Advanced Help
Virtual Server
The Virtual Server option gives Internet users access to services on your LAN. This feature is useful for hosting online services such as FTP, Web, or game servers. For each Virtual Server, you define a public port on your router for redirection to an internal LAN IP Address and LAN port.
- Example:
- You are hosting a Web Server on a PC that has LAN IP Address of 192.168.0.50 and your ISP is blocking Port 80.
- Name the Virtual Server (for example:
Web Server
) - Enter the IP Address of the machine on your LAN (for example:
192.168.0.50
) - Enter the Private Port as [80]
- Enter the Public Port as [8888]
- Select the Protocol (for example
TCP
). - Repeat these steps for each Virtual Server Rule you wish to add. After the list is complete, click Save Settings at the top of the page.
- Name the Virtual Server (for example:
- Virtual Server Parameters
-
- Name
- Assign a meaningful name to the virtual server, for example
Web Server
. Several well-known types of virtual server are available from the 'Application Name' drop-down list. Selecting one of these entries fills some of the remaining parameters with standard values for that type of server. - IP Address
- The IP address of the system on your internal network that will providethe virtual service, for example
192.168.0.50
. You can select a computer from the list of DHCP clients in the 'Computer Name' drop-down menu, or you can manually enter the IP address of the server computer. - Traffic Type
- Select the protocol used by the service. The common choices -- UDP, TCP, and both UDP and TCP -- can be selected from the drop-down menu.
- Private Port
- The port that will be used on your internal network.
- Public Port
- The port that will be accessed from the Internet.
- 24 -- Virtual Servers List
- Use the checkboxes at the left to activate or deactivate completed Virtual Server entries.
Note: You might have trouble accessing a virtual server using its public identity (WAN-side IP-address of the gateway or its dynamic DNS name) from a machine on the LAN. Your requests may not be looped back or you may be redirected to the 'Forbidden' page.
This will happen if you have an Access Control Rule configured for this LAN machine.
The requests from the LAN machine will not be looped back if Internet access is blocked at the time of access. To work around this problem, access the LAN machine using its LAN-side identity.
Port Forwarding
The Port Forwarding option gives Internet users access to services on your LAN. This feature is useful for hosting online services such as FTP, Web or game servers. For each entry, you define a public port on your router for redirection to an internal LAN IP Address and LAN port.
- Port Forwarding Parameters
-
- Name
- Assign a meaningful name to the virtual server, for example Web Server. Several well-known types of virtual server are available from the "Application Name" drop-down list. Selecting one of these entries fills some of the remaining parameters with standard values for that type of server.
- IP Address
- The IP address of the system on your internal network that will provide the virtual service, for example 192.168.0.50. You can select a computer from the list of DHCP clients in the "Computer Name" drop-down menu, or you can manually enter the IP address of the server computer.
- Application Name
- A list of pre-defined popular applications that users can choose from for faster configuration.
- Computer Name
- A list of DHCP clients.
- Traffic Type
- Select the protocol used by the service. The common choices -- UDP, TCP and both UDP and TCP -- can be selected from the drop-down menu. To specify any other protocol, select "Other" from the list, then enter the corresponding protocol number (as assigned by the IANA) in the Protocol box.
- Private Port
- The port that will be used on your internal network.
- Public Port
- The port that will be accessed from the Internet.
Application Rules
Some applications require multiple connections, such as Internet gaming, video conferencing, Internet telephony and others. These applications have difficulties working through NAT (Network Address Translation). If you need to run applications that require multiple connections, specify the port normally associated with an application in the "Trigger Port" field, select the protocol type as TCP (Transmission Control Protocol) or UDP (User Datagram Protocol), then enter the public ports associated with the trigger port in the Firewall Port field to open them for inbound traffic. There are already defined well-known applications in the Application Name drop down menu.
- Name
- This is the name referencing the application.
