Port triggering, Wireless security – Motorola SBG940 User Manual

Page 22

Advertising
background image

Overview

Installation

Troubleshooting

Contact

FAQ

Specifications Glossary

License

Configuration: Basic Gateway TCP/IP Wireless USB

SBG940 User Guide

14

DMZ

A de-militarized zone (

DMZ

) is one or more computers logically located outside the firewall between an SBG940

LAN and the Internet. A DMZ prevents direct access by outside users to private data.

For example, you can set up a web server

on a DMZ computer to enable outside users to access your website

without exposing confidential data on your network.

A DMZ can also be useful to play interactive games that may have a problem running through a firewall. You can
leave a computer used for gaming only exposed to the Internet while protecting the rest of your network. For more
information, see “

Gaming Configuration Guidelines

”.

Port Triggering

When you run an application that accesses the Internet, it typically initiates communications with a computer on
the Internet. For some applications, especially gaming, the computer on the Internet also initiates communications
with your computer. Because NAT does not normally allow these incoming connections:

The SBG940 has preconfigured port triggers for common applications.

If needed, you can configure additional port triggers on the

Gateway > PORT TRIGGERS — custom Page

.

Wireless Security

Because WLAN data is transmitted using radio signals, it may be possible for an unauthorized person to access
your WLAN unless you prevent them from doing so. To prevent unauthorized eavesdropping of data transmitted
over your LAN, you must enable wireless security. The default SBG940 settings neither provide security for
transmitted data nor protect network data from unauthorized intrusions.

The SBG940 provides the following wireless security measures, which are described in “

Setting Up Your Wireless

LAN

”:

To prevent unauthorized eavesdropping, you must encrypt data transmitted over the wireless interface using
one of:

If all of your wireless clients support Wi-Fi

®

Protected Access (WPA) encryption, we recommend using

WPA (see “

Configuring WPA on the SBG940

” and

Configuring a Wireless Client for WPA

”).

Otherwise, configure a Wired Equivalency Privacy (WEP) key on the SBG940 and each WLAN client
(see “

Configuring WEP on the SBG940

” and “

Configuring a Wireless Client for WEP

”).

To protect LAN data from unauthorized intrusions, you can restrict WLAN access to computers having one or
both of:

Known MAC addresses (see

Configuring a MAC Access Control List on the SBG940

”)

The same unique network name (

ESSID

)

as the SBG940 (see

Configuring the Wireless Network Name

on the SBG940

” and

Configuring a Wireless Client with the Network Name (ESSID)

”)

Restricting access to computers having the same network name is also called “disabling ESSID broadcasting” or
“enabling closed network operation.”

Advertising
Popular Brands
Popular manuals