Apple DPR2320TM User Manual

Size:
2.84 Mb
Download

WebSTAR DPR2320 and EPR2320 Gateway Cable Modems User’s Guide

Configuring and Enabling TCP and UDP Port Filters

Use the Setup Advanced Settings – Port Filtering page to configure and enable TCP and UDP port filters. These filters prevent a range of TCP/UDP ports from accessing the Internet. You can also prevent PCs from sending outgoing TCP/UDP traffic to the WAN on specific IP port numbers. This filter is not IP addressor MACaddress-specific.The system blocks the specified port ranges forall PCs.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default advanced port filtering settings.

Click Port Filtering in the Advanced Settings section of the Setup page to access the Setup Advanced Settings – Port Filtering page.

Setup Advanced Settings – Port Filtering Page Example

The following illustration is an example of the Setup Advanced Settings – Port

Filtering page.

Setup Advanced Settings – Port Filtering Page Description

Use this page to enter and enable the desired port filtering ranges and protocols in the appropriate fields and then click Apply to apply and save your new port filtering settings.

50

How Do I Configure the Gateway Cable Modems?

Configuring Port Forwarding for Local IP Addresses

Use the Setup Advanced Settings – Port Forwarding page to configure port forwarding for local IP addresses. Port forwarding allows you to run a server on the LAN by specifying the mapping of TCP/UDP ports to a local PC. You must also set up a fixed private LAN IP address for the destination device.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default advanced port forwarding settings.

Click Port Forwarding in the Advanced Settings section of the Setup page to access the Setup Advanced Settings – Port Forwarding page.

Setup Advanced Settings – Port Forwarding Page Example

The following illustration is an example of the Setup Advanced Settings – Port Forwarding page.

51

WebSTAR DPR2320 and EPR2320 Gateway Cable Modems User’s Guide

Setup Advanced Settings – Port Forwarding Page Description

The following example illustrates how to use the port forwarding feature to configure the Microsoft X-BoxOnline Live for Internet gaming.

For most widely used applications (including MicrosoftX-BoxOnline Live), the WebSTAR firewall automatically maps and opens ports required for that application while the application is in use.

1.Set the device to be used for port forward to a fixed IP address, for example, 192.168.0.5.

2.In the first entry of the Port Forwarding area of the page, enter the same IP address (192.168.0.5) in the Local IP Address field.

3.In the same row, enter the appropriate port numbers in the Start Port and End Port fields.

4.In the same row, select the appropriate protocol from the drop-downlist in the Protocol field, and then select the box in theEnable field.

5.To add additional ports, repeat steps 1 through 4, and then go to step 6.

6.Click Apply to apply and save your new port forwarding settings.

52

How Do I Configure the Gateway Cable Modems?

Configuring TCP/UDP Port Triggers

Use the Setup Advanced Settings – Port Triggers page to configure TCP/UDP port triggers. Port triggering is similar to port forwarding but is dynamic. In other words, the system does not hold the ports open indefinitely. For example, when the gateway cable modem detects outgoing data on a specific IP port number set in the “Trigger Range,” the resulting ports set in the “Target Range” will open for incoming data. If the system detects no outgoing traffic on the “Trigger Range” ports for a period of 10 minutes, the “Target Range” ports close. This is a safer method for opening specific ports for special applications, such as, video conferencing programs, interactive gaming, and file transfer in chat programs. This is safe because the ports are dynamically triggered and not held open continuously or erroneously left open by the router administrator. Therefore, these ports are not exposed and vulnerable for potential hackers to discover.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default advanced port triggers settings.

Click Port Triggers in the Advanced Settings section of the Setup page to access the Setup Advanced Settings – Port Triggers page.

Setup Advanced Settings – Port Triggers Page Example

The following illustration is an example of the Setup Advanced Settings – Port Triggers page.

53

WebSTAR DPR2320 and EPR2320 Gateway Cable Modems User’s Guide

Setup Advanced Settings – Port Triggers Page Description

Use this page to enter and enable the port forwarding trigger and target range start and end ports along with protocol information in the appropriate fields. The following example illustrates how to use the port triggering feature to configure the Microsoft X-BoxOnline Live for Internet gaming.

For most widely used applications (including MicrosoftX-BoxOnline Live), the WebSTAR firewall automatically maps and opens ports required for that application while the application is in use.

1.In the first row, enter 88 inboth Start Port and End Port fields.

2.In the same row, select UDP from thedrop-downlist in the Protocol field, and then select the box in theEnable field.

3.In the second row, enter 3074 inboth Start Port and End Port fields.

4.In the same row as the second entry, select Both, and then select the box in theEnable field.

5.Click Apply to apply and save your new port forwarding settings.

54

How Do I Configure the Gateway Cable Modems?

Configuring the DMZ Host

Use the Setup Advanced Settings – DMZ Host page to configure an IP address that is visible to the WAN. DMZ hosting is commonly referred to as “exposed host,” and allows you to specify the “default” recipient of WAN traffic that Network Address Translation (NAT) is unable to translate to a known local PC. DMZ allows one IP address to be unprotected while others remain protected.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default advanced DMZ host settings.

Click DMZ Host in the Advanced Settings section of the Setup page to access the Setup Advanced Settings – DMZ Host page.

Setup Advanced Settings – DMZ Host Page Example

The following illustration is an example of the Setup Advanced Settings – DMZ Host page.

