D Link DI524H1 Wireless Router User Manual Manual part 2

D Link Corporation Wireless Router Manual part 2

Manual part 2

21 Example #2: If you have an FTP server that you wanted Internet users to access by WAN port 2100 and only during the weekends, you would need to enable it as such. FTP server is on LAN computer 192.168.0.30. FTP uses port 21, TCP.Name: FTP ServerPrivate IP: 192.168.0.30Protocol Type: TCPPrivate Port: 21Public Port: 2100Schedule: From: 01:00AM to 01:00AM, Sat to SunUsing the Conguration Menu (continued)Advanced > Virtual Server continuedClick on this icon to edit the virtual serviceClick on this icon to delete the virtual serviceAll Internet users who want to access this FTP Server must connect to it from port 2100. This is an example of port redirection and can be useful in cases where there are many of the same servers on the LAN network.
22Using the Conguration Menu (continued)Advanced > ApplicationsSome applications require multiple connections, such as Internet gaming, video conferencing, Internet telephony and others. These applications have difculties working through NAT (Network Address Translation). Special Applications makes some of these applications work with the DI-524. If you need to run applications that require multiple connections, specify the port normally associated with an application in the “Trigger Port” eld, select the protocol type as TCP or UDP, then enter the public ports associated with the trigger port to open them for inbound trafc.The DI-524 provides some predened applications in the table on the bottom of the web page. Select the application you want to use and enable it.Note! Only one PC can use each Special Application tunnel.Name: This is the name referencing the special application.Trigger Port: This is the port used to trigger the application. It can be either a single port or a range of ports.Trigger Type: This is the protocol used to trigger the special application.Public Port: This is the port number on the WAN side that will be used to access the application. You may dene a single port or a range of ports. You can use a comma to add multiple ports or port ranges.Public Type: This is the protocol used for the special application.
23Using the Conguration Menu (continued)Advanced > Filters > IP FiltersFilters are used to deny or allow LAN (Local Area Network) computers from accessing the Internet. The DI-524 can be setup to deny internal computers by their IP or MAC addresses. The DI-524 can also block users from accessing restricted web sites.This is the schedule of time when the IP Filter will be enabled.Schedule: Select the protocol typeProtocol Type: IP Filter is used to deny LAN IP addresses from accessing the Internet. You can deny specic port numbers or all ports for the specic IP address.IP Filters: The single port or port range that will be denied access to the Internet.Port Range: The IP address of the LAN computer that will be denied access to the Internet.IP Address:
24Using the Conguration Menu (continued)Advanced > Filters > URL BlockingFilters- URL Blocking is used to deny LAN computers from accessing specic web sites by the URL. A URL is a specially formatted text string that denes a location on the Internet. If any part of the URL contains the blocked word, the site will not be accessible and the web page will not display. To use this feature, enter the text string to be blocked and click Apply. The text to be blocked will appear in the list. To delete the text, just highlight it and click Delete.Select the lter you wish to use; in this case, URL Blocking was chosen. Keywords- Enter the keywords in this eld. Block URLs which contain keywords listed below.URL Blocking- Select Enabled or Disabled.
25Using the Conguration Menu Advanced > Filters > MAC FiltersUse MAC (Media Access Control) Filters to allow or deny LAN (Local Area Network) computers by their MAC addresses from accessing the Network. You can either manually add a MAC address or select the MAC address from the list of clients that are currently connected to the Broadband Router.MAC Filters- Choose Disable MAC lters; allow MAC addresses listed below; or deny MAC addresses listed below. Filters- Name- Enter the name here. MAC Address- Enter the MAC Address. DHCP Client- Select a DHCP client from the pull-down list; click Clone to copy that MAC Address. Select the lter you wish to use; in this case, MAC lters was chosen. (continued)
26Using the Conguration MenuAdvanced > Filters > Domain BlockingFilters- Domain Blocking-Blocked Domains- Permitted Domains- Domain Blocking is used to allow or deny LAN (Local Area Network) computers from accessing specic domains on the Internet. Domain blocking will deny all requests to a specic domain such as http and ftp. It can also allow computers to access specic sites and deny all other sites.Select the lter you wish to use; in this case, Domain Block-ing was chosen. Disabled- Allow- Deny- Enter the Permitted Domains in this eldEnter the Blocked Domains in this eldSelect Disabled to disable Domain BlockingAllows users to access all domains except Blocked DomainsDenies users access to all domains except Permitted Domains(continued)
27Using the Conguration Menu (continued)Advanced > Firewall Firewall Rules is an advanced feature used to deny or allow trafc from passing through the DI-524. It works in the same way as IP Filters with additional settings. You can create more detailed access rules for the DI-524. When virtual services are created and enabled, it will also display in Firewall Rules. Firewall Rules contain all network rewall rules pertaining to IP (Internet Protocol). In the Firewall Rules List at the bottom of the screen, the priorities of the rules are from top (highest priority) to bottom (lowest priority.)Note:The DI-524 MAC Address ltering rules have precedence over the Firewall Rules.Firewall Rules- Enable or disable the FirewallName- Enter the name Action- Allow or Deny Source- Enter the IP Address range Schedule- Select Always or enter the Time Range. Destination- Enter the IP Address range; the Protocol; and the Port Range
