• Disable Port Scan and DoS Protection. DoS protection protects your LAN against denial of
service attacks such as Syn flood, Smurf Attack, Ping of Death, and many others. Select this check
box only in special circumstances.
• Default DMZ Server. This feature is sometimes helpful when you are playing online games or
videoconferencing, but it makes the firewall security less effective. See Set Up a Default DMZ
Server on page 126.
• Respond to Ping on Internet Port.This feature allows your router to be discovered. Use this
feature only as a diagnostic tool or for a specific reason.
• Disable IGMP Proxying. IGMP proxying allows a computer on the local area network (LAN) to
receive the multicast traffic it is interested in from the Internet. If you do not need this feature, you
can select this check box to disable it.
• MTU Size (in bytes).The normal MTU (maximum transmit unit) value for most Ethernet networks
is 1500 bytes, or 1492 bytes for PPPoE connections. Change the MTU only if you are sure that it
is necessary for your ISP connection. See Change the MTU Size on page 41.
• NAT Filtering. Network Address Translation (NAT) determines how the router processes inbound
traffic. Secured NAT protects computers on the LAN from attacks from the Internet but might
prevent some Internet games, point-to-point applications, or multimedia applications from working.
Open NAT provides a much less secured firewall but allows almost all Internet applications to
work.
5. Click the Apply button.
Your changes are saved.
Set Up a Default DMZ Server
The default DMZ server feature is helpful when you are using some online games and videoconferencing
applications that are incompatible with Network Address Translation (NAT). The router is programmed to
recognize some of these applications and to work correctly with them, but other applications might not
function well. In some cases, one local computer can run the application correctly if the IP address for
that computer is entered as the default DMZ server.
Warning
DMZ servers pose a security risk. A computer designated as the default DMZ
server loses much of the protection of the firewall and is exposed to exploits
from the Internet. If compromised, the DMZ server computer can be used to
attack other computers on your network.
The router usually detects and discards incoming traffic from the Internet that is not a response to one of
your local computers or a service that you configured on the Port Forwarding/Port Triggering page. Instead
of discarding this traffic, you can specify that the router forwards the traffic to one computer on your
network. This computer is called the default DMZ server.
Network Settings
126