Firewall
FIREWALL¶
In the FIREWALL section, you can configure firewall rules such as DMZ, Port Forwarding, Filter Rules, ARP Protection & IP-MAC Binding, and DDoS Protection.
DMZ (Demilitarized Zone)¶
DMZ allows you to expose a specific computer to the Internet, redirecting all incoming network traffic to that computer.
Click DMZ and enable Open DMZ.
| DMZ Settings | Configuration |
|---|---|
| Enable | [Toggle to enable] |
| *IP Address | 192.168.0.111 [Enter the IP address of the device to expose] |
| Operation | Save |
Port Forwarding¶
Port Forwarding allows remote computers to access a specific device or service on the local LAN (e.g., web servers, FTP servers) that is behind the firewall.
To set up Port Forwarding, click Port Forwarding and then Add.
| Port Forwarding | Configuration |
|---|---|
| Enable | [Toggle to enable the rule] |
| Protocol | TCP / UDP / TCP & UDP [Select the applicable protocol] |
| Source Port | [Enter the internal port number of the device; leave blank if the same as the external port] |
| Destination IP | [Enter the IP address of the device on the LAN that requires remote access] |
| Destination Port | [Enter a specific port number or port range (e.g., 100–300)] |
| Remarks | [Add a comment for the rule (optional)] |
| Actions | Add / Clear All / Save Rules |
| Display | 5 entries per page |
Note
: Router services (e.g., web, FTP) require their respective ports to be opened on the router to be accessible from the public Internet.
ARP (Address Resolution Protocol) Protection & IP-MAC Binding¶
This feature statically binds a device's MAC address (unique hardware identifier) to a specified IP address.
If the IP address assigned to a device's MAC address in the IP-MAC Binding list does not match the actual IP address obtained by the device, network connection issues may occur.
| ARP Protection & IP-MAC Binding | Configuration |
|---|---|
| Enable | [Toggle to enable] |
| IP Protocol | IPv4 |
| IP Address | 192.168.0.100 [Enter the IP address to bind] |
| MAC Address | 80:80:80:80:80:80 [Enter the corresponding MAC address] |
| Remarks | [Add a comment (optional)] |
| Actions | Add / Clear All / Save Rules |
| Display | 5 entries per page |
Filter Rules¶
This page integrates multiple firewall rule sets, including MAC Filters, Port Filters, and IP-Port Filters.
During initial setup, you must select either whitelist or blacklist mode. The default mode is blacklist.
MAC Filters¶
MAC Filtering controls network access permissions based on devices' MAC addresses (physical addresses). For example, it can restrict network access to only registered devices. In whitelist mode, only devices with MAC addresses listed in the filter are allowed to access the network.
| MAC Filters | Configuration |
|---|---|
| Enable | [Toggle to enable] |
| IP Protocol | IPv4 |
| MAC Address | 80:80:80:80:80:80 [Enter the MAC address to filter] |
| Remarks | [Add a comment (optional)] |
| Actions | Add / Clear All / Save Rules |
| Display | 5 entries per page |
Port Filters¶
Port Filtering precisely controls network traffic based on IP + Port + Protocol rules (e.g., TCP 80). For example, it can block external access to the internal port 3389. In whitelist mode, only explicitly listed ports are accessible.
| Port Filters | Configuration |
|---|---|
| Enable | [Toggle to enable] |
| IP Protocol | IPv4 |
| Protocol | TCP / UDP / TCP & UDP [Select the protocol] |
| Port | 3389 [Enter the port number to filter] |
| Remarks | [Add a comment (optional)] |
| Actions | Add / Clear All / Save Rules |
| Display | 5 entries per page |
IP-Port Filters¶
IP-Port Filtering is a core firewall security mechanism that enables precise traffic control based on the combination of IP address + port number + protocol type. By defining rules (source/destination IP and port), it allows or blocks specific network access attempts—for example, preventing external networks from accessing the internal port 3389.
DDoS (Distributed Denial of Service) Protection¶
The DDoS Protection function effectively defends against various types of flood attacks.
| DDoS Protection | Configuration |
|---|---|
| Enable | [Toggle to enable] |
| Operation | Save |