Netgear Cg3100d2 Owners Manual
Have a look at the manual Netgear Cg3100d2 Owners Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
3-1 v1.0, July 2009 Chapter 3 Content Filtering This chapter describes how to use content filteri ng s for the gateway. This chapter includes: • “Viewing or E-mailing Logs ” • “Blocking Keywords, Sites, and Services” on page 3-2 • “Services” on page 3-4 • “Port Forwarding” on page 3-5 Viewing or E-mailing Logs Your gateway logs security-related events such as De nial of Service (DoS) attacks, hacker probes, and administrator logins, according to your settings on this screen. If you have set up content filtering on the Block Sites screen, you can also log when someone on your network tried to access a blocked site. You can specify which events are logged and you can send the logs to a Syslog server. 1. Log in to the gate way as described in “Logging In to Your Gateway” on page 1-4 . 2. In the main menu, under Content F iltering, select Logs. The Logs screen displays. Figure 3-1
Wireless Cable Voice Gateway CG3000/CG3100 User Manual 3-2Content Filtering v1.0, July 2009 To e-mail logs: 1.Fill in the Contact Email Address and SMTP Server Name fields. 2.Select the Enable check box for E-mail Alerts. 3.Click Apply so that your changes take effect. 4.To e-mail the log now, click E-mail Log. To delete all log entries, click Clear Log. To see the most recent entries, click Refresh. Blocking Keywords, Sites, and Services The gateway provides a variety of options for blocking Internet based content and communications services. With its content filtering feature, the gateway prevents objectionable content from reaching your PCs. The gateway allows you to control access to Internet content by screening for keywords within Web addresses. It also has the capability to block access to all sites except those that are explicitly allowed. Key content filtering options include: • Blocking access from your LAN to Internet locations that contain keywords that your specify. • Blocking access to websites that you specify as off-limits. • Allowing access to only websites that you specify as allowed. Blocking Keywords and Domains The gateway allows you to restrict access to Internet content based on functions such as Web address keywords and Web domains. A domain name is the name of a particular website. For example, for the address www.NETGEAR.com, the domain name is NETGEAR.com. To block keywords and domains: 1.Log in to the gateway as described in “Logging In to Your Gateway” on page 1-4.
Wireless Cable Voice Gateway CG3000/CG3100 User Manual Content Filtering 3-3 v1.0, July 2009 2.In the main menu, under Content Filtering, select Block Sites. The Block Sites screen displays. Figure 3-2 3. T o use keyword blocking, select the Keyword Blocking Enable check box. You can enter up to eight keywords. After you have entered a ke yword in the field to the left of the Add Keyword button, click Add Keyword. The keyword will be shown in the Keyword List. Note the following: • If the keyword XXX is specified, the URL www.zzzyyqq.com/xxx.html is blocked. • If the keyword .c om is specified, only websites with other domain suffixes (such as .edu, .org, or .gov) can be viewed. • Enter the keyword “ .” to block all Internet browsing access. To remove a keyword from the Keyword List, select the keyword, and then click Re move Keyword . 4. Y ou can use the Domain List to create a list of allowed domains, or to create a list of denied domains. To use domain blocking, select the Domain Blocking Enable check box. After you have entered a domain in th e field to the left of the Add Domain button, click Add Domain. The domain will be show n in the Domain List.
Wireless Cable Voice Gateway CG3000/CG3100 User Manual 3-4Content Filtering v1.0, July 2009 If the domain www.zzzyyqq.com is specified, the URL is blocked, along with all other URLs in the www.zzzyyqq.com site. To remove a domain from the Domain Li st, sele ct the domain, and then click Remove Domain . 5. Click Ap ply to save your settings. Services You can use the Services screen to disable certain gateway features. 1. Log in to the gate way as described in “Logging In to Your Gateway” on page 1-4 . 2. In the main menu, under Cont ent F iltering, select Services. Figure 3-3 To disable a feature, clear its check box and then click Apply • Fir ewall Features . The gateway performs Stateful Packet Inspection (SPI) and protect against Denial of Service (DoS) attacks. • IPSec Pass-Thr ough. IPSec traffic is forwarded. If you cl ear this check box then this traffic will be blocked.
