User's Manual

ManualsBrandsSHANGHAI UTT TECHNOLOGIES ManualsElectronicsRouter

421

422

423

424

425

426

427

428

429

430

UTT Technologies Appendix B FAQ

http://www.uttglobal.com Page 408

control and manage the Internet behaviors of the LAN users. The latter is

implemented by access control function module.

2) In most cases, you can create an access control rule for a group of users. If some

users have the privileges of accessing the Internet, you can create an address group

for these hosts even their IP addresses are discontinuous. Then you only need to

create one access control rule by using the address group to meet the KRVWV¶

requirements, instead of creating a rule for each user respectively. Of course, you can

create access control rules for individual users if needed.

On the Device, at first you can use IP/MAC binding feature to implement user

identification, and then divide the LAN users into several address groups (the users with

the

same Internet access privileges are divided into the same group), lastly create

different access control rules for different address groups.

Thus, you can implement

not only user identification, but also Internet behavior management of LAN users to

ensure network security and efficient use of network resources.

D. Operation Process

When receiving a packet initiated from LAN to the Device or outside host, the Device will

process the packet in the following order:

User identification (i.e., the packet is processed by the IP/MAC binding function module)

a) If the sender is a legal user, the packet will be allowed to pass, and then be

further processed by the firewall access control function module.

b) If the sender is an illegal user, the packet will be dropped immediately

c) If the sender is an undefined user, there are two cases:

i. If the Allow Undefined LAN PCs check box is selected, the packet will be

allowed to pass, and then be further processed by the firewall access control

function module.

ii. Else, the packet will be dropped immediately.

Note

The definitions of

legal user, illegal user and undefined user are as follows:

Ɣ Legal User: A legal user¶s IP and MAC address pair matches an IP/MAC binding

whose Allow Internet Access check box is selected.

Ɣ Illegal User: A illegal user¶s IP and MAC address pair matches an IP/MAC

binding whose Allow Internet Access check box is unselected; or the IP

address or MAC address is the same with an IP/MAC binding¶s, but not both.