Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

Firewall Features, Continued

A few of the terms need further explanation. The IP Pool is just a pointer to a group of IP addresses that you can set by Subnet, Range or even single IP address - the latter being a little silly. I'd rather have seen an option to specify a list of IP addresses, since the other options only let you specify contiguous ranges of addresses. The NAT Pool is another pointer / shorthand, this time letting you define contiguous groups of LAN and WAN IP addresses for use in multi-NAT configurations.

The Application Filters can be associated with ACL rules to filter FTP and SMTP commands, HTTP file extensions and RPC services. This means that for the FTP, SMTP and RPC filters, the SL1000 will allow or deny specific commands entered in the each filter, while the HTTP filter can be set only to block files with certain extensions.

ASUS SL1000 - HTTP Filter example

Figure 8: HTTP Filter example

Figure 8 shows an HTTP filter that will block files with .java, .jar and .swf (Flash) extensions.

Note also that you can choose to have the triggering of an ACL logged or have an ACL apply to traffic coming or going via an IPsec tunnel.

With all those selectors to absorb, you may have missed the Time Ranges feature that lets you apply one of three programmable time periods to any ACL rule. The Time Range is just that - you get one "From" day and time to one "To" day and time per range - and some users may find this too limiting for their needs.

You're also sure to have missed the Application Layer Gateway (ALG) feature because it has no settings in the admin interface. ALGs are built-in dynamic port mappings that trigger on specific outbound packets. These are used for applications such as games and tele / video conferencing that need to dynamically open ports in the router's firewall. I'll have to take ASUS' word on this, since I didn't try to test out any of the list of supported applications.

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all,I have a RT-AC86U running Merlin version 384.9. The router is connected at the VDSL modem, WAN-LAN port. The router and the modem have IP on di...
Hi to @ll,I was searching for an actualized setup for the RT-AC68U in the forum and internet in general.I donĀ“t know if it possible to have a complete...
So I just picked this new RT-AX88U yesterday, I just set it up today, so far no issues other then the questions I will ask.1. I tried to do a clean in...
Hello,I have a Netgear Nighthawk R7000P which I accidentally Bricked when I unplugged it while it was on. It is now in a boot loop, and TFTP doesn't w...
Hi All,Noticed that my IP address changed last night just after 1am (The times on the log are 1hr+ as the router has already applied DST)Asus RT-AC86U...

Don't Miss These

  • 1
  • 2
  • 3