6.2.7
Options
The firewall options setting allows the network administrator to modify the behaviour of the firewall and to enable Remote
Router Access Control.
6.2.7.1
Enable SPI Scenario
As shown in the diagram above, the router has the IP address of 118.18.81.200 for the WAN interface and 192.168.1.253 for
the LAN interface. It serves as a NAT gateway. Users in Network-A initiate to access the cloud server through the router.
Sometimes unknown users will simulate the packets but use different source IP addresses to masquerade. With the SPI
feature enabled on the router, it will block such packets from unknown users.
6.2.7.2
Allow Ping from WAN & Remote Administrator Hosts Scenario
By default Allow Ping from WAN is disabled, this setting prevents security leaks when local users access the internet.
Selecting Allow Ping from WAN specifically allows any host on the WAN side to be able to receive a reply to any ICMP
(ping) packets.
The Remote administrator knows the gateway's global IP, and he can access the Gateway GUI via TCP port 8080.
262 of 359
© NetComm Wireless 2019
Figure 301 – Enable SPI Scenario
Figure 302 - Allow Ping from WAN & Remote Administrator Hosts Scenario
User Guide