TRENDNET TEW635-657 User Manual

System

Device Name

Firmware Version

Buttons

Connection Details

Attached Devices

Refresh Screen

35B

The current name of the Router. This name is also the "hostname"
for users with an "@Home" type connection.

The version of the current firmware installed.

Click this button to open a sub-window and view a detailed
description of the current connection.

This will open a sub-window, showing all LAN and Wireless
devices currently on the network.

Update the data displayed on screen.

Connection Status - PPPoE & PPPoA

If using PPPoE (PPP over Ethernet) or PPPoA (PPP over ATM), a screen like the following
example will be displayed when the "Connection Details" button is clicked.

Data - PPPoE/PPPoA Screen

Connection Time

PPPoE Link Status

Negotiation
IP Address

Network Mask

Buttons

Connect
Disconnect
Close

36B

This indicates how long the current connection has been estab­lished.

This indicates whether or not the connection is currently estab­lished.

• If the connection does not exist, the "Connect" button can be

used to establish a connection.

• If the connection currently exists, the "Disconnect" button

can be used to break the connection.
This indicates the status of the PPPoE Server login.
The IP Address of this device, as seen by Internet users. This

address is allocated by your ISP (Internet Service Provider).
The Network Mask associated with the IP Address above.

If not connected, establish a connection to your ISP.
If connected to your ISP, hang up the connection.
Close this window.

54

Connection Details - Dynamic IP Address

If your access method is "Direct" (no login), with a Dynamic IP address, a screen like the
following example will be displayed when the "Connection Details" button is clicked.

Data - Dynamic IP address

Internet

IP Address

Network Mask
Default Gateway

DHCP Server
DNS Server
Lease Obtained

Lease Expires

Buttons

Release

Renew

Close

The current IP Address of this device, as seen by Internet users. This
address is allocated by your ISP (Internet Service Provider).

The Network Mask associated with the IP Address above.
The IP address of the remote Gateway or Router associated with the

IP Address above.
The IP address of your ISP's DHCP Server.
The IP address of the Domain Name Server which is currently used.
This indicates when the current IP address was obtained, and how

long before this IP address allocation (the DCHP lease) expires.

If an IP Address has been allocated to the Wireless ADSL Router (by
the ISP's DHCP Server, clicking the "Release" button will break the
connection and release the IP Address.

If the ISP's DHCP Server has NOT allocated an IP Address for the
Wireless ADSL Router, clicking the "Renew" button will attempt to
re-establish the connection and obtain an IP Address from the ISP's
DHCP Server.

Close this window.

Connection Details - Fixed IP Address

If your access method is "Direct" (no login), with a fixed IP address, a screen like the follow­ing example will be displayed when the "Connection Details" button is clicked.

Data - Fixed IP address Screen

Internet

IP Address

Network Mask
Default Gateway

DNS Server

The IP Address of this device, as seen by Internet users. This address
is allocated by your ISP (Internet Service Provider).

The Network Mask associated with the IP Address above.
The IP Address of the remote Gateway or Router associated with the

IP Address above.
The IP Address of the Domain Name Server which is currently used.

56

Advanced Features

Overview

The following advanced features are provided:

• Internet:

• DMZ

• URL filter

• Access Control

• Dynamic DNS

• Options

• Schedule

• Port Trigger

• Port Forward

• Port Range Forward

• QoS

Internet

This screen provides access to the DMZ and URL Filter features.

DMZ

This feature, if enabled, allows the DMZ computer on your LAN to be exposed to all users on
the Internet.

57

• This allows almost any application to be used on the "DMZ PC".

• The "DMZ PC" will receive all "Unknown" connections and data.

• If the DMZ feature is enabled, you must enter the IP address of the PC to be used as the

"DMZ PC".

The "DMZ PC" is effectively outside the Firewall, mak­ing it more vulnerable to attacks. For this reason, you
should only enable the DMZ feature when required.

URL Filter

If you want to limit access to certain sites on the Internet, you can use this feature. The URL
filter will check each Web site access. If the address, or part of the address, is included in the
block site list, access will be denied.

On the Advanced Internet screen, select the desired setting:

• Disable - disable this feature.

• Block Always - allow blocking all of the time, independent of the Schedule page.

• Block By Schedule - block according to the settings on the Schedule page.

Click the Configure URL Filter button to open the URL Filter screen, allowing you to create
or modify the filter strings which determine which sites will be blocked.

The URL Filter screen is displayed when the Configure URL Filter button on the Internet
screen is clicked.

58

Data - URL Filter Screen

Current Filter Strings

Current Filter
Strings

Add Filter String

Trusted PC

Allow this PC..

