Default dmz server – On Networks N300RM User Manual User Manual
Page 34
Modem Router Setup
34
N300 WiFi ADSL2+ Modem Router (N300RM)
•
Disable Port Scan and DoS Protection
. DoS protection protects your LAN against
denial of service attacks such as Syn flood, Smurf Attack, Ping of Death, Teardrop Attack,
UDP Flood, ARP Attack, Spoofing ICMP, Null Scan, and many others. This should be
disabled only in special circumstances.
•
Default DMZ Server
. This feature is sometimes helpful when you are playing online
games or videoconferencing. Be careful when using this feature because it makes the
firewall security less effective. See the following section,
details.
•
Respond to Ping on Internet Port
. If you want the modem router to respond to a ping
from the Internet, select this check box. Use this setting only as a diagnostic tool because
it allows your modem router to be discovered. Do not select this check box unless you
have a specific reason.
•
MTU Size (in bytes)
. The normal MTU (maximum transmit unit) value for most Ethernet
networks is 1500 bytes or 1492 bytes for PPPoE connections. For some ISPs, you might
need to reduce the MTU. This is rarely required. You should reduce the MTU only if you
are sure that it is necessary for your ISP connection. See
•
NAT Filtering
. Network Address Translation (NAT) determines how the modem router
processes inbound traffic. Secured NAT provides a secured firewall to protect the
computers on the LAN from attacks from the Internet, but might prevent some Internet
games, point-to-point applications, or multimedia applications from functioning. Open
NAT provides a much less secured firewall, but allows almost all Internet applications to
function.
•
Disable SIP ALG
. The Session Initiation Protocol (SIP) Application Level Gateway (ALG)
is enabled by default to optimize VoIP phone calls that use the SIP. Select the Disable
SIP ALG
check box to disable the SIP ALG. Disabling the SIP ALG might be useful when
running certain applications.
Default DMZ Server
The default DMZ server feature is helpful when you are using some online games and
videoconferencing applications that are incompatible with Network Address Translation
(NAT). The modem router is programmed to recognize some of these applications and to
work correctly with them, but there are other applications that might not function well. In
some cases, one local computer can run the application correctly if that computer’s IP
address is entered as the default DMZ server.
WARNING:
DMZ servers pose a security risk. A computer designated as the
default DMZ server loses much of the protection of the firewall
and is exposed to exploits from the Internet. If compromised, the
DMZ server computer can be used to attack other computers on
your network.