Cradlepoint MBR1200 Product Manual page 45

Failesafe gigabit n router for mobile broadband

Hide thumbs Also See for MBR1200:

User manual (66 pages)

Quick start manual (5 pages)

Specifications (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

page of 132

/ 132
Contents
Table of Contents
Bookmarks

Table of Contents

MBR1200 | USER MANUAL Firmware ver. 1.6.12

CRADLEPOINT



Port And Address Restricted. The NAT does not forward any incoming connection requests with the same port address as an

already establish connection.

NOTE: Some of these options can interact with other port restrictions. Endpoint Independent Filtering takes priority over inbound filters or

schedules, so it is possible for an incoming session request related to an outgoing session to enter through a port in spite of an active inbound

filter on that port. However, packets will be rejected as expected when sent to blocked ports (whether blocked by schedule or by inbound filter) for

which there are no active sessions. Port and Address Restricted Filtering ensures that inbound filters and schedules work precisely, but prevents

some level of connectivity, and therefore might require the use of port triggers, virtual servers, or gaming to open the ports needed by the

application. Address Restricted Filtering gives a compromise position, which avoids problems when communicating with certain other types of

NAT router (symmetric NATs in particular) but leaves inbound filters and scheduled access working as expected.

5.3.3

NAT Port Preservation

Enable Port Preservation. (Default: enabled). NAT Port preservation

tries to ensure that, when a LAN host makes an Internet connection, the

same LAN port is also used as the Internet visible port. This ensures best

compatibility for internet communications. Under some circumstances it

may be desirable to turn off this feature.

5.3.4

Anti-Spoof Checking

Enable Anti-Spoof Checking. Enabling this option can provide protection

from certain kinds of "spoofing" attacks. However, enable this option with

care. With some modems, the WAN connection may be lost when this

option is enabled. In that case, it may be necessary to change the LAN

subnet to something other than 192.168.0.x (192.168.2.x, for example), to

re-establish the WAN connection.

DMZ Host

5.3.5

Use the DMZ Host section when you want to expose a computer to the

outside world for certain types of applications. This option will expose the

chosen computer completely to the outside world. Only one machine can

be put in the DMZ. NOTE: In general, the DMZ host should be used only if

there are no other alternatives, because it is much more exposed to

attacks than any other system on the LAN. Thought should be given to

using other configurations instead: a virtual server, a gaming rule or a port

trigger.

(continued)

PLEASE VISIT

HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/

FOR MORE HELP AND RESOURCES

PAGE 43

Table of Contents

Show Quick Links

Quick Links:
Wireless Setup Using a Mobile

Hide quick links:

Table of Contents

Cradlepoint MBR1200 Product Manual page 45

Hide quick links:

Related Manuals for Cradlepoint MBR1200

Related Products for Cradlepoint MBR1200

Table of Contents