User manual BILLION BIPAC 6404VGP
DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Diplodocs provides you a fast and easy access to the user manual BILLION BIPAC 6404VGP. We hope that this BILLION BIPAC 6404VGP user guide will be useful to you.
Manual abstract: user guide BILLION BIPAC 6404VGP
Detailed instructions for use are in the User's Guide.
[. . . ] BiPAC 6404VP / 6404VGP
VoIP/(802. 11g) Broadband Firewall Router
User's Manual
Version Release 5. 08a
Last Revision Date: 05-07-2007
Table of Contents
CHAPTER 1: INTRODUCTION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 INTRODUCTION TO YOUR ROUTER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 FEATURES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 CHAPTER 2: INSTALLING THE ROUTER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [. . . ] The "Block WAN Request" is a stand-alone function and not relate to whether security enable or disable. Mostly it is for preventing any scan tools from WAN site by hacker.
Any remote user who is attempting to perform this action may result in blocking all the accesses to configure and manage of the device from the Internet.
Chapter 4: Configuration
45
VoIP/(802. 11g) Broadband Firewall Router
Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen (All blocked, High, Medium and Low). The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall, which is selected. See Table1: Predefined Port Filter for more detailed information.
Chapter 4: Configuration
46
VoIP/(802. 11g) Broadband Firewall Router
Example:
Predefined Port Filters Rules
The predefined port filter rules for High, Medium and Low security levels are listed. See Table 1.
Note: Firewall All Blocked/User-defined, you must define and create the port filter rules yourself. No predefined rule is being preconfigured.
Table 1: Predefined Port Filter
Application Protocol Port Number Start HTTP(80) DNS (53) DNS (53) FTP(21) Telnet(23) SMTP(25) POP3(110) NEWS(NNTP)
(Network News Transfer Protocol)
Firewall - Low
Firewall - Medium
Firewall High
End 80 53 53 21 23 25 110 119
Inbound Outbound Inbound Outbound Inbound Outbound NO NO NO NO NO NO NO NO YES NO YES YES NO NO NO NO YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES YES NO NO NO NO NO NO NO NO YES NO NO NO NO NO NO NO N/A N/A YES YES YES YES YES YES YES YES YES YES YES YES YES YES NO YES N/A N/A NO NO NO NO NO NO NO NO NO NO NO NO NO NO NO N/A N/A N/A YES YES YES NO NO YES YES NO NO YES NO NO NO YES NO N/A N/A N/A
TCP(6) UDP(17) TCP(6) TCP(6) TCP(6) TCP(6) TCP(6) TCP(6)
80 53 53 21 23 25 110 119
RealAudio/ RealVideo (7070) PING H. 323(1720) T. 120(1503) SSH(22) NTP/SNTP HTTP/HTTP Proxy (8080) HTTPS(443) ICQ (5190) MSN (1863)
UDP(17) 7070 7070 ICMP(1) TCP(6) TCP(6) TCP(6) UDP(17) TCP(6) TCP(6) TCP(6) TCP(6) N/A N/A
1720 1720 1503 1503 22 123 22 123
8080 8080 443 443
5190 5190 1863 1863
Chapter 4: Configuration
47
VoIP/(802. 11g) Broadband Firewall Router
MSN (7001) UDP(17) 7001 7001 MSN VEDIO (9000) TCP(6) 9000 9000
YES NO
YES YES
N/A N/A
N/A N/A
N/A N/A
N/A N/A
Inbound: Internet to LAN ; Outbound: LAN to Internet. YES: Allowed ; NO: Blocked ; N/A: Not Applicable
Chapter 4: Configuration
48
VoIP/(802. 11g) Broadband Firewall Router
Packet Filter Add TCP/UDP Filter
Rule Name: Users-define description to identify this entry or click predefined rules. The maximum name length is 32 characters.