- Trigger Port
- This is the port used to trigger the application. It can be either a single port or a range of ports.
- Traffic Type
- This is the protocol used to trigger the application.
- Firewall Port
- This is the port number on the WAN side that will be used to access the application. You may define a single port or a range of ports. You can use a comma to add multiple ports or port ranges.
- Traffic Type
- This is the protocol used for the application.
Traffic Control
This function can let user manage upload/download bandwidth according to the application of each IP range. It is simple to complete the bandwidth management by just selecting different operation mode (Maximum Upload Bandwidth and Maximum Download Bandwidth) for each IP range.
- Enable Traffic Control
- Check this option if you want to enable Traffic Control function.
- Auto BandWidth Equal
- Check this option if you want to auto bandWidth equal function.
- Range of IP address
- User can designate a range of IP where bandwidth control take effect.
- Maximum Upload Bandwidth
- For constricting maximum uploading bandwidth of designated IP, user set a value for each IP within a fixed IP range. The total bandwidth value can not exceed the total upload bandwidth setting.
- Maximum Download Bandwidth
- For constricting maximum downloading bandwidth of designated IP, user set a value for each IP within a fixed IP range. The total bandwidth value can not exceed the total download bandwidth setting.
Network Filter (MAC Address Filter)
Use MAC Filters to deny computers within the local area network from accessing the Internet. You can either manually add a MAC address or select the MAC address from the list of clients that are currently connected to the unit.
Select "Turn MAC Filtering ON and ALLOW computers with MAC address listed below to access the network" if you only want selected computers to have network access and all other computers not to have network access.
Select "Turn MAC Filtering ON and DENY computers with MAC address listed below to access the network" if you want all computers to have network access except those computers in the list.
- MAC Address
- The MAC address of the network device to be added to the MAC Filter List.
- DHCP Client List
- DHCP clients will have their hostname in the Computer Name drop down menu. You can select the client computer you want to add to the MAC Filter List and click arrow button. This will automatically add that computer's MAC address to the appropriate field.
Users can use the Always drop down menu to select a previously defined schedule or click the New Schedule button to add a new schedule.
The check box is used to enable or disable a particular entry.
Web Filter
Web Filter is used to allow or deny computers on your network from accessing specific web sites by keywords or specific Domain Names. Select "Turn Website Filtering Rule ON and ALLOW computers access to ONLY these sites" in order only allow computers on your network to access the specified URLs and Domain Names. "Turn Website Filtering Rule ON and DENY computers access to ONLY these sites" in order deny computers on your network to access the specified URLs and Domain Names.
- Example 1:
- If you wanted to block LAN users from any website containing a URL pertaining to shopping, you would need to select "Turn Website Filtering ON and DENY computers access to ONLY these sites" and then enter "shopping" into the Website Filtering Rules list. Sites like these will be denied access to LAN users because they contain the keyword in the URL.
- http://shopping.yahoo.com
- http://shopping.msn.com
- Example 2:
- If you want your children to only access particular sites, you would then choose " Turn Website Filtering ON and ALLOW computers access to ONLY these sites" and then enter in the domains you want your children to have access to.
- Google.com
- Cartoons.com
- Discovery.com
Firewall Settings
The Firewall Settings section contains the option to configure a DMZ Host.
- Enable SPI
- SPI ("stateful packet inspection" also known as "dynamic packet filtering") helps to prevent cyber attacks by tracking more state per session. It validates that the traffic passing through that session conforms to the protocol. Whether SPI is enabled or not, the router always tracks TCP connection states and ensures that each TCP packet's flags are valid for the current state.
- DMZ
- If you have a computer that cannot run Internet applications properly from behind the router, then you can allow the computer to have unrestricted Internet access. Enter the IP address of that computer as a DMZ (Demilitarized Zone) host with unrestricted Internet access. Adding a client to the DMZ may expose that computer to a variety of security risks; so only use this option as a last resort.
