enabled: Mode: Filter Wireless Clients: Filter Wired Clients: Enable: MAC Address: Save: Advanced > MAC Address Filter
Using the Configuration Interface 38 D-Link Systems, Inc. Firewall A firewall protects your network from the outside world. The D-Link Gaming Router offers a firewall type functionality. The SPI feature helps prevent cyber attacks. Sometimes you may want a computer exposed to the outside world for certain types of applications. If you choose to expose a computer, you cam enable DMZ. DMZ is short for Demilitarized Zone. This option will expose the chosen computer completely to the outside world. Firewall Settings SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through the session conforms to the protocol. When SPI is enabled, the extra state information will be reported on the Status > Active sessions page. If an application has trouble working from behind the router, you can expose one computer to the Internet and run the application on that computer. Note: Placing a computer in the DMZ may expose that computer to a variety of security risks. Use of this option is only recommended as a last resort. Specify the IP address of the computer on the LAN that you want to have unrestricted Internet communication. If this computer obtains it’s IP address automatically using DHCP, be sure to make a static reservation on the Basic > DHCP page so that the IP address of the DMZ machine does not change. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button.Enable SPI: Enable DMZ: DMZ IP Address: Advanced > Firewall
Using the Configuration Interface 39 D-Link Systems, Inc. Inbound Filters The Inbound Filters option is an advanced method of controlling data received from the Internet. With this feature you can configure inbound data filtering rules that control data based on IP Address, Protocol, and/or Port. The Inbound Filter option is best suited for custom applications. For most applications you should use Virtual Server, Special Applications, or the Gaming section to create rules that will allow applications to communicate through the router. Add/Edit Inbound Filter Rule Enables inbound filtering. Enter a name for the rule that is meaningful to you. The rule can be set to either allow or deny applicable messages. Defines the range of Internet addresses this rule applies to. Select the protocol used for this rule. Enter the range of ports that this rule applies to. Enter the range of WAN side ports associated with the servers on the LAN that this rule applies to. Select a schedule for the times when this rule should be in effect. If you do not see the schedule you need in the list of schedules, go to the Tools > Schedules screen and create a new schedule. Check this option if you want the router to add an entry to the log whenever a rule is enforced. Saves the new rule or modified existing rule to the Rules list. When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and permanent. Inbound Filter Rules List This section lists the current Inbound Filter rules. Entries can be modified by clicking on the paper and pencil icon. To delete an entry, click on the trash can icon. After you’ve completed all modifications or deletions, you must click the Save Settings button at the top of the page to save your changes. The router must reboot before new settings will take effect. You will be prompted to Reboot the Device or Continue. If you need to make additional settings changes, click Continue. If you are finished with your configuration settings, click the Reboot the Device button. Enable: Name: Action: Source IP Range: Protocol: Source Port Range: Public Port Range: Schedule: Log: Save: Advanced > Inbound Filters
Using the Configuration Interface 40 D-Link Systems, Inc. Configuring an Inbound Filter Rule When the Rule List is empty or none of the rules are enabled, all inbound data that corresponds to a connection that originated from inside the router or which corresponds to a Virtual Server, Gaming, or Special Application Rule is ALLOWED by default. When rules are configured, the router compares incoming data packets against the rules in the list. It is very important to understand that the router examines each rule one by one in the order that they are listed in the Rule list until it finds a match. The packet will either be DENIED (Dropped) or ALLOWED. Once a match has been made, no further rules will be examined for that packet. If no rules match the data packet, it is ALLOWED. This means that to allow only a specific subset of traffic usually requires more than one rule to be entered. Example: You have configured a game server, using the Advanced > Gaming page, to play HALO: Combat Evolved with some friends. You would like to limit the access to your network and server to specific times of the day and only to your friends. Next you would define a schedule on the Tools > Schedule page, called Gametime, which specifies a schedule of Friday and Saturday between 7PM and 11PM. All of your friends use the same service provider and have IP addresses 67.150.220.117, 67.150.231.43, and 67.150.231.75. You have an option of defining a set of rules to match each one of these addresses individually or you may just decide that using an IP range that covers all of them is sufficient for your needs. The first rule is to configure a DENY rule that will catch all of the traffic that arrives on these ports but does not match data from the sources you want to have access to your network. It is important to enter the DENY rule first since all subsequent rules will be added higher in the list and will be checked first. It should look similar to the figure on the right. Notice that it covers all Source IP Address, Source Ports, and Times (Always), but is specifically tied to the Public Ports defined in the Game Rule List. This is because you do not want to accidentally block traffic for other applications. It is a good idea to turn on the log for this rule so that you can check in the log for anything that is filtered inappropriately. Next configure the ALLOW rules. In the example on the right, two rules are used to cover the three IP addresses.