to select existing
Time Schedule: It is self-defined time period. For setup and detail, refer to Time Schedule section Source IP Address(es) / Destination IP Address(es): This is the Address-Filter used to allow or block traffic to/from particular IP address(es). Selecting the Subnet Mask of the IP address range you wish to allow/block the traffic to or form; set IP address and Subnet Mask to 0. 0. 0. 0 to inactive the Address-Filter rule. Tip: To block access, to/from a single IP address, enter that IP address as the Host IP Address and use a Host Subnet Mask of "255. 255. 255. 255". Type: It is the packet protocol type used by the application, select TCP, UDP or both TCP/UDP. Source Port: This Port or Port Ranges defines the port allowed to be used by the Remote/WAN to connect to the application. Destination Port: This is the Port or Port Ranges that defines the application. Select Allow or Block the access to the Internet ("Outbound") or from the Inbound / Outbound: Internet ("Inbound").
Click Apply button to apply your changes.
Chapter 4: Configuration
49
VoIP/(802. 11g) Broadband Firewall Router
Packet Filter Add Raw IP Filter
Rule Name: Users-define description to identify this entry or click predefined rules.
to select existing
Time Schedule: It is self-defined time period. For setup and detail, refer to Time Schedule section Protocol Number: Insert the port number, i. e. Select Allow or Block the access to the Internet ("Outbound") or from the
Click Apply button to apply your changes.
Chapter 4: Configuration
50
VoIP/(802. 11g) Broadband Firewall Router
Example: Configuring your firewall to allow for a publicly accessible web server on your LAN
The predefined port filter rule for HTTP (TCP port 80) is the same no matter whether the firewall is set to a high, medium or low security level. To setup a web server located on the local network when the firewall is enabled, you have to configure the Port Filters setting for HTTP. As you can see from the diagram below, when the firewall is enabled with one of the three presets (Low/Medium/High), inbound HTTP access is not allowed which means remote access through HTTP to your router is not allowed.
Note: Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet.
Chapter 4: Configuration
51
VoIP/(802. 11g) Broadband Firewall Router
Configuring Packet Filter: 1. You will then be presented with the predefined port filter rules screen (in this case for the low security level), shown below:
Note: You may click Edit the predefined rule instead of Delete it. This is an example to show to how you add a filter on your own.
Click Delete
2. Click Add TCP/UDP Filter.
Click Add TCP/UDP Filter
4.
Input the Rule Name, Time Schedule, Source/Destination IP, Type, Source/Destination Port, Inbound and Outbound.
Example:
Application: Cindy_HTTP Time Schedule: Always On Source / Destination IP Address(es): 0. 0. 0. 0 (I do not wish to active the address-filter, instead I use the port-filter) Type: TCP (Please refer to Table1: Predefined Port Filter) Source Port: 0-65535 (I allow all ports to connect with the application)) Redirect Port: 80-80 (This is Port defined for HTTP) Inbound / Outbound: Allow
Chapter 4: Configuration
52
VoIP/(802. 11g) Broadband Firewall Router
5.
The new port filter rule for HTTP is shown below:
6.
Configure your Virtual Server ("port forwarding") settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server:
Note: For how to configure the HTTP in Virtual Server, go to Add Virtual Server in Virtual Server section for more details.
.
Chapter 4: Configuration
53
VoIP/(802. 11g) Broadband Firewall Router
Intrusion Detection
The router's Intrusion Detection System (IDS) is used to detect hacker attacks and intrusion attempts from the Internet. [. . . ] Write Community: Specify a name to be identified as the Write Community, and an IP address. This community string will be checked against the string entered in the configuration file. Once the string name is matched, users from this IP address will be able to view and modify the data. Trap Community: Specify a name to be identified as the Trap Community, and an IP address. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE BILLION BIPAC 6404VGP
Click on "Download the user Manual" at the end of this Contract if you accept its terms, the downloading of the manual BILLION BIPAC 6404VGP will begin.