Can someone help me with these settings, please?

[gatekeeper]

Converted to VDSL a few days ago and, accordingly, had to change a number of settings in my 8800NL. Firmware version is now 2.32d.dh65. But am unsure as to whether one or two of the new settings are correct, so I'm wondering if a kind soul here who happens to be running his 8800 in VDSL (PTM) mode in normal integrated operation (PPPoE), could look in his own settings and tell me whether mine are right.

First, DNS. For DNS (static DNS), I'm using my ISP's DNS servers. The router itself is not configured as a DNS server. That's fine, but in the Advanced Setup menu, I noticed there's a 'DNS Proxy' setting. I therefore expected this to be off by default, but on mine it's currently on. Which is the correct setting for DNS Proxy, for my particular situation? On, or off?

The PTM settings which may or may not yet be correctly set up in my 8800 are those in Configuration > WAN > WAN Service > Edit button. It's the page where basically the VLAN ID settings and some others are configured. Currently, 'Fullcone NAT' there is not enabled, and I think that's correct. But should 'Firewall' be enabled, because at present it is (I myself may have previously wrongly ticked it in my rush to get things going)? Page 95 of the 8800NL user manual states, for PPPoE, "Firewall: Enable to drop all traffic from WAN side. If enabled, all incoming packets by default would be dropped, and please turn to 'IP Filtering Incoming' to add allowing rules". Well, as I say, currently that Firewall box in the WAN Service page is ticked (enabled), so presumably I shouldn't be able to browse, and yet I am. Should I untick it?

Of course, any changes that I now make to settings on that WAN Service page will require me to press Apply, which will in turn cause a restart - which the DLM is not going to like.

7800nUser? sale12? Billion_fan?

Addendum: In Advanced Settings > DNS, I've set up my ISP's servers as primary and secondary DNSs. These addresses show correctly in Summary > WAN, but in Status > WAN they're not correct. There, the fourth number in each address is up by 10 (showing 13 instead of 3). So, something's not quite right.

[billion_fan]

Converted to VDSL a few days ago and, accordingly, had to change a number of settings in my 8800NL. Firmware version is now 2.32d.dh65. But am unsure as to whether one or two of the new settings are correct, so I'm wondering if a kind soul here who happens to be running his 8800 in VDSL (PTM) mode in normal integrated operation (PPPoE), could look in his own settings and tell me whether mine are right.

First, DNS. For DNS (static DNS), I'm using my ISP's DNS servers. The router itself is not configured as a DNS server. That's fine, but in the Advanced Setup menu, I noticed there's a 'DNS Proxy' setting. I therefore expected this to be off by default, but on mine it's currently on. Which is the correct setting for DNS Proxy, for my particular situation? On, or off?

The PTM settings which may or may not yet be correctly set up in my 8800 are those in Configuration > WAN > WAN Service > Edit button. It's the page where basically the VLAN ID settings and some others are configured. Currently, 'Fullcone NAT' there is not enabled, and I think that's correct. But should 'Firewall' be enabled, because at present it is (I myself may have previously wrongly ticked it in my rush to get things going)? Page 95 of the 8800NL user manual states, for PPPoE, "Firewall: Enable to drop all traffic from WAN side. If enabled, all incoming packets by default would be dropped, and please turn to 'IP Filtering Incoming' to add allowing rules". Well, as I say, currently that Firewall box in the WAN Service page is ticked (enabled), so presumably I shouldn't be able to browse, and yet I am. Should I untick it?

Of course, any changes that I now make to settings on that WAN Service page will require me to press Apply, which will in turn cause a restart - which the DLM is not going to like.

7800nUser? sale12? Billion_fan?

Addendum: In Advanced Settings > DNS, I've set up my ISP's servers as primary and secondary DNSs. These addresses show correctly in Summary > WAN, but in Status > WAN they're not correct. There, the fourth number in each address is up by 10 (showing 13 instead of 3). So, something's not quite right.

1. You can disable the DNS proxy if you want, as you have not set your router to be used as a DNS server (when you check your DNS settings on a client they should show as the manual DNS servers you set, and not the routers IP address)

2. Don't enable Full Clone NAT, it will cause issues, the Firewall for the WAN should be ENABLED (I stress this for importance)

3. When making changes to the WAN you are only dropping the PPP connection, you should retain DSL sync so there is less chance of DLM acting

4. When checking 'Status >> WAN' it will show the DNS servers your ISP is offering, that's all, of course you don't need to use them, click on 'Status' to see what DNS servers your router is using

[gatekeeper]

Yet again, billionfan, I'm indebted to you for providing helpful answers. Thank you.

1. I'll try disabling DNS Proxy. I guess I can always re-enable it if necessary. I thought I read somewhere that DNS Proxy was only relevant if there were groups of machines or devices on the LAN that, for whatever reason, wanted or needed to use a different DNS. But oddly, the default of DNS Proxy is enabled.

2. I've carefully noted what you say.

3. Noted.

4. I've been in touch with my ISP about the precise values for DNS showing in my router. Both of the DNS addresses they originally gave me show as quite different addresses, depending where, in the router, I look. Well, it transpires that I've nothing to be concerned about, because the unexpected values do, in fact, belong to the self same DNS server. They're just an alternative pair of DNS addresses used by the ISP. What you've said in your no.4 reply seems to fit with that. Useful to know, that.