Trusted PC

The list contains the current list of items to block.

• To add to the list, use the "Add" option below.

• To delete an entry, select it and click Delete button.

• To delete all entries, click the Delete All button.

To add to the current list, type the word or domain name you want to
block into the field provided, then click the Add button.

Filter strings should be as specific as possible. Otherwise, you may
block access to many more sites than intended.

Enable this to allow one computer to have unrestricted access to the
Internet. For this PC, the URL filter will be ignored.

If enabled, you must select the PC to be the trusted PC.
Select the PC to be the Trusted PC.

Access Control

This feature is accessed by the Access Control link on the Advanced menu.

Overview

The Access Control feature allows administrators to restrict the level of Internet Access avail­able to PCs on your LAN. With the default settings, everyone has unrestricted Internet access.

Restrictions are imposed by blocking "Services", or types of
connections. All common Services are pre-defined.
If required, you can also define your own Services.

Access Control Screen

To view this screen, select the Access Control link on the Advanced menu.

Data - Access Control Screen

Internet Access

Access Control

Select the desired options for the current group:

• Disable - Nothing is blocked. Use this to create the least

restrictive group.

• Block all Internet access - All traffic via the WAN port is

blocked. Use this to create the most restrictive group.

• Block selected Services - You can select which Services are to

block. Use this to gain fine control over the Internet access for
a group.

60

Blocked Services

This lists all defined Services. Select the Services you wish to
block. To select multiple services, hold the CTRL key while
selecting. (On the Macintosh, hold the SHIFT key rather than
CTRL.)

Schedule

If Internet access is being blocked, you can choose to apply the
blocking only during scheduled times. (If access is not blocked, no
Scheduling is possible, and this setting has no effect.)

Trusted PCs

Click to Enable
Trusted PC

"Set Trusted PCs"
Button

If enabled, restrictions set on this screen do not apply to Trusted
PCs.

Click this button to add or remove PCs of the Trusted PCs.
See the following section for details of the Trusted PCs screen.

Trusted PC Screen

This screen is displayed when the Set Trusted PCs button on the Access Control screen is
clicked.

Use this screen to add or remove PCs from the current group.

• The "Del >>" button will remove the selected PC (in the Trusted PCs list) from the current

group.

• The "<< Add" button will add the selected PC (in the Other PCs list) to the Trusted PCs

group.

Dynamic DNS (Domain Name Server)

This free service is very useful when combined with the Virtual Server feature. It allows
Internet users to connect to your Virtual Servers using a URL, rather than an IP Address.

This also solves the problem of having a dynamic IP address. With a dynamic IP address, your
IP address may change whenever you connect, which makes it difficult to connect to you.

DDNS Services work as follows:

1. You must register for the service at one of the listed DDNS Service providers.

2. After registration, use the Service provider's normal procedure to obtain your desired

Domain name.

3. Enter your DDNS data on the Wireless ADSL Router's DDNS screen, and enable the

DDNS feature.

4. The Wireless ADSL Router will then automatically ensure that your current IP Address is

recorded at the DDNS service provider's Domain Name Server.

5. From the Internet, users will be able to connect to your Virtual Servers (or DMZ PC)

using your Domain name, as shown on this screen.

Dynamic DNS Screen

Select Advanced on the main menu, then Dynamic DNS, to see a screen like the following:

Data - Dynamic DNS Screen

DDNS Service

Use a Dynamic
DNS Service

Service Provider
Web Site

Use this to enable or disable the DDNS feature as required.

Select the desired DDNS Service provider.
Click this button to open a new window and connect to the Web site

62

DDNS Data

of the selected DDNS service provider.

Host Name

User Name

Password

DDNS Status

Enter the domain name allocated to you by the DDNS Service. If you
have more than one name, enter the name you wish to use.

Enter your Username for the DDNS Service. (TZO.com uses your E­mail address.)

Enter your current password for the DDNS Service. (TZO.com calls
this a key.)

• This message is returned by the DDNS Server.

• Normally, this message should be "Update successful"

• If the message indicates some problem, you need to connect to

the DDNS Service provider and correct this problem.

Options

This screen allows advanced users to enter or change a number of settings. For normal opera­tion, there is no need to use this screen or change any settings.

An example Options screen is shown below.

Data - Options Screen

Internet

Respond to Ping

MTU Size

UPnP

UPnP

Advertisement
Period

• If checked, the Wireless Router will respond to Ping (ICMP)

packets received from the Internet.

