84 CHAPTER 5: CONFIGURING THE ROUTER
you turn NAT off, the computers on your network will not be able to
access the Internet. Other problems may also occur.
■ IPSEC NAT-T Pass-through — NAT-T (NAT Traversal) is an Internet
Draft proposed to IETF in order to help the problems associated
with passing IPsec traffic through NAT Routers. For NAT-T to work,
both ends of the connection need to support this function. Ensure
that you select NAT-T only if it is needed as it will reduce LAN-WAN
throughput. This Router supports NAT-T draft 2 implementation.
■ Universal Plug and Play — This is a technology that offers seamless
operation of voice messaging, video messaging, games, and other
applications that are Universal Plug and Play compliant. Some
applications require the Router's firewall to be configured in a specific
way to operate properly. This usually requires opening TCP and UDP
ports and in some instances setting trigger ports. An application that
is Universal Plug and Play compliant has the ability to communicate
with the Router, basically "telling" the Router which way it needs the
firewall configured. The Router ships with the Universal Plug and Play
feature disabled. If you are using any applications that are Universal
Plug and Play compliant, and want to take advantage of the Universal
Plug and Play features, you can enable this feature. Simply check the
Enable Universal Plug and Play checkbox. Click Apply to save the
change.
■ WAN Ping Blocking — Computer hackers use what is known as
"Pinging" to find potential victims on the Internet. By pinging a
specific IP address and receiving a response from the IP address, a
hacker can determine that something of interest might be there.
The Router can be set up so it will not respond to an Internet Control
Message Protocol (ICMP) Ping from the outside. This heightens the
level of security of your Router. To turn off the ping response, check
Block ICMP Ping and click Apply; the Router will not respond to an
ICMP ping from the Internet.
■ MSS Clamping — You might not be able to browse some Web sites or
to send email messages that contain attachments from an Internet
Connection Sharing client computer if your outbound connection is
through a Windows XP-based Internet Connection Sharing host
computer that uses Point-to-Point Protocol over Ethernet (PPPoE).
This issue may occur if the Windows XP-based Internet Connection
Sharing host computer uses a smaller Maximum Transmission Unit
(MTU) size on the WAN interface (the PPPoE connection to the
Internet) than it uses on the private interface (the Ethernet connection
to the Internet Connection Sharing client). If a packet is larger than