Wireless Cable Voice Gateway CG3000/CG3100 User Manual Content Filtering3-5 v1.0, July 2009 •PPTP Pass-Through. PPTP traffic is forwarded. If you clear this check box then this traffic will be blocked. •Multicast. The gateway can pass multicasting streams through the firewall. •Port Scan Detection. When enabled, the gateway can respond to Internet-based port scans. •IP Flood Detection. Allows the is gateway to block malicious devices that are attempting to flood devices. • You can use the Web Features to set certain Web-oriented cookies, java scripts, and pop-up windows to be blocked by the firewall. Port Forwarding Configuring Port Forwarding to Local Servers Using the port forwarding feature, you can allow certain types of incoming traffic to reach servers on your local network. For example, you might make a local Web server, FTP server, or game server visible and available to the Internet. Use the Port Forwarding screen to configure the router to forward specific incoming protocols to computers on your local network. In addition to servers for specific applications, you can also specify a default DMZ server to which all other incoming protocols are forwarded. The DMZ server is configured in the WAN Setup screen, as discussed in “ “Setting Up a Default DMZ Server” on page 5-4. Before starting, you need to determine which type of service, application, or game you will provide, and the local IP address of the computer that will provide the service. Be sure the computer’s IP address never changes. To configure port forwarding to a local server: 1.Log in to the gateway as described in “Logging In to Your Gateway” on page 1-4. 2.Select Port Forwarding under Advanced in the main menu. The Port Forwarding screen displays:
Figure 3-4 Wireless Cable Voice Gateway CG3000/CG3100 User Manual 3-6 Content Filtering v1.0, July 2009 3.From the Service list, select the service or game that you will host on your network. If the service does not appear in th e list, see the following section, “Adding a Custom Rule” on page 3-6 .” 4. Click Ad d. The service appears in the list in the screen. Adding a Custom Rule To define rule that does not appear in the Servi ce list, you must first determine which port number or range of numbers is used by the application. You can usually determine this information by contacting the publisher of the application or user groups or newsgroups. When you have the port number information, follow these steps: 1. In the Port Forwarding screen, enter the name of the rule in the Add Custom Rules section of the screen. 2. In the St ar ting Po rt field, enter the beginning port number. • If the application uses only a single po rt, enter the same port number in the Ending Port field. • If the application uses a range of ports, ente r th e ending port number of the range in the Ending Port field. 3. In the Se rvice Type field, select the protocol. If you are unsure, select TCP/UDP.
Wireless Cable Voice Gateway CG3000/CG3100 User Manual Content Filtering3-7 v1.0, July 2009 4.In the Local IP Address field, enter the IP address of your local computer that will provide this service. 5.Click Apply. The service appears in the list. Application Example: Making a Local Web Server Public If you host a Web server on your local network, you can use port forwarding to allow Web requests from anyone on the Internet to reach your Web server. To make a local Web server public: 1.Assign your Web server either a fixed IP address or a dynamic IP address using DHCP address reservation, as explained in “Using Address Reservation” on page 4-5. In this example, your router will always give your Web server an IP address of 192.168.1.33. 2. 2. In the Port Forwarding screen, configure the router to forward the HTTP service to the local address of your Web server at 192.168.1.33. HTTP (port 80) is the standard protocol for Web servers. 3. (Optional) Register a host name with a Dynamic DNS service, and configure your router to use the name as described in ““Configuring Dynamic DNS” on page 5-1. To access your Web server from the Internet, a remote user must know the IP address that has been assigned by your ISP. However, if you use a Dynamic DNS service, the remote user can reach your server by a user-friendly Internet name, such as mynetgear.dyndns.org.
Wireless Cable Voice Gateway CG3000/CG3100 User Manual 3-8Content Filtering v1.0, July 2009
4-1 v1.0, July 2009 Chapter 4 Managing Your Network This chapter describes how to perform network management tasks with your Voice Gateway. When you log in to the gateway, these tasks are grouped under Maintenance. This chapter includes: •“Viewing the Modem Status” •“Viewing the Connection Status” on page 4-4 •“Backing Up and Restoring Your Settings” on page 4-5 •“Changing the Built-In Password” on page 4-6 •“Running Diagnostic Utilities” on page 4-7 •“Viewing the Event Log” on page 4-10 Viewing the Modem Status Use the Modem Status screen to see hardware and firmware details about the gateway and to see basic status information. 1.Log in to the gateway as described in “Logging In to Your Gateway” on page 1-4. 2.In the main menu, under Maintenance, select Modem Status. The following screen displays:
Figure 4-1 Wireless Cable Voice Gateway CG3000/CG3100 User Manual 4-2 Managing Your Network v1.0, July 2009 The Modem Status screen fields are explained in the following table. Ta b l e 4-1. Modem Status Fields FieldDescription Standard Specification Compl iant DOCSIS 3.0 Hardware Version Software Version Cable MAC Address The MAC address used by the cable modem port of the gatew ay. This MAC address may need to be registered with your cable service provider. Cable Modem Serial number The serial number of the gateway hardware. CM Certificate If the cable modem certifi cate is Installed, it is possible for the service provider to upgrade yo ur Data Over Cable service securely. System Up Time Network Access Cable Modem IP Address The current Internet IP address. If assigned dynamically and not conne cted to the Internet, this will be blank.