28Advanced > DDNSUsing the Conguration Menu (continued)Users who have a Dynamic DDNS account may use this feature on the DI-524.Provider- Select from the list of DDNS servers available.Host Name- Enter your DDNS account host name.Username/Email- Enter your DDNS account username.Password/Key- Enter your DDNS account password.
29Advanced > DMZUsing the Conguration Menu (continued)If you have a client PC that cannot run Internet applications properly from behind the DI-524, then you can set the client up for unrestricted Internet access. It allows a computer to be exposed to the Internet. This feature is useful for gaming purposes. Enter the IP address of the internal computer that will be the DMZ host. Adding a client to the DMZ (Demilitarized Zone) may expose your local network to a variety of security risks, so only use this option as a last resort.DMZ- Enable or Disable the DMZ. The DMZ (Demilitarized Zone) allows a single computer to be exposed to the internet. By default the DMZ is disabled.IP Address- Enter the IP Address of the computer to be in the DMZ
30Using the Conguration Menu (continued)Advanced > Performance Wireless Mode- Select Short or Long Preamble. The Preamble denes the length of the CRC block (Cyclic Redundancy Check is a com-mon technique for detecting data transmission errors) for communication between the wireless router and the roaming wireless network adapters. Note: High network trafc areas should use the shorter preamble type.Beacon Interval- Beacons are packets sent by an Access Point to synchronize a wireless network. Specify a value. 100 is the default setting and is recommended. RTS Threshold- This value should remain at its default setting of 2432. If incon-sistent data ow is a problem, only a minor modication should be made.Fragmentation- The fragmentation threshold, which is specied in bytes, deter-mines whether packets will be fragmented. Packets exceeding the 2346 byte setting will be fragmented before transmis-sion.2346 is the default setting DTIM Interval- (Delivery Trafc Indication Message) 3 is the default setting. A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages.SSID Broadcast- Choose Enabled to broadcast the SSID across the network. All devices on a network must share the same SSID (Service Set Identier) to establish communication. Choose Disabled if you do not wish to broadcast the SSID over the network.TX Rates- Auto is the default selection. Selct from the drop down menu.
31Using the Conguration Menu (continued)Tools> AdminAt this page, the DI-524 administrator can change the system password. There are two accounts that can access the Broadband Router’s Web-Management interface. They are admin and user. Admin has read/write access while user has read-only access. User can only view the settings but cannot make any changes.Remote Management- Remote management allows the DI-524 to be congured from the Internet by a web browser. A username and password is still required to ac-cess the Web-Management interface. In general, only a member of your network can browse the built-in web pages to perform Administrator tasks. This feature enables you to perform Administrator tasks from the remote (Internet) host.IP Address- The Internet IP address of the computer that has access to the Broad-band Router. If you input an asterisk (*) into this eld, then any computer will be able to access the Router. Putting an asterisk (*) into this eld would present a security risk and is not recommended.Port- The port number used to access the Broadband Router.Example- http://x.x.x.x:8080 where x.x.x.x is the WAN IP address of the Broadband Router and 8080 is the port used for the Web-Mangement interface.Administrator- Password- admin is the Administrator login nameEnter the password and enter again to conrmUser- Password- user is the User login nameEnter the password and enter again to conrm
32Using the Conguration Menu (continued)Tools > TimeTime Zone- Set Device Date and Time: To manually input the time. Enter the values in these elds for the Year, Month, Day, Hour, Minute, and Second.Daylight Saving- To select Daylight Saving time manually, select enabled or disabled, and enter a start date and an end date for daylight saving time.Set the Time- To manually input the time, enter the values in these elds for the Year, Month, Day, Hour, Minute, and Second. Click Set Time.Default NTP Server- NTP is short for Network Time Protocol. NTP synchronizes computer clock times in a network of computers. This eld is optional.
33Using the Conguration Menu (continued)Tools > SystemThe current system settings can be saved as a le onto the local hard drive. The saved le or any other saved setting le can be loaded back on the Broadband Router. To reload a system settings le, click on Browse to browse the local hard drive and locate the system le to be used. You may also reset the Broadband Router back to factory settings by clicking on Restore. Click Save to save the current settings to the local Hard Drive Click Browse to nd the settings, then click Load Save Settings to Local Hard Drive-Load Settings from Local Hard Drive- Restore to Factory Default Settings- Click Restore to restore the factory default settings
34Using the Conguration Menu (continued)Tools > FirmwareYou can upgrade the rmware of the Router here. Make sure the rmware you want to use is on the local hard drive of the computer. Click on Browse to browse the local hard drive and locate the rmware to be used for the update. Please check the D-Link support site for rmware updates at http://support.dlink.com. You can download rmware upgrades to your hard drive from the D-Link support site.Firmware Upgrade- Browse- Click on the link in this screen to nd out if there is an up-dated rmware; if so, download the new rmware to your hard After you have downloaded the new rmware, click Browse in this window to locate the rmware update on your hard drive. Click Apply to complete the rmware upgrade.

Navigation menu