The User interface is another thing that won't win any design awards and has a definite old-school feel. But the routing section itself is actually surprisingly good—better, in some respects than I've found in products from better-known brands.
Figure 5: Login Landing page
Here's a quick summary of the key routing features.
- WAN Support - Types handled include Static, Dynamic, PPPoE, PPTP, L2TP and Telstra BigPond. All modes support MAC address spoofing, but MTU can be set only for PPPoE, PPTP and L2TP.
- LAN features include 802.1d Spanning Tree support (default disabled) and DHCP server features including ability to set lease time, set static leases by MAC address and disable the DHCP server.
- Firewall - The firewall feature actually comes disabled. Enabling it provides access to Access Control, URL blocking, DoS blocking and the DMZ function. But even with the firewall disabled, you still get basic NAT protection.
Access Controls include MAC-based access control and IP-based port filtering, which can be set for deny or allow.
URL blocking just results in a browser hang when you try to access a blocked site. It also can be bypassed by using the site's IP address.
None of the firewall features can be scheduled and there isn't an SPI disable.
- NAT Settings are where you find Port Forwarding (ranges), Virtual Server (single ports), Special applications (Triggered port forwarding), UPnP (default disabled) and Application Layer Gateway (ALG) controls (see the slideshow to see what applications are included).
The instructions for the Special applications didn't match the controls presented, which included a pre-built application pick list. I couldn't find a way to add a custom triggered application.
The top NAT menu has a "Fast NAT module" enable (default disabled) that I couldn't find documented anywhere.
- Dynamic DNS - Clients for 3322 (qdns), DHS, DynDNS, ODS, TZO, GNUdip, DyNS, ZoneEdit, DHIS and CyberGate are supported under the WAN options.
- Logging and Reporting - These features are pretty disappointing. Router status is divided into three screens that could have been combined into one. There are no email alerts or syslog support and both the System and Security Logs add new entries to the bottom of each scrollable screen.
Neither log contained reports of my attempts to access URL-blocked pages and there is no traffic logging. The logs can be saved to a file, cleared or refreshed on demand.
- Remote access - HTTP remote access can be enabled and has options to change the port from its default of 8080 and limit access to a single remote IP address. Secure HTTPS admin access is not supported.