Setup Advanced Settings – DMZ Host Page Description

Use this page to place a Private LAN IP device, for example, an FTP, Mail, or Web server directly on the Internet (bypassing the firewall). You set the server with a fixed IP address as a DMZ Host by entering its IP address in the DMZ Address field. Make sure the IP address used is not in the range of addresses delivered by the built-inDHCP server. After setting up a DMZ Host, all ports on this device are open to the Internet. You may configure only one PC to be the DMZ host. DMZ is generally used for PCs running “problem” applications that use random port numbers and do not function correctly with the specific port triggers or port forwarding setups described earlier in this guide. After entering a DMZ Address, clickApply to apply and save your new DMZ Host setting.

55

WebSTAR DPR2320 and EPR2320 Gateway Cable Modems User’s Guide

Configuring Web Page Filtering, Parental Control, and

Firewall Protection

Use the Setup Firewall – Web Filters page to configure Web page filtering and firewall protection. This page allows you either block or allow Internet access based on keywords and/or domain names. You can also filter on the time of day and the day of the week.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default firewall Web filters settings.

Click Web Filters in the Firewall section of the Setup page to access the Setup Firewall – Web Filters page.

Setup Firewall – Web Filters Page Example

The following illustration is an example of the Setup Firewall – Web Filters page.

56

How Do I Configure the Gateway Cable Modems?

Setup Firewall – Web Filters Page Description

This section describes the section headings and fields descriptions of the Setup Firewall – Web Filters page.

Section Headings

The Setup Firewall – Web Filters page is divided into the following section headings:

Content Filtering (Parental control)

Web Features

Keyword List

Domain List

Trusted Computers

If you make changes inany of the fields in the Setup Firewall – Web Filters page, clickApply to apply and save your Content Filter settings.

Content Filtering

The following table provides a description of each field name within the Content Filtering section heading.

Field Name

Description

Keyword Blocking

Allows you to block or allow Internet access based on

 

keywords

Domain Blocking

Allows you to block or allow Internet access based on

 

domain names and on time of day and day of week.

 

Verify that the Status page reflects the correct time of

 

day. If it does not reflect the correct time of day, contact

 

your ISP. You can also adjust your settings to account

 

for the difference.

Web Features

The following table provides a description of each field name within the Web Features section heading.

Field Name

Description

Filter Proxy

Enables/disables proxy

Filter Cookies

Enables/disables cookie blocking

Filter Java Applets

Enables/disables java applets

Filter ActiveX

Enables/disables ActiveX controls

Filter Popup

Enables/disables popup windows. Some commonly

Windows

used applications employ popup windows as part of the

 

application. If you disable popup windows, it may

 

interfere with some of these applications.

Firewall Protection

Enables/disables the firewall. When the firewall is

 

enabled, the firewall will allow most commonly used

 

applications to pass without any special setup or manual

 

port configuration

 

57

WebSTAR DPR2320 and EPR2320 Gateway Cable Modems User’s Guide

Keyword and Domain Blocking

Keyword and Domain blocking allows you to restrict access to Internet sites by blocking access to those sites based on a word or a text string contained in the URLs used to access those Internet sites.

Domain blocking allows you to restrict access to Web sites based on the site’s Domain Name. The Domain Name is the portion of the URL that precedes the familiar .COM, .ORG, or .GOV extension.

Keyword blocking allows you to block access to Internet sites based on a Keyword or text string being present anywhere in the URL, not just in the Domain Name.

Follow these steps to use either the Keyword or Domain Blocking feature.

1.Select Enable on the Setup Firewall - Web Filters page for the feature or features you want to use, then clickApply to activate the feature.

2.Enter the Domain Name, Keyword, text string, or URL to which you wish to restrict access into either the Keyword List or the Domain List field.

The entries must be anexact match in order to be filtered or blocked.

3.Click either Add Keyword orAdd Domain as necessary to add the entry to the list.

4.Repeat steps 1 through 3 for each Domain or Keyword you wish to enter.

Once entered, each new entry will immediately be blocked for all users not listed in the “Trusted Computers” field in the lower portion of the Setup Firewall – Web Filters page.

The Domain blocking feature blocks access to any Domain in the Domain List. It will also block Domains, any portion of which contains an exact match to entries in the list.

For example, if you enter example.com as a Domain, any site that contains “example.com” will be blocked. Generally, you do not want to include “www.” in a Domain Name since doing so limits the blocking to only the site that matches that Domain Name exactly. For instance, if you enter www.example.com into the list, only the one site that matches that name exactly will be blocked. Consequently, if you do not include the “www.,” then all sites within and associated with “example.com” will be blocked.

Trusted Computers

Use the Trusted Computers field to specify the MAC address of computers whose content will always be trusted and allowed unrestricted access to the Internet.

58

How Do I Configure the Gateway Cable Modems?

Configuring Firewall Time of Day Access Filters

Use the Setup Firewall – Time of Day Access Filter page to block all traffic to and from specific computers based on the day of week and the time of day.

If you are not familiar with the advanced settings detailed in this section, contact your cable service provider before you attempt to change any of the gateway cable modem default firewall event logging settings.

Click Time of Day Filters in the Firewall section of the Setup page to access the Setup Firewall – Time of Day Access Filter page.

Setup Firewall – Time of Day Access Filter Page Example

The following illustration is an example of the Setup Firewall – Time of Day Access Filter page.

The gateway uses the network time of day clock that is managed by your data service provider. The time of day clock must be accurate and represent the time of day in your time zone for this feature to operate properly. Verify that the Status page reflects the correct time of day. If it does not reflect the correct time of day, contact your data service provider. You can also adjust you settings to account for the difference.

59