Instrukcja obsługi Verizon MI424WR

Verizon router MI424WR

Przeczytaj poniżej 📖 instrukcję obsługi w języku polskim dla Verizon MI424WR (205 stron) w kategorii router. Ta instrukcja była pomocna dla 17 osób i została oceniona przez 2 użytkowników na średnio 4.5 gwiazdek

Pobierz PDF

Strona 1/205

Wireless

Broadband

Router

MI424WR

rev. I

User Manual

Contents

FiOS Router User Manual

Introduction

1.0 Introduction

1.1 Package Contents

1.2 System Requirements

1.3 Features

1.4 Getting to Know the FiOS Router

Connecting the FiOS Router

2.0 Introduction

2.1 Setting Up the FiOS Router

2.2 Computer Network Configuration

2.3 Configuring the FiOS Router

2.4 Features

2.5 Main Screen

Setting Up a Wireless Network

3.0 Introduction

3.1 Overview

3.2 Connecting a Wireless Client

3.3 Wireless Status

3.4 Basic Security Settings

3.5 Advanced Security Settings

3.6 Setting Up a Wireless Client

Configuring My Network Settings

4.0 Introduction

4.1 Accessing My Network Settings

4.2 Using My Network Settings

Contents

FiOS Router User Manual (con’t)

Using Network Connections

5.0 Introduction

5.1 Accessing Network Connections

5.2 Network (Home/Office) Connection

5.3 Ethernet/Coax Connection

5.4 Wireless Access Point Connection

5.5 Broadband Ethernet/Coax Connection

5.6 WAN PPPoE Connection

Configuring Security Settings

6.0 Introduction

6.1 Overview

6.2 Firewall

6.3 Access Control

6.4 Port Forwarding

6.5 DMZ Host

6.6 Port Triggering

6.7 Remote Administration

6.8 Static NAT

6.9 Advanced Filtering

6.10 Security Log

Parental Controls

7.0 Introduction

7.1 Activating Parental Controls

7.2 Rule Summary

Contents

FiOS Router User Manual (con’t)

Configuring Advanced Settings

8.0 Introduction

8.1 Using Advanced Settings

8.2 Utilities

8.3 DNS Settings

8.4 Network Settings

8.5 Configuration Settings

8.6 Time Settings

8.7 Firmware Upgrade

8.8 Routing Settings

Monitoring the FiOS Router

9.0 Introduction

9.1 Router Status

9.2 Advanced Status

Troubleshooting

10.0 Introduction

10.1 Troubleshooting Tips

10.2 Frequently Asked Questions

Configuring Quality of Service

A.0 Introduction

A.1 Traffic Priority

A.2 Traffic Shaping

Contents

FiOS Router User Manual (con’t)

Specifications

B.0 Introduction

B.1 General

B.2 LED Indicators

B.3 Environmental

Notices

C.0 Introduction

C.1 Regulatory Compliance Notices

C.2 Modifications

C.3 NEBS Requirements

C.4 GPL

Introduction

1.0 Introduction

1.1 Package Contents

1.2 System Requirements

1.3 Features

1.4 Getting to Know the FiOS

Router

The Verizon FiOS® Router lets you transmit

and distribute digital entertainment and

information to multiple devices via coaxial

cables. The FiOS Router also supports

Ethernet and Wi-Fi networking, making

it one of the most versatile and powerful

routers available.

Introduction

1.1 Package Content

The following is a list of the items included with the FiOS Router:

Black Power adapter•

Yellow cable (Ethernet, • 6 ft.)

White cable (Ethernet, • 10 ft.)

Quick Start Guide•

Installation Guide•

User Manual • CD

Wireless Networking Guide•

Wall-mount template•

Vertical stand•

1.2 Minimum System Requirements

The FiOS Router must be used with the following systems and software:

Computer with Ethernet capability•

Microsoft Windows 2000, XP, Vista, or 7; Mac OS 10.1 or greater; •

Linux/BSD, Unix

Internet Explorer 5.0 or higher; Netscape Navigator 7.0 or higher•

TCP/IP network protocol installed on each computer•

FiOS Router User Manual

1.3 Features

The FiOS Router features:

Multiple networking standards support, including:•

WAN · - Ethernet and MoCA interfaces

LAN · - 802.11b/g/n, Ethernet, and MoCA interfaces

Integrated wired networking with • 4-port 10/100/1000 Mbps Ethernet switch

and MoCA

Integrated wireless networking with • 802.11b/g/n access point featuring:

802 · .11n enabled to support speeds up to 160 Mbps wirelessly

802 · .11g enabled to support speeds up to 54 Mbps wirelessly

802 · .11b compatibility, communicating with 802.11b wireless products at

speeds up to 11 Mbps

Enterprise-level security, including• :

Fully customizable firewall with Stateful Packet Inspection ·

Content filtering with · URL-keyword based filtering, parental control,

customizable filtering policies per computer, and E-mail notification

Denial of service protection against · IP spoofing attacks, intrusion and scanning

attacks, IP fragment overlap, ping of death, and fragmentation attacks

Event logging ·

Intrusion detection ·

MAC · address filtering

NAT ·

DMZ · hosting

Access control ·

Advanced wireless protection featuring · WPA, WPA2, WEP 64/128 bit

encryption, 802.1x authentication, and MAC address filtering

ICSA · certification

Introduction

1.3 Features

Other options, including:•

DHCP · server option

DHCP · server/PPPoE server auto-detection

DNS · server

LAN IP · and WAN IP address selection

MAC · address cloning

Port forwarding ·

PPP · oE support

Q · oS support (end to end layer 2/3) featuring Diffserv, 802.1p/q

prioritization, configurable upstream/downstream traffic shaping, random

early detection and pass-through of WAN-side DSCPs, PHBs, and queuing

to LAN-side devices

Remote management and secured remote management using · HTTPS

Reverse · NAT

Static · NAT

Static routing ·

Time zone support ·

VLAN · multicast support

VPN IPS · ec (VPN pass-through only)

FiOS Router User Manual

1.4 Getting to Know the FiOS Router

This section contains a quick description of the FiOS Router’s lights (LEDs), ports,

etc. The FiOS Router has several indicator lights on its front panel, a sticker on its

bottom panel, and a series of ports and switches on its rear panel.

1.4a Front Panel

The front panel of the FiOS Router has a series of indicator lights: Power, WAN

Ethernet, WAN Coax, Internet, LAN Ethernet (4), LAN Coax, USB (2), and Wireless.

It also features a WPS button.

Front view – Verizon FiOS Router (rev. I)

Introduction

1.4 Getting to Know the FiOS Router

Power

The Power LED displays the FiOS Router’s current status. If the Power light glows

steadily green, the FiOS Router is receiving power and fully operational. When

the Power light flashes rapidly, the FiOS Router is initializing. If the Power light

is not illuminated when the Power cord is plugged in and the Power switch is

turned on, or if the Power light glows red for more than 3 minutes, the FiOS

Router has suffered a critical error and technical support should be contacted.

WAN Ethernet

The WAN Ethernet LED illuminates when the FiOS Router is connected to the

Internet via Ethernet. If flashing, data traffic is passing across the port.

WAN Coax

The WAN Coax LED glows steadily or flashes when the FiOS Router is connected

to the Internet via coaxial cable.

Internet

When the Internet LED glows steadily green, the FiOS Router is connected to the

ISP (Internet Service Provider). If it glows amber, there is a physical connection

to the ONT (Optical Network Terminator), but authentication has not taken place

(i.e., no IP address is present).

LAN Ethernet (1, 2, 3, 4)

The LAN Ethernet LEDs illuminate when the FiOS Router is connected to a local

network via one or more of its Ethernet ports. If flashing, data traffic is passing

across the port(s).

LAN Coax

The LAN Coax LED glows steadily or flashes when the FiOS Router is connected

to a local network via its Coax port.

FiOS Router User Manual

USB (1, 2)

The USB LEDs illuminate when the FiOS Router is connected to a device via one

of its USB ports. These ports are currently inoperational; they will be activated in

a future firmware update.

Wireless

The Wireless LED illuminates when the FiOS Router’s wireless access point is

turned on. If flashing, data traffic is passing across the wireless connection.

Wi-Fi Protected Setup

WiFi Protected Setup (WPS) is an easier way to set up a wireless network. Instead

of entering passwords or multiple keys on each wireless client (laptop, printer,

external hard drive, etc.), the FiOS Router can create a wireless network that only

requires the pressing of buttons (one on the FiOS Router, and one on the client

[either built-in, or on a compatible wireless card]) to allow wireless clients to join

the FiOS Router’s wireless network. Although the WPS button is included on

the FiOS Router, WPS functionality will not be enabled until a future firmware

release. The button is included so that WPS can be activated at a later date

without having to physically change the FiOS Router. The GUI does not include

the WPS option.

1.4b Bottom Panel

The bottom panel of the FiOS Router has a sticker that contains important

information about the FiOS Router, including default user name and password,

ESSID, wireless keys, etc.

Introduction

1.4 Getting to Know the FiOS Router

1.4c Rear Panel

The rear panel of the FiOS Router has eight ports (Coax, Power, LAN Ethernet

[4], WAN Ethernet, and USB), a Power switch, a Reset button, and two

wireless antennas.

On/Off

Coax

1234

100 100 100 100

10 10 10 10

LAN

WAN

100 10

Reset

Ethernet Cable

(from LAN Ethernet Port

to Computer/Device)

Ethernet Cable

(from WAN Port

to ISP Connection)

Power Adapter

(from Power Port

to Wall Outlet)

Coaxial Cable

(from Coax Port

to Device)

USB1

USB Cable

(from USB Port

to Device)

USB2

Rear view – Verizon FiOS Router (rev. I)

Coax Port

The Coax port connects the FiOS Router to the ISP or other devices using a

coaxial cable.

Power Port

The Power port connects the FiOS Router to an electrical wall outlet via the

Power cord.

Power Switch

The Power switch powers the FiOS Router on and off.

