Philips CGA5722/05 User Manual
Configuring the Wireless ADSL Modem Routerr
10
Discard Ping to WAN (Default: Disabled) - Prevent a ping on the ADSL
Wireless Base Station’s WAN port from being routed to the network.
Wireless Base Station’s WAN port from being routed to the network.
Scroll down to view more information.
Stateful Packet Inspection
This is called a "Stateful" packet inspection because it examines the
contents of the packet to determine the state of the communications;
i.e., it ensures that the stated destination computer has previously
requested the current communication. This is a way of ensuring that all
communications are initiated by the recipient computer and are taking
place only with sources that are known and trusted from previous
interactions. In addition to being more rigorous in their inspection of
packets, stateful inspection firewalls also close off ports until connection
to the specific port is requested.
This is called a "Stateful" packet inspection because it examines the
contents of the packet to determine the state of the communications;
i.e., it ensures that the stated destination computer has previously
requested the current communication. This is a way of ensuring that all
communications are initiated by the recipient computer and are taking
place only with sources that are known and trusted from previous
interactions. In addition to being more rigorous in their inspection of
packets, stateful inspection firewalls also close off ports until connection
to the specific port is requested.
When particular types of traffic are checked, only the particular type of
traffic initiated from the internal LAN will be allowed. For example, if
the user only checks "FPT Service" in the Stateful Packet Inspection
section, all incoming traffic will be blocked except for FTP connections
initiated from the local LAN.
traffic initiated from the internal LAN will be allowed. For example, if
the user only checks "FPT Service" in the Stateful Packet Inspection
section, all incoming traffic will be blocked except for FTP connections
initiated from the local LAN.
Stateful Packet Inspection allows you to select different application
types that are using dynamic port numbers. If you wish to use the
Stateful Packet Inspection (SPI) to block packets, click on the Yes radio
button in the "Enable SPI and Anti-DoS firewall protection" field and
then check the inspection type that you need, such as Packet
Fragmentation, TCP Connection, UDP Session, FTP Service, H.323
Service, or TFTP Service.
types that are using dynamic port numbers. If you wish to use the
Stateful Packet Inspection (SPI) to block packets, click on the Yes radio
button in the "Enable SPI and Anti-DoS firewall protection" field and
then check the inspection type that you need, such as Packet
Fragmentation, TCP Connection, UDP Session, FTP Service, H.323
Service, or TFTP Service.
When hackers attempt to enter your network, the router can alert
you by e-mail
you by e-mail
If the mail server needs to authenticate your indentification before
sending out any e-mail, please fill related information in POP3 server,
username and password fields. Otherwise leave the three fields blank.
sending out any e-mail, please fill related information in POP3 server,
username and password fields. Otherwise leave the three fields blank.
Connection Policy
Enter the appropriate values for TCP/UDP sessions as described in the
following table.
Enter the appropriate values for TCP/UDP sessions as described in the
following table.
Note
The firewall does not significantly affect system performance, so we
advise enabling the prevention features to protect your network.
advise enabling the prevention features to protect your network.
DMZ:
If you have a client PC that cannot run an Internet application properly
from behind the firewall, you can open the client up to unrestricted
two-way Internet access. Enter the IP address of a DMZ (Demilitarized
Zone) host on this screen. Adding a client to the DMZ may expose your
local network to a variety of security risks, so only use this option as a
last resort.
from behind the firewall, you can open the client up to unrestricted
two-way Internet access. Enter the IP address of a DMZ (Demilitarized
Zone) host on this screen. Adding a client to the DMZ may expose your
local network to a variety of security risks, so only use this option as a
last resort.
4.4.2 Wireless Security
Wireless Encryption
Wireless Encryption
To make your wireless network safe, you should turn on the security
function. The ADSL Wireless Base Station supports WEP (Wired
Equivalent Privacy), WPA (Wi-Fi Protected Access), and 802.1x security
mechanisms. It is highly recommended to use WPA security.
function. The ADSL Wireless Base Station supports WEP (Wired
Equivalent Privacy), WPA (Wi-Fi Protected Access), and 802.1x security
mechanisms. It is highly recommended to use WPA security.
Access Control:
Access Control allows users to define the outgoing traffic permitted or
not-permitted through the WAN interface. The default is to permit all
outgoing traffic.
not-permitted through the WAN interface. The default is to permit all
outgoing traffic.
WEP:
If you use WEP to protect your wireless network, you need to set the
same parameters for the ADSL Wireless Base Station and all your
wireless clients.
same parameters for the ADSL Wireless Base Station and all your
wireless clients.
You may automatically generate encryption keys or manually enter the
keys. To generate the key automatically with passphrase, check the
Passphrase box, enter a string of characters. Select the default key from
the drop down menu. Click "SAVE SETTINGS".
keys. To generate the key automatically with passphrase, check the
Passphrase box, enter a string of characters. Select the default key from
the drop down menu. Click "SAVE SETTINGS".