This article continues with an overview of the standard functionality provided by the ASUS supplied firmware. The previous article can be found at: The Asus RT-N16 Router Firmware – Part 4, Advanced WAN Settings.
The previous article dealt with the Advanced WAN Settings, whereas this article will detail the advanced IPv6, VPN Server and Firewall configuration options available.
The goal is to understand the router firmware provided by Asus and compare this with OpenSource firmware options provided by both DD-WRT and Tomato Firmware groups – two popular router OpenSource firmware groups.
Internet Protocol version 6 (IPv6) is a network layer IP standard used by electronic network devices to communicate over the internet. It’s a replacement for IPv4, which is quickly running out of IP addresses.
IPv4 is 32-bit, which allows for a maximum of 4,294,967,296 unique devices in the world. Although that seems like a very large number, when you start to consider how many different network devices you have in your home alone it becomes clear how quickly these can be used up. IPv6 offers considerably more IP addresses – “about 57 billion addresses for each gram of matter in the Earth”.
Although IPv6 has been developed for some time now and is ready for implementation, many IPS (Internet Server Providers) are still in the process of rolling out IPv6. Many still do not assign you native IPv6 addresses. But this is quickly changing.
Later versions of the Asus RT-N16 router firmware do support IPv6. For more details, see the FAQ: How to set IPv6 in ASUS wireless router by using firmware—“ASUSWRT”?
VPN (Virtual Private Network) is frequency referred to as a private tunnel through the Internet. Essentially this is correct as it establishes an encrypted session between the remote user and the home network they are connecting with.
SSL or HTTPS also offers encrypted connected sessions. But this only works with HTTP traffic. Much of the traffic with remote users is not necessarily http, such as sending data to printers, reading emails, screens displays from internal software programs, etc..
There are different ways to configure a VPN server. Further information on the Asus RT-N16 can be found at: How to set function—“VPN server” of ASUS wireless router with ASUSWRT?
The primary purpose of a firewall is to block outside computers on the internet (WAN) from accessing your home computers on the inside of your local network (LAN). Since the router is responsible for connecting your home to the internet, this is the perfect place to implement a firewall.
Routers implement the firewall using the NAT (Network Address Translation) which allows multiple home computers to share one internet connection. The computer’s internal IP addresses are known only by the router and it uses the NAT to translate these to the public IP address assigned by your ISP (Internet Service Provider). When the traffic comes back from the internet the reverse logic happens and the router uses the NAT to send it to the correct internal computer.
As a result, the router knows when traffic originates from an internal computer or whether it originates from an external computer. All traffic originating from an external computer is simply blocked.
The exceptions to this are the special rules you configure in the router firmware for port triggering, port forwarding and DMZ. That is why caution must be used when configuring these router options.
Firewall – General
Firewall – URL Filter
The URL Filter option allows you to block certain websites from being accessed by anyone in your home. While this may be useful for you to block harmful sites from your family, or site which contain malware, it is a completely manual process.
Additionally, the web sites you enter here are static, meaning you would have to know of them and take the manual steps of entering them using this configuration option.
Firewall – Network Services Filter
The Network Services Filter allows you to completely turn off networking traffic from your local network (LAN) to the internet (WAN). It also provides a way for you to automatically do this on certain days or time of the day. Additional filtering can be done by IP addresses and port numbers.
This can be useful for keeping the computer in your child’s room off the internet after midnight. You could also use it by just preventing internet games using your Xbox, PlayStation, Nintendo or other game players at certain times of the day.
Return to the Firmware Overview: Asus RT-N16 Router Firmware Overview