FiOS Router User Manual

Reset Button

To restore the FiOS Router’s factory default settings, press and hold the Reset

button for approximately ten seconds. The reset process will start about ten

seconds after releasing the button. When the FiOS Router resets, all the lights on

the front panel turn off, and then some of the lights start flashing. The FiOS Router

has completed its reset process when the Power light glows steadily green.

Caution! Do not unplug the Power cord from the FiOS Router during the

reset process. Doing so may result in the loss of the FiOS Router’s configuration

information. If this occurs, reset the FiOS Router again.

LAN Ethernet Ports (4)

The LAN Ethernet ports connect devices to the FiOS Router via Ethernet cables

to create a local area network (LAN). The LAN Ethernet ports are 10/100/1000

Mbps auto-sensing ports, and either a straight-through or crossover Ethernet

cable can be used when connecting devices to the ports.

WAN Ethernet Port

The WAN Ethernet port connects the FiOS Router to the ISP using an Ethernet cable.

USB Ports

The USB ports provide up to 500 mA at 5 VDC for attached devices (to charge a cell

phone, for example). In the future, with a firmware release upgrade, the USB host

functionality will be available for devices such as external storage and cameras.

Wireless Antenna

The FiOS Router’s wireless antenna is used to transmit a wireless signal to other

wireless devices on its wireless network.

Connecting

the FiOS

Router

2.0 Introduction

2.1 Setting up the FiOS Router

2.2 Computer Network

Conguration

2.3 Conguring the FiOS Router

2.4 Main Screen

Connecting the FiOS Router and accessing

its Graphical User Interface (GUI) are both

simple procedures. The latter procedure

may vary slightly, depending on the

computer’s operating system. However,

no conguration is necessary to access the

GUI when taking advantage of Universal

Plug-and-Play support.

Connecting the FiOS Router

2.1 Setting Up the FiOS Router

There are three parts to setting up the FiOS Router: Connecting the Cables,

Configuring the Router, and Connecting Other Computers/Set Top Boxes.

2.1a Connecting the Cables

Note: If a different router was being used previously, disconnect it. Remove all

router components, including power supplies and cables, as they will not work

with the FiOS Router.

Get the FiOS Router and black Power cord from the box.1.

Plug the black Power cord in the black port on the back of the FiOS Router 2.

and then into a power outlet.

Turn the FiOS Router on.3.

The Power light on the front of the FiOS Router will glow red for 4.

approximately 1 minute during initialization; wait until the Power light glows

steadily green before proceeding to step 5.

Plug the yellow Ethernet cable from the box into one of the four yellow 5.

Ethernet ports on the back of the FiOS Router.

Make sure the computer is powered on, then plug the other end of the 6.

yellow Ethernet cable into an Ethernet port on the computer.

Make sure at least one of the Ethernet LAN lights on the front of the FiOS 7.

Router glows steadily green. This may take a few moments.

The phone company previously installed a high-speed wall jack somewhere 8.

in the house. Locate it and note its type (Ethernet or coaxial). If Ethernet,

follow steps 8a and 8b. If coaxial, follow steps 9a and 9b. Then, continue to

step 10.

a. If connecting via Ethernet, get the white Ethernet cable from the box and

plug one end in the white port on the back of the FiOS Router.

b. Plug the other end of the white Ethernet cable into the high-speed

Ethernet jack.

FiOS Router User Manual

a.9. If connecting via coaxial cable, get a coaxial cable and connect one end

to the red Coax port on the back of the FiOS Router.

b. Connect the other end of the coaxial cable to a coax jack.

Make sure the Ethernet WAN light (if connecting via Ethernet) or Coax WAN 10.

light (if connecting via coaxial cable) on the front of the FiOS Router glows

steadily green. If connecting via coaxial cable, this may take a few minutes.

Note: If the Ethernet WAN light or Coax WAN light does not illuminate, make

sure the cable (Ethernet or coaxial) is connected properly at both ends.

2.2 Computer Network Configuration

Each network interface on the computer should either be configured with a

statically defined IP address and DNS address, or instructed to automatically

obtain an IP address using the Network DHCP server. The FiOS Router is set up, by

default, with an active DHCP server, and we recommend leaving this setting as is.

2.2a Configuring Dynamic IP Addressing

To set up a computer to use dynamic IP addressing:

Windows 7

In the Control Panel, select 1. View Network Status and Tasks (below

“Network and Internet”).

Under “Connect or disconnect,” click 2. Local Access Connection.

The “Local Area Connection Status” window appears. Click 3. Properties.

The “Local Area Connection Properties” window appears. Select 4. Internet

Protocol Version 4 (TCP/IPv4), then click Properties.

The “Internet Protocol Version 4 (TCP/IPv4) Properties” window appears. 5.

Click the “Obtain an IP address automatically” radio button. 6.

Click the “Obtain DNS server address automatically” radio button. 7.

Click 8. OK in the Internet Protocol Version 4(TCP/IPv4) Properties window,

then click OK in the Local Area Connection Properties screen to save

the settings.

Connecting the FiOS Router

2.2 Computer Network Conguration

Windows Vista

Select 1. Network and Sharing in the Control Panel.

Click 2. View Status, then click Properties.

Click 3. Continue in the “User Account Control” window.

In the “General” tab of the “Local Area Connection Properties” window select 4.

Internet Protocol Version 4 (TCP/IPv4), then click Properties.

The “Internet Protocol Version 4 (TCP/IPv4) Properties” window appears. 5.

Click the “Obtain an IP address automatically” radio button. 6.

Click the “Obtain DNS server address automatically” radio button. 7.

Click 8. OK in the Internet Protocol Version 4(TCP/IPv4) Properties window,

then click OK in the “Local Area Connection Properties” screen to save

the settings.

Windows XP

Select 1. Network Connections in the Control Panel.

Right-click 2. Ethernet Local Area Connection, then click Properties.

In the “General” tab, select 3. Internet Protocol (TCP/IP), then click Properties.

The “Internet Protocol (TCP/IP) Properties” window appears. 4.

Click the “Obtain an IP address automatically” radio button. 5.

Click the “Obtain DNS server address automatically” radio button. 6.

Click 7. OK in the “Internet Protocol (TCP/IP) Properties” screen, then click OK in

the “Local Area Connection Properties” screen to save the settings.

FiOS Router User Manual

Macintosh OS X

Click on the Apple icon in the top left corner of the desktop. 1.

From the menu that appears, select 2. System Preferences.

The “System Preferences” window appears. Click 3. Network.

From the “Network” window, make sure “Ethernet” in the list on the left is 4.

highlighted and displays “Connected.”

Click 5. Assist me.

From the tab that appears, click 6. Diagnostics.

Follow the instructions in the “Network Diagnostics” assistant. 7.

Linux

Type “ifconfig” to display the network devices and allocated IPs. 2.

Type “pump -i <dev>,” where <dev> is the network device name. 3.

Type “ifconfig” again to view the newly allocated IP address. 4.

Make sure no firewall is active on device <dev>. 5.

Connecting the FiOS Router

2.3 Conguring the FiOS Router

2.3 Configuring the FiOS Router

Open a web browser on the computer connected to the FiOS Router. In the 1.

“Address” text box, type:

http://192.168.1.1

then press Enter on the keyboard.

The “Login” screen appears. Enter “admin” in the “User Name” text box. Enter 2.

the password that is printed next to “Default Password” on the label attached

to the bottom of the FiOS Router in the “Password” text box.

Click 3. OK.

The FiOS Router is now configured. The password can be changed after this

initial log in, but if the FiOS Router is subsequently reset to factory default

settings, the password printed on the label will be in effect.

FiOS Router User Manual

2.3a Connecting Other Computers/Set Top Boxes

The FiOS Router can connect to other computers or set top boxes in three ways:

via Ethernet, via wireless connection, or via coaxial cable.

Ethernet

Get an Ethernet cable and plug one end into one of the open yellow 1.

Ethernet ports on the back of the FiOS Router.

Plug the other end of the Ethernet cable into an Ethernet port on 2.

the computer.

Make sure the corresponding Ethernet LAN light on the front of the FiOS 3.

Router glows steadily green.

Repeat these steps for each computer to be connected to the FiOS Router 4.

via Ethernet.

Wireless

Make sure each computer to be connected wirelessly has built-in wireless or 1.

an attached wireless adapter.

Make sure the computer uses the same ESSID and WPA2 key as the FiOS 2.

Router by launching the computer’s wireless application

Enter the ESSID and WPA2 key found on the sticker on the bottom of the 3.

FiOS Router in the computer’s wireless settings and click Save.

Make sure the changes were implemented by surfing the Internet from 4.

the computer.

Repeat these steps for every other computer to be connected to the 5.

FiOS Router wirelessly.

Connecting the FiOS Router

2.4 Main Screen

Coaxial

Make sure all set top boxes are turned off.1.

Disconnect any adapter currently connected to the coaxial jack in the room 2.

where the FiOS Router is.

Connect one end of the coaxial cable to the coaxial wall jack, and the other 3.

end to the red Coax port on the back of the FiOS Router.

Power up the set top box.4.

Make sure the Coax LAN light on the front of the FiOS Router glows steadily 5.

green. This may take a few minutes. When it does, the set top box is

connected to the FiOS Router.

2.4 Main Screen

After logging into the FiOS Router’s GUI (see “Configuring the FiOS Router” at the

beginning of this chapter), the “Main” screen appears.

FiOS Router User Manual

The Main screen has a menu occupying the top of the screen. Below that, the

screen is divided into three columns: “My Router,” “My Network,” and

“Action Zone.”

2.4a Menu

The Main screen’s menu contains links to all of the configuration options of

the FiOS Router: Wireless Settings (explained in chapter 3 of this manual), My

Network (chapter 5), Firewall Settings (chapter 6), Parental Controls (chapter

7), Advanced (chapter 8), and System Monitoring (chapter 9).

2.4b My Router

This section displays the status of the FiOS Router’s network and Internet

connection.

Broadband Connection

The “Broadband Connection” section of the My Router column displays the state

of the FiOS Router’s broadband connection (“Connected” or “Disconnected”) for

the two connection options (“Coax Status” and “Ethernet Status”), and the WAN

IP address of the broadband connection.