Routing
The Routing option allows you to define fixed routes to defined destinations.
- Enable
- Specifies whether the entry will be enabled or disabled.
- Interface
- Specifies the interface -- WAN or WAN Physical -- that the IP packet must use to transit out of the router, when this route is used.
- Interface (WAN)
- This is the interface to receive the IP Address on from the ISP to access the Internet.
- Interface (WAN Physical)
- This is the interface to receive the IP Address on from the ISP to access the ISP's.
- Destination
- The IP address of packets that will take this route.
- Subnet Mask
- One bit in the mask specify which bits of the IP address must match.
- Gateway
- Specifies the next hop to be taken if this route is used. A gateway of 0.0.0.0 implies there is no next hop, and the IP address matched is directly connected to the router on the interface specified: WAN or WAN Physical.
Advanced Wireless
The options on this page should be changed by advanced users or if you are instructed to by one of our support personnel, as they can negatively affect the performance of your router if configured improperly.
- Transmit Power
- You can lower the output power of the router by selecting lower percentage Transmit Power values from the drop down. Your choices are: Height,Medium and Low.
- WMM
- Select Enable to turn on QoS for the wireless interface of the router.
Wi-Fi Protected Setup
- Wi-Fi Protected Setup
-
- Enable
- Enable the Wi-Fi Protected Setup feature.
-
- Disable WPS-PIN Method
- Locking the WPS-PIN Method prevents the setting from being changed by any new external
- registrar using its PIN.Devices can still be added to the wireless network using WI-FI Protected
- Setup Push Button Configuration(WPS-PBC).It is still possible to change wireless network
- setings with Manual Wireless Network Setup.
- PIN Settings
-
A PIN is a unique number that can be used to add the router to an existing network or to create a new network. The default PIN may be printed on the bottom of the router. For extra security, a new PIN can be generated. You can restore the default PIN at any time. Only the Administrator ("admin" account) can change or reset the PIN.
- PIN
- Shows the current value of the router's PIN.
- Reset PIN to Default
- Restore the default PIN of the router.
- Generate New PIN
- Create a random number that is a valid PIN. This becomes the router's PIN. You can then copy this PIN to the user interface of the registrar.
- Add Wireless Station
-
This Wizard helps you add wireless devices to the wireless network.
The wizard will either display the wireless network settings to guide you through manual configuration, prompt you to enter the PIN for the device, or ask you to press the configuration button on the device. If the device supports Wi-Fi Protected Setup and has a configuration button, you can add it to the network by pressing the configuration button on the device and then click the 'Connect' Button within 120 seconds. The status LED on the router will be solid for 5 seconds if the device has been successfully added to the network.
There are several ways to add a wireless device to your network. Access to the wireless network is controlled by a "registrar". A registrar only allows devices onto the wireless network if you have entered the PIN, or pressed a special Wi-Fi Protected Setup button on the device. The router acts as a registrar for the network, although other devices may act as a registrar as well.
- Connect your Wireless Device
- Start the wizard.
Advanced Network
This section contains settings which can change the way the router handles certain types of traffic. We recommend that you not change any of these settings unless you are already familiar with them or have been instructed to change them by one of our support personnel.
- UPnP
- UPnP is short for Universal Plug and Play which is a networking architecture that provides compatibility among networking equipment, software, and peripherals. The DIR-600 is a UPnP enabled router, meaning it will work with other UPnP devices/software. If you do not want to use the UPnP functionality, it can be disabled by selecting "Disabled".
- WAN Ping
- When you Enable WAN Ping respond, you are causing the public WAN (Wide Area Network) IP address on the device to respond to ping commands sent by Internet users. Pinging public WAN IP addresses is a common method used by hackers to test whether your WAN IP address is valid.
- WAN Port Speed
- This allows you to select the speed of the WAN interface of the router: Choose 100Mbps, 10Mbps, or 10/100Mbps Auto.