Netopia 4553 manuel d'utilisation
- Voir en ligne ou télécharger le manuel d’utilisation
- 218 pages
- 1.44 mb
Aller à la page of
Les manuels d’utilisation similaires
-
Network Router
Netopia 4686-XL
2 pages 0.49 mb -
Network Router
Netopia 4541
209 pages 1.48 mb -
Network Router
Netopia 4553
218 pages 1.44 mb -
Network Router
Netopia D3232 IDSL
138 pages 1.18 mb -
Network Router
Netopia 2241N-VGX
2 pages 0.4 mb -
Network Router
Netopia 2240N-VGX
3 pages 0.16 mb -
Network Router
Netopia 3386-ENT
2 pages 0.27 mb -
Network Router
Netopia 45413
34 pages 2.13 mb
Un bon manuel d’utilisation
Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation Netopia 4553. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel Netopia 4553 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.
Qu'est ce que le manuel d’utilisation?
Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation Netopia 4553 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.
Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.
Donc, ce qui devrait contenir le manuel parfait?
Tout d'abord, le manuel d’utilisation Netopia 4553 devrait contenir:
- informations sur les caractéristiques techniques du dispositif Netopia 4553
- nom du fabricant et année de fabrication Netopia 4553
- instructions d'utilisation, de réglage et d’entretien de l'équipement Netopia 4553
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes
Pourquoi nous ne lisons pas les manuels d’utilisation?
Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage Netopia 4553 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles Netopia 4553 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service Netopia en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées Netopia 4553, comme c’est le cas pour la version papier.
Pourquoi lire le manuel d’utilisation?
Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif Netopia 4553, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.
Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation Netopia 4553. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.
Table des matières du manuel d’utilisation
-
Page 1
Net opia ™ 4553 G.SH DSL R outer User’s Refer ence Guide[...]
-
Page 2
C o pyright ©2001 Netopia, Inc., v .032101 All rights reser ved. Printed in the U.S.A. This manual and any associated ar twork, software, and product designs ar e copyrighted with all rights reser ved. Under the copyright laws such materials may not be copied, in whole or par t, without the prior written consent of Netopia, Inc. Under the law , co[...]
-
Page 3
G B Chapter 1 — Intr oduction .......................................................... 1-9 Over view ....................................................................... 1-9 Features and capabilities ............................................... 1-9 How to use this guide .................................................. 1-10 Chapter 2 —[...]
-
Page 4
iv User’ s Reference Guide Easy Setup Security Configuration ....................... 6-35 Chapter 7 — W AN and System Configuration ........................... 7-37 W AN configuration ........................................................ 7-37 Creating a new Connection Pr ofile ................................. 7-40 The default profile .[...]
-
Page 5
Contents v G Connection Profiles ...................................................... 8-87 Chapter 9 — Multiple Network Addr ess Translation ................. 9-91 Over view ..................................................................... 9-91 Features ............................................................ 9-91 Suppor ted T raf fic[...]
-
Page 6
vi User’ s Reference Guide VPN QuickView ........................................................ 10-137 Dial-Up Networking for VPN ....................................... 10-138 Installing Dial-Up Networking ........................... 10-138 Creating a new Dial-Up Networking pr ofile ........ 10-139 Configuring a Dial-Up Networking profile .[...]
-
Page 7
Contents vii G Chapter 12 — Monitoring T ools ........................................... 12-179 Quick View status over view ...................................... 12-179 General status ............................................... 12-180 Cur rent status ............................................... 12-181 Status lights ......................[...]
-
Page 8
viii User’ s Reference Guide How to reset the r outer to factor y defaults .................. A-207 Power outages ........................................................... A-207 T echnical suppor t ...................................................... A-208 How to reach us ............................................... A-208 Appendix B — T [...]
-
Page 9
Introduction 1-9 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 II I I n n n n t t t t r r r r o o o o d d d d u u u u c c c c t t t t ii i i o o o o n n n n Overview The Netopia 4553 G.shdsl Router is a full-featured, stand-alone DSL r outer for connecting diverse local area networks (LANs) to the Internet and other r emote networ[...]
-
Page 10
1-10 User’ s Reference Guide How to use this guide In addition to the simple documentation contained in the accompanying Getting Star ted Guide , this guide is designed to be your single source for infor mation about your Netopia 4553 G.shdsl Router. It is intended to be viewed on-line, using the power ful featur es of the Adobe Acrobat Reader. T[...]
-
Page 11
Making the Physical Connections 2-11 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 2 2 2 2 M M M M a a a a k k k k ii i i n n n n g g g g t t t t h h h h e e e e P P P P h h h h y y y y s s s s ii i i c c c c a a a a ll l l C C C C o o o o n n n n n n n n e e e e c c c c t t t t ii i i o o o o n n n n s s s s This section tells you how to[...]
-
Page 12
2-12 User’ s Reference Guide Y ou will need: ■ A Windows 95 or 98–based PC or a Macintosh computer with Ethernet connectivity for configuring the Netopia. This may be built-in Ethernet or an add-on car d, with TCP/IP installed and configur ed. See “Sharing the Connection” on page 3-15 . ■ A G.shdsl wall outlet wired for a connection t[...]
-
Page 13
Making the Physical Connections 2-13 3. Connect the Ethernet cable to the Ether net por t on the router and the other end to your computer . Y ou should now have: the power adapter plugged in; the Ether net cable connected between the router and your computer; and the DSL cable connected between the router and the DSL wall outlet. Netopia 4553 Rout[...]
-
Page 14
2-14 User’ s Reference Guide[...]
-
Page 15
Sharing the Connection 3-15 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 3 3 3 3 S S S S h h h h a a a a r r r r ii i i n n n n g g g g t t t t h h h h e e e e C C C C o o o o n n n n n n n n e e e e c c c c t t t t ii i i o o o o n n n n Once you have set up your physical local area network, you will need to configur e the TCP/IP stack[...]
-
Page 16
3-16 User’ s Reference Guide Dynamic configuration (r ecommended) T o configure your PC for dynamic addr essing do the following: Note: Y ou can also use these instr uctions to configur e other computers on your network to accept IP addresses ser ved by the Netopia 4553. 1. Go to the Star t Menu/Settings/Control Panels and double click the Net[...]
-
Page 17
Sharing the Connection 3-17 Static configuration (optional) If you are manually configuring for a fixed or static IP addr ess, per for m the following: 1. Go to Star t Menu/Settings/Contr ol Panels and double click the Network icon. From the Network components list, select the Configuration tab. 2. Select TCP/IP-->Y our Network Card . Then s[...]
-
Page 18
3-18 User’ s Reference Guide 4. Click OK in this window and the next window . When prompted, r eboot the computer . Note: Y ou can also use these instr uctions to configur e other computers on your network with manual or static IP addresses. Be sur e each computer on your network has its own IP address. Click on the DNS Configuration tab. Click[...]
-
Page 19
Sharing the Connection 3-19 Configuring TCP/IP on Macintosh Computers The following is a quick guide to configuring TCP/IP for MacOS computers. Configuring TCP/IP in a Macintosh computer requir es the following: ■ Y ou must have either Open T ranspor t or Classic Networking (MacTCP) installed. Note: If you want to use the Dynamic Host Configu[...]
-
Page 20
3-20 User’ s Reference Guide Static configuration (optional) 3. In the TCP/IP window or in the MacTCP/More window , select or type infor mation into the fields as shown in the following table. 4. Close the TCP/IP or MacTCP control panel and save the settings. 5. If you are using MacTCP , you must restar t the computer . If you are using Open Tr[...]
-
Page 21
Sharing the Connection 3-21 Note: Y ou can also use these instr uctions to configur e other computers on your network with manual or static IP addresses. Be sur e each computer on your network has its own IP address. More infor mation about configuring your Macintosh computer for TCP/IP connectivity thr ough a Netopia 4553 can be found in T echno[...]
-
Page 22
3-22 User’ s Reference Guide[...]
-
Page 23
Connecting to Y our Local Ar ea Network 4-23 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 4 4 4 4 C C C C o o o o n n n n n n n n e e e e c c c c t t t t ii i i n n n n g g g g t t t t o o o o Y Y Y Y o o o o u u u u r r r r L L L L o o o o c c c c a a a a ll l l A A A A r r r r e e e e a a a a N N N N e e e e t t t t w w w w o o o o r r[...]
-
Page 24
4-24 User’ s Reference Guide Once the Netopia 4553 is properly configur ed and connected to your LAN, PC and Macintosh computers that have their requir ed components in place will be able to connect to the Internet or other r emote IP networks. Connecting to an Ethernet network The Netopia 4553 suppor ts Ether net connections thr ough its Ethern[...]
-
Page 25
Console-Based Management 5-25 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 5 5 5 5 C C C C o o o o n n n n s s s s o o o o ll l l e e e e - - - - B B B B a a a a s s s s e e e e d d d d M M M M a a a a n n n n a a a a g g g g e e e e m m m m e e e e n n n n t t t t Console-based management is a menu-driven inter face for the capabilities[...]
-
Page 26
5-26 User’ s Reference Guide may be using the router to connect to mor e than one ser vice pr ovider or remote site. ■ The System Configuration menus display and per mit changing: ■ IP setup. See “IP Setup” on page 8-64 . ■ Filter sets (firewalls). See “Security” on page 11-151 . ■ IP address ser ving. See “IP Address Ser ving[...]
-
Page 27
Console-Based Management 5-27 Configuring T elnet software If you are configuring your r outer using a T elnet session, your computer must be r unning a T elnet software program. ■ If you connect a PC with Microsoft Windows, you can use a Windows T elnet application or simply r un T elnet from the Star t menu. ■ If you connect a Macintosh com[...]
-
Page 28
5-28 User’ s Reference Guide Launch your ter minal emulation software and configur e the communications software for the values shown in the table below . These are the default communication parameters that the Netopia 4553 uses. Navigating thr ough the console screens Use your keyboard to navigate the Netopia 4553’s configuration scr eens, e[...]
-
Page 29
Easy Setup 6-29 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 6 6 6 6 E E E E a a a a s s s s y y y y S S S S e e e e t t t t u u u u p p p p This chapter describes how to use the Easy Setup console screens on your Netopia 4553. After completing the Easy Setup console screens, your r outer will be ready to connect to the Inter net or anot[...]
-
Page 30
6-30 User’ s Reference Guide A screen similar to the following Main Menu appears: If you do not see the Main Menu, verify that: ■ If you are using a serial connection, that your serial por t speed is the same as the Netopia 4553’s default 9600 baud, for first use. ■ The computer used to view the console screen has its serial por t connecte[...]
-
Page 31
Easy Setup 6-31 The Main Menu appears. 2. Select the first item on the Main Menu list, Easy Setup . Press Retur n to bring up the DSL Line Configuration menu screen. DSL Line Configuration 1. Select W AN DSL Mode and from the pop-up menu choose the type of DSLAM to which you will be connecting, either A TM or HDLC. 2. From the Regional Setting p[...]
-
Page 32
6-32 User’ s Reference Guide 3. Select a Clock Source , either Network (the default) or Inter nal. If you are using an A TM-based Mode, the DSL Line Configuration screen of fers additional parameters. 4. Select Data Link Encapsulation and from the pop-up menu choose either RFC1483 (the default) or PPP . ■ If you selected RFC1483, the next pop-[...]
-
Page 33
Easy Setup 6-33 If you selected Numbered, the following fields appear . ■ Select the editable field labeled Local W AN IP Addr ess . The default address is 0.0.0.0, which allows for dynamic addr essing, when your ISP assigns an address each time you connect. However , you can enter another specific address if you want to use static addressing.[...]
-
Page 34
6-34 User’ s Reference Guide 1. Select Ethernet IP Address and enter the first IP addr ess from the IP addr ess range your ISP has given you. This will be the Netopia Router’s IP address. The Ethernet IP Addr ess defaults to an address (192.168.1.1) within a range r eser ved by the Internet address administration authority for use within priva[...]
-
Page 35
Easy Setup 6-35 7. T oggle IP Address Ser ving to On or Of f, depending on whether you want the device’s IP addr ess ser ver to supply dynamic IP addresses to your client workstations. Nor mally , you would accept the default On so that workstations on your LAN can have IP addresses assigned dynamically fr om the Router . 8. The IP address ser ve[...]
-
Page 36
6-36 User’ s Reference Guide The Router will restar t and your configuration settings will be activated. Y ou can then Exit or Quit your T elnet application. Easy Setup is now complete.[...]
-
Page 37
W AN and System Configuration 7-37 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 7 7 7 7 W W W W A A A A N N N N a a a a n n n n d d d d S S S S y y y y s s s s t t t t e e e e m m m m C C C C o o o o n n n n f f f f ii i i g g g g u u u u r r r r a a a a t t t t ii i i o o o o n n n n This chapter describes how to use the console-based [...]
-
Page 38
7-38 User’ s Reference Guide 1. Select W AN DSL Mode and from the pop-up menu choose the type of DSLAM to which you will be connecting, either A TM or HDLC. 2. From the Regional Setting pop-up menu, select Annex A for r outers in Nor th America, Annex B for r outers in Europe, or Annex C for r outers in Japan. Note: Some options may not be visibl[...]
-
Page 39
W AN and System Configuration 7-39 ■ Enter a name for the circuit in the Cir cuit Name field. ■ T oggle Circuit Enabled to Y es. ■ Enter the Vir tual Path Identifier and the Vir tual Channel Identifier in the Circuit VPI and Circuit VCI fields, respectively . ■ Then, select a Connection Profile for the Cir cuit. T o use the Default Pr[...]
-
Page 40
7-40 User’ s Reference Guide Cr eating a new Connection Profile For a Netopia 4553, connection profiles ar e useful for configuring the connection and authentication settings for negotiating a PPP connection on the G.shdsl link. If you are using the PPP data link encapsulation method, you can store your authentication infor mation in the conne[...]
-
Page 41
W AN and System Configuration 7-41 3. Select Data Link Encapsulation and press Retur n. The pop-up menu of fers the possible data link encapsulation methods for connection profiles used for a variety of purposes: PPP , Frame Relay , RFC1483, A TMP , PPTP , or IPsec. If you select any data link encapsulation method other than RFC1483, a Data Link [...]
-
Page 42
7-42 User’ s Reference Guide T oggle Auto-Detect DLCIs to Y es (the default) or No. Select the Multicast DLCI Number field and enter a value. 5. Y ou can edit the Maximum Packet Size field, if you want packets limited to a lower value than 1500. Return to the Add Connection Pr ofile screen by pr essing Escape. 6. Select IP Profile Parameters [...]
-
Page 43
W AN and System Configuration 7-43 The default pr ofile If you are using RFC1483 datalink encapsulation, the Default Pr ofile screen contr ols whether or not the G.shdsl link will come up without an explicitly configured connection pr ofile. (PPP datalink encapsulation does not suppor t a default pr ofile, and the cor responding menu item is [...]
-
Page 44
7-44 User’ s Reference Guide The Default Profile scr een appears. ■ Y ou can set Must Match a Defined Pr ofile item to Ye s or No (the default). This item controls whether or not the G.shdsl link will come up without an explicitly configured connection pr ofile. If your ISP is ser ving you a dynamic IP Address, you need not explicitly con?[...]
-
Page 45
W AN and System Configuration 7-45 IP parameters (default profile) scr een If you are using RFC1483 datalink encapsulation, the IP Parameters (Default Pr ofile) screen allows you to configure various IP parameters for G.shdsl connections established without an explicitly configur ed connection profile: For an G.shdsl link, Network Address T r[...]
-
Page 46
7-46 User’ s Reference Guide V iewing scheduled connections T o display a table of scheduled connections, select Display/Change Scheduled Connection in the Scheduled Connections screen. Each scheduled connection occupies one r ow of the table. The first column in the table shows a one-letter repr esentation of the Days of the week, from Monday ([...]
-
Page 47
W AN and System Configuration 7-47 The other columns show: ■ The time of day that the connection will Begin At ■ The duration of the connection ( HH:MM ) ■ Whether it’s a recur ring Weekly connection or used Once Only ■ Which connection profile ( Conn. Pr of. ) is used to connect ■ Whether the scheduled connection is cur rently Enable[...]
-
Page 48
7-48 User’ s Reference Guide demand call on the line. ■ Demand-Allowed , meaning that this schedule will per mit a demand call on the line. ■ Demand-Blocked , meaning that this schedule will prevent a demand call on the line. ■ Periodic , meaning that the connection is retried several times during the scheduled time. ■ If How Often is set[...]
-
Page 49
W AN and System Configuration 7-49 Set Once-Only Schedule If you set How Often to Once Only , select Set Once-Only Schedule and go to the Set Once-Only Schedule screen. ■ Select Place Call On (Date) and enter a date in the for mat MM/DD/YY or MM/DD/YYYY (month, day , year). Note: Y ou must enter the date in the for mat specified. The slashes ar[...]
-
Page 50
7-50 User’ s Reference Guide Modifying a scheduled connection T o modify a scheduled connection, select Display/Change Scheduled Connection in the Scheduled Connections screen to display a table of scheduled connections. Select a scheduled connection from the table and pr ess Return. The Change Scheduled Connection scr een appears. The parameters[...]
-
Page 51
W AN and System Configuration 7-51 1. Select LMI Type (Link Management Type) and press Return. Fr om the pop-up menu, highlight either ANSI (Annex D) , CCITT (Annex A) , LMI , or No LMI (the default). Press Retur n. See “Frame Relay DLCI configuration” on page 7-52 for instr uctions. Specifying the Link Management Type is the first step in c[...]
-
Page 52
7-52 User’ s Reference Guide ting defaults to 64000, but you may modify the capacity rate if this setting will not be applicable to you. ■ The Default Bc (Bc also refer red to as Committed Burst Size) r epresents the maximum amount of data that your Frame Relay ser vice pr ovider agrees to transfer fr om a given PVC (Per manent Vir tual Circuit[...]
-
Page 53
W AN and System Configuration 7-53 T o go to the Frame Relay DLCI configuration screen, select Frame Relay DLCI Configuration in the W AN Configuration screen. Displaying a Frame Relay DLCI configuration table T o display a view-only table of the Frame Relay DLCIs, select Display/Change DLCIs in the Frame Relay DLCI Configuration screen, and [...]
-
Page 54
7-54 User’ s Reference Guide Changing a Frame Relay DLCI configuration T o modify a Frame Relay DLCI configuration, select Display/Change DLCIs in the Frame Relay DLCI Configuration screen. Select a DLCI Name from the table and pr ess Return to go to the Change DLCI screen. The parameters in this screen ar e the same as the parameters in the A[...]
-
Page 55
W AN and System Configuration 7-55 Adding a Frame Relay DLCI configuration T o add a new Frame Relay DLCI, select Add DLCI in the Frame Relay DLCI Configuration screen and press Return. The Add DLCI scr een appears. 1. Select DLCI Name and enter a name for this individual Frame Relay DLCI profile. It can be any name you wish. For example: the n[...]
-
Page 56
7-56 User’ s Reference Guide Identifier). The setting defaults to 64000, but you may modify the committed burst size by toggling the selection in the Use Default field to No . Y ou can then enter a dif ferent committed burst size in the V alue field. ■ The Be (Excess Burst Size) repr esents the maximum amount of data that your Frame Relay se[...]
-
Page 57
W AN and System Configuration 7-57 System configuration screens Y ou can connect to the Netopia 4553’s system configuration scr eens in either of two ways: ■ By using T elnet with the Router’s Ethernet por t IP address ■ Through the console por t, using a local terminal (see “Connecting a console cable to your r outer” on page 5-27 )[...]
-
Page 58
7-58 User’ s Reference Guide 2. Select IP Setup and press Retur n. The IP Setup screen appears. T o go back in this sequence of screens, use the Escape key . System configuration featur es The Netopia 4553 Router’s default settings may be all you need to configure your Netopia 4553. Some users, however , require advanced settings or pr efer m[...]
-
Page 59
W AN and System Configuration 7-59 IP setup These screens allow you to configur e your network’s use of the IP networking protocol. ■ Details are given in “IP Setup” on page 8-64 . Filter sets (firewalls) These screens allow you to configur e security on your network by means of filter sets and a basic firewall. ■ Details are given [...]
-
Page 60
7-60 User’ s Reference Guide 3. Select the Router’s time zone from the Time Zone pop-up menu and pr ess Return. 4. In the NTP Update Inter val field, enter how often to synchronize with the time ser ver , using the for mat HHHH:MM where H is hours and M is minutes. 5. Select a System Date Format ; the options are MM/DD/YY , DD/MM/YY , and YY/M[...]
-
Page 61
W AN and System Configuration 7-61 Security These screens allow you to add users and define passwor ds on your network. ■ Details are given in “Security” on page 11-151 . Upgrade feature set Y ou can upgrade your Netopia 4553 by adding new featur e sets through the Upgrade Featur e Set utility . See the release notes that came with your r o[...]
-
Page 62
7-62 User’ s Reference Guide characters. ■ Y ou can specify the UNIX syslog Facility to use by selecting the Facility pop-up. ■ Erase the log by selecting DUMP W AN LOG Installing the Syslog client The Goodies folder on the Netopia CD contains a Syslog client daemon program that can be configur ed to repor t the W AN events you specified in[...]
-
Page 63
IP Setup 8-63 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 8 8 8 8 II I I P P P P S S S S e e e e t t t t u u u u p p p p The Netopia 4553 uses Internet Pr otocol (IP) to communicate both locally and with remote networks. This chapter shows you how to configure the r outer to route IP traf fic. Y ou also learn how to configur e the ro[...]
-
Page 64
8-64 User’ s Reference Guide IP Setup The IP Setup options screen is wher e you configure the Ether net side of the Netopia 4553. The infor mation you enter here contr ols how the router r outes IP traf fic. Consult your network administrator or ISP to obtain the IP setup infor mation (such as the Ether net IP address, Ethernet subnet mask, def[...]
-
Page 65
IP Setup 8-65 The Netopia 4553 suppor ts multiple IP subnets on the Ether net inter face. Y ou may want to configure multiple IP subnets to ser vice mor e hosts than are possible with your primar y subnet. It is not always possible to obtain a lar ger subnet from your ISP . For example, if you already have a full Class C subnet, your only option i[...]
-
Page 66
8-66 User’ s Reference Guide IP subnets The IP Subnets screen allows you to configur e up to eight Ethernet IP subnets on unlimited-user models, one “primar y” subnet and up to seven secondar y subnets, by entering IP address/subnet mask pairs: Note: Y ou need not use this scr een if you have only a single Ethernet IP subnet. In that case, y[...]
-
Page 67
IP Setup 8-67 For example: ■ T o delete a configured subnet, set both the IP addr ess and subnet mask values to 0.0.0.0, either explicitly or by clearing each field and pressing Retur n to commit the change. When a configured subnet is deleted, the values in subsequent rows adjust up to fill the vacant fields. The subnets configured on this[...]
-
Page 68
8-68 User’ s Reference Guide If you have configured multiple Ether net IP subnets, the IP Setup screen changes slightly: The IP address and Subnet mask items ar e hidden, and the Define Additional Subnets... item becomes Subnet Configuration... . If you select Subnet Configuration , you will retur n to the IP Subnets screen that allows you to[...]
-
Page 69
IP Setup 8-69 The Static Routes screen will appear . Viewing static r outes T o display a view-only table of static routes, select Display/Change Static Route . The table shown below will appear . The table has the following columns: Dest. Network: The network IP address of the destination network. Static Routes Display/Change Static Route... Add S[...]
-
Page 70
8-70 User’ s Reference Guide Subnet Mask: The subnet mask associated with the destination network. Next Gateway: The IP address of the r outer that will be used to reach the destination network. Priority: An indication of whether the Netopia 4553 will use the static route when it conflicts with infor mation received fr om RIP packets. Enabled: A[...]
-
Page 71
IP Setup 8-71 infor mation; Low means that the RIP infor mation takes precedence over the static r oute. ■ If the static route conflicts with a connection pr ofile, the connection profile will always take pr ecedence. ■ T o make sure that the static r oute is known only to the Netopia 4553, select Adver tise Route V ia RIP and toggle it to N[...]
-
Page 72
8-72 User’ s Reference Guide IP Addr ess Serving In addition to being a router , the Netopia 4553 is also an IP address ser ver . Ther e are thr ee protocols it can use to distribute IP addresses. ■ The first, called Dynamic Host Configuration Protocol (DHCP), is widely suppor ted on PC networks, as well as Apple Macintosh computers using Ope[...]
-
Page 73
IP Setup 8-73 Follow these steps to configure IP Addr ess Ser ving: ■ If you enabled IP Address Ser ving, then DHCP , BootP clients and Dynamic WAN clients are automatically enabled. ■ The IP Address Ser ving Mode pop-up menu allows you to choose the way in which the Netopia 4553 will ser ve IP addr esses. The device can act as either a DHCP S[...]
-
Page 74
8-74 User’ s Reference Guide If you have configured multiple Ether net IP subnets, the appearance of the IP Address Ser ving screen is alter ed slightly: The first three menu items ar e hidden, and Configure Addr ess Pools... appears instead. If you select Configure Address Pools... you will be taken to the IP Addr ess Pools screen that allow[...]
-
Page 75
IP Setup 8-75 IP Addr ess Pools The IP Address Pools scr een allows you to configure a separate IP addr ess ser ving pool for each of up to eight configured Ether net IP subnets: This screen consists of between two and eight r ows of four columns each. There ar e exactly as many rows as there ar e Ethernet IP subnets configur ed on the IP Subnet[...]
-
Page 76
8-76 User’ s Reference Guide Numerous factors influence the choice of ser ved address. It is dif ficult to specify the address that will be ser ved to a par ticular client in all circumstances. However , when the address ser ver has been configured, and the clients involved have no prior address ser ving interactions, the Netopia 4553 will gen[...]
-
Page 77
IP Setup 8-77 DHCP NetBIOS Options If your network uses NetBIOS, you can enable the Netopia 4553 to use DHCP to distribute NetBIOS infor mation. NetBIOS stands for Network Basic Input/Output System. It is a layer of software originally developed by IBM and Sytek to link a network operating system with specific hardwar e. NetBIOS has been adopted a[...]
-
Page 78
8-78 User’ s Reference Guide ■ From the NetBios Type pop-up menu, select the type of NetBIOS used on your network. ■ T o ser ve DHCP clients with the NetBIOS scope, select Ser ve NetBios Scope and toggle it to Ye s . Select NetBios Scope and enter the scope. ■ T o ser ve DHCP clients with the IP addr ess of a NetBIOS name ser ver, select Se[...]
-
Page 79
IP Setup 8-79 Select Release BootP Leases and press Retur n. ■ Back in IP Address Ser ving, the Ser ve Dynamic WAN Clients toggle Mor e Address Serving Options The Netopia 4553 includes a number of enhancements in the built-in DHCP IP address ser ver . These enhancements include: ■ The ability to exclude one or more IP addr esses from the addr [...]
-
Page 80
8-80 User’ s Reference Guide Configuring the IP Addr ess Server options T o access the enhanced DHCP ser ver functions, fr om the Main Menu navigate to Statistics & Logs and then Ser ved IP Addresses . The following example shows the Ser ved IP Addr esses screen after thr ee clients have leased IP addresses. The first client did not provide[...]
-
Page 81
IP Setup 8-81 Y ou can select the entries in the Ser ved IP Addresses screen. Use the up and down ar row keys to move the selection to one of the entries in the list of ser ved IP addr esses. Once you select an entr y , pressing Retur n displays an action pop-up menu that lists operations that can be per for med on that entr y . Possible operations[...]
-
Page 82
8-82 User’ s Reference Guide ■ Details… is displayed if the entr y is associated with both a host name and a client identifier . Selecting Details… displays a pop-up menu that provides additional infor mation associated with the IP address. The pop-up menu includes the IP addr ess as well as the host name and client identifier supplied by[...]
-
Page 83
IP Setup 8-83 ■ Include is displayed if the entr y is either excluded or declined. An IP address is marked declined when a client to whom the DHCP ser ver of fers the address declines the address. A client declines an addr ess if it deter mines that a leased address is alr eady in use by another device. Selecting Include restor es the selected IP[...]
-
Page 84
8-84 User’ s Reference Guide The router’s Ether net IP address(es) will be automatically excluded fr om the address ser ving pool(s) on star tup. Entries in the ser ved IP addr ess list cor responding to the r outer’s Ether net IP address(es) that have been automatically excluded on star tup ar e not selectable. Served IP Addresses -IP Addres[...]
-
Page 85
IP Setup 8-85 D D D D H H H H C C C C P P P P R R R R e e e e ll l l a a a a y y y y A A A A g g g g e e e e n n n n t t t t The Netopia 4553 of fers DHCP Relay Agent functionality , as defined in RFC1542. A DHCP r elay agent is a computer system or a router that is configur ed to for war d DHCP requests fr om clients on the LAN to a remote DHCP [...]
-
Page 86
8-86 User’ s Reference Guide Select IP Address Ser ving and pr ess Retur n. The IP Address Ser ving screen appears. Select IP Address Ser ving Mode . The pop-up menu of fers the choices of Disabled , DHCP Ser ver (the default), and DHCP Relay Agent . If you select DHCP Relay Agent and press Retur n, the screen changes as shown below . Now you can[...]
-
Page 87
IP Setup 8-87 Note: The remote DHCP ser ver(s) to which the Netopia Router is relaying DHCP requests must be capable of ser vicing r elayed requests. Not all DHCP ser vers suppor t this featur e. For example, the DHCP ser ver in the Netopia Router does not . The DHCP ser ver(s) to which the Netopia Router is r elaying DHCP requests must be configu[...]
-
Page 88
8-88 User’ s Reference Guide 2. T oggle the Profile Enabled value to Ye s or No . The default is Y es. 3. Select IP Profile Parameters and press Retur n. The IP Pr ofile Parameters screen appears. 4. T oggle or enter any IP parameters you requir e and retur n to the Add Connection Profile scr een by pressing Escape. For more infor mation on N[...]
-
Page 89
IP Setup 8-89 5. Select ADD PROFILE NOW and press Retur n. Y our new connection pr ofile will be added. If you want to view the connection profiles in your r outer , return to the WAN Configuration screen, and select Display/Change Connection Profile . The list of connection pr ofiles is displayed in a scrolling pop-up screen. WAN Configuratio[...]
-
Page 90
8-90 User’ s Reference Guide[...]
-
Page 91
Multiple Network Address T ranslation 9-91 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 9 9 9 9 M M M M u u u u ll l l t t t t ii i i p p p p ll l l e e e e N N N N e e e e t t t t w w w w o o o o r r r r k k k k A A A A d d d d d d d d r r r r e e e e s s s s s s s s T T T T r r r r a a a a n n n n s s s s ll l l a a a a t t t t ii i i [...]
-
Page 92
9-92 User’ s Reference Guide The following is a general description of these features: Port Address T ranslation The simplest for m of classic Network Address Translation is PAT (Por t Address T ranslation). P A T allows a gr oup of computers on a LAN, such as might be found in a home or small of fice, to share a single Inter net connection usin[...]
-
Page 93
Multiple Network Address T ranslation 9-93 When addresses ar e retur ned to the group of available addr esses, they are r etur ned to the head of the group, being the most recently used. If that same host r equests a connection an hour later , and the same public address is still available, then it will be mapped to the same private host. If a new [...]
-
Page 94
9-94 User’ s Reference Guide Exterior addresses ar e allocated to internal hosts on a demand, or as-needed, basis and then made available when traf fic from that host ceases. Once an inter nal host has been allocated an address, it will use that address for all traf fic. Five minutes after all traf fic ceases – no pings, all TCP connections [...]
-
Page 95
Multiple Network Address T ranslation 9-95 In order to suppor t this type of mapping, you define two address ranges. First, you define a public range which contains the first and last public address to be used and the way in which these addr esses should be used (P A T , static, or dynamic). Y ou then configure an addr ess map which defines th[...]
-
Page 96
9-96 User’ s Reference Guide Easy Setup Profile configuration The screen below is an example. Depending on the type of r outer you are using, fields displayed in this scr een may var y . The Local W AN IP Addr ess is used to configure a NA T public address range consisting of the Local W AN IP Address and all its por ts. The public address ma[...]
-
Page 97
Multiple Network Address T ranslation 9-97 Y ou can configur e a simple 1-to-many P A T (often r efer r ed to simply as NA T) mapping using Easy Setup. Mor e complex setups requir e configuration using the Network Address Translation item on the IP Setup screen. An example MultiNA T configuration at the end of this chapter describes some applica[...]
-
Page 98
9-98 User’ s Reference Guide The Network Address T ranslation screen appears. Public Range defines an external addr ess range and indicates what type of mapping to apply when using this range. The types of mapping available are dynamic , static and pat . Map Lists define collections of mapping r ules. A r ule maps interior range addr esses to e[...]
-
Page 99
Multiple Network Address T ranslation 9-99 The Add NA T Public Range scr een appears. ■ Select Range Name and give a descriptive name to this range. ■ Select Type and from the pop-up menu, assign its type. Options are static , dynamic , or pat (the default). ■ If you choose pat as the range type, select Public Address and enter the exterior I[...]
-
Page 100
9-100 User’ s Reference Guide ■ Select Map List Name and enter a descriptive name for this map list. A new menu item, Add Map , appears. ■ Select Add Map and press Retur n. The Add NA T Map screen appears. ■ Select First and Last Private Address and enter the first and last interior IP addresses you want to assign to this mapping. ■ Sele[...]
-
Page 101
Multiple Network Address T ranslation 9-101 ■ From the list of public ranges you defined, select the one that you want to map to the interior range for this mapping and press Retur n. If none of your preconfigur ed ranges are suitable for this mapping, you can select <<NEW RANGE>> and create a new range. If you choose <<NEW RA[...]
-
Page 102
9-102 User’ s Reference Guide Modifying map lists Y ou can make changes to an existing map list after you have cr eated it. Since there may be mor e than one map list you must select which one you are modifying. From the Network Addr ess T ranslation screen select Show/Change Map List and press Retur n. ■ Select the map list you want to modify [...]
-
Page 103
Multiple Network Address T ranslation 9-103 ■ Add Map allows you to add a new map to the map list. ■ Show/Change Maps allows you to modify the individual maps within the list. ■ Delete Map allows you to delete a map from the list. Selecting Show/Change Maps or Delete Map displays the same pop-up menu. Scroll to the map you want to modify usin[...]
-
Page 104
9-104 User’ s Reference Guide Adding Server Lists Ser ver lists, also known as Expor ts, are handled similarly to map lists. If you want to make a par ticular ser ver’s por t accessible (and it isn’t accessible thr ough other means, such as a static mapping), you must create a ser ver list. Select Add Ser ver List from the Network Addr ess T [...]
-
Page 105
Multiple Network Address T ranslation 9-105 ■ Select Add Ser ver and press Retur n. The Add NA T Ser ver screen appears. ■ Select Ser vice and press Retur n. A pop-up menu appears listing a selection of commonly expor ted ser vices. ■ Choose the ser vice you want to expor t and press Retur n. Y ou can choose a pr econfigured ser vice from th[...]
-
Page 106
9-106 User’ s Reference Guide ■ Enter the First and Last Por t Number between por ts 1 and 65535. Select OK and press Retur n. Y ou will be retur ned to the Add NA T Ser ver screen. ■ Enter the Ser ver Private IP Address of the ser ver whose ser vice you ar e expor ting. Since MultiNA T per mits the mapping of multiple private IP addr esses t[...]
-
Page 107
Multiple Network Address T ranslation 9-107 Modifying server lists Once a ser ver list exists, you can select it for modification or deletion. ■ Select Show/Change Ser ver List from the Network Addr ess T ranslation screen. ■ Select the Ser ver List Name you want to modify fr om the pop-up menu and press Retur n. The Show/Change NA T Ser ver L[...]
-
Page 108
9-108 User’ s Reference Guide ■ Selecting Show/Change Ser ver or Delete Ser ver displays the same pop-up menu. Select any ser ver fr om the list and press Retur n. The Change NA T Ser ver scr een appears. Y ou can make changes to the ser ver’s ser vice and por t or internal or exter nal address. Select CHANGE NA T SERVER and press Return. Y o[...]
-
Page 109
Multiple Network Address T ranslation 9-109 Deleting a server T o delete a ser ver fr om the list, select Delete Ser ver from the Show/Change NA T Ser ver List menu and pr ess Return. A pop-up menu lists your configured ser vers. Select the one you want to delete and press Retur n. A dialog box asks you to confir m your choice. Choose CONTINUE an[...]
-
Page 110
9-110 User’ s Reference Guide Binding Map Lists and Server Lists Once you have created your map lists and ser ver lists, for most Netopia Router models you must bind them to a profile, either a Connection Pr ofile or the Default Profile. Y ou do this in one of the following screens: ■ the IP profile parameters scr een (see below) of the Con[...]
-
Page 111
Multiple Network Address T ranslation 9-111 ■ Select NA T Map List and press Return. A pop-up menu displays a list of your defined map lists. ■ Select the map list you want to bind to this Connection Profile and pr ess Return. The map list you selected will now be bound to this Connection Profile. ■ Select NA T Server List and pr ess Retur[...]
-
Page 112
9-112 User’ s Reference Guide IP Parameters (W AN Default Pr ofile) The Netopia 4553 using RFC 1483 suppor ts a WAN default profile that per mits several parameters to be configured without an explicitly configur ed Connection Profile. The procedur e is similar to the procedur e to bind map lists and ser ver lists to a Connection Pr ofile. [...]
-
Page 113
Multiple Network Address T ranslation 9-113 ■ Select NA T Map List and press Return. A pop-up menu displays a list of your defined map lists. ■ Select the map list you want to bind to the default profile and pr ess Return. The map list you selected will now be bound to the default profile. ■ Select NA T Server List and pr ess Retur n. A po[...]
-
Page 114
9-114 User’ s Reference Guide NA T Associations Configuration of map and ser ver lists alone is not suf ficient to enable NA T for a W AN connection because map and ser ver lists must be linked to a pr ofile that controls the WAN inter face. This can be a Connection Pr ofile, a W AN Ethernet inter face, a default profile, or a default answer[...]
-
Page 115
Multiple Network Address T ranslation 9-115 keys. Select the item by pressing Retur n to display a pop-up menu of all of your configured lists. ■ Select the list name you want to assign and press Retur n again. Y our selection will then be associated with the cor responding pr ofile or inter face. NAT Associations +NAT Map List Name-+ Profile/I[...]
-
Page 116
9-116 User’ s Reference Guide MultiNA T Configuration Example T o help you understand a typical MultiNA T configuration, this section describes an example of the type of configuration you may want to implement on your site. The values shown are for example purposes only . Make your own appropriate substitutions. A typical DSL ser vice fr om an[...]
-
Page 117
Multiple Network Address T ranslation 9-117 Enter your ISP-supplied values as shown below . Select NEXT SCREEN and press Retur n. Y our IP values ar e shown here. Then navigate to the Network Address T ranslation (NA T) screen. Connection Profile 1: Easy Setup Profile Connection Profile Name: Easy Setup Profile Address Translation Enabled: Yes IP A[...]
-
Page 118
9-118 User’ s Reference Guide Select Show/Change Public Range , then Easy-P A T Range , and pr ess Retur n. Enter the value your ISP assigned for your public address (206.1.1.6, in this example). T oggle Type to pat. Y our public address is then mapped to the remaining private IP addr esses using P A T . (If you were not using the Easy-P A T Rang[...]
-
Page 119
Multiple Network Address T ranslation 9-119 Select ADD NA T PUBLIC RANGE and press Return. Y ou are retur ned to the Network Addr ess T ranslation screen. Next, select Show/Change Map List and choose Easy-P A T List . Select Add Map . The Add NA T Map scr een appears. (Now the name Easy-P A T List is a misnomer since it has a static map included in[...]
-
Page 120
9-120 User’ s Reference Guide T o make these changes, first limit the range of remapped addr esses on the Static Map and then edit the default ser ver list called Easy-Ser vers. ■ First, navigate to the Show/Change Map List screen, select Easy-P A T List and then Show/Change Maps . Choose the Static Map you created and change the First Private[...]
-
Page 121
Virtual Private Networks (VPNs) 10-121 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 0 0 0 0 V V V V ii i i r r r r t t t t u u u u a a a a ll l l P P P P r r r r ii i i v v v v a a a a t t t t e e e e N N N N e e e e t t t t w w w w o o o o r r r r k k k k s s s s ( ( ( ( V V V V P P P P N N N N s s s s ) ) ) ) The Netopia 4553 o[...]
-
Page 122
10-122 User’ s Reference Guide T unneling is a process of creating a private path between a r emote user or private network and another private network over some inter mediate network, such as the IP-based Inter net. A VPN allows remote of fices or employees access to your internal business LAN thr ough means of encr yption allowing the use of t[...]
-
Page 123
Virtual Private Networks (VPNs) 10-123 the receiving side, an IPsec-compliant device decr ypts each packet. The Netopia 4553 suppor ts the mor e secure T unnel mode. DES stands for Data Encr yption Standar d, a popular symmetric-key encr yption method. DES uses a 56-bit key . The Netopia 4553 of fers IPsec DES encr yption over the VPN tunnel. When [...]
-
Page 124
10-124 User’ s Reference Guide PPTP configuration T o set up the router as a PPTP Network Ser ver (PNS) capable of answering PPTP tunnel requests you must also configure the VPN Default Answer Pr ofile. See "A TMP/PPTP Default Pr ofile" on page 10-136 for more infor mation. PPTP is a Datalink Encapsulation option in Connection Pro?[...]
-
Page 125
Virtual Private Networks (VPNs) 10-125 When you define a Connection Profile as using PPTP by selecting PPTP as the datalink encapsulation method, and then select Data Link Options , the PPTP T unnel Options screen appears. ■ Enter the PPTP Par tner IP Address . This specifies the address of the other end of the tunnel. If you do not specify th[...]
-
Page 126
10-126 User’ s Reference Guide Note: The Netopia 4553 suppor ts 128-bit (“str ong”) encr yption. Unlike MS-CHAP version 1, which suppor ts one-way authentication, MS-CHAP version 2 suppor ts mutual authentication between connected r outers and is incompatible with MS-CHAP version 1 (MS-CHAP-V1). When you choose MS-CHAP as the authentication m[...]
-
Page 127
Virtual Private Networks (VPNs) 10-127 The IP Profile Parameters scr een appears. ■ Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel. About IPsec T unnels IPsec stands for IP Security , a set of protocols that suppor ts secure exchange of IP packets at the IP layer . IPsec is deployed widely to implement Vi[...]
-
Page 128
10-128 User’ s Reference Guide The Add Connection Profile scr een appears. ■ From the Data Link Encapsulation pop-up menu select IPsec . ■ Then select Data Link Options . The IPsec Encr yption & Authentication Options scr een appears. ■ Y ou must specify an Encr yption Transform . The choices are DES or NULL . The default is DES . Add [...]
-
Page 129
Virtual Private Networks (VPNs) 10-129 ■ Y ou must enter an Encr yption Key if the Encr yption T ransfor m is DES. The key for DES must be a hexadecimal string of 16 characters, using Hex characters only: '0'-'9', 'A'-'F' and 'a' - 'f'. No key entr y appears if the encr yption transfor m[...]
-
Page 130
10-130 User’ s Reference Guide IP Pr ofile Parameters The following IP Profile Options scr een is displayed for an IPsec Connection Profile. ■ Y ou must specify an SPI (Security Parameters Index) , which is the ESP receive side SPI and the default SPI for ESP transmit, AH receive, and AH transmit. It must be unique r elative to any other con[...]
-
Page 131
Virtual Private Networks (VPNs) 10-131 Map Lists, Ser ver Lists, and P A T addresses ar e described in detail in Chapter 9, “Multiple Network Address T ranslation.” ■ Y ou can specify a Filter Set . See "About filters and filter sets" on page 11-154 . ■ Y ou can r emove a Filter Set . ■ Y ou can choose to configur e Advanced [...]
-
Page 132
10-132 User’ s Reference Guide If you do not specify the Remote T unnel Endpoint Address, the router will use the default gateway to r each the par tner . If the par tner should be r eached via an alter nate por t (for example, the LAN instead of the W AN), the Next Hop Gateway field allows this path to be resolved. Inter operation with other fe[...]
-
Page 133
Virtual Private Networks (VPNs) 10-133 When you define a Connection Profile as using A TMP by selecting A TMP as the datalink encapsulation method, and then select Data Link Options , the A TMP T unnel Options screen appears. Note: An A TMP tunnel cannot be assigned a dynamic IP addr ess by the remote ser ver , as in a PPP connection. When you de[...]
-
Page 134
10-134 User’ s Reference Guide the gateway par tner is r eached. If you do not specify the A TMP Par tner IP Address, the r outer will use the default gateway to reach the par tner and the T unnel Via Gateway field is hidden. If the par tner should be reached via an alter nate por t (i.e., the LAN instead of the W AN), the T unnel Via Gateway ?[...]
-
Page 135
Virtual Private Networks (VPNs) 10-135 ■ Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel. Encryption Support Encr yption is a method for altering user data into a for m that is unusable by anyone other than the intended recipient. The r ecipient must have the means to decr ypt the data to r ender it usable [...]
-
Page 136
10-136 User’ s Reference Guide and transparently . A TMP/PPTP Default Pr ofile The W AN Configuration menu of fers a A TMP/PPTP Default Pr ofile option. Use this selection when your router is acting as the ser ver for VPN connections, that is, when you ar e on the answering end of the tunnel establishment. The A TMP/PPTP Default Pr ofile dete[...]
-
Page 137
Virtual Private Networks (VPNs) 10-137 If you chose MS-CHAP authentication, the Data Compression option is not requir ed, and this menu item becomes hidden. VPN QuickV iew Y ou can view the status of your VPN connections in the VPN QuickView scr een. From the Main Menu select QuickView and then VPN QuickView . The VPN QuickView screen appears. Pro?[...]
-
Page 138
10-138 User’ s Reference Guide Dial-Up Networking for VPN Microsoft Windows Dial-Up Networking softwar e per mits a remote standalone workstation to establish a VPN tunnel to a PPTP ser ver such as a Netopia Router located at a central site. Dial-Up Networking also allows a mobile user who may not be connected to a P AC to dial into an inter medi[...]
-
Page 139
Virtual Private Networks (VPNs) 10-139 The Communications window appears. 5. In the Communications window , select Dial-Up Networking and click the OK button. This retur ns you to the Windows Setup screen. Click the OK button. 6. Respond to the prompts to install Dial-Up Networking fr om the system disks or CDROM. 7. When prompted, r eboot your PC.[...]
-
Page 140
10-140 User’ s Reference Guide Configuring a Dial-Up Networking profile Once you have created your Dial-Up Networking pr ofile, you configure it for TCP/IP networking to allow you to connect to the Internet thr ough your Inter net connection device. Do the following: 1. Double-click the My Computer (or whatever you have named it) icon on your[...]
-
Page 141
Virtual Private Networks (VPNs) 10-141 4. Click the TCP/IP Settings button. ■ If your ISP uses dynamic IP addressing (DHCP), select the Ser ver assigned IP address radio button. ■ If your ISP uses static IP addressing, select the Specify an IP addr ess radio button and enter your assigned IP address in the fields pr ovided. Also enter the IP a[...]
-
Page 142
10-142 User’ s Reference Guide This displays a list of possible selections for the communications option. Active components will have a check in the checkboxes to their left. 6. Check Dial Up Networking at the top of the list and Vir tual Private Networking at the bottom of the list. 7. Click OK at the bottom right on each screen until you r etur[...]
-
Page 143
Virtual Private Networks (VPNs) 10-143 Connecting using Dial-Up Networking A Dial-Up Networking connection will be automatically launched whenever you r un a TCP/IP application, such as a web browser or email client. When you first r un the application a Connect T o dialog box appears in which you enter your User name and Password. If you check th[...]
-
Page 144
10-144 User’ s Reference Guide PPTP example T o enable a firewall to allow PPTP traf fic, you must pr ovision the firewall to allow inbound and outbound TCP packets specifically destined for por t 1723. The sour ce por t may be dynamic, so often it is not useful to apply a compare function upon this por tion of the control/negotiation packets[...]
-
Page 145
Virtual Private Networks (VPNs) 10-145 In the Display/Change Filter Set screen select Display/Change Output Filter . Display/Change Output Filter screen Select Output Filter 1 and press Retur n. In the Change Output Filter 1 screen, set the Pr otocol Type and Destination Por t infor mation as shown below . Change Input Filter 2 Enabled: Yes Forward[...]
-
Page 146
10-146 User’ s Reference Guide Select Output Filter 2 and press Retur n. In the Change Output Filter 2 screen, set the Pr otocol Type to allow GRE as shown below . A TMP example T o enable a firewall to allow A TMP traf fic, you must provision the firewall to allow inbound and outbound UDP packets specifically destined for por t 5150. The sou[...]
-
Page 147
Virtual Private Networks (VPNs) 10-147 Select Input Filter 1 and press Retur n. In the Change Input Filter 1 screen, set the Destination Por t infor mation as shown below . Select Input Filter 2 and press Retur n. In the Change Input Filter 2 screen, set the Pr otocol Type to allow GRE as shown below . Change Input Filter 1 Enabled: Yes Forward: Ye[...]
-
Page 148
10-148 User’ s Reference Guide In the Display/Change Filter Set screen select Display/Change Output Filter . Display/Change Output Filter screen Select Output Filter 1 and press Retur n. In the Change Output Filter 1 screen, set the Pr otocol Type and Destination Por t infor mation as shown below . Select Output Filter 2 and press Retur n. In the[...]
-
Page 149
Virtual Private Networks (VPNs) 10-149 Change Output Filter 2 Enabled: Yes Forward: Yes Source IP Address: 0.0.0.0 Source IP Address Mask: 0.0.0.0 Dest. IP Address: 0.0.0.0 Dest. IP Address Mask: 0.0.0.0 Protocol Type: GRE[...]
-
Page 150
10-150 User’ s Reference Guide[...]
-
Page 151
Security 11-151 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 1 1 1 1 S S S S e e e e c c c c u u u u r r r r ii i i t t t t y y y y The Netopia 4553 provides a number of security featur es to help protect its configuration scr eens and your local network from unauthorized access. Although these featur es are optional, it is str [...]
-
Page 152
11-152 User’ s Reference Guide Once user accounts are cr eated, users who attempt to access protected scr eens will be challenged. Users who enter an incor rect name or passwor d are r etur ned to a screen r equesting a name/password combination to access the Main Menu. T o set up user accounts, in the System Configuration screen select Security[...]
-
Page 153
Security 11-153 T o add a new user account, select Add User in the Security Options screen and press Retur n. The Add Name With Write Access screen appears. Follow these steps to configure the new account: 1. Select Enter Name and enter a descriptive name (for example, the user’s first name). 2. Select Enter Password and enter a passwor d. 3. T[...]
-
Page 154
11-154 User’ s Reference Guide T o restrict T elnet access, select Security in the Advanced Configuration menu. The Security Options screen will appear . There are two levels of T elnet r estriction available: ■ T o restrict T elnet access to the SNMP scr eens, select Enable T elnet Access to SNMP Screens and toggle it to No . (See “SNMP tra[...]
-
Page 155
Security 11-155 Each inspector has a specific task. One inspector’s task may be to examine the destination address of all outgoing packages. That inspector looks for a cer tain destination—which could be as specific as a str eet address or as br oad as an entire countr y—and checks each package’s destination address to see if it matches t[...]
-
Page 156
11-156 User’ s Reference Guide If the package does not match the first inspector’s criteria, it goes to the second inspector , and so on. Y ou can see that the order of the inspectors in the line is ver y impor tant. For example, let’s say the first inspector’s orders ar e to send along all packages that come from Rome, and the second ins[...]
-
Page 157
Security 11-157 Parts of a filter A filter consists of criteria based on packet attributes. A typical filter can match a packet on any one of the following attributes: ■ The source IP addr ess (where the packet was sent fr om) ■ The destination IP address (wher e the packet is going) ■ The type of higher-layer Internet pr otocol the packet[...]
-
Page 158
11-158 User’ s Reference Guide Port number comparisons A filter can also use a comparison option to evaluate a packet’s source or destination por t number . The comparison options are: No Compare: No comparison of the por t number specified in the filter with the packet’s por t number . Not Equal T o: For the filter to match, the packet?[...]
-
Page 159
Security 11-159 Putting the parts together When you display a filter set, its filters are displayed as r ows in a table: The table’s columns cor respond to each filter’s attributes: #: The filter’s priority in the set. Filter number 1, with the highest priority , is first in the table. Source IP Addr: The packet sour ce IP address to mat[...]
-
Page 160
11-160 User’ s Reference Guide Filtering example #1 Returning to our filtering r ule example from above (see page 11-156 ), look at how a r ule is translated into a filter . Star t with the r ule, then fill in the filter’s attributes: 1. The r ule you want to implement as a filter is: Block all T elnet attempts that originate from the r em[...]
-
Page 161
Security 11-161 This filter blocks any packets coming from a r emote network with the IP network address 200.233.14.0. The 0 at the end of the address signifies any host on the class C IP network 200.233.14.0. If, for example, the filter is applied to a packet with the source IP addr ess 200.233.14.5, it will block it. In this case, the mask, wh[...]
-
Page 162
11-162 User’ s Reference Guide An approach to using filters The ultimate goal of network security is to prevent unauthorized access to the network without compr omising authorized access. Using filter sets is par t of r eaching that goal. Each filter set you design will be based on one of the following approaches: ■ That which is not express[...]
-
Page 163
Security 11-163 T o add a new filter set, select Add Filter Set in the Filter Sets screen and press Retur n. The Add Filter Set screen appears. Naming a new filter set All new filter sets have a default name. The first filter set you add will be called Filter Set 1, the next filter will be Filter Set 2, and so on. T o give a new filter set a[...]
-
Page 164
11-164 User’ s Reference Guide Adding filters to a filter set There ar e two kinds of filters you can add to a filter set: input and output. Input filters check packets received from the Inter net, destined for your network. Output filters check packets transmitted from your network to the Internet. Packets in the Netopia 4553 pass through [...]
-
Page 165
Security 11-165 Note: There ar e two groups of items in this scr een, one for input filters and one for output filters. In this section, you’ll learn how to add an input filter to a filter set. Adding an output filter works exactly the same way , providing you keep the dif fer ent source and destination perspectives in mind. 1. T o add a fi[...]
-
Page 166
11-166 User’ s Reference Guide 5. Select Source IP Addr ess Mask and enter a mask for the source IP addr ess. This allows you to fur ther modify the way the filter will match on the source addr ess. Enter 0.0.0.0 to for ce the filter to match on all source IP addr esses, or enter 255.255.255.255 to match the sour ce IP address exclusively . 6. [...]
-
Page 167
Security 11-167 Deleting filters T o delete a filter , select Delete Input Filter or Delete Output Filter in the Display/Change Filter Set screen to display a table of filters. Select the filter from the table and pr ess Return to delete it. Pr ess Escape to exit the table without deleting the filter . Moving filters T o reor ganize the filt[...]
-
Page 168
11-168 User’ s Reference Guide Basic Firewall blocks undesirable traf fic originating fr om the W AN (in most cases, the Inter net), but for war ds all traf fic originating from the LAN. It follows the conser vative “that which is not expressly per mitted is pr ohibited” approach: unless an incoming packet expr essly matches one of the cons[...]
-
Page 169
Security 11-169 Output filter 1: This filter for war ds all outgoing traf fic to make sure that no outgoing connections fr om the LAN are blocked. Basic Firewall is suitable for a LAN containing only client hosts that want to access ser vers on the W AN, but not for a LAN containing ser vers pr oviding ser vices to clients on the W AN. Basic Fir[...]
-
Page 170
11-170 User’ s Reference Guide FTP sessions. T o allow W AN-originated FTP sessions to a LAN-based FTP ser ver with the IP addr ess a.b.c.d (cor responding to a number ed IP address such as 163.176.8.243), inser t the following input filter ahead of the cur rent input filter 1: ■ Enabled: Y es ■ For war d: Y es ■ Source IP Addr ess: 0.0.0[...]
-
Page 171
Security 11-171 Basic IP packet components All IP packets contain the same basic header infor mation, as follows: This header infor mation is what the packet filter uses to make filtering decisions. It is impor tant to note that a packet filter does not look into the IP data stream (the User Data fr om above) to make filtering decisions. Basic [...]
-
Page 172
11-172 User’ s Reference Guide Fir ewall design rules There ar e two basic r ules to firewall design: ■ “What is not explicitly allowed is denied.” and ■ “What is not explicitly denied is allowed.” The first r ule is far more secur e, and is the best approach to fir ewall design. It is far easier (and more secur e) to allow in or o[...]
-
Page 173
Security 11-173 Logical AND function When a packet is compared (in most cases) a logical AND function is per for med. First the IP addresses and subnet masks are conver ted to binar y and then combined with AND. The r ules for the logical use of AND ar e as follows: 0 AND 0 = 0 0 AND 1 = 0 1 AND 0 = 0 1 AND 1 = 1 For example: Filter r ule: Deny IP:[...]
-
Page 174
11-174 User’ s Reference Guide Example filter set screen This is an example of the Netopia filter set screen: Filter basics In the source or destination IP addr ess fields, the IP address that is enter ed must be the network address of the subnet. A host address can be enter ed, but the applied subnet mask must be 32 bits (255.255.255.255). Th[...]
-
Page 175
Security 11-175 Example network Example filters Example 1 Incoming packet has the source addr ess of 200.1.1.28 This incoming IP packet has a source IP addr ess that matches the network address in the Sour ce IP Address field (00000000) in the Netopia 4553. This will not for war d this packet. Filter Rule: 200.1.1.0 (Source IP Network Addr ess) 2[...]
-
Page 176
11-176 User’ s Reference Guide Example 2 Incoming packet has the source addr ess of 200.1.1.184. This incoming IP packet (10000000) has a source IP addr ess that does not match the network address in the Source IP Addr ess field (00000000) in the Netopia 4553. This r ule will for war d this packet because the packet does not match. Example 3 Inc[...]
-
Page 177
Security 11-177 Example 4 Incoming packet has the source addr ess of 200.1.1.104. Since the Source IP Network Addr ess in the Netopia 4553 is 01100000, and the sour ce IP address after the logical AND is 01100000, this r ule does match and this packet will not be for war ded. Example 5 Incoming packet has the source addr ess of 200.1.1.96. Since th[...]
-
Page 178
11-178 User’ s Reference Guide[...]
-
Page 179
Monitoring T ools 12-179 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 2 2 2 2 M M M M o o o o n n n n ii i i t t t t o o o o r r r r ii i i n n n n g g g g T T T T o o o o o o o o ll l l s s s s This chapter discusses the Netopia 4553’s device and network monitoring tools. These tools can provide statistical infor mation, repor[...]
-
Page 180
12-180 User’ s Reference Guide General status Current Date: The cur r ent date; this can be set with the Date and Time utility (see “Date and time” on page 7-59 ). Default IP Gateway: The router’s default gateway , which may be either manually configur ed or lear ned via DHCP . This is the value you assigned in the Default IP Gateway fiel[...]
-
Page 181
Monitoring T ools 12-181 Curr ent status The cur rent status section is a table showing the cur r ent status of the DSL connection. For example: Profile Name: Lists the name of the connection pr ofile being used, if any . Rate: Shows the line rate for this connection. %Use: Indicates the average percent utilization of the maximum capacity of the [...]
-
Page 182
12-182 User’ s Reference Guide Statistics & Logs When you are tr oubleshooting your Netopia 4553, the Statistics & Logs screens pr ovide insight into the recent event activities of the router . From the Main Menu go to Statistics & Logs and select one of the options described in the sections below . Event histories The Netopia 4553 re[...]
-
Page 183
Monitoring T ools 12-183 W AN Event History The W AN Event Histor y scr een lists a total of 128 events on the W AN. The most recent events appear at the top. Each entr y in the list contains the following infor mation: Date: Date of the event. Time: Time of the event. Event: A brief description of the event. Ch.: The channel involved in the event.[...]
-
Page 184
12-184 User’ s Reference Guide In the Statistics & Logs screen, select Device Event Histor y . The Device Event Histor y screen appears. If the event histor y exceeds the size of the scr een, you can scroll thr ough it by using SCROLL UP and SCROLL DOWN. T o scroll up, select SCROLL UP at the top of the list and press Retur n. T o scr oll dow[...]
-
Page 185
Monitoring T ools 12-185 IP Routing T able The IP routing table displays all of the IP r outes cur rently known to the Netopia 4553. The routing table scr een repr esents a snapshot of the routing table infor mation at the time the scr een is first invoked. T o take a new snapshot, select Update at the bottom of the screen and press Retur n. Gener[...]
-
Page 186
12-186 User’ s Reference Guide Physical Interface The top left side of the screen lists total packets r eceived and total packets transmitted for the following data por ts: ■ Ethernet ■ DSL Network Interface The bottom left side of the screen lists total packets r eceived and total packets transmitted: ■ IP (IP packets on the Ethernet) The [...]
-
Page 187
Monitoring T ools 12-187 T raffic Statistics When A TM is the mode or Frame Relay is the datalink encapsulation, traf fic statistics ar e available through the option in the lower left corner. With other settings, this option is not available. T o view the traf fic statistics, select the option and press Retur n. A table of A TM VC Statistics (f[...]
-
Page 188
12-188 User’ s Reference Guide SNMP The Netopia 4553 includes a Simple Network Management Protocol (SNMP) agent, allowing monitoring and configuration by a standard SNMP manager . The Netopia 4553 suppor ts the following management infor mation base (MIB) documents: ■ MIB II (RFC 1213) ■ Inter face MIB (RFC 1229) ■ Ethernet MIB (RFC 1643) [...]
-
Page 189
Monitoring T ools 12-189 2. Select System Location and enter the router’s physical location (r oom, floor , building, etc.). 3. Select System Contact and enter the name of the person responsible for maintaining the r outer . System Name, System Location, and System Contact set the values retur ned by the Netopia 4553 SNMP agent for the SysName, [...]
-
Page 190
12-190 User’ s Reference Guide ■ A cold star t trap is generated after the r outer is reset. ■ An inter face down trap (ifDown) is generated when one of the r outer’s inter faces, such as a por t, stops functioning or is disabled. ■ An inter face up trap (ifUp) is generated when one of the r outer’s inter faces, such as a por t, begins [...]
-
Page 191
Monitoring T ools 12-191 2. Select an IP trap receiver fr om the table and press Retur n. 3. In the Change IP Trap Receiver screen, edit the infor mation as needed and press Return. Deleting IP trap receivers 1. T o delete an IP trap receiver , select Delete IP T rap Receiver in the IP T rap Receivers screen. 2. Select an IP trap receiver fr om the[...]
-
Page 192
12-192 User’ s Reference Guide[...]
-
Page 193
Utilities and Diagnostics 13-193 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 3 3 3 3 U U U U t t t t ii i i ll l l ii i i t t t t ii i i e e e e s s s s a a a a n n n n d d d d D D D D ii i i a a a a g g g g n n n n o o o o s s s s t t t t ii i i c c c c s s s s A number of utilities and tests are available for system diagnostic[...]
-
Page 194
13-194 User’ s Reference Guide Ping The Netopia 4553 Router includes a standard Ping test utility . A Ping test generates IP packets destined for a par ticular (Ping-capable) IP host. Each time the tar get host r eceives a Ping packet, it retur ns a packet to the original sender . Ping allows you to see whether a par ticular IP destination is r e[...]
-
Page 195
Utilities and Diagnostics 13-195 Status: The cur rent status of the Ping test. This item can display the status messages shown in the able below: Packets Out: The number of packets sent by the Ping test. Packets In: The number of retur n packets received fr om the tar get host. T o be consider ed on time, retur n packets are expected back befor e t[...]
-
Page 196
13-196 User’ s Reference Guide Packets Lost: The number of packets unaccounted for , shown in total and as a percentage of total packets sent. This statistic may be updated during the Ping test, and may not be accurate until after the test is over . However , if an escalating one-to-one corr espondence is seen between Packets Out and Packets Lost[...]
-
Page 197
Utilities and Diagnostics 13-197 4. Select Use Reverse DNS to learn the names of the r outers between the Netopia Router and the destination router . The default is Y es. 5. Select ST ART TRACE ROUTE and press Retur n. A scrolling scr een will appear that lists the destination, number of hops, IP addresses of each hop, and DNS names, if selected. 6[...]
-
Page 198
13-198 User’ s Reference Guide Factory defaults Y ou can r eset the Netopia 4553 to its factor y default settings. In the Utilities & Diagnostics scr een, select Rever t to Factory Defaults and press Retur n. Select CONTINUE in the dialog box and pr ess Return. The Netopia 4553 will reboot and its settings will r eturn to the factor y default[...]
-
Page 199
Utilities and Diagnostics 13-199 Updating firmwar e Fir mware updates may be available periodically fr om Netopia or from a site maintained by your or ganization’s network administrator . The Netopia 4553 ships with an embedded operating system refer r ed to as fir mware. The fir mware governs how the device communicates with your network and [...]
-
Page 200
13-200 User’ s Reference Guide ser ver name or IP addr ess is available from the site wher e the ser ver is located. ■ Select Config File Name and enter the name of the file you will download. The name of the file is available from the site wher e the ser ver is located. Y ou may need to enter a file path along with the file name (for exam[...]
-
Page 201
Utilities and Diagnostics 13-201 Note: The X-Modem File T ransfer screen is only available if you are connected via the Console por t. Note: It is good practice when updating programmable devices to disable any other pr ograms or network activity on the device or the attached computer . This includes W AN traf fic such as a DSL connection or scree[...]
-
Page 202
13-202 User’ s Reference Guide If you choose CONTINUE, you will have ten seconds to use your ter minal emulation software to initiate an XMODEM transfer of the fir mware file. If you fail to initiate the transfer in that time, the dialog box will disappear and the ter minal emulation software will infor m you of the transfer’s failur e. Y ou [...]
-
Page 203
Utilities and Diagnostics 13-203 Uploading a file can also be useful for troubleshooting purposes. The uploaded configuration file can be tested on a dif ferent Netopia 4553 by Netopia or your network administrator . The procedur e below applies whether you are using the console or the WAN inter face. T o upload a configuration file: 1. Decide[...]
-
Page 204
13-204 User’ s Reference Guide[...]
-
Page 205
T roubleshooting A-205 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x A A A A T T T T r r r r o o o o u u u u b b b b ll l l e e e e s s s s h h h h o o o o o o o o t t t t ii i i n n n n g g g g This appendix is intended to help you troubleshoot pr oblems you may encounter while setting up and using the Netopia 4553. It also includ[...]
-
Page 206
A-206 User’ s Reference Guide Console connection pr oblems Can’t see the configuration scr eens (nothing appears) ■ Make sure the cable connection fr om the Netopia 4553’s console por t to the computer being used as a console is securely connected. ■ Make sure the ter minal emulation softwar e is accessing the cor rect por t on the compu[...]
-
Page 207
T roubleshooting A-207 How to r eset the router to factory defaults Lose your password? This section shows how to r eset the router so that you can access the console scr eens once again. Keep in mind that all of your connection profiles and settings will need to be r econfigured. If you don't have a password, the only way to get back into t[...]
-
Page 208
A-208 User’ s Reference Guide Technical support Netopia, Inc. is committed to providing its customers with r eliable products and documentation, backed by excellent technical suppor t. Before contacting Netopia Look in this guide for a solution to your problem. Y ou may find a solution in this troubleshooting appendix or in other sections. Check[...]
-
Page 209
T roubleshooting A-209 Online product information Product infor mation can be found in the following: Netopia World Wide W eb ser ver via http://www .netopia.com Internet via anonymous FTP to ftp.netopia.com/pub FAX-Back This ser vice pr ovides technical notes that answer the most commonly asked questions and of fers solutions for many common probl[...]
-
Page 210
A-210 User’ s Reference Guide[...]
-
Page 211
T echnical Specifications and Safety Information B-211 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x B B B B T T T T e e e e c c c c h h h h n n n n ii i i c c c c a a a a ll l l S S S S p p p p e e e e c c c c ii i i f f f f ii i i c c c c a a a a t t t t ii i i o o o o n n n n s s s s a a a a n n n n d d d d S S S S a a a a f f [...]
-
Page 212
B-212 User’ s Reference Guide December 1, 2000 ■ Canada – CSA: CAN/CSA-C22.2 No. 950-95 EMI: ■ FCC Par t 15 Class B International Safety Approvals: ■ Low V oltage (Eur opean directive) 73/23/EEC ■ EN60950 1992 (Europe) ■ AS/NRZ 3260 (Australia) ■ TS001(Australia) EMI Compatibility: ■ European Dir ective 89/336/EEC ■ EN 300 368.2[...]
-
Page 213
T echnical Specifications and Safety Information B-213 The telephone company may make changes in its technical operations and procedur es; if such changes af fect the compatibility or use of this device, the telephone company is requir ed to give adequate notice of the changes. Y ou will be advised of your right to file a complaint with the FCC. [...]
-
Page 214
B-214 User’ s Reference Guide Caution Users should not attempt to make such connections themselves, but should contact the appropriate electric inspection authority , or electrician, as appr opriate. The Load Number (LN) assigned to each ter minal device denotes the percentage of the total load to be connected to a telephone loop which is used by[...]
-
Page 215
T echnical Specifications and Safety Information B-215 Replace only with the same or equivalent type recommended by the manufactur er . Dispose of used batteries according to the manufactur er's instr uctions.[...]
-
Page 216
B-216 User’ s Reference Guide[...]
-
Page 217
Limited Warranty and Limitation of Remedies 217 L L L L ii i i m m m m ii i i t t t t e e e e d d d d W W W W a a a a r r r r r r r r a a a a n n n n t t t t y y y y a a a a n n n n d d d d L L L L ii i i m m m m ii i i t t t t a a a a t t t t ii i i o o o o n n n n o o o o f f f f R R R R e e e e m m m m e e e e d d d d ii i i e e e e s s s s Neto[...]
-
Page 218
218 User’ s Reference Guide[...]