• If not checked, Ping (ICMP) packets from the Internet will be

ignored. Disabling this option provides a slight increase in securi­ty.

Enter a value between 600 and 1500.
Note: MTU (Maximum Transmission Unit) size should only be

changed if advised to do so by Technical Support.

• UPnP (Universal Plug and Play) allows automatic discovery and

configuration of equipment attached to your LAN. UPnP is by
supported Windows ME, XP, or later.

• If Enabled, this device will be visible via UPnP.

• If Disabled, this device will not be visible via UPnP.

Enter the desired value, in minutes. The valid range is from 1 to 1440.

Advertisement
Time to Live

Enter the desired value, in hops. The valid range is from 1 to 255.

64

Schedule

This Schedule can be used for the Firewall Rules and the URL filter.

Data - Schedule Screen

Schedule

Day
Session 1

Session 2
Start
Finish

Local Time

Time Zone

Adjust for Day­light Savings Time

Use this NTP
Server

Each day of the week can scheduled independently.
Two (2) separate sessions or periods can be defined. Session 2 can

be left blank if not required.
Enter the start using a 24 hr clock.
Enter the finish time using a 24 hr clock.

In order to display your local time correctly, you must select your
"Time Zone" from the list.

If your region uses Daylight Savings Time, you must manually
check "Adjust for Daylight Savings Time" at the beginning of the
adjustment period, and uncheck it at the end of the Daylight Savings
period.

If you prefer to use a particular NTP server as the primary NTP
server, check the checkbox "Use this NTP Server" and enter the
Server's IP address in the fields provided.

If this setting is not enabled, the default NTP Servers are used.

Current Time

This displays the current time on the Wireless ADSL Router, at the
time the page is loaded.

Port Trigger

If you use Internet applications which use non-standard connections or port numbers, you may
find that they do not function correctly because they are blocked by the Wireless ADSL
Router's firewall. In this case, you can define the application as a "Port Trigger".

The Port Trigger screen can be reached by clicking the Port Trigger on the screen.
You can then define your Port Trigger. You will need detailed information about the applica-

tion; this is normally available from the supplier of the application.
Also, note that the terms "Incoming" and "Outgoing" on this screen refer to traffic from the

client (PC) viewpoint

Data - Port Trigger Screen

Port Trigger

Enable
Name
Outgoing

Ports

Use this to Enable or Disable this Special Application as required.
Enter a descriptive name to identify this Special Application.

• Type - Select the protocol (TCP or UDP) used when you send

data to the remote system or service.

• Start - Enter the beginning of the range of port numbers used

by the application server, for data you send to it. If the applica­tion uses a single port number, enter it in both the "Start" and
"Finish" fields.

• Finish - Enter the end of the range of port numbers used by the

application server, for data you send to it. If the application
uses a single port number, enter it in both the "Start" and
"Finish" fields.

66

Incoming
Ports

• Type - Select the protocol (TCP or UDP) used when you

receive data from the special application or service. (Note:
Some applications use different protocols for outgoing and in­coming data).

• Start - Enter the beginning of the range of port numbers used

by the application server, for data you receive. If the applica­tion uses a single port number, enter it in both the "Start" and
"Finish" fields.

• Finish - Enter the end of the range of port numbers used by the

application server, for data you receive.

Port Forward

This feature allows you to make Servers on your LAN accessible to Internet users. Normally,
Internet users would not be able to access a server on your LAN because:

• Your Server does not have a valid external IP Address.

• Attempts to connect to devices on your LAN are blocked by the firewall in this device.

Data - Single Port Forwarding Screen

Port Forwarding

Application
External Port

Internal Port

Protocol
IP Address
Enabled

Enter the desired application type.
Traffic from the Internet using this port number will be sent to the

Server. This is normally the same as the Internal Port Number. If it
is different, this device will perform a "mapping" or "translation"
function, allowing the server to use a different port to the clients.

Enter the port numbers which the Server software is configured to
use.

Select the protocol (TCP or UDP) used by the Server.
Enter the desired IP address.
Use this to Enable or Disable support for this Server, as required.

68

Port Range Forward

This feature allows you to make Servers on your LAN accessible to Internet users. Normally,
Internet users would not be able to access a server on your LAN because:

Data - Port Range Forwarding Screen

Port Range Forwarding

Application
Start

End

Protocol
IP Address
Enable

Enter the desired application type.
Enter the beginning of the range of port numbers used by the

application server.
Enter the end of the range of port numbers used by the application

server.
Select the protocol (TCP, UDP or Both) used by the Server.
Enter the desired IP address.
Use this to Enable or Disable support for this Server, as required.