SMC Networks Router SMCWBR14S-N2 User Manual
Have a look at the manual SMC Networks Router SMCWBR14S-N2 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 10 SMC Networks manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
FIREWALL 4-59 •Connection Policy Enter the appropriate values for TCP/UDP sessions as described in the following table. Parameter Defaults Description Fragmentation half-open wait10 sec Configures the number of seconds that a packet state structure remains active. When the timeout value expires, the router drops the unassembled packet, freeing that structure for use by another packet. TCP SYN wait 30 sec Defines how long the software will wait for a TCP session to synchronize before dropping the session. TCP FIN wait 5 sec Specifies how long a TCP session will be maintained after the firewall detects a FIN packet. TCP connection idle timeout3600 seconds (1 hour)The length of time for which a TCP session will be managed if there is no activity. UDP session idle timeout30 sec The length of time for which a UDP session will be managed if there is no activity. H.323 data channel idle timeout180 sec The length of time for which an H.323 session will be managed if there is no activity.
CONFIGURING THE BAR RICADE 4-60 •DoS Criteria and Port Scan Criteria Set up DoS and port scan criteria in the spaces provided (as shown below). Note:The firewall does not significantly affect system performance, so we advise enabling the prevention features to protect your network. Parameter Defaults Description Total incomplete TCP/UDP sessions HIGH300 sessionsDefines the rate of new unestablished sessions that will cause the software to start deleting half-open sessions. Total incomplete TCP/UDP sessions LOW250 sessionsDefines the rate of new unestablished sessions that will cause the software to stop deleting half- open sessions. Incomplete TCP/UDP sessions (per min) HIGH250 sessionsMaximum number of allowed incomplete TCP/UDP sessions per minute. Incomplete TCP/UDP sessions (per min) LOW200 sessionsMinimum number of allowed incomplete TCP/UDP sessions per minute. Maximum incomplete TCP/UDP sessions number from same host10 Maximum number of incomplete TCP/UDP sessions from the same host. Incomplete TCP/UDP sessions detect sensitive time period300 msecLength of time before an incomplete TCP/UDP session is detected as incomplete. Maximum half-open fragmentation packet number from same host30 Maximum number of half-open fragmentation packets from the same host. Half-open fragmentation detect sensitive time period10000 msecLength of time before a half-open fragmentation session is detected as half-open. Flooding cracker block time300 secondLength of time from detecting a flood attack to blocking the attack.
FIREWALL 4-61 DMZ If you have a client PC that cannot run an Internet application properly from behind the firewall, you can open the client up to unrestricted two- way Internet access. Enter the IP address of a DMZ (Demilitarized Zone) host on this screen. Adding a client to the DMZ may expose your local network to a variety of security risks, so only use this option as a last resort.
CONFIGURING THE BAR RICADE 4-62 UPnP The Universal Plug and Play architecture offers pervasive peer-to-peer network connectivity of PCs of all form factors, intelligent appliances, and wireless devices. UPnP enables seamless proximity network in addition to control and data transfer among networked devices in the office, home and everywhere within your network. UPnP allows the device to automatically: • join a network • obtain an IP address • convey its capabilities and learn about the presence and capabilities of other devices. Check the Enable radio button to activate this function.
DDNS 4-63 DDNS Dynamic Domain Name Service (DDNS) provides users on the Internet with a method to tie their domain name to a computer or server. DDNS allows your domain name to follow your IP address automatically by having your DNS records changed when your IP address changes. This DNS feature is powered by DynDNS.org or TZO.com. With a DDNS connection you can host your own web site, email server, FTP site, and more at your own location even if you have a dynamic IP address.
CONFIGURING THE BAR RICADE 4-64 Tools Use the Tools menu to backup the current configuration, restore a previously saved configuration, update firmware, and reset the Barricade. Configuration Tools Choose a function and click Next. • Backup Router Configuration: this allows you to save the Barricade’s configuration to a file. • Restore from saved Configuration file: this function is used to restore the previously saved backup configuration file. • Restore router to Factory Defaults: this resets the Barricade back to the original default settings.
TOOLS 4-65 Firmware Upgrade Use this screen to update the firmware or user interface to the latest versions. 1. Download the upgrade file from the SMC web site first, and save it to your hard drive. 2. Then click Browse... to look for the downloaded file. Click SAVE SETTINGS. Check the Status screen Information section to confirm that the upgrade process was successful.
CONFIGURING THE BAR RICADE 4-66 Reset Click REBOOT ROUTER to reset the ADSL Router. The reset will be complete when the power LED stops blinking. If you perform a reset from this screen, the configurations will not be changed back to the factory default settings. Note:If you use the Reset button on the back panel, the Barricade performs a power reset. If the button is pressed for over 10 seconds, all the LEDs will illuminate and the factory default settings will be restored.
TOOLS 4-67 STATUS The Status screen displays WAN/LAN connection status, firmware, and hardware version numbers, illegal attempts to access your network, as well as information on DHCP clients connected to your network. The security log may be saved to a file by clicking Save and choosing a location. Scroll down to view more information on the Status screen.
CONFIGURING THE BAR RICADE 4-68 The following items are included on the Status screen: Parameter Description INTERNET Displays WAN connection type and status. Renew Click on this button to establish a connection to the WAN. GATEWAY Displays system IP settings, as well as DHCP Server and Firewall status. INFORMATION Displays the number of attached clients, the firmware versions, the physical MAC address for each media interface and for the ADSL Router, as well as the hardware version and serial number. Security Log Displays attempts to access your network. Save Click on this button to save the security log file. Clear Click on this button to delete the access log. Refresh Click on this button to refresh the screen. DHCP Client Log Displays information on DHCP clients on your network.