Setting up the Firewall

The firewall built into the Wireless MAXg Router protects your network from outside attacks. In the Web User Interface, click the Firewall tab. In this section you can configure and change the Firewall settings for the Wireless MAXg Router.

Internet Access Control

With this option, you can deny Internet access to specific clients during specific days and times of the week. This can be useful if you have children in your home and you want to regulate their Internet usage or if you have multiple people in your small business using the same computer over different shifts and you don't want specific employees to be able to access the Internet.

Note: Make sure that any computer that is assigned Internet Access Control uses a static IP address. Otherwise, when the address updates the computer will have unrestricted access to the Internet.

To add entries for this feature, you will need to perform the following steps:

  1. Specify the range of LAN IP addresses or a single IP address.
  2. Specify the Protocol and the Port range.
  3. Specify the Weekday range and the Time range each day.
  4. When you have specified these settings, click Add.
  5. Repeat steps 1 through 4 for any additional entries.
  6. Click Save at the bottom of the page when you are finished.

Port Triggering

Some applications connect to the Internet by using one or more outbound ports expecting an answer through one or more inbound ports. Port triggering configures the firewall to allow the reply or replies to reach the client devices. Certain applications cannot work with the router since all the ports are blocked by default.

Note: Opening ports on a router can cause potential security risks. In particular, opening Terminal Services UPnP Port 3389 on Windows XP can allow Internet hackers to take over your computer if Windows XP is not patched with Microsoft's latest security updates.

For a complete list of applications and port information, visit www.iana.org

To add entries for this feature, perform the following steps:

  1. Specify the Outbound protocol and the Outbound port range.
  2. Specify the Inbound protocol and the Inbound port range.
  3. Specify the Destination port range.
  4. When you have specified these settings, click Add.
  5. Repeat steps 1 through 4 for any additional entries.
  6. Click Save at the bottom of the page when you are finished.

Port Forwarding

With Port Forwarding, you can direct inbound traffic to specific clients on your network. Ports are connections that are used by a computer to organize the various forms of network traffic. A port can support both ingoing and outgoing network traffic, or just one-way network traffic. If you open a port, a specific service will be assigned to it and that service will communicate with the network only through that port. Some applications require open service ports, such as Internet games, video conferencing, Internet telephony, and others. An example of when you might want to enable this feature is if you are running a Web server on one of your network clients. By enabling Port Forwarding, traffic to that Web site would pass through the router and go directly to the appropriate network client, instead of going through the router and suddenly having access to your whole network.

Note: Opening ports on a router can cause potential security risks. In particular, opening Terminal Services UPnP Port 3389 on Windows XP can allow Internet hackers to take over your computer if Windows XP is not patched with Microsoft's latest security updates.

For a complete list of applications and port information, visit www.iana.org

To add entries for this feature, perform the following steps:

  1. Specify the Protocol and the WAN port range.
  2. Specify the LAN IP address and the LAN port range.
  3. When you have specified these settings, click Add.
  4. Repeat steps 1 through 3 for any additional entries.
  5. Click Save at the bottom of the page when you are finished.

Firewall

If you deselect the checkbox next to Firewall, the firewall will be disabled, but this is not recommended. The firewall is used to block unauthorised users from accessing the network or any of the network resources. A firewall is one of the most critical pieces of security you can use in your network.

DMZ

The DMZ (Demilitarised Zone) is a computer that has all external Internet traffic forwarded to it. This allows a computer to be exposed to unrestricted two-way communication. This feature should be used with caution, since it removes the security of the firewall for that computer.

If you want to specify a DMZ, enter the client computer's IP address. When you are finished, click Save at the bottom of the page.