Firewall settings – D-Link DIR-635 User Manual

1

D-Link DIR-635 User Manual

Section 3 - Configuration

SPI (Stateful Packet Inspection, also known as dynamic packet

filtering) helps to prevent cyber attacks by tracking more state per

session. It validates that the traffic passing through the session

conforms to the protocol.

Select one of the following for TCP and UDP ports:

Endpoint Independent - Any incoming traffic sent to an open port

will be forwarded to the application that opened the port. The port

will close if idle for 5 minutes.

Address Restricted - Incoming traffic must match the IP address

of the outgoing connection.

Address + Port Restriction - Incoming traffic must match the IP

address and port of the outgoing connection.

If an application has trouble working from behind the router, you

can expose one computer to the Internet and run the application

on that computer.

Note: Placing a computer in the DMZ may expose that computer to

a variety of security risks. Use of this option is only recommended

as a last resort.

Specify the IP address of the computer on the LAN that you want to

have unrestricted Internet communication. If this computer obtains

it’s IP address automatically using DHCP, be sure to make a static

reservation on the Basic > DHCP page so that the IP address of

the DMZ machine does not change.

Enable SPI:

NAT Endpoint

Filtering:

Enable DMZ Host:

IP Address:

Firewall Settings

A firewall protects your network from the outside world. The D-Link DIR-635 offers a firewall type functionality. The SPI

feature helps prevent cyber attacks. Sometimes you may want a computer exposed to the outside world for certain

types of applications. If you choose to expose a computer, you cam enable DMZ. DMZ is short for Demilitarized Zone.

This option will expose the chosen computer completely to the outside world.