Quick Links

The “Quick Links” section of the My Router column contains a list of frequently

accessed settings, including “Port Forwarding,” “Change Wireless Settings,”

“Change Login User Name/Password,” “Adding a Webcam,” “Verizon Help’”

and “Logout.”

Connecting the FiOS Router

2.4 Main Screen

2.4c My Network

The “My Network” column of the Main screen displays the connection type,

name, and IP address of all devices connected to the FiOS Router’s network.

The icon associated with the device will be displayed normally (signifying an

active device) or shaded (signifying the device has not been active for at least 60

seconds). The user can view the settings of each device by clicking on its icon.

2.4d Action Zone

This column contains links to various Verizon Web sites, and other informational

links. Clicking on the icon above “Go to Internet Now” connects the user to the

home page configured on the user’s web browser.

Setting Up

a Wireless

Network

3.0 Introduction

3.1 Overview

3.2 Connecting a Wireless Client

3.3 Wireless Status

3.4 Basic Security Settings

3.5 Advanced Security Settings

3.6 Setting Up a Wireless Client

Wireless networking enables you to free

yourself from wires and plugs, making

your devices more accessible and easier

to use. This chapter explains how to create

a wireless network using the FiOS Router,

including accessing and conguring

wireless security options.

FiOS Router User Manual

3.1 Overview

The FiOS Router provides the user with wireless connectivity over the 802.11b,

g, and n standards (the most common wireless standards). 802.11b has a

maximum data rate of 11 Mbps, 802.11g has a maximum data rate of 54 Mbps,

and 802.11n has a maximum data rate of 160 Mbps. All standards operate in the

2.4 GHz range.

The FiOS Router’s wireless feature is turned on, with wireless security activated, by

default. The level of security is WPA2, with a unique WPA2 key already entered. This

information is displayed on a sticker located on the bottom of the FiOS Router.

The FiOS Router integrates multiple layers of security. These include the IEEE

802.1x port-based authentication protocol, RADIUS client, EAP-MD5, EAP-TLS,

EAP-TTLS, EAP-PEAP, Wired Equivalent Privacy (WEP), Wi-Fi Protected Access

(WPA and WPA2) and firewall and VPN applications.

3.2 Connecting a Wireless Client

To connect a wireless client to the FiOS Router:

Note: The following procedure assumes the FiOS Router’s default wireless

settings are intact. If they have been changed, use the new ESSID and wireless

security settings. For more details, see the “Setting Up a Wireless Client” section

of this chapter.

In the wireless client’s configuration interface, enter the FiOS Router’s 1.

ESSID (found on a sticker on the bottom of the FiOS Router’s case) in the

appropriate text box or field (this varies depending on the wireless client’s

manufacturer).

Enter the FiOS Router’s wireless key (also found on the sticker on the bottom 2.

of the FiOS Router’s case) in the wireless client’s configuration interface.

Save the changes and exit the wireless client’s configuration interface. The 3.

client should now detect and join the FiOS Router’s wireless network. If not,

check the wireless client’s documentation, or contact its manufacturer.

Setting Up a Wireless Network

3.3 Wireless Status

Clicking on the “Wireless Settings” icon from the Main screen’s menu generates

the “Wireless Status” screen, which displays the current status of the wireless

connection.

3.3a Radio Enabled

Displays whether the FiOS Router’s wireless radio is active.

3.3b SSID

The SSID (Service Set Identifier) is the network name shared among all devices

on a particular wireless network. The SSID must be identical for all devices

on the wireless network. It is case-sensitive and cannot exceed 32 characters.

Make sure the SSID is the same for all devices to be connected to the wireless

network. The FiOS Router comes from the factory with an SSID already entered

and displayed here. The default SSID can also be found on a sticker on the

bottom of the FiOS Router.

3.3c Channel

Displays the channel to which the wireless connection is currently set.

All devices on the wireless network must be on the same channel to

function correctly.

FiOS Router User Manual

3.3d Security Enabled

Displays what kind of security is active on the wireless connection, and the

security encryption key.

3.3e SSID Broadcast

Displays whether the FiOS Router is broadcasting its SSID. If activated, the SSID

of the FiOS Router’s wireless network is broadcast wirelessly.

3.3f MAC Authentication

Displays whether the FiOS Router is using MAC (Media Access Control) address

authentication to allow wireless devices to join the network.

3.3g Wireless Mode

Displays the types of wireless device that can join the network. Options include

802.11b, 802.11g, 802.11 n, or Mixed (allows 802.11b-, 802.11g-, and 802.11n-

equipped wireless devices to join the network).

3.3h WMM

Displays whether WMM is enabled on the FiOS Router.

3.3i Packets Received/Sent

Displays the number of packets received and sent since the FiOS Router’s

wireless capability was activated.

Setting Up a Wireless Network

3.4 Basic Security Settings

To configure the FiOS Router’s wireless network for basic security, select “Basic

Security Settings” from the menu on the left side of any Wireless Settings screen.

The “Basic Security Settings” screen appears.

Note: The FiOS Router’s default wireless security is WPA2. This section explains

how to activate WEP wireless security, which is a less robust security than WPA2.

To set up WPA2 wireless security, see “WPA2” on page 38.

Click the “On” radio button to activate the FiOS Router’s wireless radio.1.

Enter the name of the wireless network in the “SSID” text box (the SSID name 2.

in the figure above is an example; enter a different name for the SSID).

Select the channel at which the FiOS Router’s wireless radio communicates 3.

by selecting it from the “Channel” drop-down list.

To preserve the channel selection in the event of a FiOS Router power cycle, 4.

click in the box next to “Keep my channel selection during power cycle.”

FiOS Router User Manual

Click the “WEP” radio button to activate WEP (Wired Equivalent Privacy) 5.

security on the wireless network.

Select a WEP security level from the “select a WEP Key” drop-down list 6.

(options include “64/40 bit” or “128/104 bit”).

Enter the key code in the “Key Code” text box. Each character must be a 7.

letter from A-F or a number from 0-9. If 64/40 bit was selected in step 5,

enter 10 characters. If 128/104 was selected, enter 26 characters.

Write down the wireless settings displayed on the screen. Other wireless 8.

devices must use these same settings when configuring the device’s wireless

networking scheme to join the FiOS Router’s wireless network.

Click 9. Apply to save the settings.

Setting Up a Wireless Network

3.5 Advanced Security Settings

To configure the FiOS Router’s advanced wireless network security settings,

select “Advanced Security Settings” from the menu on the left side of any

Wireless Settings screen. The “Advanced Security Settings” screen appears.

3.5a Level 1 (Wireless Security)

This section is used to configure different types of wireless security. Select

the type of wireless security to be applied to the wireless network by clicking

the appropriate radio button, then configure the security settings in the

subsequent screens.

FiOS Router User Manual

WEP

If WEP was selected in the Advanced Security Settings screen, the “WEP”

screen appears.

Select the appropriate WEP mode from the drop-down list. Options include 1.

WEP Only, or 802.1x. If selecting the latter, see the “802.1x” section on the

next page.

Select the appropriate network authentication level from the drop-down list. 2.

Options include Open System Authentication, Shared Key Authentication,

or Both.

Activate WEP key 1 by clicking the radio button next to “1” on the left side.3.

Select the length of key 1 by selecting “64/40 bit” or “128/104 bit” from the 4.

appropriate drop-down list in the “Key Length” column.

Select the type of key from the appropriate drop-down list in the “Entry 5.

Method” column. If “Hex” is selected, the key must be made up of

hexadecimal digits. If “ASCII” is selected, the key can be made up of

any characters.

Enter the key in the appropriate text box in the “Encryption Key” column. 6.

If 64/40 bit was chosen in step 2, enter 10 characters. If 128/104 bit was

chosen, enter 24 characters. Depending on what option was selected in step

3, enter hexadecimal or ASCII characters.

Click 7. Apply to save changes.

Setting Up a Wireless Network

3.5 Advanced Security Settings

802.1x

If 802.1x was selected in step 1 of the previous procedure, another screen

appears, relating to settings for 802.1x WEP.

802.1x WEP is a robust security protocol that uses port control with dynamically

changing encryption keys automatically updated over the network. 802.1x WEP

uses a RADIUS (Remote Authentication Dial-in Service) server for authentication

purposes. This server must be physically connected to the FiOS Router. Also, the

user must enable the RADIUS client embedded in the FiOS Router (to do this,

see chapter 8, “Advanced Settings”).

Select the WEP Mode from the “WEP Mode” drop-down list box.1.

Enter the RADIUS server IP address in the “Server IP” text boxes.2.

Enter the RADIUS server’s port number in the “Server Port” text box.3.

Enter the RADIUS server’s shared secret in the “Shared Secret” text box.4.

Click 5. Apply to save changes.

FiOS Router User Manual

WPA

If WPA (Wi-Fi Protected Access) was selected, the “WPA Key” screen appears.

Review the onscreen guide, “User Guidance on Password Selection.”1.

Make sure the radio button next to “Verizon Default Pre-Shared Key 2.

(Recommended)” is activated (blue). If not, click the button to activate.

Write the default pre-shared key down and keep it in a secure place. 3.

Select the proper encryption algorithm (TKIP, AES, or TKIP+AES). 4.

Click in the “Group Key Update Interval” check box to activate the group key 5.

update interval, and set the interval time in the text box to the right.

Click 6. Apply at the bottom of the screen to save changes.

Setting Up a Wireless Network

3.5 Advanced Security Settings

WPA2

If WPA2 was selected, the “WPA2” screen appears. Note that WPA2 is the FiOS

Router’s default wireless security protocol.

Review the onscreen guide, “User Guidance on Password Selection.”1.

Make sure the radio button next to “Verizon Default Pre-Shared Key 2.

(Recommended)” is activated (blue). If not, click the button to activate.

Write the default pre-shared key down and keep it in a secure place. 3.

Select the proper encryption algorithm (TKIP, AES, or TKIP+AES). 4.

Click in the “Group Key Update Interval” check box to activate the group key 5.

update interval, and set the interval time in the text box to the right.

Click 6. Apply at the bottom of the screen to save changes.

FiOS Router User Manual

3.5b Level 2 (SSID Broadcast)

This section is used to configure the FiOS Router’s SSID broadcast capabilities.

Enabling this option allows any wireless device using an SSID of “Any” to detect

the FiOS Router’s wireless network. Disabling “SSID Broadcast” allows only those

wireless users who know the SSID of the wireless network to detect and connect

to the network.

Selecting “SSID Broadcast” generates the “SSID Broadcast” screen.

Click the “Enable” radio button to enable SSID broadcasting. If enabled, the SSID

of the FiOS Router’s wireless network will be broadcast wirelessly. To disable

SSID broadcasting, click the “Disable” radio button.

Setting Up a Wireless Network

3.5 Advanced Security Settings

3.5c Level 3 (Limiting Access)

This option is used to limit access to the FiOS Router’s wireless network.

Wireless MAC Authentication

Wireless MAC authentication allows the user to allow or deny access to the

FiOS Router’s wireless network by a particular device’s MAC address. Selecting

“Wireless MAC Authentication” from the Advanced Security Settings screen

generates the “Wireless MAC Authentication” screen.

FiOS Router User Manual

To set up wireless MAC authentication:

Click in the “Enable Access List” check box.1.

Select either “Accept all devices listed below” or “Deny all devices listed 2.

below” by clicking the appropriate radio button. Selecting “Accept…”

causes all devices listed by MAC address to access the FiOS Router’s wireless

network. Selecting “Deny…” causes all listed devices to be denied access.

Enter the MAC address of a device in the “Client MAC address” text box.3.

Click 4. Add.

Repeat steps 3 and 4 to add more devices to the list.5.

When finished listing devices, click 6. Apply.

To remove a MAC address, select it from the “List” list box, then click Remove.

802.11b/g/n Mode

This option allows the user to select the wireless communication standard

compatible with the devices to be connected on the wireless network from the

drop-down list. Options include Compatibility (802.11b, g, and n devices can

connect) Legacy (only 802.11b and g devices can connect), and Performance

(only 802.11n devices can join).

Setting Up a Wireless Network

3.5 Advanced Security Settings

3.5d Other Advanced Wireless Options

Clicking Other Advanced Wireless Options at the bottom of the Advanced

Security Settings screen generates (after clicking through the “Warning” screen)

another “Advanced Wireless Options” screen.

Transmission Rate

Always set to “Auto.”

Transmit Power

Adjust the power of the FiOS Router’s wireless signal by entering a percentage

in this text box.

CTS Protection Mode

Activating CTS (Clear to Send) Protection Mode allows mixed 802.11b/g/n

networks to operate at maximum efficiency. Select Auto from the drop-down

list to activate. Select None to deactivate .

CTS Protection Type

Select from the two options: cts-only (for mixed 802.11b/g/n networks) or

rts-cts (for 802.11a/b/g networks).

FiOS Router User Manual

Frame Burst - Max Number

Frame Burst allows packet bursting, which increases overall network speed.

Enter the maximum number of frame bursts in this text box.

Frame Burst - Burst Time

Enter the burst time of the frame bursts in this text box.

Beacon Interval

Enter the time period of the beacon interval in this text box.

DTIM Interval

Enter the DTIM (Delivery Traffic Indication Message) interval value (in

milliseconds) in this text box. A DTIM is a countdown mechanism for the FiOS

Router, informing wireless network clients of the next window for listening to

broadcast and multicast messages.

Fragmentation Threshold

Setting the correct fragmentation threshold can increase the reliability of frame

transmissions on the wireless network. Enter the fragmentation threshold in this

text box.

RTS Threshold

Enter the RTS (Request to Send) threshold in this text box. This setting controls

what size data packet the low level RF protocol issues to an RTS packet.

MSDU Aggregation

Use these radio buttons to enable or disable MSDU aggregation.

MPDU Aggregation

Use these radio buttons to enable or disable MPDU aggregation.

Setting Up a Wireless Network

3.5 Advanced Security Settings

802.11 Guard Interval

Always set to “Dynamic.”

3.5e WMM Settings

Clicking WMM Settings at the bottom of the Advanced Wireless Options

screen generates (after clicking through the “Warning” screen) the “Wireless QoS

(WMM)” screen. This screen allows the user to prioritize the types of data coming

over the FiOS Router’s wireless network.

Wireless QoS (WMM)

Click in the check box to enable/disable Wireless QoS.

WMM Power Save

Click in the check box to enable/disable WMM Power Save.

FiOS Router User Manual

Priority Table

The upper table in the Wireless QoS screen is the Priority Table.

Use the green up and down arrows to adjust the priority of a particular type of

wireless data. The data type at the top of the table has the highest priority on

the wireless network; at the bottom is the lowest. Additionally, the user can add

a custom type of data by clicking Add and, in the screen that appears, creating

a new type of data tag. Finally, clicking the Action icon in the row corresponding

to an existing type of data allows the user to modify that type of data’s Tag and

WMM access.

Admission Control Table

The lower table in the Wireless QoS screen is the Admission Control Table.

This table allows the user to adjust a wireless data type’s admission control by

selecting Yes/No from the corresponding row’s drop-down list. Also, if needed,

enter a Quota amount in the appropriate Quota text box.

Setting Up a Wireless Network

3.6 Setting Up a Wireless Client

If the computer has wireless capabilities and is running Windows XP, Vista,

or 7, it will automatically recognize the existing wireless network and try to

create a wireless connection. View this connection under Windows’

“Network Connections.”

3.6a Setting Up a Wireless Windows Client (Windows 7)

If the computer has wireless capabilities and is running Windows 7, it will

automatically recognize the existing wireless network and try to create a wireless

connection. To manually connect to a wireless network:

Click the wireless icon the system tray (in the lower right corner of the 1.

desktop) and, from the menu that appears, click the FiOS Router’s wireless

network name from the list.

FiOS Router User Manual

When the “Connect” button appears under the network’s name, click on it.2.

A “Connect to a Network” window appears. Enter the security key of the 3.

wireless network in the appropriate text box, then click OK.

Setting Up a Wireless Network

3.6 Setting Up a Wireless Client

The connection is made. To check the status of the connection, click on the 4.

wireless icon in the service tray again. In the example, the computer has

successfully joined the wireless network “DWYL7.”

3.6b Setting Up a Wireless Windows Client (Windows Vista)

If the computer has wireless capabilities and is running Windows Vista, it will

automatically recognize the existing wireless network and try to create a wireless

connection. View this connection under Windows’ “Network Connections.”

Click the wireless icon the system tray (in the lower right corner of the 1.

desktop) and, from the menu that appears, select Connect to a Network.

A “Connect to a Network” window appears. Select the FiOS Router’s 2.

wireless network.

FiOS Router User Manual

Another Connect to a Network window appears. Enter the WPA key of the 3.

network in the appropriate text box.

Click 4. Connect. A third Connect to a Network window appears, stating that

the connection was successful.

Setting Up a Wireless Network

3.6 Setting Up a Wireless Client

3.6c Setting Up a Wireless Windows Client (Windows XP)

This section assumes the FiOS Router’s wireless network is set up with

WPA security.

Click 1. Network Connections in the Control Panel. The “Network

Connections” window appears.

Double-click the wireless connection icon. The “Wireless Network 2.

Connection” screen appears, displaying the available wireless connections.

Select the FiOS Router’s network.

FiOS Router User Manual

Click the connection once to mark it, then click 3. Connect at the bottom of

the screen. The following login window appears, asking for a “Network Key,”

which is the pre-shared key used when configuring the FiOS Router’s WPA

security (see the “WPA” section in this chapter).

Enter the network (WPA) key in both text boxes and click 4. Connect. After

the connection is established, its status will change to “Connected,” as

shown below.

An icon appears in the notification area, announcing the successful initiation

of the wireless connection.

Test the connection by disabling all other connections in the Network 5.

Connections window and surfing the Internet.

Setting Up a Wireless Network

3.6 Setting Up a Wireless Client

Manual Wireless Network Connection

If the login window shown in step 3 does not appear and the connection

attempt fails, configure the connection manually using the following procedure:

Click the connection once to mark it and then click 1. Change Advanced

Settings in the “Related Tasks” box on the left part of the window.

The “Wireless Network Connection Properties” window appears. Select 2.

Wireless Networks.

FiOS Router User Manual

Click the connection to highlight it, then click 3. Properties. The connection’s

“Properties Window” appears.

From the “Network Authentication” drop-down list, select “Open.”4.

From the “Data Encryption” drop-down list, select “WPA.”5.

Enter the pre-shared key in both the “Network key” and the “Confirm 6.

network key” text boxes.

Click 7. OK, then OK again.

When attempting to connect to the wireless network, the login window 8.

appears, pre-populated with the pre-shared key. Press Connect to connect.

Since the network is now secured, only users who know the pre-shared key will

be able to connect.

Conguring

My Network

Settings

4.0 Introduction

4.1 Accessing the My Network

Settings

4.2 Using the My Network

Settings

Once the FiOS Router is physically

connected and the FiOS Router’s Main

screen is displayed in a web browser, a list

of devices connected to the FiOS Router’s

network appears in the “My Network”

column of the screen. From here, basic

network settings can be congured.

Conguring My Network Settings

4.1 Accessing My Network Settings

To access My Network, click “My Network” (at the top of the center column) in

the Main screen.

The “My Network” screen appears:

On the far right side of the screen, in the “Connected Devices” section, is a list

of the devices currently connected to the FiOS Router’s network, sorted by

connection type and number. The rest of the screen contains the “My Network”

section, which displays each device connected to the FiOS Router’s network,

and a series of basic configuration settings for each device.

FiOS Router User Manual

4.2 Using My Network Settings

Various settings can be accessed for a particular device, as follows.

4.2a Access Device

For devices that can be accessed (such as Internet cameras and networked hard

drives), locate it in the My Network column, then click Access Devices to use

the device over the network.

4.2b Access Shared Files

To access the shared files on a particular device, locate the device in the My

Network column, then click Access Shared Files. A list of shared files appears

on the screen.

4.2c Website Blocking

Clicking Website Blocking generates the “Parental Control” screen. For

more information about using parental controls, see chapter 7, “Using

Parental Controls.”

Conguring My Network Settings

4.2 Using My Network Settings

4.2d Block Internet Services

Internet services blocking is used to prevent a device on the network from

accessing particular services available on the Internet, such as receiving email

or downloading files from FTP sites. To set up Internet services blocking on a

networked device:

Locate the device in the My Network column, then click 1. Block Internet

Services. The “Access Control” screen appears.

Click 2. Add in the “Networked Computer/Device” column. The “Add Access

Control Rule” screen appears.

If this access control rule applies to all networked devices, select “Any” from 3.

the “Networked Computer/Device” list box.

Select the Internet protocol to be blocked from the “Protocol” drop- 4.

down list.

FiOS Router User Manual

If this rule will be active continuously, select 5. Always from the “Schedule”

drop-down list. If the rule will only be active at certain times, select “User

Defined” and click Add. Then, add a schedule rule (for more details about

schedule rules, see the “Advanced Settings” chapter of this manual).

Note: Make sure the FiOS Router’s date and time settings for your time zone are

set correctly for schedule rules to function properly.

Click 6. Apply to save the changes. The Access Control screen will display a

summary of the access control rule.

The user may disable an access control and the service made available without

having to remove the service from the Access Control table. This may be useful

to make the service available only temporarily, with the expectation that the

restriction will be reinstated later.

To temporarily disable an access control, clear the check box next to the •

network computer/device.

To reinstate the restriction at a later time, select the check box next to the •

network computer/device.

To remove an access restriction from the Access Control table, click • Remove

for the service. The service will be removed from the Access Control table.

Note: When Web Filtering is enabled, HTTP services cannot be blocked by

access control.

Conguring My Network Settings

4.2 Using My Network Settings

4.2e Port Forwarding

Activating “Port Forwarding” allows the network to be exposed to the Internet

in certain limited and controlled ways, enabling some applications to work from

the local network (game, voice, and chat applications, for example), as well

as allowing Internet access to servers in the local network. To set this up on a

networked device, locate the device in the My Network column, then click Port

Forwarding. The “Port Forwarding” screen appears.

To set up basic port forwarding:

Click the arrow next to “IP Address forward or select from menu” to display 1.

a menu and either enter the IP address of the item to port forward from, or

choose an item from the drop-down menu.

Click the arrow next to “Application to forward” and select a pre-configured 2.

application from the drop-down menu.

The selected application’s forwarded port numbers appear at left, as shown 3.

in the figure below.

Click 4. Add. The new port forwarding rule appears in the “Applied rules” table

at the bottom of the screen.

Click 5. Apply at the bottom of the screen to apply the new rule.

FiOS Router User Manual

To set up advanced port forwarding:

Click the arrow next to “IP Address forward or select from menu” to display 1.

a menu and either enter the IP address of the item to port forward from, or

choose an item from the drop-down menu.

Click the arrow next to “Application to forward” and select a pre-configured 2.

application from the drop-down menu.

Click 3. Advanced. The advanced port forwarding options appear.

Select the connection with which this port forwarding rule will be active 4.

from the “WAN Connection Type” drop-down list.

To select a port to forward communications to (this is optional), select an 5.

option from the “Forward to Port” drop-down list. If a single port or range of

ports is selected, enter the port numbers in the text boxes that appear.

If this port will be active all the time, select “Always” from the “Schedule” 6.

drop-down list. If the rule will only be active at certain times, select “User

Defined” and click Add. Then, add a schedule rule (for more details about

schedule rules, see the “Advanced Settings” chapter of this manual).

Click 7. Add to save the changes. The new port forwarding rule appears in the

“Applied rules” table at the bottom of the screen.

Conguring My Network Settings

4.2 Using My Network Settings

Click 8. Apply at the bottom of the screen to apply the new rule.

Note: Some applications, such as FTP, TFTP, PPTP, and H323, require the support

of special specific Application Level Gateway (ALG) modules to work inside the

local network. Data packets associated with the aforementioned applications

contain information that allows them to be routed correctly. An ALG is needed

to handle these packets and ensure they reach their intended destinations. The

FiOS Router is equipped with a robust list of ALG modules, enabling maximum

functionality in the local network. The ALG is automatically assigned based on

the destination port.

4.2f View Device Details

To view information about a networked device, or to test a device’s connection,

locate the device in the My Network column, then click View Device Details.

The “Device Information” screen appears.

Click 1. Test Connectivity. The “Diagnostics” screen appears.

The FiOS Router automatically runs a ping test, and the results are displayed 2.

in the Diagnostics screen.

FiOS Router User Manual

4.2g Rename This Device

To rename a networked device, locate the device in the My Network column,

then click Rename This Device. The “Rename Device” screen appears.

Enter the new name of the device in the “New Name” text box and, if needed,

select a new icon for the device from the “New Icon” drop-down list.

Using

Network

Connections

5.0 Introduction

5.1 Accessing Network

Connections

5.2 Network (Home/Oce)

Connection

5.3 Ethernet/Coax Connection

5.4 Wireless Access Point

Connection

5.5 Broadband Ethernet/

Coax Connection

5.6 WAN PPPoE Connection

The FiOS Router supports various local

area network (LAN) and wide area network

(WAN, or Internet) connections via

Ethernet or coaxial cables. The “Network

Connections” screens are used to congure

the various aspects of the FiOS Router’s

network and Internet connections, and

create new connections.

Using Network Connections

5.1 Accessing Network Connections

Caution! The settings covered in this chapter should be configured by

experienced network technicians only.

To access the FiOS Router’s network connections, in the “My Network” screen,

click Network Connections from the menu on the left side. The “Network

Connections” screen appears.

Click Advanced to expand the screen and display all connection entries.

To select a connection, click on its name. The rest of this chapter describes

the different network connections available on the FiOS Router, as well as the

connection types that can be created.

FiOS Router User Manual

5.2 Network (Home/Office) Connection

Select Network (Home/Office) in the Network Connections screen to generate

the “Network (Home/Office) Properties” screen. This screen displays a list of

the local network’s properties. The only modifications that can be made from

this screen are disabling the connection (by clicking Disable) or renaming the

connection (by entering a new name in the “Rule Name” text box).

Note: When a network is disabled, its formerly underlying devices will not

be able to get the DHCP address from the network interface to which they

were connected.

The Network (Home/Office) connection is used to combine several network

devices under one virtual network. For example, a home/office network can be

created for Ethernet and other network devices.

Using Network Connections

5.2 Network (Home/Oce) Connection

5.2a Configuring the Home/Office Network

Click Settings in the “Network (Home/Office) Properties” screen to generate a

second “Network (Home/Office) Properties” screen.

General

The top part of the screen displays general communication parameters. We

recommend not changing the default values in this section unless familiar with

networking concepts.

Status Displays the connection status of the network.

When should this rule occur? Displays when the rule is active. To schedule

rules, see the “Advanced Settings” chapter.

Network Select the type of connection being configured from the drop-down

list (options: Broadband Connection, Network [Home/Office], or DMZ).

Connection Type Displays the type of connection.

Physical Address Displays the physical address of the network card used for

the network.

MTU Maximum Transmission Unit (MTU) specifies the largest packet size

permitted for Internet transmission. “Automatic” sets the MTU at 1500. Other

choices include “Automatic by DHCP,” which sets the MTU according to the DHCP

connection, and “Manual,” which allows the MTU to be set manually.

FiOS Router User Manual

Internet Protocol

This section has three options: No IP Address, Obtain an IP Address

Automatically, and Use the Following IP Address.

No IP Address Select this option if the connection will have no IP address. This

is useful if the connection operates under a bridge.

Obtain an IP Address Automatically Select this option if the network

connection is required by the ISP to obtain an IP address automatically. The

server assigning the IP address also assigns a subnet mask address, which can

be overridden by entering another subnet mask address.

Use the Following IP Address Select this option if the network connection

uses a permanent (static) IP address, then the IP address and subnet

mask address.

Bridge

The “Bridge” section of the Configure Network (Home/Office) screen is used

to configure the LAN devices connected to the FiOS Router. By default, the

Ethernet, Coax, and Wireless Access Point connections are activated. Do not

change these settings unless instructed to do so by the ISP.

Status The “Status” column displays the connection status of a particular device.

STP Click in the device’s “STP” check box to enable Spanning Tree Protocol

on the device. This protocol provides path redundancy while preventing

undesirable loops in the network.

Using Network Connections

5.2 Network (Home/Oce) Connection

Action The “Action” column contains an icon that, when clicked, generates the

configuration screen of the particular device.

DNS Server

Domain Name System (DNS) is the method by which website or domain names

are translated into IP addresses. Specify such an address manually, according to

the information provided by the ISP.

To manually configure DNS server addresses, select Use the Following DNS

Server Addresses. Specify up to two different DNS server addresses, one

primary, the other secondary.

IP Address Distribution

The “IP Address Distribution” section of the Configure Network (Home/Office)

screen is used to configure the FiOS Router’s Dynamic Host Configuration

Protocol (DHCP) server parameters. DHCP automatically assigns IP addresses

to network devices. If enabled, make sure to configure the network devices as

“DHCP Clients.” There are three options in this section: Disabled, DHCP Server,

and DHCP Relay.

Disabled Select this option if statically assigning IP addresses to the

network devices.

FiOS Router User Manual

DHCP Server To set up the network bridge to function as a DHCP server:

Select 1. DHCP Server.

Enter the IP address at which the FiOS Router starts issuing addresses in the 2.

“Start IP Address” text boxes. Since the FiOS Router’s default IP address is

192.168.1.1, the Start IP Address should be 192.168.1.2.

Enter the end of the IP address range used to automatically issue IP 3.

addresses in the “End IP Address” text boxes. The “maximum” IP address that

can be entered here is 192.168.1.254.

Enter the subnet mask address in the “Subnet Mask” text boxes. The subnet 4.

mask determines which portion of a destination LAN IP address is the

network portion, and which portion is the host portion.

If Windows Internet Naming Service (WINS) is being used, enter the WINS 5.

server address in the “WINS Server” text boxes.

Enter the amount of time a network device will be allowed to connect to the 6.

FiOS Router with its currently issued dynamic IP address in the “Lease Time

in Minutes” text box.

Click in the “Provide Host Name If Not Specified by Client” check box to have 7.

the FiOS Router automatically assign network devices with a host name, in

case a host name is not provided by the user.

DHCP Relay Select this option to have the FiOS Router function as a DHCP

relay, and enter the IP address in the screen that appears.

Using Network Connections

5.2 Network (Home/Oce) Connection

Routing

The FiOS Router can be configured to use static or dynamic routing. Dynamic

routing automatically adjusts how packets travel on the network, while

static routing specifies a fixed routing path to neighboring destinations. To

configure routing, enter a device metric in the “Device Metric” text box. The

device metric is a value used by the FiOS Router to determine whether one

route is superior to another, considering parameters such as bandwidth and

delay time.

Routing Table

Clicking New Route generates the “New Route” window, where a new route can

be configured.

Additional IP Addresses

Clicking New IP Address generates the “Additional IP Address Settings” screen,

where additional IP addresses can be created to access the FiOS Router via the

Network (Home/Office) connection.

FiOS Router User Manual

5.3 Ethernet/Coax Connection

An Ethernet connection connects computers to the FiOS Router using Ethernet

cables, either directly or via network hubs and switches. A Coax connection

connects devices (such as set-top boxes) to the FiOS Router using a coaxial

cable. Click Ethernet/Coax in the Network Connections screen (if needed,

click Advanced at the bottom of the screen to reveal the “Ethernet/Coax” link

below “Network [Home/Office]”) to generate the “Ethernet/Coax Properties”

screen. This screen displays a list of the local connection’s properties. The only

modifications that can be made from this screen are disabling the connection

(by clicking Disable) or renaming the connection (by entering a new name in

the “Rule Name” text box).

Note: If disabling the connection, the FiOS Router must be rebooted for the

change to take effect.

Using Network Connections

5.3 Ethernet/Coax Connection

5.3a Configuring the Ethernet/Coax Connection

Click Settings at the bottom-right of the Ethernet/Coax Properties screen to

generate another “Ethernet/Coax Properties” screen.

General

The top part of the screen displays general communication parameters. We

recommend not changing the default values in this section unless familiar with

networking concepts.

Status Displays the connection status of the Ethernet switch.

When should this rule occur? Displays when the rule is active. To schedule

rules, see the “Advanced Settings” chapter.

Network Select the type of connection being configured from the drop-down

list (Network [Home/Office], Broadband Connection, or DMZ).

Connection Type Displays the type of connection.

Physical Address Displays the physical address of the network card used for

the network.

FiOS Router User Manual

MTU Maximum Transmission Unit (MTU) specifies the largest packet size

permitted for Internet transmission. “Automatic” sets the MTU at 1500. Other

choices include “Automatic by DHCP,” which sets the MTU according to the DHCP

connection, and “Manual,” which allows the MTU to be set manually.

Coax Link

Set up the coax link options in this section of the Ethernet/Coax Properties

screen. Options include Channel, Privacy, and Password.

Channel Select the Channel from the drop-down list (select from 1-6,

or “Automatic”).

Privacy Toggle “Privacy” by clicking in the “Enabled” check box. If Privacy is

activated, all devices connected via coaxial cable must use the same password.

We recommend leaving the Privacy option deactivated.

Password Enter the Coax Link password in this text box.

CM Ratio Select the CM Ratio from the drop-down menu here.

Additional IP Addresses

Clicking New IP Address generates the “Additional IP Address Settings” screen,

where additional IP addresses can be created to access the FiOS Router via the

Ethernet connection.

Using Network Connections

5.3 Ethernet/Coax Connection

Coax Connection Status

Click Go to LAN Coax Stats to generate the “Coax Connection Status” screen,

which gives an overview of all the devices connected to the FiOS Router via

coaxial cable.

HW Switch Ports

This section displays the connection status of the FiOS Router’s four

Ethernet ports and single coax port. Clicking on a connection’s “Action” icon (in

the column on the right) generates the “Port Settings” screen, where ingress and

egress policies can be edited.

FiOS Router User Manual

5.4 Wireless Access Point Connection

A Wireless Access Point connection connects devices wirelessly. Click Wireless

Access Point in the Network Connections screen (if needed, click Advanced

at the bottom of the screen to reveal the “Wireless Access Point” link below

“Network [Home/Office]”) to generate the “Wireless Access Point Properties”

screen. This screen displays a list of the connection’s properties. The only

modifications that can be made from this screen are disabling the connection

(by clicking Disable) or renaming the connection (by entering a new name in

the “Name” text box).

Note: If disabling the connection, the FiOS Router must be rebooted for the

change to take effect.

5.4a Configure Wireless Access Point

Click Settings at the bottom-right of the Wireless Access Point Properties screen

generates a second “Wireless Access Point Properties” screen.

Using Network Connections

5.4 Wireless Access Point Connection

General

The top part of the screen displays general communication parameters. We

recommend not changing the default values in this section unless familiar with

networking concepts.

Status Displays the status of the wireless access point connection.

When should this rule occur? Displays when the rule is active. To schedule

rules, see the “Advanced Settings” chapter.

Network Select the type of connection being configured from the drop-down

list (options: Network [Home/Office], Broadband Connection, or DMZ).

Connection Type Displays the type of connection.

Physical Address Displays the physical address of the network card used for

the network.

MTU Maximum Transmission Unit (MTU) specifies the largest packet size

permitted for Internet transmission. “Automatic” sets the MTU at 1500. Other

choices include “Automatic by DHCP,” which sets the MTU according to the DHCP

connection, and “Manual,” which allows the MTU to be set manually.

Additional IP Addresses

Clicking New IP Address generates the “Additional IP Address Settings” screen,

where additional IP addresses can be created to access the FiOS Router via the

Wireless Access Point connection.

Coax Link

Set up the coax link options in this section of the Configure Coax screen.

Options include Channel, Privacy, and Password.

Channel Select the Channel from the drop-down list (select from 1-6,

or “Automatic”).

FiOS Router User Manual

Privacy Toggle “Privacy” by clicking in the “Enabled” check box. If Privacy is

activated, all devices connected via coaxial cable must use the same password.

We recommend leaving the Privacy option deactivated.

Password Enter the Coax Link password in this text box.

CM Ratio Select the CM Ratio from the drop-down menu here.

Coax Connection Status

Click Go to LAN Coax Stats to generate the “Coax Connection Status” screen,

which gives an overview of all the devices connected to the FiOS Router via

coaxial cable.

Using Network Connections

5.5 Broadband Ethernet/Coax Connection

An Ethernet connection connects computers to the FiOS Router using Ethernet

cables, either directly or via network hubs and switches. A Coax connection

connects devices (such as set-top boxes) to the FiOS Router using a coaxial

cable. Click Broadband Connection (Ethernet/Coax) in the Network

Connections screen to generate the “Broadband Connection (Ethernet/Coax)

Properties” screen. This screen displays a list of the connection’s properties.

The only modifications that can be made from this screen are disabling the

connection (by clicking Disable) or renaming the connection (by entering a

new name in the “Name” text box).

Note: If disabling the connection, the FiOS Router must be rebooted for the

change to take effect.

5.5a Configure Broadband Connection (Ethernet/Coax)

Click Settings at the bottom-right of the Broadband Connection (Ethernet/

Coax) Properties screen generates a second “Broadband Connection (Ethernet/

Coax) Properties” screen.

FiOS Router User Manual

General

The top part of the screen displays general communication parameters. We

recommend not changing the default values in this section unless familiar with

networking concepts.

Status Displays the status of the coax connection.

When should this rule occur? Displays when the rule is active. To schedule

rules, see the “Advanced Settings” chapter.

Network Select the type of connection being configured from the drop-down

list (options: Network [Home/Office], Broadband Connection, or DMZ).

Connection Type Displays the type of connection.

Physical Address Displays the physical address of the network card used for

the network.

MTU Maximum Transmission Unit (MTU) specifies the largest packet size

permitted for Internet transmission. “Automatic” sets the MTU at 1500. Other

choices include “Automatic by DHCP,” which sets the MTU according to the DHCP

connection, and “Manual,” which allows the MTU to be set manually.

Coax Link

Set up the coax link options in this section of the Configure Coax screen.

Options include Channel, Privacy, and Password.

Auto Detection Turn on the FiOS Router’s ability to automatically detect a coax

connection by clicking in the appropriate radio button.

Channel Select the Channel from the drop-down list (select from 1-6,

or “Automatic”).

Privacy Toggle “Privacy” by clicking in the “Enabled” check box. If Privacy is

activated, all devices connected via coaxial cable must use the same password.

We recommend leaving the Privacy option deactivated.

Password Enter the Coax Link password in this text box.

CM Ratio Select the CM Ratio from the drop-down menu here.

WAN Connection Speeds Displays the Tx and Rx speeds of the connection.

Using Network Connections

5.5 Broadband Ethernet/Coax Connection

Internet Protocol

This section has three options: No IP Address, Obtain an IP Address

Automatically, and Use the Following IP Address.

No IP Address Select this option if the connection will have no IP address. This

is useful if the connection operates under a bridge.

Obtain an IP Address Automatically Select this option if the network

connection is required by the ISP to obtain an IP address automatically. The

server assigning the IP address also assigns a subnet mask address, which can

be overridden by entering another subnet mask address.

Use the Following IP Address Select this option if the network connection

uses a permanent (static) IP address, then the IP address and subnet

mask address.

DHCP Lease

Renew or release the current DHCP lease by clicking on the appropriate button.

DNS Server

The Domain Name System (DNS) is the method by which website or domain

names are translated into IP addresses. The connection can be set to

automatically obtain a DNS server address, or an address can be set manually,

according to information provided by the ISP.

To configure the connection to automatically obtain a DNS server address, select

Obtain DNS Server Address Automatically from the “DNS Server” drop-down

list. To manually configure DNS server addresses, select Use the Following

DNS Server Addresses. Specify up to two different DNS server addresses, one

primary, the other secondary.

FiOS Router User Manual

IP Address Distribution

The “IP Address Distribution” section of the Configure Broadband Connection

(Coax) screen allows the user to configure the FiOS Router’s Dynamic Host

Configuration Protocol (DHCP) server parameters. The DHCP automatically

assigns IP addresses to network devices. If enabled, make sure to configure

the network devices as “DHCP Clients.” There are three options in this section:

Disabled, DHCP Server, and DHCP Relay.

Caution! We strongly recommend leaving this setting at “Disabled.”

Disabled Select this option if statically assigning IP addresses to the

network devices.

DHCP Server To set up the Broadband Coax connection to function as a

DHCP server:

Select 1. DHCP Server.

Enter the IP address at which the FiOS Router starts issuing addresses in the 2.

“Start IP Address” text boxes. Since the FiOS Router’s default IP address is

192.168.1.1, the Start IP Address must be 192.168.1.2.

Enter the end of the IP address range used to automatically issue IP 3.

addresses in the “End IP Address” text boxes. The “maximum” IP address that

can be entered here is 192.168.1.254.

Enter the subnet mask address in the “Subnet Mask” text boxes. The subnet 4.

mask determines which portion of a destination LAN IP address is the

network portion, and which portion is the host portion.

If a Windows Internet Naming Service (WINS) is being used, enter the WINS 5.

server address in the “WINS Server” text boxes.

Using Network Connections

5.5 Broadband Ethernet/Coax Connection

Enter the amount of time a network device will be allowed to connect to the 6.

FiOS Router with its currently issued dynamic IP address in the “Lease Time

in Minutes” text box. Just before the time is up, the device’s user will need to

make a request to extend the lease or get a new IP address.

Click in the “Provide Host Name If Not Specified by Client” check box to have 7.

the FiOS Router automatically assign network devices with a host name, in

case a host name is not provided by the user.

DHCP Relay Select this option to have the FiOS Router function as a DHCP

relay, and enter the IP address in the screen that appears.

Routing

Routing Mode Select one of the following two Routing modes:

Route• - Select this option to cause the FiOS Router to act as a router between

two networks.

NAPT• - Select this option to activate NAPT (Network Address and Port

Translation), which refers to network address translation involving the

mapping of port numbers and allows multiple machines to share a single IP

address. Use NAPT if the local network contains multiple devices, a topology

that necessitates port translation in addition to address translation.

Device Metric The device metric is a value used by the FiOS Router to

determine whether one route is superior to another, considering parameters

such as bandwidth, delay, and more.

Default Route Click in this check box to define the connection as a the

default route.

FiOS Router User Manual

Multicast - IGMP Proxy Default Click in this check box to enable the FiOS

Router to issue IGMP (Internet Group Management Protocol) host messages

on behalf of hosts the FiOS Router discovers through standard IGMP interfaces.

IGMP proxy enables the routing of multicast packets according to the IGMP

requests of local network devices asking to join multicast groups.

Internet Connection Firewall

Enable or disable the firewall for this interface. It is recommended to keep the

firewall enabled for all of the FiOS Router’s connection interfaces.

Additional IP Addresses

Click New IP Address to generate the “Additional IP Address Settings” screen,

where additional IP addresses can be created to access the FiOS Router via

the connection.

Coax Connection Status

Click Go to WAN Coax Stats to generate the “WAN Coax Connection Status”

screen, which gives an overview of all the devices connected to the FiOS Router

via coaxial cable.

Using Network Connections

5.6 WAN PPPoE Connection

WAN Point-to-Point Protocol over Ethernet (PPPoE) relies on two widely

accepted standards: Point-to-Point Protocol and Ethernet. PPPoE enables

Ethernet networked computers to exchange information with computers on the

Internet. PPPoE supports the protocol layers and authentication widely used in

PPP and enables a point-to-point connection to be established in the normally

multipoint architecture of Ethernet. A discovery process in PPPoE determines

the Ethernet MAC address of the remote device in order to establish a session.

Click WAN PPPoE in the Network Connections screen to generate the “WAN

PPPoE Properties” screen. This screen displays a list of the connection’s

properties. The only modifications that can be made from this screen are

disabling the connection (by clicking Disable) or renaming the connection (by

entering a new name in the “Name” text box).

FiOS Router User Manual

5.6a Configuring the WAN PPPoE Connection

Click Settings in the WAN PPPoE Properties screen to generate another “WAN

PPPoE Properties” screen.

Using Network Connections

5.6 WAN PPPoE Connection

General

The top part of the screen displays general communication parameters. We

recommend not changing the default values in this section unless familiar with

networking concepts.

Status Displays the connection status of the WAN PPPoE connection. (“Down,”

“Disabled,” “Connected,” etc.)

When should this rule occur? Displays when the rule is active. To schedule

rules, see “Advanced Settings” chapter.

Network Select the type of connection being configured from the drop-down

list (Broadband Connection, Network (Home/Office), or DMZ).

Connection Type Displays the type of connection. Since this is PPPoE

connection, “PPPoE” is displayed.

MTU MTU (Maximum Transmission Unit) specifies the largest packet size

permitted for Internet transmission. “Automatic, sets the MTU at 1492. Other

choices include “Automatic,” which sets the MTU according to the connection to

the ISP, and “Manual,” which allows the MTU to be set manually.

Underlying Connection Specify the underlying connection above which

the protocol initiates from the drop-down list, which displays all possible

underlying devices.

PPP Configuration

Point-to-Point Protocol (PPP) is the most popular method for transporting

packets between the user and the ISP.

Service Name Specify the networking peer’s service name, if provided by the

ISP, in this text box.

On-Demand To use PPP on demand to initiate the point-to-point protocol

session only when packets are actually sent over the Internet, click in this check

box. This option should be active on a limited basis

FiOS Router User Manual

Idle Time Before Hanging Up Enter the amount of idle time, in minutes,

before the PPP session automatically ends .

Time Between Reconnect Attempts In this text box, specify the duration

between PPP reconnect attempts, as provided by the ISP.

PPP Authentication

Point-to-Point Protocol (PPP) currently supports four authentication

protocols: Password Authentication Protocol (PAP), Challenge Handshake

Authentication Protocol (CHAP), and Microsoft CHAP versions 1 and 2. Select

the authentication protocols the FiOS Router may use when negotiating with a

PPTP server in this section. Select all the protocols if no information is available

about the server’s authentication methods. Note that encryption is performed

only if Microsoft CHAP, Microsoft CHAP version 2, or both are selected.

Warning: The PPP Authentication settings should not be changed unless

instructed to do so by your ISP.

Support Unencrypted Password (PAP) Password Authentication Protocol

(PAP) is a simple, plain-text authentication scheme. The user name and

password are requested by the networking peer in plain-text. PAP, however,

is not a secure authentication protocol. Man-in-the-middle attacks can easily

determine the remote access client’s password. PAP offers no protection against

replay attacks, remote client impersonation, or remote server impersonation.

Support Challenge Handshake Authentication (CHAP) Click in this check

box to activate CHAP, a challenge-response authentication protocol that uses

MD5 to hash the response to a challenge. CHAP protects against replay attacks

by using an arbitrary challenge string per authentication attempt.

Support Microsoft CHAP Click in this check box if communicating with a peer

that uses Microsoft CHAP authentication protocol.

Support Microsoft CHAP Version 2 Select this check box if communicating

with a peer that uses Microsoft CHAP Version 2 authentication protocol.

Using Network Connections

5.6 WAN PPPoE Connection

PPP Compression

The PPP Compression Control Protocol (CCP) is responsible for configuring,

enabling, and disabling data compression algorithms on both ends of the

point-to-point link. It is also used to signal a failure of the compression/

decompression mechanism in a reliable manner.

For each compression algorithm (BSD and Deflate), select one of the following

from the drop-down list:

Reject Selecting this option rejects PPP connections with peers that use the

compression algorithm. If Reject is activated, throughput may diminish.

Allow Selecting this option allows PPP connections with peers that use the

compression algorithm.

Require Selecting this option insures a connection with a peer using the

compression algorithm.

Internet Protocol

Select one of the following Internet Protocol options from the “Internet Protocol”

drop-down list:

Obtain an IP Address Automatically This option is selected by default.

Change only if required by the ISP. The server that assigns the FiOS Router with

an IP address also assigns a subnet mask. Override the dynamically assigned

subnet mask by selecting the “Override Subnet Mask” and entering a different

subnet mask.

Use the Following IP Address Select this option to configure the FiOS Router

to use a permanent (static) IP address. The ISP should provide this address.

FiOS Router User Manual

DNS Server

The Domain Name System (DNS) is the method by which website or domain

names are translated into IP addresses. The FiOS Router can be configured

to automatically obtain a DNS server address, or the address can be entered

manually, according to the information provided by the ISP.

To configure the connection to automatically obtain a DNS server address, select

Obtain DNS Server Address Automatically from the “DNS Server” drop-down

list. To manually configure DNS server addresses, select Use the Following DNS

Server Addresses from the “DNS Server” drop-down list. Up to two different

DNS server addresses can be entered (Primary and Secondary).

Routing

Routing Mode Select one of the following two Routing modes:

Route• - Select this option to cause the FiOS Router to act as a router between

two networks.

NAPT• - Select this option to activate NAPT (Network Address and Port

Translation), which refers to network address translation involving the

mapping of port numbers and allows multiple machines to share a single IP

address. Use NAPT if the local network contains multiple devices, a topology

that necessitates port translation in addition to address translation.

Device Metric The device metric is a value used by the FiOS Router to

determine whether one route is superior to another, considering parameters

such as bandwidth, delay, and more.

Default Route Click in this check box to define the connection as the

default route.

Multicast - IGMP Proxy Default Click in this check box to enable the FiOS

Router to issue IGMP (Internet Group Management Protocol) host messages

on behalf of hosts the FiOS Router discovers through standard IGMP interfaces.

IGMP proxy enables the routing of multicast packets according to the IGMP

requests of local network devices asking to join multicast groups.

Using Network Connections

5.6 WAN PPPoE Connection

Routing Table

Clicking New Route generates the “New Route” screen, where a new route can

be configured.

Internet Connection Firewall

Click in the “Enabled” check box to activate the FiOS Router’s firewall on the

WAN PPPoE connection.

Conguring

Security

Settings

6.0 Introduction

6.1 Overview

6.2 Firewall

6.3 Access Control

6.4 Port Forwarding

6.5 DMZ Host

6.6 Port Triggering

6.7 Remote Administration

6.8 Static NAT

6.9 Advanced Filtering

6.10 Security Log

The FiOS Router’s security suite includes

comprehensive and robust security

services: Stateful Packet Inspection, rewall

security, user authentication protocols, and

password protection mechanisms. These

features help protect users’ computers

from security threats on the Internet.

FiOS Router User Manual

6.1 Overview

This chapter covers the following security features:

Firewall• - select the security level for the firewall.

Access• Control - restrict access from the local network to the Internet.

Port• Forwarding - enable access from the Internet to specified services

provided by computers on the local network.

DMZ• Host - configure a network host to receive all traffic arriving at the FiOS

Router which does not belong to a known session.

Port• Triggering - define port triggering entries to dynamically open the

firewall for some protocols or ports.

Remote• Administration - enable remote configuration of the FiOS Router

from any Internet-accessible computer.

Static• NAT - allow multiple static NAT IP addresses to be designated to

devices on the network.

Advanced• Filtering - control the firewall’s settings and rules.

Security• Log - view and configure the security log.

Conguring Security Settings

6.2 Firewall

The FiOS Router’s firewall is the cornerstone of the FiOS Router’s security suite.

It has been exclusively tailored to the needs of the residential/office user and is

pre-configured to provide optimum security.

The firewall provides both the security and flexibility home and office users seek. It

provides a managed, professional level of network security while enabling the safe

use of interactive applications, such as Internet gaming and video-conferencing.

Additional features, including surfing restrictions and access control, can also

be configured locally through the FiOS Router’s GUI, or remotely by a

service provider.

The firewall also supports advanced filtering, designed to allow comprehensive

control over the firewall’s behavior. Specific input and output rules can be

defined, the order of logically similar sets of rules can be controlled, and

distinctions between rules that apply to Internet and local network devices can

be made.

The firewall regulates the flow of data between the local network and the

Internet. Both incoming and outgoing data are inspected and then either

accepted (allowed to pass through the FiOS Router) or rejected (barred from

passing through the FiOS Router) according to a flexible and configurable set of

rules. These rules are designed to prevent unwanted intrusions from the outside,

while allowing local network users access to required Internet services.

The firewall rules specify what types of services available on the Internet can

be accessed from the local network and what types of services available in the

local network can be accessed from the Internet. Each request for a service

the firewall receives, whether originating in the Internet or from a computer in

the local network, is checked against the firewall rules to determine whether

the request should be allowed to pass through the firewall. If the request is

permitted to pass, all subsequent data associated with this request (a “session”)

will also be allowed to pass, regardless of its direction.

FiOS Router User Manual

For example, when accessing a website on the Internet, a request is sent out to

the Internet for this site. When the request reaches the FiOS Router, the firewall

identifies the request type and origin (HTTP and a specific computer in the local

network, in this case). Unless the FiOS Router is configured to block requests of

this type from this computer, the firewall allows this request to pass out onto

the Internet. When the website is returned from the web server, the firewall will

associate it with this session and allow it to pass, regardless of whether HTTP

access from the Internet to the local network is blocked or permitted.

Note that it is the origin of the request, not subsequent responses to this

request, which determines whether a session can be established or not.

6.2a General Screen

The “General” screen is used to configure the FiOS Router’s basic firewall settings.

Conguring Security Settings

6.2 Firewall

The FiOS Router features three pre-defined firewall security levels: Maximum,

Typical, and Minimum. The table below summarizes the behavior of the FiOS

Router for each of the three security levels.

Security Level

Internet requests

(incoming traffic)

Local network requests

(outgoing traffic)

Maximum

Security

Blocked - No access

to local network from

Internet, except as

configured in the Port

Forwarding, DMZ host, and

Remote Access screens.

Limited - Only commonly

used services, such as

web browsing and email,

are permitted.

Typical Security

Blocked - No access

to local network from

Internet, except as

configured in the Port

Forwarding, DMZ host, and

Remote Access screens.

Unrestricted - All

services are permitted,

except as configured in

the Access Control screen.

Minimum

Security

Unrestricted - Permits

full access from Internet

to local network; all

connection attempts

are permitted.

Unrestricted - All services

are permitted, except as

configured in the Access

Control screen.

These services include Telnet, FTP, HTTP, HTTPS, DNS, IMAP, POP3 and SMTP.

Note: Some applications (such as some Internet messengers and peer-to-peer

client applications) tend to use these ports if they cannot connect with their

own default ports. When applying this behavior, these applications will not be

blocked outbound, even at the Maximum Security level.

FiOS Router User Manual

To configure the FiOS Router’s firewall security settings:

From the General screen, select a security level by clicking the appropriate 1.

radio button. Using the Minimum Security setting may expose the local

network to significant security risks, and thus should only be used for short

periods of time.

Check the “Block IP Fragments” box to protect the local network from 2.

a common type of hacker attack that uses fragmented data packets to

sabotage the network. Note that VPN over IPSec and some UDP-based

services make legitimate use of IP fragments. IP fragments must be allowed

to pass into the local network to use these services.

Click 3. Apply to save changes.

6.3 Access Control

Access control is used to block specific computers within the local network (or

even the whole network) from accessing certain services on the Internet. For

example, one computer can be prohibited from surfing the Internet, another

computer from transferring files using FTP, and the whole network from

receiving incoming email.

Access control defines restrictions on the types of requests that can pass from

the local network out to the Internet, and thus may block traffic flowing in both

directions. In the email example given above, computers in the local network

can be prevented from receiving email by blocking their outgoing requests to

POP3 servers on the Internet.

Access control also incorporates a list of preset services in the form of

applications and common port settings.

Conguring Security Settings

6.3 Access Control

100

6.3a Allow or Restrict Services

To view and allow/restrict these services:

Select 1. Access Control from the left side of any Security screen. The “Access

Control” screen appears.

Note: The “Allowed” section is only visible when the firewall is set to “Maximum.”

Click 2. Add. The “Add Access Control Rule” screen appears.

Note: To block a service, click Add in the “Blocked” section of the Access Control

screen. To allow outgoing traffic, click Add in the “Allowed” section of the screen.

FiOS Router User Manual

101

If this access control rule applies to all networked devices, select 3. Any from

the “Networked Computer/Device” list box. If this rule applies to certain

devices only, select User Defined and click Add. Then, create and add a

network object (for more details about adding network objects, see the

“Advanced Settings” chapter of this manual).

Select the Internet protocol to be allowed or blocked from the “Protocol” 4.

drop-down list.

If the rule will be active all the time, select 5. Always from the “When should

this rule occur?” drop-down list. If the rule will only be active at certain times,

select User Defined and click Add. Then, add a schedule rule (for more

details about schedule rules, see the “Advanced Settings” chapter of

this manual).

Click 6. Apply to save the changes. The Access Control screen will display a

summary of the new access control rule.

Note: To block a service not included in the list, select User Defined from the

Protocol drop-down menu. The “Edit Service” screen appears. Define the service,

then click OK. The service will then be automatically added to the top section of

the “Add Access Control Rule” screen, and will be selectable.

An access control can be disabled and the service made available without

having to remove the service from the Access Control table. This may be

useful to make the service available temporarily, with the expectation that the

restriction will be reinstated later.

To temporarily disable an access control, clear the check box next to the •

service name.

To reinstate the restriction at a later time, select the check box next to the •

service name.

To remove an access restriction from the Access Control table, click • Remove

for the service. The service will be removed from the Access Control table.

Conguring Security Settings

6.4 Port Forwarding

102

6.4 Port Forwarding

Activating “Port Forwarding” allows the network to be exposed to the Internet

in certain limited and controlled ways, enabling some applications to work from

the local network (game, voice, and chat applications, for example), as well

as allowing Internet access to servers in the local network. To set this up on a

networked device, locate the device in the My Network column, then click Port

Forwarding. The “Port Forwarding” screen appears.

To set up basic port forwarding:

Click the arrow next to “IP Address forward or select from menu” to display 1.

a menu and either enter the IP address of the item to port forward from, or

choose an item from the drop-down menu.

Click the arrow next to “Application to forward” and select a pre-configured 2.

application from the drop-down menu.

The selected application’s forwarded port numbers appear at left, as shown 3.

in the figure below.

Click 4. Add. The new port forwarding rule appears in the “Applied rules” table

at the bottom of the screen.

Click 5. Apply at the bottom of the screen to apply the new rule.

FiOS Router User Manual

103

To set up advanced port forwarding:

Click the arrow next to “IP Address forward or select from menu” to display 1.

a menu and either enter the IP address of the item to port forward from, or

choose an item from the drop-down menu.

Click the arrow next to “Application to forward” and select a pre-configured 2.

application from the drop-down menu.

Click 3. Advanced. The advanced port forwarding options appear.

Select the connection with which this port forwarding rule will be active 4.

from the “WAN Connection Type” drop-down list.

To select a port to forward communications to (this is optional), select an 5.

option from the “Forward to Port” drop-down list. If a single port or range of

ports is selected, enter the port numbers in the text boxes that appear.

If this port will be active all the time, select “Always” from the “Schedule” 6.

drop-down list. If the rule will only be active at certain times, select “User

Defined” and click Add. Then, add a schedule rule (for more details about

schedule rules, see the “Advanced Settings” chapter of this manual).

Conguring Security Settings

6.5 DMZ Host

104