Home Networking Router Filtering Settings

The Advanced settings in your router’s administrative interface are where many of the most powerful features are found. On a Linksys router, the Filtering tab provides access to options that allow you to control which system can connect to the Internet, whether remote management of your router from the Internet is possible, and whether your router is “visible” to other systems on the Internet.

Filtering.bmp: Use your router’s filtering features to control who can access the Internet, or what services users on your network have access to.

If you want to stop certain PCs on your network from accessing the Internet, simply add their IP address to the filtered range to deny them access. On many routers you can also filter by MAC address, which stop users from changing their IP address to gain access. If you only want to block access to certain applications, then use the router’s port filtering feature. For example, to stop users from using a file-sharing program like Kazaa you could filter port 1214. Of course, you’ll need to know the destination port of the program or service that you’re trying to block – check out www.iana.org/assignments/port-numbers for a comprehensive list of port numbers.

On a Linksys router the filtering tab also allows you to enable or disable a number of key features. Enabling “Block WAN Request” will effectively make your router invisible to the outside world – it won’t even respond to pings. Be careful about enabling the Remote Management and Remote Upgrade features, as these allow your router to be managed or upgraded (firmware) from the Internet. Both are useful options if you need to perform these tasks from a remote location, but neither should ever be enabled if you haven’t at least changed the default password. As a rule, enable these features only when necessary, and immediately disable them until they are needed again.

If your home network includes a VPN server for the purpose of remote access, enable PPTP or IPSec pass-through to allow these requests to be forwarded to your server.

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of 2000Trainers.com. He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.