Firewall settings – D-Link DIR-68 User Manual

48

D-Link DIR-68 User Manual

Section  - Configuration

Firewall Settings

A firewall protects your network from the outside world. The D-Link DIR-68 offers a firewall type functionality. The SPI feature

helps prevent cyber attacks. Sometimes you may want a computer exposed to the outside world for certain types of applications.

If you choose to expose a computer, you cam enable DMZ. DMZ is short for Demilitarized Zone. This option will expose the chosen

computer completely to the outside world.

SPI (Stateful Packet Inspection, also known as dynamic packet filtering) helps

to prevent cyber attacks by tracking more state per session. It validates that

the traffic passing through the session conforms to the protocol.

Select one of the following for TCP and UDP ports:

Endpoint.Independent.- Any incoming traffic sent to an open port will be

forwarded to the application that opened the port. The port will close if idle

for 5 minutes.

Address. Restricted - Incoming traffic must match the IP address of the

outgoing connection.

Address.+.Port.Restriction - Incoming traffic must match the IP address and

port of the outgoing connection.

Enable this feature to protect your network from certain kinds of “spoofing”

attacks.

If an application has trouble working from behind the router, you can expose

one computer to the Internet and run the application on that computer.

Note: Placing a computer in the DMZ may expose that computer to a variety

of security risks. Use of this option is only recommended as a last resort.

Specify the IP address of the computer on the LAN that you want to have

unrestricted Internet communication. If this computer obtains it’s IP address

automatically using DHCP, be sure to make a static reservation on the Basic

> DHCP page so that the IP address of the DMZ machine does not change.

Enable SPI:

NAT Endpoint

Filtering:

Anti-Spoof Check:

Enable DMZ:

DMZ IP Address: