ZyXEL Communications Parental Control Gateway HS100/HS100W manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications Parental Control Gateway HS100/HS100W, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications Parental Control Gateway HS100/HS100W one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications Parental Control Gateway HS100/HS100W. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of ZyXEL Communications Parental Control Gateway HS100/HS100W should contain:
- informations concerning technical data of ZyXEL Communications Parental Control Gateway HS100/HS100W
- name of the manufacturer and a year of construction of the ZyXEL Communications Parental Control Gateway HS100/HS100W item
- rules of operation, control and maintenance of the ZyXEL Communications Parental Control Gateway HS100/HS100W item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications Parental Control Gateway HS100/HS100W alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications Parental Control Gateway HS100/HS100W, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications Parental Control Gateway HS100/HS100W.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications Parental Control Gateway HS100/HS100W item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    HS-100 / HS-100W Parental Control Gateway User’s Guide Version 3.62 10/2005[...]

  • Page 2

    HomeSafe User’s Guide ii Copyright Copyright Copyright © 2004 by Zy XEL Communications Corporation. The contents of this publication may not be re produced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or b y any means, electronic, mechanical, magnetic, optical, che[...]

  • Page 3

    HomeSafe User’s Guide FCC iii Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rul es. Operation is subjec t to the following two conditions: This device may not cause harmful interference. This device must accept any interference r eceived, including interference that may cause undesired o[...]

  • Page 4

    HomeSafe User’s Guide iv Information for Canadian Users Information for Canadian Users The Industry Canada label identifies certified equipment. This certification means that the equipment meets certain telecommunications network protective, operation, and safety requirements. The Industry Canada does not guarante e that the equipment will operat[...]

  • Page 5

    HomeSafe User’s Guide Warranty v ZyXEL Limited W arranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purc hase, should the product have indications of failure due t[...]

  • Page 6

    HomeSafe User’s Guide vi Customer Support Customer Support When you contact your customer support represen tative please have the following information ready: Please have the following information read y when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Br[...]

  • Page 7

    HomeSafe User’s Guide Table of Contents vii T able of Content s Getting S tarted................................................................................................................ .................................. I Chapter 1 Getting to Know Y our HomeSafe .............................................................................[...]

  • Page 8

    HomeSafe User’s Guide viii Table of Contents 6.1 W ireless LAN Overview .......................................................................................................... ...... 6-1 6.2 W ireless L AN Basics ............................................................................................................ .......... 6-3 6.3 Conf[...]

  • Page 9

    HomeSafe User’s Guide Table of Contents ix UPnP , Par ental Cont rol and Fi r ewall .......................................................................................................... IV Chapter 1 1 UPnP ................................................................................................................ ........................[...]

  • Page 10

    HomeSafe User’s Guide x Table of Contents SMT Gener al Co nfigur ation ...................................................................................................... ................. VII Chapter 17 Introducing t he SMT ................................................................................................. ............. 17-1 17.[...]

  • Page 11

    HomeSafe User’s Guide Table of Contents xi 27.1 Intr oduction to Filters ........................................................................................................ ..... 27-1 27.2 Configuring a Filter Set ....................................................................................................... ... 27-3 27.3 Example Fil[...]

  • Page 12

    [...]

  • Page 13

    HomeSafe User’s Guide List of Figures xiii List of Figures Figure 1-1 Secure Internet Access vi a Cable, DSL or Wi reless Modem ..................................................... 1-5 Figure 1-2 HomeSafe Parent al Control Gateway Application ..................................................................... 1- 5 Figure 1-3 W ireless LAN Appl[...]

  • Page 14

    HomeSafe User’s Guide xiv List of Figures Figure 4-2 SY STEM : DDN S....................................................................................................... ............... 4-3 Figure 4-3 SYSTEM : Password ................................................................................................... .............. 4-4 Figure 4[...]

  • Page 15

    HomeSafe User’s Guide List of Figures xv Figure 9-7 T rigger Port Forw ardi ng Process: Exam ple ............................................................................ .9 - 1 0 Figure 9-8 T rigger Port ........................................................................................................ ...................... 9-1 1 Figure[...]

  • Page 16

    HomeSafe User’s Guide xvi List of Figures Figure 17-3 SM T Main Menu ................................................................................................................... 17-3 Figure 17-4 Menu 23 System Password ............................................................................................ ........ 17-4 Figure 18-1 Men[...]

  • Page 17

    HomeSafe User’s Guide List of Figures xvii Figure 25-16 Example 3: Menu 15.1.1.1 .......................................................................................... ....... 25-10 Figure 25-17 Example 3: Fina l Menu 15.1.1 ...................................................................................... ..... 25-10 Figure 25-18 NA T Ex[...]

  • Page 18

    HomeSafe User’s Guide xviii List of Figures Figure 32-2 V a lid Commands ..................................................................................................... ............... 32-2 Figure 32-3 Menu 24.9 System Maintenance : Ca ll Control ..................................................................... 32- 2 Figure 32-4 Budget [...]

  • Page 19

    HomeSafe User’s Guide List of T ables xix List of T ables T able 1-1 I EEE 802.1 1b ......................................................................................................... ..................... 1-2 T able 1-2 I EEE 802.1 1g ......................................................................................................... [...]

  • Page 20

    HomeSafe User’s Guide xx List of Tables T able 7-6 WLAN : W ireless : 802.1x a nd Dyna mic WEP......................................................................... 7-13 T able 7-7 WLAN : W ireless : 802.1x a nd St atic WEP .............................................................................. 7-14 T able 7-8 WLAN : W ireless: 802.1x .[...]

  • Page 21

    HomeSafe User’s Guide List of T ables xxi T able 16-6 Maintenanc e : Firmware Upl oad ....................................................................................... ...... 16-5 T able 16-7 Maintenance : Restore Conf iguration ................................................................................. ..... 16-7 T able 17-1 Main Men[...]

  • Page 22

    HomeSafe User’s Guide xxii List of Tables T able 32-1 Budget Mana gement................................................................................................... ............. 32-3 T able 32-2 Call History Fields................................................................................................................... 32-3 T abl[...]

  • Page 23

    HomeSafe User’s Guide Preface xxiii Preface About This User's Manual Congratulations on your purchase of the HS-100 Parental Control Gateway or HS-100W Parental Control Gateway. This manual is designed to guide you thr ough the configuration of your HomeSafe for its various applications. ) Some p a rts of this manual relate to the Wireless P[...]

  • Page 24

    HomeSafe User’s Guide xxiv Preface Synt ax Conventions • The version number on the title page is the latest firmware version that is documented in this User’s Guide . Earlier versions may also be included. • “Enter” means for you to type one or more ch aracters and press the carriage retu rn. “Select” or “Choose” means for you t[...]

  • Page 25

    HomeSafe User’s Guide Preface xxv[...]

  • Page 26

    Getting Started I P P a a r r t t I I : : Getting Started This part help s you get to know your HomeSafe , introduces the web configurator and covers how to configure the Connection and Parent al Control Wizard Setup screens.[...]

  • Page 27

    [...]

  • Page 28

    HomeSafe User’s Guide Getting to Know Your HomeSafe 1-1 Chapter 1 Getting to Know Your HomeSafe This chapter introduces the main features and application s of the HomeSafe . 1.1 HomeSafe Parent al Control Gateway Overview HomeSafe is a parental control security gateway that can give a parent control over a child’s Internet access privileges. It[...]

  • Page 29

    HomeSafe User’s Guide 1-2 Getting to Know Your HomeSafe Content Filtering The HomeSafe can block access to Internet ser vices according to how you configure parental control application blocking. You can define tim e peri ods and days during which content filtering is enabled and include or ex clude categories on the LAN. Firewall The HomeSafe is[...]

  • Page 30

    HomeSafe User’s Guide Getting to Know Your HomeSafe 1-3 Table 1-2 IEEE 802.11g DATA RATE (MBPS) MODULATION 6/9/12/18/24/36/48/54 OF DM (Orthogonal Frequ ency Divisio n Multi plexing) Packet Filtering The packet filtering mechanism blocks unwanted traffic from entering/leaving your network. Universal Plug and Play (UPnP) Using the standard TCP/IP [...]

  • Page 31

    HomeSafe User’s Guide 1-4 Getting to Know Your HomeSafe Network Address T ranslation (NA T) Network Address Translation (NAT) allows the tran slation of an Internet protocol address used within one network (for example a private IP addr ess used in a local network) to a different IP address known within another network (for exampl e a public IP a[...]

  • Page 32

    HomeSafe User’s Guide Getting to Know Your HomeSafe 1-5 Wireless Association List (HS-100W only) With the wireless association list, you can see the lis t of the wireless stations that are currently using the HomeSafe to access your wired network. 1.3 Applications for the HomeSafe Here are some examples of HomeSafe applications. 1.3.1 Secure Broa[...]

  • Page 33

    HomeSafe User’s Guide 1-6 Getting to Know Your HomeSafe 1.3.3 Wireless LAN Application Add a wireless LAN to your existing network without expensive network cables. Wireless stations can move freely anywhere in the coverage area and use resources on the wired network. Figure 1-3 Wireless LAN Application Example[...]

  • Page 34

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 1 Chapter 2 Introducing the Web Configurator This chapter describes how to access the HomeSafe web configurator and provides an overview of the initial configuration screens. 2.1 Web Configurator Overview The embedded web configurator allows you to m a nage the HomeSafe from anywhere thro[...]

  • Page 35

    HomeSafe User’s Guide 2-2 Introducing the Web Configurator ) The Welcome screen only appears when you first enter the HomeSafe web browser . After you fully configure the wizard you automatically proceed to the Password screen for all future logins, see Figure 2-25 . Y ou may go to the Welcome screen af ter initial configuration, onl y by resetti[...]

  • Page 36

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 3 Figure 2-3 Wizard Step 2 : Wireless LAN Setup The following table describes the fields in this screen. Table 2-2 Wizard Step 2 : Wireless LAN Setup LA BEL DESCRIPTION ESSID Enter a descriptive name (up to 32 printable 7- bit ASCII characters) for the wireless LAN. If you change this fie[...]

  • Page 37

    HomeSafe User’s Guide 2-4 Introducing the Web Configurator Figure 2-4 Wizard Step 2 : Wireless LAN Setup Basic Security The following table describes the labels in this screen. Table 2-3 Wizard Step 2 : Wireless LAN Setup Bas ic Securit y LA BEL DESCRIPTION WEP Encryption Select 64-bit WEP or 128-bit WEP data encryption. ASCII Select this option [...]

  • Page 38

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 5 ) The wireless st ations and HomeSafe must use the same ESSID, channel ID and Pre-Shared Key for wireless communication. Figure 2-5 Wizard Step 2 : Wireless LAN Setup Extend Sec urity The following table describes the labels in this screen. Table 2-4 Wizard Step 2 : Wireless LAN Setup E[...]

  • Page 39

    HomeSafe User’s Guide 2-6 Introducing the Web Configurator Table 2-5 Wizard Step 3 : Internet Access Setu p LA BEL DESCRIPTION Are you using a DSL service provider that requires a PPPoE login name and password? Select Yes from the drop-down list box if you are usi ng a DSL service pr ovider that requires PPPoE login information. Select No from th[...]

  • Page 40

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 7 Figure 2-8 Wizard Step 3 : Internet Access Setup The following table describes the labels in this screen. Table 2-7 Wizard Step 3 : Internet Access Setu p LA BEL DESCRIPTION DHCP Static Select DHCP to have your Internet con necti on configured for dynamic WAN IP address assignment. Sele[...]

  • Page 41

    HomeSafe User’s Guide 2-8 Introducing the Web Configurator Table 2-8 Wizard Step 3 : Internet Access Sta tic IP Addre ss Setup LA BEL DESCRIPTION Internet Access Setup My WAN IP Address Enter your WAN IP address in this field. My WAN IP Subnet Mask Type your network's IP subnet Mask. Gateway IP Address Enter the gateway IP address (if your I[...]

  • Page 42

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 9 Figure 2-11 Wizard Step 4 : Parental Con trol Wiza rd The following table describes the labels in this screen. Table 2-9 Wizard Step 4 : Parental Control Wizard LA BEL DESCRIPTION Enable the Parental Control System Select the check box to allo w the parent (LAN administrator) to have ac[...]

  • Page 43

    HomeSafe User’s Guide 2-10 Introducing the Web Configurator Figure 2-12 Wizard Step 4 : Parental Con trol Time Setup The following table describes the labels in this screen. Table 2-10 Wizard Step 4 : Parental Control Time Setup LABEL DESCRIPTION Time Zone Choose the Time Zone of yo ur locati on. This will set the time difference bet ween your ti[...]

  • Page 44

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 11 Figure 2-13 Wizard Step 4 : Create or Edit a Profile The following table describes the labels in this screen. Table 2-11 Wizard Step 4 : Create or Edit a Profile LABEL DESCRIPTION Click a radio button to select a users profile. Username This field displays the username (up to 30 c hara[...]

  • Page 45

    HomeSafe User’s Guide 2-12 Introducing the Web Configurator Figure 2-14 Wizard Step 4 : Parental Con trol Profi le Information The following table describes the labels in this screen. Table 2-12 Wizard Step 4 : Parental Control Profile Information LA BEL DESCRIPTION User Name Type the profile user name. Password Type the password associate d with[...]

  • Page 46

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 13 2.6.5 Step 4 : Parent al Control Time Allow ance This screen allows you to set the amount of time during each day a user can access the Internet. By default a new user account does not have permission to access the Internet. Figure 2-16 Wizard Step 4 : Parental Con trol Time Allo w anc[...]

  • Page 47

    HomeSafe User’s Guide 2-14 Introducing the Web Configurator The following table describes the labels in this screen. Table 2-14 Wizard Step 4 : Parental Control Time Allowance LA BEL DESCRIPTION Unrestricted Select the check box for the day(s) that you do not want any time restrictions for user Internet access. ) If services have been blocked and[...]

  • Page 48

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 15 Figure 2-17 Wizard Step 4 : Parent al Con t rol Application Blocking The following table describes the labels in this screen. Table 2-15 Wizard Step 4 : Parent al Control Application Block i ng LA BEL DESCRIPTION Available services Select a service from the list and click the >> [...]

  • Page 49

    HomeSafe User’s Guide 2-16 Introducing the Web Configurator Figure 2-18 Wizard Step 4 : Parental Con trol Summary The following table describes the labels in this screen. Table 2-16 Wizard Step 4 : Parental Control Summary LA BEL DESCRIPTION Back Click Back to display the previ ous scree n. Add/Edit Another User Click this button to proceed to th[...]

  • Page 50

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 17 ) The web site displays a registration successful web p age. It may t ake up to another ten minutes for content filtering to be activated. See Checking Content Filtering Activation for how to know if the content filtering has been activated. Content Filtering with an External Server Yo[...]

  • Page 51

    HomeSafe User’s Guide 2-18 Introducing the Web Configurator Figure 2-20 Wizard Step 4 : Conten t Filter Registration If you click Register Later you will proceed to Figure 2-24 . 2.7 S tep 5 : Content Filter Service Activation Once you have completed the registration process you can click Activate to begin the content filtering service now or cli[...]

  • Page 52

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 19 Figure 2-23 Content Filter Activ ation Failure 2.7.1 Content Filter Setup Complete Well done! You have finished configuration of Conte nt Filter Service Activation. You may now click Close to finish using the setup wizard and close your browser. Figure 2-24 Content Filter Setup Com ple[...]

  • Page 53

    HomeSafe User’s Guide 2-20 Introducing the Web Configurator If you want to configure more of your Home Safe fe atures, proceed with the rest of this User’s Guide. 2.9 Accessing the HomeSafe Web Configurator ) Y ou have to open a new browser and enter the device IP address to log in again. 1. Launch your web browser. 2. Type "192.168.1.1&qu[...]

  • Page 54

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 21 5. You should now see the MAI N MENU screen (see Figure 2-27 ). ) The management session automatically times out when the time period set in the Administrator Inactivity T imer field expires (default five minutes). Simply log back into the HomeSafe if this happens to you. 2.10 Resettin[...]

  • Page 55

    HomeSafe User’s Guide 2-22 Introducing the Web Configurator Table 2-17 Screens Summary LINK TA B FUNCTION WIZARD SETUP CONNECTION Use these screens for initial conf ig uratio n including general setup, Wireless LAN setup, ISP parameter s for Internet Access and WAN IP/DNS Server/MAC address assignment. PARENTAL CONTROL Use these screens to create[...]

  • Page 56

    HomeSafe User’s Guide Introducing the Web Configurato r 2- 23 Table 2-17 Screens Summary LINK TA B FUNCTION PARENTAL CONTROL General Use this screen to enable/dis able parental control, configur e idle timeout and group categories , regist er for content filtering service and edit user profiles. By pass List Use this screen to allow devic es in y[...]

  • Page 57

    [...]

  • Page 58

    HomeSafe User’s Guide Connection Wizard 3-1 Chapter 3 Connection Wizard This chapter provides information on the Connection Wizard screens in th e main menu web configurator . 3.1 Connection Wizard Overview The web configurator’s setup wizard helps you configure your device to access the Internet. The second screen has three variations dependin[...]

  • Page 59

    HomeSafe User’s Guide 3-2 Connection Wizard Figure 3-1 Connection Wizard : General Setup 3.3 Connection Wizard: Screen 2 Set up your wireless LAN using the second wizard screen. Figure 3-2 Connection Wiza rd : Wireless LAN Setup The following table describes the fields in this screen. Table 3-1 Connection Wizard : Wirele ss LAN Setup LA BEL DESCR[...]

  • Page 60

    HomeSafe User’s Guide Connection Wizard 3-3 Table 3-1 Connection Wizard : Wirele ss LAN Setup LA BEL DESCRIPTION The level of Security can be selected as none, basic or e xtended. Choose No security to have no wireless LAN security configur ed and proceed to the ISP Parameters for Internet Access screen. Choose Basic security if you want to confi[...]

  • Page 61

    HomeSafe User’s Guide 3-4 Connection Wizard Key 1 to Key 4 The WEP keys are used to encrypt data. Both the HomeSafe and th e wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP , then enter any 5 A SCII characters or 10 hexadecimal ch aracters ("0-9", "A-F"). If you chose 128-bit WEP , th[...]

  • Page 62

    HomeSafe User’s Guide Connection Wizard 3-5 Figure 3-5 Connection Wizard : Ethernet Encapsul ation The following table describes the fields in this screen. Table 3-4 Connection Wizard : Ethern et Encapsulation LA BEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation You must choo se the Ethernet option when the WAN port is used as a r[...]

  • Page 63

    HomeSafe User’s Guide 3-6 Connection Wizard For the service provider, PPPoE offers an acces s and authentication method that works with existing access control systems (for instance, Radi us). For the user, PPPoE provides a login and authentication method that the existing Microsoft Dial-Up Networking software can activate, and therefore requires[...]

  • Page 64

    HomeSafe User’s Guide Connection Wizard 3-7 Table 3-5 Connection Wizard : PPPoE Encapsulation LABEL DESCRIPTION Idle Timeout Type the time in seconds that elapse s before the router automatically disconnects from the PPPoE server. The default time is 100 seconds. Next Click Next to continue. Back Click Back to return to the previous screen. 3.5.3[...]

  • Page 65

    HomeSafe User’s Guide 3-8 Connection Wizard Table 3-6 Connection Wizard : PPTP Encapsula tion LABEL DESCRIPTION User Name Type the user name given to you b y your ISP. Password Type the password associated with the User Name ab ove. Nailed-Up Connection Select Nailed-Up Connection if you do not want the connection to time out. Idle Timeout Type t[...]

  • Page 66

    HomeSafe User’s Guide Connection Wizard 3-9 ) Regardless of your p articular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Priva te Internet s and RFC 1466, Guidelines for Management of IP Address Sp ace. 3.6.2 IP A[...]

  • Page 67

    HomeSafe User’s Guide 3-10 Connection Wizard Table 3-8 Example of Network Properties for LAN Serv ers w ith Fixed IP Addresses Choose an IP address 192.168.1.2-19 2.168.1.32; 19 2.168.1. 65-192.168.1.254. Subnet mask 255.255.255.0 Gateway (or default route) 192.168.1.1(HomeSafe LAN IP) The fifth wizard screen varies according to the type of encap[...]

  • Page 68

    HomeSafe User’s Guide Connection Wizard 3-11 Table 3-9 Connection Wizard : WAN Setup LA BEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assi gns DNS server information (and the HomeSafe's WAN IP address). The field to the right dis plays the (read- only) DNS server IP address that t[...]

  • Page 69

    HomeSafe User’s Guide 3-12 Connection Wizard Figure 3-10 Connection Wizard Problems Well done! You have successfully set up your Ho meSafe to operate on your network and access the Internet.[...]

  • Page 70

    HomeSafe User’s Guide Connection Wizard 3-13[...]

  • Page 71

    System, LAN, and Wireless LAN II P P a a r r t t I I I I : : System, LAN, WLAN and WAN This part covers config uration of t he system, LAN, WLAN and W AN screens.[...]

  • Page 72

    HomeSafe User’s Guide System Screens 4-1 Chapter 4 System Screens This chapter provides information on the System screens. 4.1 System Overview See the Wizard Setup chapter for more information on the next few screens. 4.2 Configuring General Setup Click SYSTEM to open the General screen. Figure 4-1 SYSTEM : General Setup The following table descr[...]

  • Page 73

    HomeSafe User’s Guide 4-2 System Screens Table 4-1 SYSTEM : General Setup LABEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assigns DNS serv er information (and the HomeSafe's WAN IP address). T he field bel ow displays the (read- onl y) DNS server IP address that the ISP assigns. S[...]

  • Page 74

    HomeSafe User’s Guide System Screens 4-3 Figure 4-2 SYSTEM : DDNS The following table describes the labels in this screen. Table 4-2 SYSTEM : DDNS LABEL DESCRIPTION Enable DDNS Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider. DDNS Type Select the type of service that you are register[...]

  • Page 75

    HomeSafe User’s Guide 4-4 System Screens Table 4-2 SYSTEM : DDNS LABEL DESCRIPTION Apply Click Apply to save your changes back to the HomeSafe. Reset Click Reset to begin configur ing this screen afresh. 4.5 Configuring Password To change your HomeSafe’s password (recommended), click SYSTEM , then the Password tab. The screen appears as shown. [...]

  • Page 76

    HomeSafe User’s Guide System Screens 4-5 Figure 4-4 SYSTEM : Time Setting The following table describes the labels in this screen. Table 4-4 SYSTEM : Time Setting LABEL DESCRIPTION Time Protocol Select the time service protocol that your time server sen ds when you turn on the HomeSafe. Not all time servers support all protocols, so you may have [...]

  • Page 77

    HomeSafe User’s Guide 4-6 System Screens Table 4-4 SYSTEM : Time Setting LABEL DESCRIPTION Daylight Savings Select this option if you use da ylig ht savings time. Daylight saving is a period from late spring to early fall when many countries set their clock s ahead of normal local time by one hour to give more daytime light in the eve nin g. Star[...]

  • Page 78

    HomeSafe User’s Guide LAN Screens 5-1 Chapter 5 LAN Screens This chapter describes how to configure LAN settings. 5.1 LAN Overview Local Area Network (LAN) is a shared communication sy stem to which many computers are attached. The LAN screens can help you configur e a LAN DHCP server, mana ge IP addresses, and partition your physical networ k in[...]

  • Page 79

    HomeSafe User’s Guide 5-2 LAN Screens packets. When set to Both or Out Only , the HomeSafe will broadcast its routing table periodically. When set to Both or In Only , it will incorporate the RIP information that it receives; when set to None , it will not send any RIP packets and will ignore any RIP packets received. RIP Version controls the for[...]

  • Page 80

    HomeSafe User’s Guide LAN Screens 5-3 use the computer to access the Internet without changing the network settings, even when the IP addresses of the computer and the Home Safe are not in the same subnet. Figure 5-1 Any IP Example Application The Any IP feature does not apply to a computer us ing either a dynamic IP address or a static IP addres[...]

  • Page 81

    HomeSafe User’s Guide 5-4 LAN Screens 5.5 Configuring IP Click LAN to open the IP screen. Figure 5-2 LAN : IP The following table describes the fields in this screen. Table 5-1 LAN : IP LABEL DESCRIPTION DHCP Server DHCP (Dynam ic Host Configurat ion Protocol, RFC 2131 a nd RFC 2132) allo ws individual clients (computers) to obtain T CP/IP config[...]

  • Page 82

    HomeSafe User’s Guide LAN Screens 5-5 Table 5-1 LAN : IP LABEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assigns DNS serv er information (and the HomeSafe's WAN IP address). The field to the right dis plays the (read-only) DNS server IP address that the ISP assigns. Select User-De[...]

  • Page 83

    HomeSafe User’s Guide 5-6 LAN Screens Table 5-1 LAN : IP LABEL DESCRIPTION Active Select this option to activate the Any-IP feature. This allows a computer to access the Internet without changing the net work settings (such as IP address and subn et mask) of the computer, even when the IP addresses of the computer and the HomeSafe are not in the [...]

  • Page 84

    HomeSafe User’s Guide LAN Screens 5-7 Table 5-2 LAN : Static DHCP LABEL DESCRIPTION # This is the index number of th e Static IP table entry (row). MAC Address Type the MAC address (with colons) of a computer on your LAN. IP Address This field specifies the size, or count of the IP address p oo l. Apply Click A pply to save your changes back to t[...]

  • Page 85

    HomeSafe User’s Guide 5-8 LAN Screens Table 5-3 LAN : IP Alias LABEL DESCRIPTION RIP Direction RIP (Routing Information Protocol, RFC1058 and RFC 1389) all o ws a router to exchange routing inform ati on with other routers. The RIP Direction field controls the sending and receiving of RIP packe ts. Select the RIP direction from Both / In Only / O[...]

  • Page 86

    HomeSafe User’s Guide Wireless Configuration and Roamin g 6-1 Chapter 6 Wireless Configuration and Roaming This chapter discusses how to configure the Wireless and Ro aming screen s on the HomeSafe. 6.1 Wireless LAN Overview This section introduces the wireless LAN(WLAN) and some basic scenarios. 6.1.1 IBSS An Independent Basic Service Set (IBSS)[...]

  • Page 87

    HomeSafe User’s Guide 6-2 Wireless Configuration and Roamin g Figure 6-2 Basic Service set 6.1.3 ESS An Extended Service Set (ESS) consists of a ser ies of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSI[...]

  • Page 88

    HomeSafe User’s Guide Wireless Configuration and Roamin g 6-3 6.2 Wireless LAN Basics Refer also to the Wizard Setup chapter for more background information on Wire less LAN features, such as channels. 6.2.1 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The follow[...]

  • Page 89

    HomeSafe User’s Guide 6-4 Wireless Configuration and Roamin g ) Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy . 6.2.2 Fragment ation Threshold A Fragmentation Threshold is the maximum data fragment size (between 256 and 2432 bytes) that can be sen[...]

  • Page 90

    HomeSafe User’s Guide Wireless Configuration and Roamin g 6-5 Table 6-1 WLAN : Wireless LABEL DESCRIPTION Enable Wireless LAN Click the check box to activate wireless LAN. ESSID (Extended Ser vice Set IDentity) The ESSI D identifi es the Service Set with which a wireless station is associated . Wireless stations associating to the access point (A[...]

  • Page 91

    HomeSafe User’s Guide 6-6 Wireless Configuration and Roamin g station may not be able to communicate with other wireless stations on the network and vice versa. Figure 6-6 Roaming Example The steps below describ e the roaming process. 1. As wireless station Y moves from the coverage area of access point P1 to that of access point P2 , it scans an[...]

  • Page 92

    HomeSafe User’s Guide Wireless Configuration and Roamin g 6-7 Figure 6-7 WLAN : Roaming The following table describes th e labels in this screen. Table 6-2 WLAN : Roaming LABEL DESCRIPTION Active Select Yes from the drop-down list box to e nable roaming on the HomeS afe if you have two or more HomeSafes on the same subnet. ) All APs on the same s[...]

  • Page 93

    [...]

  • Page 94

    HomeSafe User’s Guide Wireless Security 7-1 Chapter 7 Wireless Security This Chapter describes how to use the MAC Filter, 802.1x, Local User Database and RADIUS to configure wireless security on your HomeSafe. 7.1 Wireless Security Overview Wireless security is vital to your network to protect wireless co mmunication between wireless stations, ac[...]

  • Page 95

    HomeSafe User’s Guide 7-2 Wireless Security Figure 7-2 WLAN : Wireless : No Security The following table describes the labels in this screen. Table 7-1 WLAN : Wireless : No Security LABEL DESCRIPTION Security Choose from one of the secur ity features listed in the drop-down box. ¾ No Security ¾ Static WEP ¾ WPA-PSK ¾ WPA ¾ 802.1x + Dynamic W[...]

  • Page 96

    HomeSafe User’s Guide Wireless Security 7-3 Table 7-1 WLAN : Wireless : No Security LABEL DESCRIPTION Reset Click Reset to relo ad the previous configurati on for this screen. 7.2 Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type.[...]

  • Page 97

    HomeSafe User’s Guide 7-4 Wireless Security Figure 7-3 WEP Authentication Steps Open system authentication invo lves an unencrypted two-message procedure. A wireless stati on sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In e ffect, open system is not a[...]

  • Page 98

    HomeSafe User’s Guide Wireless Security 7-5 Select Dynamic to have the HomeSafe automatically use short preamble when all wireles s clients support it, otherwise the HomeSafe uses long pream ble. ) The HomeSafe and the wireless st ations MUST use the same preamble mode in order to communicate. 7.4 Configuring WEP Encryption In order to configure [...]

  • Page 99

    HomeSafe User’s Guide 7-6 Wireless Security Table 7-3 WLAN : Wireless : Static WEP Encryption LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encr ypt data. Both the HomeSafe and the wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP , then enter any 5 A SCII characters or 10 hexade cimal characte[...]

  • Page 100

    HomeSafe User’s Guide Wireless Security 7-7 Temporal Key Integrity Protocol (TKIP) uses 128- bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keyin[...]

  • Page 101

    HomeSafe User’s Guide 7-8 Wireless Security 7.6 Configuring WP A-PSK Authentication In order to configure and enable WPA-PSK Authentication; click the WIRELESS link under ADVANCED to display the Wireless screen. Select WPA-PSK from the Security list. Figure 7-6 WLAN : Wireless : WPA-PS K The following table describes the labels in this screen. Ta[...]

  • Page 102

    HomeSafe User’s Guide Wireless Security 7-9 Table 7-4 WLAN : Wireless : WPA-PS K LABEL DESCRIPTION WPA Group Key Update Timer T he WPA Group Key Update Timer is the rate at which the AP (if using WPA-PSK key management) or RADIUS server (if using WPA key management) sends a new group key out to all clients. The re-k eying process is the WPA equiv[...]

  • Page 103

    HomeSafe User’s Guide 7-10 Wireless Security generate unique data encryption keys to encr ypt every data packet that is wirelessly communicated between the AP and the wireless clients . Figure 7-7 WPA with RADIUS Application Example 7.8 Configuring WP A Authentication In order to configure and enable WPA Authentication; click the WIRELESS link un[...]

  • Page 104

    HomeSafe User’s Guide Wireless Security 7-11 Table 7-5 WLAN : Wireless : WPA LABEL DESCRIPTION ReAuthentication Timer (in seconds) Specify how often wireless stat ions have to reenter userna mes and passwords in order to stay connected. Enter a time interval bet ween 10 and 99 99 seconds. The default time interval is 1800 seconds (30 minutes). ) [...]

  • Page 105

    HomeSafe User’s Guide 7-12 Wireless Security 7.10 Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or r eauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not[...]

  • Page 106

    HomeSafe User’s Guide Wireless Security 7-13 Table 7-6 WLAN : Wireless : 802.1x and Dy namic WEP LABEL DESCRIPTION ReAuthentication Timer (in seconds) Specify how often wireless stat ions have to reenter userna mes and passwords in order to stay connected. Enter a time interval bet ween 10 and 99 99 seconds. The default time interval is 1800 seco[...]

  • Page 107

    HomeSafe User’s Guide 7-14 Wireless Security Figure 7-10 WLAN : Wireless : 802.1 x and Static WEP The following table describes the labels in this screen. Table 7-7 WLAN : Wireless : 802.1x and Static WEP LABEL DESCRIPTION WEP Encryption Select 64-bit WEP or 128-bit WEP to enabl e data e ncryption. Authentication Method This field is activated wh[...]

  • Page 108

    HomeSafe User’s Guide Wireless Security 7-15 Table 7-7 WLAN : Wireless : 802.1x and Static WEP LABEL DESCRIPTION ReAuthentication Timer (in seconds) Specify how often wireless stat ions have to reenter userna mes and passwords in order to stay connected. Enter a time interval bet ween 10 and 99 99 seconds. The default time interval is 1800 second[...]

  • Page 109

    HomeSafe User’s Guide 7-16 Wireless Security Table 7-7 WLAN : Wireless : 802.1x and Static WEP LABEL DESCRIPTION Reset Click Reset to reload the previous co nfiguration for this screen. 7.13 Configuring 802.1x In order to configure and enable 802.1x; click the WIRELESS link under ADVANCED to display the Wireless screen. Select 802.1x + No WEP fro[...]

  • Page 110

    HomeSafe User’s Guide Wireless Security 7-17 Table 7-8 WLAN : Wireless: 802.1x LABEL DESCRIPTION Authentication Databases The authenticat ion database cont ains wireless station login information. T he local user database is the built -in d atabas e on the HomeSafe. The RADIUS is an external server. Use this drop- do wn list bo x to select which [...]

  • Page 111

    HomeSafe User’s Guide 7-18 Wireless Security Figure 7-12 WLAN : MAC Add ress Filter The following table describes the labels in this menu. Table 7-9 WLAN : MAC Address Filter LA BEL DESCRIPTION Active Select Yes from the drop down list box to e nable MAC address filtering. Filter Action Define the filter action for t he li st of MAC addresses in [...]

  • Page 112

    HomeSafe User’s Guide Wireless Security 7-19 7.15 Introduction to Local User Database By storing user profiles locally on the HomeSafe, your HomeSafe is able to authenticate wireless users without interacting with a network RADIUS server. However, there is a limit on the number of users you may authenticate in this way. You can only use Local Use[...]

  • Page 113

    HomeSafe User’s Guide 7-20 Wireless Security Table 7-10 WLAN : Local User Databa se LABEL DESCRIPTION User Name Enter the username (up to 31 characters) for this user profile. Password T ype a password (up to 31 characters) for this user profile. Note that as you type a password, the screen displays a (*) for each character you type. Apply Click [...]

  • Page 114

    HomeSafe User’s Guide Wireless Security 7-21 7.17.1 EAP Authenti cation Overview EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of t h e IEEE802.1x transport mechanism in order to suppor t multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, the access point[...]

  • Page 115

    HomeSafe User’s Guide 7-22 Wireless Security Figure 7-15 WLAN : RADIUS The following table describes th e labels in this screen. Table 7-11 WLAN : RADIUS LABEL DESCRIPTION Authentication Server Active Select Yes from the drop down list bo x to enab le user aut hentic ation through an external authenticati on server. Server IP Address Enter the IP[...]

  • Page 116

    HomeSafe User’s Guide Wireless Security 7-23 Table 7-11 WLAN : RADIUS LABEL DESCRIPTION Reset Click Reset to reload the previous co nfiguration for this screen.[...]

  • Page 117

    [...]

  • Page 118

    HomeSafe User’s Guide WAN 8-1 Chapter 8 WAN Screens This chapter describes how to configure WAN settings . 8.1 W AN Overview See the Wizard Setup chapter for more information on the fields in the WAN screens. 8.2 TCP/IP Priority (Metric) The metric represents the "cost of transmission". A router determines the best route for transmissio[...]

  • Page 119

    HomeSafe User’s Guide 8-2 WAN Table 8-1 WAN : Route LABEL DESCRIPTION WAN Traf fic Redirect The default WAN connection is "1' as your broadband connection via the WAN port should always be your pr eferred method of accessing the WAN. The defau lt priority of the routes is WAN and then Traffic Redirect . Apply Click A ppl y to save your [...]

  • Page 120

    HomeSafe User’s Guide WAN 8-3 Table 8-2 WAN ISP : Ethernet Encapsulation LABEL DESCRIPTION Login Server This field only applies when you select Telia Login in the Serv ice Type field. Type the domain name of the Telia logi n server, for examp le “login1.telia.com”. Relogin Every(min) This field only applies when you select Telia Login in the [...]

  • Page 121

    HomeSafe User’s Guide 8-4 WAN Figure 8-3 WAN ISP : PPPoE Encapsulation The following table describes the labels in this screen. Table 8-3 WAN ISP : PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation The PPP o ver Ethernet choice is for a dial-up connection using PPPoE. The HomeSafe supports PPPoE (Point-to-Poi[...]

  • Page 122

    HomeSafe User’s Guide WAN 8-5 PPTP supports on-demand, multi-protocol and virtua l private networking over public networks, such as the Internet. The screen shown next is for PPTP encapsulation. Figure 8-4 WAN ISP : PPTP Encapsulation The following table describes the labels in this screen. Table 8-4 WAN ISP : PPTP Encapsulation LABEL DESCRIPTION[...]

  • Page 123

    HomeSafe User’s Guide 8-6 WAN Table 8-4 WAN ISP : PPTP Encapsulation LABEL DESCRIPTION My IP Subnet Mask Your Hom eSafe will automatically calc ulate the subnet mask based on the IP address that you assign. Unless you are implementing sub netting, us e the subnet mask computed by the HomeSafe. Server IP Address Type the IP address of the PPT P se[...]

  • Page 124

    HomeSafe User’s Guide WAN 8-7 Table 8-5 WAN : IP LA BEL DESCRIPTION My WAN IP Address Enter your WAN IP address in this field if you selected Use Fi xed IP Address. My WAN IP Subnet Mask (Ethernet only) Type your network's IP subnet Mask. Remote IP Address Enter the Remote IP Address (if your I SP gave you on e) in this field. Gateway/Remote[...]

  • Page 125

    HomeSafe User’s Guide 8-8 WAN Table 8-5 WAN : IP LA BEL DESCRIPTION RIP Version T he RIP Version field controls the format and the broadcasting method of the RIP packets that the HomeSafe sends (it recognizes both formats when receiving). Choose RIP-1 , RIP-2B or RIP-2M . RIP-1 is universally supported; but RIP-2 carries more information. RIP-1 i[...]

  • Page 126

    HomeSafe User’s Guide WAN 8-9 The MAC address screen allows users to configur e the WAN port's MAC address by either using the factory default or cloning the MAC address from a computer on your LAN. Choose Factory Default to select the factory assigned default MAC Address. Otherwise, click Spoof this computer's MAC addre ss - IP Addr es[...]

  • Page 127

    HomeSafe User’s Guide 8-10 WAN 8.8 Configuring T raffic Redirect To change your HomeSafe’s Traffic Redirect settings, click WAN , then the Traffic Redirect tab. The screen appears as shown. Figure 8-9 WAN : Traffic Redirect The following table describes the labels in this screen. Table 8-6 WAN : Traffic Redirect LABEL DESCRIPTION Active Select [...]

  • Page 128

    HomeSafe User’s Guide WAN 8-11 Table 8-6 WAN : Traffic Redirect LABEL DESCRIPTION Apply Click Apply to save your changes back to the HomeSafe. Reset Click Reset to begin configuring this scree n afresh.[...]

  • Page 129

    SUA/NAT and Static Route III P P a a r r t t I I I I I I : : SUA/NAT and Static Route This part covers Network Address T r anslation and setting up static routes.[...]

  • Page 130

    [...]

  • Page 131

    HomeSafe User’s Guide NAT Screens 9-1 Chapter 9 Network Address Translation (NAT) Screens This chapter discusses how to configure NAT on the HomeSafe . 9.1 NA T Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outgoing packet, u sed within [...]

  • Page 132

    HomeSafe User’s Guide 9-2 NAT Screens (for Many-to-One and Many-to-Many Overload ma pping), NAT offers the additional benefit of firewall protection. With no servers defined, yo ur HomeSafe filters out all incoming inquiries, thus preventing intruders from probing your ne twork. For more information on IP address translation, refer to RFC 1631 , [...]

  • Page 133

    HomeSafe User’s Guide NAT Screens 9-3 Figure 9-2 NAT Application With IP Alias 9.1.5 NA T Mapping T y pes NAT supports five types of IP/port mapping. They are: ¾ One to One : In One-to-One mode, the HomeSafe maps one local IP address to one global IP address. ¾ Many to One : In Many-to-One mode, the HomeSafe maps multiple local IP addresses to [...]

  • Page 134

    HomeSafe User’s Guide 9-4 NAT Screens T able 9-2 NA T Mapping T ypes TYPE IP MAPPING SMT ABBREVIATION One-to-One ILA1 ÅÆ IGA1 1-1 Many-to-One (SUA/PAT) ILA1 ÅÆ IGA1 ILA2 ÅÆ IGA1 … M-1 Many-to-Many Overload ILA1 ÅÆ IGA1 ILA2 ÅÆ IGA2 ILA3 ÅÆ IGA1 ILA4 ÅÆ IGA2 … M-M Ov Many One-to-One ILA1 ÅÆ IGA1 ILA2 ÅÆ IGA2 ILA3 ÅÆ IGA3 ?[...]

  • Page 135

    HomeSafe User’s Guide NAT Screens 9-5 Default Server IP Address In addition to the servers for specified services, NAT supports a default server IP address. A default server receives packets from ports that are not specified in this screen. ) If you do not assign a Default Server IP Addre ss, the HomeSafe discards all packet s received for port s[...]

  • Page 136

    HomeSafe User’s Guide 9-6 NAT Screens 9.3.2 Configuring Server s Behind SUA (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and t[...]

  • Page 137

    HomeSafe User’s Guide NAT Screens 9-7 Figure 9-4 SUA/NAT Setup The following table describes the labels in this screen. Table 9-4 SUA/NAT Setup LABEL DESCRIPTION Default Server In addition to the servers for specified services, NAT supp orts a default server. A default server receives packets from ports that are not specified in this screen. If y[...]

  • Page 138

    HomeSafe User’s Guide 9-8 NAT Screens set summary screen, the new rule will be rule 7, no t 9. Now if you delete rule 4, rules 5 to 7 will be pushed up by 1 rule, so old rules 5, 6 and 7 become new rules 4, 5 and 6. To change your HomeSafe’s Address Mapping settings, click SUA/NAT , then the Address Mapping tab. The screen appears as shown. Fig[...]

  • Page 139

    HomeSafe User’s Guide NAT Screens 9-9 Configuring Address Mapping To edit an address mapping rule, select th e radio button of a rule and click the Edit button to display the screen shown next. Figure 9-6 Address Mapping Edit The following table describes the labels in this screen. Table 9-6 Address Mapping Edit LABEL DESCRIPTION Type Choose the [...]

  • Page 140

    HomeSafe User’s Guide 9-10 NAT Screens service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a different LAN computer, you have to manually replace the LAN computer's I[...]

  • Page 141

    HomeSafe User’s Guide NAT Screens 9-11 ) Only one LAN computer can use a trigger port (range) at a time. Figure 9-8 Trigger Port The following table describes the labels in this screen. Table 9-7 Trigger Port LABEL DESCRIPTION # This is the rule inde x number (read-only). Name Type a uniqu e name (u p to 15 characters) fo r identification p urpos[...]

  • Page 142

    [...]

  • Page 143

    HomeSafe User’s Guide NAT Screens 10-1 Chapter 10 Static Route Screens This chapter shows you how to configure static routes for your HomeSafe. 10.1 S t atic Route Overview Each remote node specifies only the network to wh ich the gateway is directly connected, and the HomeSafe has no knowledge of the networks be yond. For i n stance, the HomeSaf[...]

  • Page 144

    HomeSafe User’s Guide 10-2 NAT Screens Table 10-1 Static Route LABEL DESCRIPTION # Number of an individual static route. Name Name that describes or identifies this route. Active This field shows whether this static route is active ( Yes ) or not ( No ). Destination T his parameter specif ies the IP net work address of the final destination. Rout[...]

  • Page 145

    HomeSafe User’s Guide NAT Screens 10-3 Table 10-2 Static Route: Edit LABEL DESCRIPTION Metric Metric represents the “cost” of transmi ssion for routing purp oses. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. T he number need [...]

  • Page 146

    UPnP, Parental Control and Firewall IV P P a a r r t t I I V V : : UPnP, Parental Control and Firewall This part prov ides information and config uration in struction s for con f iguration of Universal Plug and Play , parental control, fire wall and content filtering.[...]

  • Page 147

    HomeSafe User’s Guide UPnP 11-1 Chapter 11 UPnP This chapter introduces the Universal Plug and Play feature. 11.1 Universal Plug and Play Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, ob[...]

  • Page 148

    HomeSafe User’s Guide 11-2 UPnP Gateway Device). At the time of writing ZyX EL's UPnP implementation supports Windows Messenger 4.6 and 4.7 while Windows Messenge r 5.0 and Xbox are still being tested. UPnP broadcasts are only allowed on the LAN. Please see later in this User’s Guide for examples of installing UPnP in Windows XP and Window[...]

  • Page 149

    HomeSafe User’s Guide UPnP 11-3 11.4.1 Installing UPnP in Windows Me Follow the steps below to install UPnP in Windows Me. Step 1. Click Start and Control Panel . Double-click Add/Remove Programs . Step 2. Click on the Windows Setup tab and select Commu nica tion in the Co mponen ts selection box. Click Details . Step 3. In the Communications win[...]

  • Page 150

    HomeSafe User’s Guide 11-4 UPnP Step 4. Select Networking Service in the Components s election bo x and clic k Details . Step 5. In the Networ king Services window, select the Universal Plu g and Play check box. Step 6. Click OK to go back to the Windows Optional Ne tworking Component Wizard window and click Next . 11.5 Using UPnP in Windows XP E[...]

  • Page 151

    HomeSafe User’s Guide UPnP 11-5 Step 3. In the Internet Connection P roperties window, click Settings to see th e por t mappings that were aut omatically created. Step 4. You may edit or delete the port mappings or cli c k Add to manually ad d port m appings. ) When the UPnP-enabled device is disconnected from your computer , all port mappings wi[...]

  • Page 152

    HomeSafe User’s Guide 11-6 UPnP Step 6. Double-click the icon to disp lay your current Internet conne ction status. 11.5.2 Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL device without findi ng out the IP address of the ZyXEL device first. This is helpful if you do not know the IP address of the ZyX[...]

  • Page 153

    HomeSafe User’s Guide UPnP 11-7 Step 6. Right-click the icon for you r ZyXEL device and sele ct Properties . A properties window displays with basic informati on about the Zy XEL device.[...]

  • Page 154

    [...]

  • Page 155

    HomeSafe User’s Guide Parental Control 12-1 Chapter 12 Parental Control This chapter gives some background inform ation on parental control and explains how to get started with the HomeSafe parental control. 12.1 Parent al Control Overview Parental Control lets a parent (LAN administra tor) control a child’s (LAN user) Internet acce ss privileg[...]

  • Page 156

    HomeSafe User’s Guide 12-2 Parental Control Figure 12-2 User Status Windo w 4. You can start browsing the web from the current window, or use the link on the top of the box to open a new web browser. ¾ If you close or navigate away from the status screen, you can redisplay the status screen by typing status into the address bar on your web brows[...]

  • Page 157

    HomeSafe User’s Guide Parental Control 12-3 Figure 12-3 HomeSafe Parental Cont rol Wireless Gatew ay Application 12.4 Configuring Parental Control From the MAIN MENU , click PARENTAL CONTROL to open the configuration screen. Internet A B[...]

  • Page 158

    HomeSafe User’s Guide 12-4 Parental Control Figure 12-4 Parental Control The following table describes the labels in this screen. Table 12-1 Parental Control LA BEL DESCRIPTION Enable Parental Control Select the check box to allow the parent (LA N administrator) to have control over a child ’ s (LAN user’s) Internet access. Idle Timeout T ype[...]

  • Page 159

    HomeSafe User’s Guide Parental Control 12-5 Table 12-1 Parental Control LA BEL DESCRIPTION Group Select from the drop-do wn list box a categor y of web pages that you want to have access control over ¾ Kids ¾ Young Teen ¾ Mature Teen ¾ Adult These groups are used in conju nction with content filtering to decide which web pages cannot be acces[...]

  • Page 160

    HomeSafe User’s Guide 12-6 Parental Control Table 12-1 Parental Control LA BEL DESCRIPTION Reset Click Reset to start configuring this screen again. 12.5 Parent al Control Group Edit Filter The HomeSafe content filtering allows you to block services and block web sites by URL keywords that you specify, for example, you can block access to all web[...]

  • Page 161

    HomeSafe User’s Guide Parental Control 12-7 3. The HomeSafe either blocks or forwards the request based on the services you select in the Available Services field in the Parental Control Activation Blocking screen. Checking Content Filtering Activation After you register for content filtering, the br owser displays a registration successful web p[...]

  • Page 162

    HomeSafe User’s Guide 12-8 Parental Control Figure 12-6 Parental Control : Filter The following table describes th e labels in this screen. Table 12-3 Parental Control : Filter LABEL DESCRIPTION Pre-defined Web Content Categories Enable Pre-defined Web Content Categories to have the HomeSafe check an external database to find to which category a [...]

  • Page 163

    HomeSafe User’s Guide Parental Control 12-9 Table 12-3 Parental Control : Filter LABEL DESCRIPTION Sex Education Selecti ng this category exclu de s pages that provide gra ph i c information (sometimes graphic) on reproduction, sexua l development, safe sex practices, sexuality, birth control, and se xua l development. It also includes pages that[...]

  • Page 164

    HomeSafe User’s Guide 12-10 Parental Control Table 12-3 Parental Control : Filter LABEL DESCRIPTION Business/Economy Selecting this categor y excl udes pag es dev oted to business firms, business information, economics, marketing, bus in ess management and entrepreneurship. This does not inclu de page s that perform services that are defined in a[...]

  • Page 165

    HomeSafe User’s Guide Parental Control 12-11 Table 12-3 Parental Control : Filter LABEL DESCRIPTION Computers/Internet Selecting this categor y e xcludes pages that spons or or provi de information on computers, technology, the Internet and technology-r elat ed organizations and companies. Hacking/Proxy Avoidance Pages pr oviding information on i[...]

  • Page 166

    HomeSafe User’s Guide 12-12 Parental Control Table 12-3 Parental Control : Filter LABEL DESCRIPTION Gay/Lesbian Selecting this c ategory exclud es pag es that provide in formation, promote, or cater to gay and lesbian lifestyles. This does not includ e pages that are sexually oriented. Restaurants/Dining/Food Selecti ng this category exclu d e s [...]

  • Page 167

    HomeSafe User’s Guide Parental Control 12-13 Table 12-3 Parental Control : Filter LABEL DESCRIPTION Clear All Click Clear All to empty the keyword list. Keyword Type a keyword in the Keyword field and click then Add Keyword to add a keyword to the list of keywords. The list of keywords that will be inaccessible to computers on yo ur LAN o nce you[...]

  • Page 168

    HomeSafe User’s Guide 12-14 Parental Control type (TCP, UDP, or ICMP). The second field indicates the IP port number that defines the service. (Note that there may be more than one IP protocol type. For example, look at the default configuration labeled “( DNS )”. (UDP/TCP:53) means UDP port 53 and TCP port 53. Table 12-4 Services SERVICE DES[...]

  • Page 169

    HomeSafe User’s Guide Parental Control 12-15 Table 12-4 Services SERVICE DESCRIPTION POP3(TCP:110) Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (T CP/IP or other). PPTP(TCP:1723) Point-to-Point Tunneling Protoc ol enables secure transfer of data over public networks. This is th[...]

  • Page 170

    HomeSafe User’s Guide 12-16 Parental Control Figure 12-7 Parental Control : Edit The following table describes the labels in this screen. Table 12-5 Parental Control : Edit LA BEL DESCRIPTION Username T ype a name to identify this user. Password T ype a password. This pass word is used each time you log in to access th e Internet.[...]

  • Page 171

    HomeSafe User’s Guide Parental Control 12-17 Table 12-5 Parental Control : Edit LA BEL DESCRIPTION Groups Select a gro up from the drop down list box. The category of web pages to block are grouped as one of the follo wing ¾ Kids ¾ Young Teen ¾ Mature Teen ¾ Adult These groups are used in conju nction with c ontent filtering to decide which w[...]

  • Page 172

    HomeSafe User’s Guide 12-18 Parental Control Table 12-5 Parental Control : Edit LA BEL DESCRIPTION Edit Customized Services A Customized Ser vice is a service that is not available in the pre-defi ned Available Services list and you must define us in g the next two fields. Type Services are either TCP and/o r UDP . Select from either TCP or UDP .[...]

  • Page 173

    HomeSafe User’s Guide Parental Control 12-19 Table 12-6 Parental Control : Bypass List LA BEL DESCRIPTION Name Type a name t o identify a device on yo ur LAN. MAC Address Type the MAC address (with colons) of a devi c e on your LAN. Apply Click Apply to save your ch an ges back to the HomeSafe. Reset Click Reset to begin configuring this scree n [...]

  • Page 174

    [...]

  • Page 175

    HomeSafe User’s Guide Firewall 13-1 Chapter 13 Firewall This chapter gives some background inform ation on firewalls and explains how to get started with the HomeSafe firewall. 13.1 Introduction What is a Firewall? Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another. T[...]

  • Page 176

    HomeSafe User’s Guide 13-2 Firewall 4. Don't enable any local servic e (such as SNMP or NT P) that you don't use. Any enabled service could present a potential security risk. A determined hacker might be able to find creative ways to misuse the enabled services to acces s the firewall or the network. 5. For local services that are enabl[...]

  • Page 177

    HomeSafe User’s Guide Firewall 13-3 Table 13-1 Firewall: Settings LA BEL DESCRIPTION Packets to Log Choose what LAN to WA N packets to log. Choose from: ¾ No Log ¾ Log Blocked (blocked LAN to WAN services appear in the Blocked Services textbox in the Services screen (with Enable Ser vices Blocking selected)) ¾ Log All (log all LA N t o WA N pa[...]

  • Page 178

    HomeSafe User’s Guide 13-4 Firewall LAN-to-LAN/HomeSafe means the LAN to the HomeSafe LAN int erface. This is always allowed, as this is how you manage th e HomeSafe from your local computer. 13.3.2 W AN-to-LAN rules WAN-to-LAN rules are Internet to your local network firewall rules. The default is to block all traffic from the Internet to your l[...]

  • Page 179

    HomeSafe User’s Guide Firewall 13-5 Figure 13-3 Fire wall: Service The following table describes th e labels in this screen. Table 13-2 Firewall: Service LA BEL DESCRIPTION Enable Services Blocking Select this check bo x to ena ble this feature. Available Service This is a list of pre-defined ser vices (ports) you may proh ibit your LAN computers[...]

  • Page 180

    HomeSafe User’s Guide 13-6 Firewall Table 13-2 Firewall: Service LA BEL DESCRIPTION Clear All Click Clear All to empty the Blo cked Service . Day to Block: Select a check box to configure which da ys of the week (or everyda y) you want the content filtering to be active. Time of Day to Block (24-Hour Format) Select the time of day you want servic[...]

  • Page 181

    Remote Management V P P a a r r t t V V : : Remote Management This part prov ides information and config urati on instruction s for con f iguration of remote management.[...]

  • Page 182

    [...]

  • Page 183

    HomeSafe User’s Guide Remote Management Screens 14-1 Chapter 14 Remote Management Screens This chapter provides information on the Rem ote Management screens. 14.1 Remote Management Overview Remote management allows you to determin e which services/protocols can access which HomeSafe interface (if any) from which computers. ) When you configure r[...]

  • Page 184

    HomeSafe User’s Guide 14-2 Remote Management Screens 3. The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the HomeSafe will disconnect the session immediately. 4. There is already another remote management session with an equal or higher priority running. You may only have one remote managem[...]

  • Page 185

    HomeSafe User’s Guide Remote Management Screens 14-3 Table 14-1 Remote Management : WWW LABEL DESCRIPTION Server Access Select the interface(s) through which a computer ma y access the HomeSafe using this service. Secured Client IP Address A secured client is a “trusted” computer that is allowed to communicate with the HomeSafe using this ser[...]

  • Page 186

    HomeSafe User’s Guide 14-4 Remote Management Screens Figure 14-3 Remote Management : T elnet The following table describes the labels in this screen. Table 14-2 Remote Management : Telnet LABEL DESCRIPTION Server Port You ma y cha nge the server port num ber for a service if ne eded, however you must use the same port number in order to us e that[...]

  • Page 187

    HomeSafe User’s Guide Remote Management Screens 14-5 Figure 14-4 Remote Management : F TP The following table describes the labels in this screen. Table 14-3 Remote Management : FT P LABEL DESCRIPTION Server Port You may change the server port num ber for a service if needed, ho wever you must use the same port number in order to us e that servic[...]

  • Page 188

    HomeSafe User’s Guide 14-6 Remote Management Screens ) SNMP is only available if TCP/IP is configured. Figure 14-5 SNMP Management Mod el An SNMP managed network consis ts of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the HomeSafe). An agent translates the local ma[...]

  • Page 189

    HomeSafe User’s Guide Remote Management Screens 14-7 14.6.1 Supported MIBs The HomeSafe supports MIB II that is define d in RFC-1213 and RF C-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. 14.6.2 SNMP T rap s The HomeSafe will send traps to the SNMP mana ger when any one of the fo[...]

  • Page 190

    HomeSafe User’s Guide 14-8 Remote Management Screens Figure 14-6 Remote Management : SNMP The following table describes the labels in this screen. Table 14-5 Remote Management : SNMP LABEL DESCRIPTION SNMP Configuration Get Community Enter the Get Community , which is the password for the incoming Get and GetNext requests from the management stat[...]

  • Page 191

    HomeSafe User’s Guide Remote Management Screens 14-9 Table 14-5 Remote Management : SNMP LABEL DESCRIPTION Service Access Select the interface(s) through which a computer may access the HomeSafe using this service. Secured Client IP Address A secured client is a “trusted” computer that is allowed to communicate with the HomeSafe using this se[...]

  • Page 192

    HomeSafe User’s Guide 14-10 Remote Management Screens 14.8 Configuring Security T o change your HomeSafe’ s security settings, click REMOTE MGMT , then the Security tab. The screen appears as shown. If an outside user attempts to probe an uns upported port on your HomeSafe, an ICMP response packet is automatically returned. This allows th e out[...]

  • Page 193

    HomeSafe User’s Guide Remote Management Screens 14-11 Table 14-7 Remote Management : Security LABEL DESCRIPTION Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to beg in co nfiguring this screen afresh.[...]

  • Page 194

    [...]

  • Page 195

    HomeSafe User’s Guide VPN Screens 14-1[...]

  • Page 196

    Logs and Maintenance VI P P a a r r t t V V I I : : Logs and Maintenance This part covers the cent ralized logs and maintenance screens.[...]

  • Page 197

    HomeSafe User’s Guide Logs 15-1 Chapter 15 Centralized Logs This chapter contains inform ation about configuring general log settings and viewing the HomeSafe’s logs. Refer to the appendices for example log message explanations. 15.1 V iew Log The web configurator allows you to look at a ll of the HomeSafe’s logs in one loc ation. Click the L[...]

  • Page 198

    HomeSafe User’s Guide 15-2 Logs Table 15-1 View Logs LABEL DESCRIPTION Destination This field lists the destinati on IP address and the port number of the incoming pack et. Note This field displays additional informatio n ab o ut the log entry. Email Log Now Click Email Log No w to send the log screen to the e-mail address sp ecified in the Log S[...]

  • Page 199

    HomeSafe User’s Guide Logs 15-3 Figure 15-2 Log Settings The following table describes the labels in this screen. Table 15-2 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP addr ess of the mail server for the e-mai l addresses specified below. If this field is left blank, logs and al ert messages will not b[...]

  • Page 200

    HomeSafe User’s Guide 15-4 Logs Table 15-2 Log Settings LABEL DESCRIPTION Mail Subject T ype a title that you want to be in the subject line of the log e-mail messag e that the HomeSafe sends. Not all HomeSa fe models have this field. Send Log To The HomeSafe sends logs to the e-mail ad dr ess specifi ed in this field. If this field is left blank[...]

  • Page 201

    HomeSafe User’s Guide Maintenance 16-1 Chapter 16 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 16.1 Maintenance Overview The maintenance screens can help you view syst em information, upload new firmware, manage configuration and restart your HomeSafe. 16.2 S t atus Sc[...]

  • Page 202

    HomeSafe User’s Guide 16-2 Maintenance Table 16-1 Maintenance : Statu s LA BEL DESCRIPTION IP Subnet Mask This is the WAN port subnet mask. DHCP This is the WAN port DHCP role - Client or None . LAN Port IP Address This is the LAN port IP address. IP Subnet Mask This is the LAN port subnet mask. DHCP This is the LAN port DHCP role - Server , Rela[...]

  • Page 203

    HomeSafe User’s Guide Maintenance 16-3 Table 16-2 Maintenance : Sy stem Statistics LA BEL DESCRIPTION Poll Interval(s) Enter the time interval for refreshing statistics in this field. Set Interval Click this button to apply the new poll interval you entered in the Poll Interval(s) field. Stop Click Stop to stop refreshing statistics, click Stop .[...]

  • Page 204

    HomeSafe User’s Guide 16-4 Maintenance 16.4 Any IP T able Click MAINTENANCE , Any IP Table . The Any IP table shows current read-only information (including the IP address and the MAC address) of all network devices that use the Any IP feature to communicate with the HomeSafe. Figure 16-4 Maintenance : Any IP The following table describes th e la[...]

  • Page 205

    HomeSafe User’s Guide Maintenance 16-5 Table 16-5 Maintenance : Asso ciation List LA BEL DESCRIPTION Association Time This field displays the time a wireless st ation first associat ed with the HomeSafe. Refresh Click Refre sh to redisplay the current screen. 16.6 F/W Upload Screen Find firmware at www.zyxel.com in a file that (usually) uses the [...]

  • Page 206

    HomeSafe User’s Guide 16-6 Maintenance Figure 16-7 Upload Warning The HomeSafe automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 16-8 Net work Temporarily Disconnected After two minutes, log in again and ch eck your new firm ware version in[...]

  • Page 207

    HomeSafe User’s Guide Maintenance 16-7 Figure 16-10 Maintenance : Con figuration 16.7.1 Backup Configuration Backup configuration allows you to back up (save) the HomeSafe’s current configuration t o a file on your computer. Once your HomeSafe is confi gured and functio ning properly, it is highly recommended that you back up your configuration[...]

  • Page 208

    HomeSafe User’s Guide 16-8 Maintenance Figure 16-11 Configurati on : Re store Successful The HomeSafe automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 16-12 Temporarily Disconn ected If you uploaded the default configuration file yo u may [...]

  • Page 209

    HomeSafe User’s Guide Maintenance 16-9 Figure 16-14 Factory Defaults You can also press the RESET button on the rear panel to reset the factory defaults of your HomeSafe. Refer to the Hardware Installation chapter for more information on the RESET button. 16.8 Rest art Screen System restart allows you to reboot the Ho meSafe without turning the p[...]

  • Page 210

    SMT General Configuration VII P P a a r r t t V V I I I I : : SMT General Configuration This part covers System Manag ement T erminal co nfiguratio n for g eneral setup, WAN setup, L AN setup, WLAN setup, Internet access, remote node, static route, NA T and enablin g the firewall. ) See the web configurator p art s of this guide for background info[...]

  • Page 211

    [...]

  • Page 212

    HomeSafe User’s Guide Introducing the SMT 17-1 Chapter 17 Introducing the SMT This chapter explains how to access and navigat e the System Management Terminal and gives an overview of its menus. 17.1 SMT Introduction T he HomeSafe’s SMT (System Management Termin al) is a menu-driven interface that you can access from a terminal emulator through[...]

  • Page 213

    HomeSafe User’s Guide 17-2 Introducing the SMT Figure 17-2 SMT Menu Ov erview 17.2 Navigating the SMT Interface The SMT (System Management Terminal) is th e interface that you use to configure your HomeSafe. Several operations that you should be familiar with before you attem pt to modify the configuration are listed in the table below. Table 17-[...]

  • Page 214

    HomeSafe User’s Guide Introducing the SMT 17-3 Table 17-1 Main Menu Commands Entering information T ype in or press [SPACE BAR], then press [ENTER]. You need to fill in two types of fields. The first requir es you to type in the appropriate information. T he second allows you to cycle through the availa ble choices by pressing [SPACE BAR]. Requir[...]

  • Page 215

    HomeSafe User’s Guide 17-4 Introducing the SMT Table 17-2 Main Menu Summary # MENU TITLE DESCRIPTION 14 Dial-in User Setup Use this menu to set up local user profiles on the HomeSafe. 15 NAT Setup Use this menu to specify inside servers when NAT is enabl ed. 21 Filter and Firewall Setup Use this menu to conf igure filters, activate/d eactivate th[...]

  • Page 216

    HomeSafe User’s Guide Menu 1 General Setup 18-1 Chapter 18 Menu 1 General Setup Menu 1 - General Setup contains administrative and system -related information . 18.1 General Setup Menu 1 — General Setup contains administrative and system -related information (shown next). The System Name field is for identification purposes. However, because so[...]

  • Page 217

    HomeSafe User’s Guide 18-2 Menu 1 General Setup Table 18-1 Menu 1 General Setup FIELD DESCRIPTION EXAMPLE Domain Name Enter the dom ain n ame (if you know it) here. If you l eave th is field blank, the ISP may assign a domain name via DHCP. You can go to menu 24.8 and type "sys dom ain name" to see the current domain name used by your r[...]

  • Page 218

    HomeSafe User’s Guide Menu 1 General Setup 18-3 Figure 18-2 Menu 1.1 Configure Dy na mic DNS Follow the instructions in the next tabl e to configure Dynamic DNS param eters. Table 18-2 Menu 1.1 Configure Dy namic DNS FIELD DESCRIPTION EXAMPLE Service Provider This is the name of your Dynamic DNS service provider. WWW.DynDNS.ORG (default) Active P[...]

  • Page 219

    HomeSafe User’s Guide 18-4 Menu 1 General Setup Table 18-2 Menu 1.1 Configure Dy namic DNS FIELD DESCRIPTION EXAMPLE IP Address Update Policy: You can select Yes in either the Use Server Detect ed IP field (recommended) or the User Specified IP Add r fiel d, but not both. With the Use Server Detected IP and User Specified IP Addr fields both set [...]

  • Page 220

    HomeSafe User’s Guide Menu 2 WAN Setup 19-1 Chapter 19 Menu 2 WAN Setup This chapter describes how to configure the WAN using menu 2. 19.1 Introduction to W AN This chapter explains how to configure settings for your WAN port. 19.2 W AN Setup From the main menu, enter 2 to open m enu 2. Figure 19-1 Menu 2 WAN Setup The following table describes t[...]

  • Page 221

    [...]

  • Page 222

    HomeSafe User’s Guide Menu 3 LAN Setup 20-1 Chapter 20 Menu 3 LAN Setup This chapter covers how to configure your wired Local Area Network (LAN) settings. 20.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 — LAN Setup . From the main menu, enter 3 to display m enu 3. Figure 20-1 Menu 3 LAN Setup 20.1.1 General Ethe[...]

  • Page 223

    HomeSafe User’s Guide 20-2 Menu 3 LAN Setup Figure 20-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup Follow the instructions in the next table on how to configure the D HCP fields. Table 20-1 Menu 3.2: DHCP Ethernet Setup Fields FIELD DESCRIPTION EXAMPLE DHCP This field ena bles/disables the DHCP server. If set to Server , your HomeSafe will act as a [...]

  • Page 224

    HomeSafe User’s Guide Menu 3 LAN Setup 20-3 Table 20-1 Menu 3.2: DHCP Ethernet Setup Fields FIELD DESCRIPTION EXAMPLE First DNS Server Second DNS Server Third DNS Server The HomeSafe passes a DNS (Domain Nam e System) server IP address (in the order you spe cify here) to the DHCP clients. Select From ISP if your ISP dynamically assi gns DNS serv [...]

  • Page 225

    HomeSafe User’s Guide 20-4 Menu 3 LAN Setup Table 20-2 Menu 3.2: LAN TCP/IP Setup Fields FIELD DESCRIPTION EXAMPLE Edit IP Alias The HomeSafe supports thre e logical LAN interfaces via its single physical Ethernet interface with the HomeSafe itself as the gateway for each LAN network. Press [SPACE BAR] to select Yes and then press [ENT ER] to dis[...]

  • Page 226

    HomeSafe User’s Guide Menu 3 LAN Setup 20-5 Table 20-3 Menu 3.2.1: IP Alias Setup FIELD DESCRIPTION EXAMPLE IP Alias 1, 2 Choose Yes to configure the LAN net work for the HomeSafe. Yes IP Address Enter the IP ad dress of your Ho meSafe in dotted decimal notation. 192.168.1.1 IP Subnet Mask Your Hom eSaf e will automatically calcul ate the sub net[...]

  • Page 227

    HomeSafe User’s Guide 20-6 Menu 3 LAN Setup Table 20-4 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXAMPLE AP must have the same ESSID. Enter a descriptive name of up to 32 printable 7-bit ASCII characters. Hide ESSID Press [SPACE BAR] and select Yes to hide the ESSID in the outgoing data frame so an intruder cannot ob tain the ESSID through pa[...]

  • Page 228

    HomeSafe User’s Guide Menu 3 LAN Setup 20-7 Table 20-4 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXAMPLE 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the HomeSafe. Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate with the HomeSafe. Select Mixed to allow e[...]

  • Page 229

    HomeSafe User’s Guide 20-8 Menu 3 LAN Setup Figure 20-8 Menu 3.5.1 WLAN M AC Address Filter The following table describes the fields in this menu. Table 20-5 Menu 3.5.1 WLAN M AC Address Filter FIELD DESCRIPTION Active To enable MAC address filter ing, press [SP ACE BAR] to select Yes and press [ENTER]. Filter Action Define the filter ac tion for[...]

  • Page 230

    HomeSafe User’s Guide Menu 3 LAN Setup 20-9 Figure 20-9 Menu 3.5 Wireless L AN Setup Step 3. Move the cursor to t he Edit Roa ming Configuration field. Press [SPACE BAR] to select Yes and then press [ENTER]. Menu 3. 5.2 – Roaming Configur ati on displays as shown next . Figure 20-10 Menu 3.5.2 Roaming Configuration The following table describes[...]

  • Page 231

    [...]

  • Page 232

    HomeSafe User’s Guide Internet Access 21-1 Chapter 21 Internet Access This chapter shows you how to configure your HomeSafe for Internet access . 21.1 Introduction to Internet Access Setup Use information from your ISP along wit h the in structions in this chapter to set up your HomeSafe to access the Internet. There are thr ee different menu 4 s[...]

  • Page 233

    HomeSafe User’s Guide 21-2 Internet Access Table 21-1 Menu 4: Internet Acces s Setup (Ethernet) FIELD DESCRIPTION Retype to Confirm Enter your pas sword again to make sure that you have enter ed is correctl y. Login Server The HomeSafe will find the RoadRunner Se rver IP if this field is left blank. If it does not, then you must enter the authe n[...]

  • Page 234

    HomeSafe User’s Guide Internet Access 21-3 Figure 21-2 Internet Access Setup (PPTP) The following table contains instructions about the new fields when you choose PPTP in the Encapsulation field in menu 4. Table 21-2 New Fields in Menu 4 (PPTP) Screen FIELD DESCRIPTION EXAMPLE Encapsulation Press [SPACE BAR] and then press [ENTER] to choose PPTP [...]

  • Page 235

    HomeSafe User’s Guide 21-4 Internet Access Table 21-3 New Fields in Menu 4 (PPPoE) screen FIELD DESCRIPTION EXAMPLE Idle Timeout This value specifies the ti me in seconds that elapses before the HomeSafe automatically disconnects from the PPPoE server. 100 (default) If you need a PPPoE service name to identify a nd reach the PPPoE server, please [...]

  • Page 236

    HomeSafe User’s Guide Remote Node Configuration 22-1 Chapter 22 Remote Node Configuration This chapter covers remote node configuration . 22.1 Introduction to Remote Node Setup A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it acro ss a WAN connection. Note [...]

  • Page 237

    HomeSafe User’s Guide 22-2 Remote Node Configuration Table 22-1 Menu 11.1 Remote Node Profile for Eth ernet Encapsulation FIELD DESCRIPTION EXAMPLE Rem Node Name Enter a descri p tive name for the remote node. This field can be up to eight characters. LAoffice Active Press [SPACE BAR] and then [ENTER] to select Yes (activate remote node) or No (d[...]

  • Page 238

    HomeSafe User’s Guide Remote Node Configuration 22-3 Table 22-1 Menu 11.1 Remote Node Profile for Eth ernet Encapsulation FIELD DESCRIPTION EXAMPLE Once you have configured this menu, press [ENTER] at the message “Press ENT ER to Confirm...” to save your configuration, or press [ESC] at an y time to cancel. 22.2.2 PPPoE Encapsulation The Home[...]

  • Page 239

    HomeSafe User’s Guide 22-4 Remote Node Configuration Table 22-2 Fields in Menu 11. 1 (PPPoE Encapsulation Specific) FIELD DESCRIPTION EXAMPLE Service Name If you are using PPPoE enca psulation, then type the name of your PPPoE service here. Only valid with PPPoE e ncapsulation . poellc Authen This field sets the authenticat i on protocol used for[...]

  • Page 240

    HomeSafe User’s Guide Remote Node Configuration 22-5 Table 22-3 Menu 11.1 Remote Node Profile for PPTP Encapsul a tion FIELD DESCRIPTION EXAMPLE Encapsulation Press [SPACE BAR] and then [ENTER] to select PPTP . You must also go to menu 11.3 to check the IP Address setting once yo u hav e selected the encapsulation method. PPTP My IP Addr Enter th[...]

  • Page 241

    HomeSafe User’s Guide 22-6 Remote Node Configuration Table 22-4 Remote Node Net work Layer Option s FIELD DESCRIPTION EXAMPLE My WAN Addr This field is applicable to PPPoE and PPTP encapsul atio ns only. Some implementations, especiall y the UNIX der iv atives, require the WAN link to have a separate IP network number from the LAN and each end mu[...]

  • Page 242

    HomeSafe User’s Guide Remote Node Configuration 22-7 Use menu 11.5 to specify the filter set(s) to apply to t he incoming and outgoing t raffic between this remote node and the HomeSafe to preven t certain packets from triggering calls. You can specify up to 4 filter sets separated by commas, for ex ample, 1, 5, 9, 12, in each filter field. Note [...]

  • Page 243

    HomeSafe User’s Guide 22-8 Remote Node Configuration Table 22-5 Menu 11.6: Traffic Redire ct Setup FIELD DESCRIPTION EXAMPLE Active Press [SPACE BAR] and select Yes (to enable) or No (to disable) traffic redirect setup. The default is No . Yes Configuration: Backup Gateway IP Address Enter the IP address of your backup gateway in dotted deci mal [...]

  • Page 244

    HomeSafe User’s Guide Static Route Setup 23-1 Chapter 23 Static Route Setup This chapter shows how to setup IP static routes . 23.1 IP S t atic Route Setup Step 1. To configure an IP static route, use Menu 12 – Static Routing Setup (shown next). Figure 23-1 Menu 12 IP Static Route Setup Step 2. Now, type the route number of a static route you w[...]

  • Page 245

    HomeSafe User’s Guide 23-2 Static Route Setup Table 23-1 Menu12.1 Edit IP Static Route FIELD DESCRIPTION IP Subnet Mask Type the subnet mask for this destination. Follow the discussion on IP Subnet Mask in this manual. Gateway IP Address T ype the IP address of the ga teway. The gateway is an immediate nei ghbor of your HomeSafe that will for war[...]

  • Page 246

    HomeSafe User’s Guide Dial-in User Setup 24-1 Chapter 24 Dial-in User Setup This chapter shows you how to create user accounts on the HomeSafe . 24.1 Dial-in User Setup By storing user profiles locally, your HomeSafe is able to authenticate wireless users without interacting with a network RADIUS server. Follow the steps below to set up user prof[...]

  • Page 247

    [...]

  • Page 248

    HomeSafe User’s Guide NAT 25-1 Chapter 25 Network Address Translation (NAT) This chapter discusses how to configure NAT on the HomeSafe. 25.1 Using NA T ) Y ou must create a firewall rule in addition to setting up SUA/ NA T , to allow traffic from the W AN to be forwarded through the HomeSafe. 25.1.1 SUA (Single User Account) V ersus NA T SUA (Si[...]

  • Page 249

    HomeSafe User’s Guide 25-2 NAT Step 3. Move the cursor to the Edit IP field, press [SPACE BAR] to select Yes and then press [ENTER] to bring up Menu 11.3 - Remote Node Network Layer Options. Figure 25-2 Menu 11.3 Apply ing NAT to the Remote Node The following table describes the optio ns for Network Address Translation. Table 25-1 Applying NAT in[...]

  • Page 250

    HomeSafe User’s Guide NAT 25-3 25.3.1 Address Mapping Sets Enter 1 to bring up Menu 15.1 — Addr ess Mapping Sets . Figure 25-4 Menu 15.1 Address Map ping Sets SUA Address Mapping Set Enter 255 to display the next screen (see also section 25.1.1) . The fields in this menu cannot be changed. Figure 25-5 Menu 15.1.255 SUA Addr ess Mapping Rules Th[...]

  • Page 251

    HomeSafe User’s Guide 25-4 NAT Table 25-2 SUA Address Mapping Rules FIELD DESCRIPTION EX AMPLE Type These are the mapp ing types. Server allows us to specify multiple servers of different types behind NA T to this machine. See later for some examples. Server When you have compl eted thi s menu, press [ENTER] at the prompt “Press ENT ER to confi[...]

  • Page 252

    HomeSafe User’s Guide NAT 25-5 Table 25-3 Menu 15.1.1 First Set FIELD DESRIPTION EXAMPLE Set Name Enter a name for this set of rules. This is a requir ed fiel d. If this field is left blank, the entire set will be deleted. NAT_ SET Action T he default is Edit . Edit means you want to edit a selected rule (see following field). Insert Before means[...]

  • Page 253

    HomeSafe User’s Guide 25-6 NAT Table 25-4 Menu 15.1.1.1 Editing/Conf iguring an Indiv idual Rule in a Set FIELD DESCRIPTION EXAMPLE Server . Start This is the starting loca l IP address (ILA). 0.0.0.0 End This is the ending local IP address (ILA ). If the rule is for all l ocal IPs, then put the Start IP as 0.0.0.0 and th e End IP as 255.255.255.[...]

  • Page 254

    HomeSafe User’s Guide NAT 25-7 Figure 25-9 Multiple Servers Behind NAT Ex ample 25.5 General NA T Examples The following are some examples of NAT configuration. 25.5.1 Example 1: Internet Access Onl y In the following Internet access example, you only need one rule where the ILAs (Inside Local Addresses) of computers A through D map to one dynami[...]

  • Page 255

    HomeSafe User’s Guide 25-8 NAT 25.5.2 Example 2: Internet A ccess w ith an Inside Server The dynamic Inside Global Address is assigned by the ISP. Figure 25-12 NAT Example 2 In this case, you do exactly as above (use the convenient pre-configured SUA Only set) and also go to menu 15.2 to specify the Inside Server behind the NAT as shown in the ne[...]

  • Page 256

    HomeSafe User’s Guide NAT 25-9 Figure 25-14 NAT Example 3 Step 1. In this case you need to configure Address Mapping Set 1 from Menu 15.1 - Address Mapping Sets. Therefore you must choose the Full Feature option from the Network Address Translation field (in menu 4 or menu 11.3) in Step 2. Figure 25-15. Step 3. Then enter 15 from the main menu. S[...]

  • Page 257

    HomeSafe User’s Guide 25-10 NAT Figure 25-16 Example 3: Menu 15.1.1.1 Figure 25-17 Example 3: Final Menu 15.1.1 Now configure the IGA3 to map to our web server and mail server on the LAN. Step 10. Enter 15 from the main menu. Step 11. Enter 2 in Menu 15 - NAT Setup . Step 12. Enter 1 in Menu 15.2 - NAT Server Setup to see the following menu. Conf[...]

  • Page 258

    HomeSafe User’s Guide NAT 25-11 Example 3: Menu 15.2 25.5.4 Example 4: NA T Unfr iendly Application Programs Some applications do not support NAT Mapping usin g TCP or UDP port address translation. In this case it is better to use Many-to-Many No Overload mapping as port numbers do not change for Many-to-Many No Overload (and One-to-One ) NAT map[...]

  • Page 259

    HomeSafe User’s Guide 25-12 NAT Figure 25-20 Example 4: Menu 15.1.1 Address Ma pping Rules 25.6 Configuring T rigger Port Forwarding ) Only one LAN computer can use a trigger port (range) at a time. Enter 3 in menu 15 to displa y Menu 15.3 — Trigger Port Setup , shown next. Figure 25-21 Menu 15.3 Trigger Port Setup The following table describes[...]

  • Page 260

    HomeSafe User’s Guide NAT 25-13 Table 25-5 Menu 15.3 Trigger Port Setup FIELD DESCRIPTION EXAMPLE Rule This is the rule inde x number. 1 Name Enter a uni qu e name for identification purpos es. You may enter up to 15 characters in this field. All characters are permitted - includi ng spaces. Real A udio Incoming Incoming is a port (or a range of [...]

  • Page 261

    [...]

  • Page 262

    HomeSafe User’s Guide Firewall 26-1 Chapter 26 Enabling the Firewall This chapter shows you how to get started with the HomeSafe firewall. 26.1 Remote Management and the Firewall When SMT menu 24.11 is configured t o allow management (see the Remote Management chapter) and the firewall is enabled: • The firewall blocks remote management from th[...]

  • Page 263

    SMT Advanced Management VIII P P a a r r t t V V I I I I I I : : SMT Advanced Management This part discusse s filtering se tup, SNMP , system security , sy stem information and diagnosis, firmware and configuration file maintena nce, sy stem maintenance, remote management and call scheduling. ) See the web configurator p art s of this guide for bac[...]

  • Page 264

    HomeSafe User’s Guide Filter Configuration 27-1 Chapter 27 Filter Configuration This chapter shows you how to create and apply filters. 27.1 Introduction to Filters Your HomeSafe uses filters to decide whether to allow passage of a data packet and/or to make a call. There are two types of filter applications : data filtering and call filtering. F[...]

  • Page 265

    HomeSafe User’s Guide 27-2 Filter Configuration apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maxim u m of 24 rules active for a single port. Sets of factory default filter rules have been configured in menu 21 to prevent NetBIOS traffic from trigg[...]

  • Page 266

    HomeSafe User’s Guide Filter Configuration 27-3 27.2 Configuring a Filter Set The HomeSafe includes filtering for NetBIOS ove r TCP/IP packets by default. To configure another filter set, follow the procedure below. Step 1. Enter 21 in the main menu to open menu 21. Figure 27-4 Menu 21: Filter and Fire w all Setup Step 2. Enter 1 to bring up the [...]

  • Page 267

    HomeSafe User’s Guide 27-4 Filter Configuration Table 27-1 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION M More. “Y” means there are more rules to check which form a rule c hai n with the present rule. An action cannot be taken until the rule chain is compl ete. “N” means there are no more rules to check. You can s[...]

  • Page 268

    HomeSafe User’s Guide Filter Configuration 27-5 To configure TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press [ENTER] to open Menu 21.1.1.1 - TCP/IP Filter Rule , as shown next. Figure 27-6 Menu 21.1.1.1 TCP/IP Filter Rule The following table describes how to configure your TCP/IP filter rule. Table 27-3 TCP/IP Filter [...]

  • Page 269

    HomeSafe User’s Guide 27-6 Filter Configuration Table 27-3 TCP/IP Filter Rule FIELD DESCRIPTION OPTIONS Port # Enter the source port of the pa ckets that you wish to filter. The range of this field is 0 to 65535. This field is ignor ed if it is 0. 0-65535 Port # Comp Press [SPACE BAR] and then [ENTER] to select the comparison to apply to the sour[...]

  • Page 270

    HomeSafe User’s Guide Filter Configuration 27-7 Packet into IP Filter Matched Matched Yes Action Matched Action Not Matched More? No Filter Active? Check IP Protocol Drop Drop Packet Accept Packet Drop Forward Check Next Rule Check Next Rule Check Next Rule Forward Not Matched Yes No Check Src IP Addr Apply SrcAddrMask to Src Addr Matched Check D[...]

  • Page 271

    HomeSafe User’s Guide 27-8 Filter Configuration To configure a generic rule, select Generic Filter Rule in the Filter Type field in menu 21.1.4.1 and press [ENTER] to open Generic Filter Rule, as shown below. Figure 27-8 Menu 21.1.4.1 Generic Fil ter Rule The following table describes the fields in the Generic Filter Rule menu. Table 27-4 Generic[...]

  • Page 272

    HomeSafe User’s Guide Filter Configuration 27-9 Table 27-4 Generic Filter Rule Menu Fields FIELD DESCRIPTION OPTIONS Action Not Matched Select the action for a packet not matching the rule. Check Next Rule Forward Drop Once you have completed filling in Menu 21. 4.1.1 - Generic Filter Rule , press [ENTER] at the message “Press ENTER to Confirm?[...]

  • Page 273

    HomeSafe User’s Guide 27-10 Filter Configuration Step 6. Enter 1 to configure the first filter rule (the only filter rule of this set). Make the entries in this menu as shown in the following figure. Figure 27-10 Example Filter: Menu 21.1.3.1 When you press [ENTER] to confirm, you will see the following screen. Note that there is only one filter [...]

  • Page 274

    HomeSafe User’s Guide Filter Configuration 27-11 Figure 27-11 Example Filter Rules Summary : Menu 21.1.3 After you’ve created the filter set, y ou must apply it. Step 1. Enter 11 from the main menu to go to menu 11. Step 2. Go to the Edit Filter Sets field, press [SPACE BAR] to select Yes and press [ENTER] . Step 3. This brings you to menu 11.5[...]

  • Page 275

    HomeSafe User’s Guide 27-12 Filter Configuration Figure 27-12 Protocol and Dev ice Filter Sets 27.5 Firewall V ersus Filters Firewall configuration is discussed in the firewall chapters of this manual. Further comparisons are also made between filtering, NAT and the firewall. 27.6 Applying a Filter This section shows you where to apply the filter[...]

  • Page 276

    HomeSafe User’s Guide Filter Configuration 27-13 four filter sets by entering their numbers separated by commas. The HomeSafe already has filters to prevent NetBIOS traffic from triggering ca lls, and block incoming telnet, FTP and HTTP connections. Figure 27-14 Filtering Remote Node T raffic Menu 11.5 - Remote Node Filter Input Filter Sets: prot[...]

  • Page 277

    [...]

  • Page 278

    HomeSafe User’s Guide SNMP Configuration 28-1 Chapter 28 SNMP Configuration This chapter explains SNMP Configuration menu 22. 28.1 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your HomeSafe supports SNMP agent function[...]

  • Page 279

    HomeSafe User’s Guide 28-2 SNMP Configuration • GetNext - Allows the manager to retrieve the ne xt object variable from a table or list within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations. • Set - Allows the manager to set [...]

  • Page 280

    HomeSafe User’s Guide SNMP Configuration 28-3 28.4 SNMP T rap s The HomeSafe will send traps to the SNMP mana ger when any one of the following events occurs: Table 28-2 SNMP Traps TRAP # TRAP NAME DESCRIPTION 1 coldStart ( defined in RFC-1215 ) A trap is sent after booting (power on). 2 warmStart ( defined in RFC-1215 ) A trap is sent after boot[...]

  • Page 281

    [...]

  • Page 282

    HomeSafe User’s Guide System Security 29-1 Chapter 29 System Security This chapter describes how to configure the syst em security on the HomeSafe . 29.1 System Security You can configure the system password, an extern al RADIUS server and 802.1x in this m enu. 29.1.1 System Password Figure 29-1 Menu 23 Sy s tem Security You should change the def[...]

  • Page 283

    HomeSafe User’s Guide 29-2 S ystem Security Table 29-1 Menu 23.2 Sy s tem Security : RADIUS Serv er FIELD DESCRIPTION EXAMPLE Authentication Server Active Press [SPACE BAR] to select Yes and press [ENTER] to enable user authentication through a n e x ternal authenticati on server. No Server Address Enter the IP address of the external authe nti c[...]

  • Page 284

    HomeSafe User’s Guide System Security 29-3 Figure 29-5 Menu 23.4 Sy stem Securit y : IEEE802.1x The following table describes th e fields in this menu. Table 29-2 Menu 23.4 Sy stem Security : IEEE802.1x FIELD DESCRIPTION Wireless Port Control Press [SPACE BAR] and sele ct a security mode for the wireless LAN access. Select No Authentica tion Re q[...]

  • Page 285

    HomeSafe User’s Guide 29-4 S ystem Security Table 29-2 Menu 23.4 Sy stem Security : IEEE802.1x FIELD DESCRIPTION PSK Type a pre-shared key from 8 to 63 case-sens itive ASCII characters (including spaces and symbols) when you select WPA-PSK in the Key Management Protocol field. WPA Mixed Mode Select Enable to activate WPA mixed mode. Otherw ise, s[...]

  • Page 286

    HomeSafe User’s Guide System Information and Diagnosis 30-1 Chapter 30 System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT m enus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use t[...]

  • Page 287

    HomeSafe User’s Guide 30-2 System Information and Diagnosis Figure 30-2 Menu 24.1 Sy stem Maintenance : Status The following table describ es the fields present in Menu 24.1 — System Maintenance — Status . These fields are READ-ONLY and meant for diagnostic purposes. The upper right corner of the screen shows the time and date according to th[...]

  • Page 288

    HomeSafe User’s Guide System Information and Diagnosis 30-3 30.2 System Information To get to the System Information: Step 1. Enter 24 to d isp lay Menu 24 — System Information and Console Por t Speed . Step 2. Enter 2 to display Menu 24. 2 — System Information . Step 3. From this menu yo u have two ch oices as shown i n the next fi gure: Fig[...]

  • Page 289

    HomeSafe User’s Guide 30-4 System Information and Diagnosis 30.2.2 Console Port Speed You can set up different port speeds for the console port through M enu 24.2.2 – System Maintenance – Console Port Speed . Your HomeSafe supports 9600 (default), 1920 0, 38400, 57600 and 115200 bps. Pre ss [ SPACE BAR ] and then [ENTER] to select the desired[...]

  • Page 290

    HomeSafe User’s Guide System Information and Diagnosis 30-5 Your HomeSafe sends five types of syslog messages. Some examples (not all HomeSafe speci fic) of these syslog messages with their message formats are shown next: 1. CDR CDR Message Format SdcmdSyslogSend( SYSLOG_CDR, SYSLOG_INFO, String ); String = board xx line xx channel xx, call xx, s[...]

  • Page 291

    HomeSafe User’s Guide 30-6 System Information and Diagnosis 5. Firewall log Firewall Log Message Format SdcmdSyslogSend(SYSLOG_FIREWALL, SYSLOG_NOTICE, buf); buf = IP[Src=xx.xx.xx.xx : spo=xxxx Dst=xx.xx.xx.xx : dpo=xxxx | prot | rule | action] Src: Source Address spo: Source port (empty means no source port information) Dst: Destination Address [...]

  • Page 292

    HomeSafe User’s Guide System Information and Diagnosis 30-7 Figure 30-8 Menu 24.4 Sy stem Maintenance : Diagnostic 30.4.1 W AN DHCP DHCP functionality can be enabled on the LAN or WAN as shown in Figure 30-9 . LAN DHCP has already been discussed. The HomeSafe can act eit her as a WAN DHCP client ( IP Address Assignment field in menu 4 or menu 11.[...]

  • Page 293

    HomeSafe User’s Guide 30-8 System Information and Diagnosis Table 30-4 System Maintenance Men u Diagnostic Reboot System Enter 11 to reboot the HomeSafe. Host IP Address= If you entered 1 in Ping Host , then enter the IP address of the computer you want to ping in this field. Enter the number of the selection you would like to perform or press [E[...]

  • Page 294

    HomeSafe User’s Guide Firmware and Configuration File Maintenance 31-1 Chapter 31 Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files. 31.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains[...]

  • Page 295

    HomeSafe User’s Guide 31-2 Firmware and Configuration File Maintenance 31.2 Backup Configuration Option 5 from Menu 24 – System Maintenance allows you to backup t he current HomeSafe configuration to your computer. Backup is highl y recommended once your HomeSafe is functioning properly. FTP is the preferred methods for backing up your current [...]

  • Page 296

    HomeSafe User’s Guide Firmware and Configuration File Maintenance 31-3 31.2.4 GUI-based FTP Client s The following table describes some of the commands that you may see in GUI-based FTP clients. Table 31-2 General Commands for GUI-based FTP Clients COMMAND DESCRIPTION Host Address Enter the addr ess of the host server. Login Type Anonym ous. This[...]

  • Page 297

    HomeSafe User’s Guide 31-4 Firmware and Configuration File Maintenance 31.2.7 TFTP Command Example The following is an example TFTP command: tftp [-i] host get rom-0 config.rom where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the HomeSafe IP address, “get” transfers the file sour[...]

  • Page 298

    HomeSafe User’s Guide Firmware and Configuration File Maintenance 31-5 Figure 31-3 Telnet into Menu 24.6 Step 1. Launch the FTP client on your computer. Step 2. Enter “open”, followed by a space and th e IP address of your HomeSafe. Step 3. Press [ENTER] when prompted for a username. Step 4. Enter your password as requested (the default is ?[...]

  • Page 299

    HomeSafe User’s Guide 31-6 Firmware and Configuration File Maintenance ) WA R N I N G ! DO NOT INTERRUPT THE FILE TR ANSFER PROCESS AS THIS MA Y PERMANENTL Y DAMAGE YOUR HOMESAFE. 31.4.1 Firmware File Upload FTP is the preferred method for uploading the firmwa re and configuration. T o use this feature, your computer must have an FTP client. When[...]

  • Page 300

    HomeSafe User’s Guide Firmware and Configuration File Maintenance 31-7 31.4.3 FTP File Upload Command from the DOS Prompt Example Step 1. Launch the FTP client on your computer. Step 2. Enter “open”, followed by a space and th e IP address of your HomeSafe. Step 3. Press [ENTER] when prompted for a username. Step 4. Enter your password as req[...]

  • Page 301

    HomeSafe User’s Guide 31-8 Firmware and Configuration File Maintenance Step 5. Use the TFTP client (see the example below) to transfer files between the Ho meSafe and the computer. The file name for the firmware is “ras”. Note that the telnet connection must be active and the HomeSafe in CI m ode before and during the TFTP transfer. For detai[...]

  • Page 302

    HomeSafe User’s Guide System Maintenance 32-1 Chapter 32 System Maintenance This chapter leads you through SMT menus 24.8 to 24.10. 32.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the ma in system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions[...]

  • Page 303

    HomeSafe User’s Guide 32-2 System Maintenance Figure 32-2 Valid Commands 32.2 Call Control Support The HomeSafe provides two call control functions : budget m anagement and call history. Please note that this menu is only applicable when Encapsulation is set to PPPoE in menu 4 or m enu 11.1. The budget management function allows you to set a limi[...]

  • Page 304

    HomeSafe User’s Guide System Maintenance 32-3 Table 32-1 Budget Management FIELD DESCRIPTION EX AMPLE Remote Node Enter the index number of the remote node you want to reset (just one in this case) 1 Connection Time/Total Budget This is the total connection time that has gone by (within the allocated budg et that you set in menu 11.1). 5/10 means[...]

  • Page 305

    HomeSafe User’s Guide 32-4 System Maintenance 32.3 T ime and Date Setting The Real Time Chip (RTC) keeps track of the time and date (not available on all models). There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your HomeSafe. Menu 24.10 allows you to update the [...]

  • Page 306

    HomeSafe User’s Guide System Maintenance 32-5 Table 32-3 Time and Date Setting Fields FIELD DESCRIPTION Time Zone Press [SPACE BAR] and then [ENTER] to set the time difference between your time zone and Greenwich Mean T ime (GMT ). Daylight Saving Daylight Saving T ime is a period fr om late spring to early fall when many countries set their cloc[...]

  • Page 307

    [...]

  • Page 308

    HomeSafe User’s Guide Remote Management 33-1 Chapter 33 Remote Management This chapter covers remote management (SMT menu 24.11). 33.1 Remote Management Remote management allows you to determin e which services/protocols can access which HomeSafe interface (if any) from which computers. You may manage your HomeSafe from a remote location via: ¾ [...]

  • Page 309

    HomeSafe User’s Guide 33-2 Remote Management Table 33-1 Menu 24.11 – Remote Managemen t Control FIELD DESCRIPTION EX AMPLE Port This field sho ws the port number for the service or protocol. You ma y change the port number if nee ded, but you must use the same port number to access the HomeSafe. 23 Access Select the access interface (if an y) b[...]

  • Page 310

    HomeSafe User’s Guide Call Scheduling 34-1 Chapter 34 Call Scheduling Call scheduling (applicable for PPPoA or PPPo E encapsulation only) allows you to dictate when a remote node should be called and for how long. 34.1 Introduction to Call Scheduling The call scheduling feature allows the HomeSafe to manage a remote node and dictate when a remote[...]

  • Page 311

    HomeSafe User’s Guide 34-2 Call Scheduling Figure 34-2 Menu 26.1 Schedule Set Setup If a connection has been already established, your HomeSafe will not drop it. Once the connection is dropped manually or it tim es out, then that remote node can't be triggered up until the end of the Duration . Table 34-1 Menu 26.1 Schedule Set Setup FIELD D[...]

  • Page 312

    HomeSafe User’s Guide Call Scheduling 34-3 Table 34-1 Menu 26.1 Schedule Set Setup FIELD DESCRIPTION EXAMPLE Action Forced On means that the connection is ma intained whether or not there is a demand call on the line and will pers ist for the time period specified in the Duration field. Forced Down means that the connection is blocked whether or [...]

  • Page 313

    Appendices and Index IX P P a a r r t t I I X X : : Appendices and Index This section provides some Appendices and an Index.[...]

  • Page 314

    [...]

  • Page 315

    HomeSafe User’s Guide Troubleshooting A-1 Appendix A Troubleshooting PROBLEM CORRECTIVE ACTION None of the LEDs turn on when you turn on the HomeSafe. Make sure that you have the correct po wer adapter connected to the Hom eSafe and plugged in to an appr opri ate power source. Check all cable con nectio ns. If the LEDs still do not turn on, you m[...]

  • Page 316

    HomeSafe User’s Guide A-2 PPPoE PROBLEM CORRECTIVE ACTION Make sure that the Time Scheduling configured in the Parental Control Edit screen restricts access at the scheduled time. Make sure that you select the Keyword Blocking check box in the Parental Control Group Edit screen. Make sure that the keywords that you type are listed in the Block We[...]

  • Page 317

    HomeSafe User’s Guide Troubleshooting B-1 Appendix B PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethern et (PPP over Ethernet, RFC 2516) from your PC to an ATM PVC (Permanent Virtual Circuit) that connects to an xDSL Access Concentrator where the PPP session terminates (see the next figure). One PVC can support any number of PP[...]

  • Page 318

    HomeSafe User’s Guide B-2 PPPoE With PPPoE, the VC (Virtual Circuit) is equivale nt to the dial-up connection and is between the modem and the AC, as opposed to all the way to the ISP. However, the PPP negotiation is between the PC and the ISP. The HomeSafeas a PPPoE Client When using the HomeSafeas a PPPoE client, the PCs on the LAN see only Eth[...]

  • Page 319

    HomeSafe User’s Guide PPTP C-1 Appendix C PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft proprietary protocol (R FC 2637 for PPTP is informational only) to tunnel PPP fram e s. How can we transport PPP frames from a PC to a broadband modem over Ethernet? A solution is to build PPTP into the ANT (ADSL Network Term inati[...]

  • Page 320

    HomeSafe User’s Guide C-2 PPTP PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F (Cisco’s Layer 2 Forwarding). Conceptually, there are three pa rties in PPTP, namely the PNS (PPTP Network Server), the PAC (PPTP Access Concentrator) a nd the PPTP user. The PNS is the box that hosts both the PPP and the[...]

  • Page 321

    HomeSafe User’s Guide PPTP C-3 The PPP frames are tunneled between the PN S and PAC over GRE (General Routing Encapsulation, RFC 1701, 1702). The individual calls within a tun nel are distinguished using the Call ID field in the GRE header.[...]

  • Page 322

    [...]

  • Page 323

    HomeSafe User’s Guide Log Descriptions D- 1 Appendix D Log Descriptions Configure centralized logs using the embedded web configurator; see th e online help for details. This appendix describes some of the log m essages. Chart 1 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT [...]

  • Page 324

    HomeSafe User’s Guide D-2 Log Des criptions Chart 2 System Maintena nce Logs LOG MESSAGE DESCRIPTION mismatch ID content. !! No known phase 1 ID type found The ID type of an incomin g pa cket does not match any known ID type. Chart 3 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP packets can pass throu gh the firewall. Chart 4 [...]

  • Page 325

    HomeSafe User’s Guide Log Descriptions D- 3 Chart 4 Content Filtering Logs LOG MESSAGE DESCRIPTION %s When the content filter is not on according to the time schedule or you did n' t select the "Block Matched Web Site” checkbox, the system forwards the web content. Waiting content filter server timeout The external content filtering s[...]

  • Page 326

    HomeSafe User’s Guide D-4 Log Des criptions Chart 5 ICMP Type and Code Expla n ations TYPE CODE DESCRIPTION 0 Time to live exceeded in transit 1 Fragment reassembly time exceeded 12 Parameter Problem 0 Pointer indicates the error 13 Timestamp 0 Timestamp request message 14 Timestamp Reply 0 Timestamp reply message 15 Information Request 0 Informa[...]

  • Page 327

    HomeSafe User’s Guide Log Descriptions D- 5 Usage: [0:none/1:log/2:alert/3:both] [0:don't show debug type/1:show debug type] 4. Use sys logs category followe d by a log cate g ory and a parameter to decide what to record. Use 0 to not record logs for that category, 1 to record only logs for that category, 2 to record only alerts for that cat[...]

  • Page 328

    [...]

  • Page 329

    HomeSafe User’s Guide Setting up Your Computer’s IP Address E-1 Appendix E Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components yo u need to i[...]

  • Page 330

    HomeSafe User’s Guide E-2 Set ting up Your Computer’s IP Address b. Select Protocol and then click Ad d . c. Select Microsoft from the list of manufacturers . d. Select TCP/IP from the list of network protocols and then cli ck OK . If you need Client for Microsoft Networks: a. Click Ad d . b. Select Client and then click Add . c. Select Microso[...]

  • Page 331

    HomeSafe User’s Guide Setting up Your Computer’s IP Address E-3 -If you do not know your gateway’s IP address, remove previously installed gate ways. -If you have a gateway IP address, type it in the Ne w ga te way fie ld and click Add . 4. Click OK to save and close the TCP/IP Properties wind o w. 5. Click OK to close the Network window. Ins[...]

  • Page 332

    HomeSafe User’s Guide E-4 Set ting up Your Computer’s IP Address Windows 2000/NT/XP 1. In Windo ws XP, click start , Control Panel . In Windows 2000/NT, click Start , Settings , Control Panel . 2. In Windo ws XP, click Network Connections . In Windows 2000/NT, click Netwo rk and Dial-up Connections . 3. Right-click Local Area Connection and the[...]

  • Page 333

    HomeSafe User’s Guide Setting up Your Computer’s IP Address E-5 4. Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties . 5. T he Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). - To have your computer assigned a d ynamic IP address, click Obtain an IP address automatically .[...]

  • Page 334

    HomeSafe User’s Guide E-6 Set ting up Your Computer’s IP Address 6. -If you do not kno w your gateway's IP address, remove any previously installed gate ways in the IP Settin gs tab and click OK . Do one or more of the following if you want to configure additional IP addres ses: -In the IP Settings tab, in IP addresses, click Add . -In TCP[...]

  • Page 335

    HomeSafe User’s Guide Setting up Your Computer’s IP Address E-7 7. In the Internet Protocol TCP/IP Properties window (the Gene ral t ab in Windows XP): -Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). -If you know your DNS server IP address(es), click Use the follow ing DNS ser ver addresses , an[...]

  • Page 336

    HomeSafe User’s Guide E-8 Set ting up Your Computer’s IP Address Macintosh OS 8/9 1. Click the Apple menu, Control Pane l and double-click TCP/IP to open the TCP/IP Control Panel . 2. Select Ethernet built-in from the Connect v i a list. 3. For d ynamic all y assigned settings, select Using DHCP Server from the Configure: list. 4. For staticall[...]

  • Page 337

    HomeSafe User’s Guide Setting up Your Computer’s IP Address E-9 Verifying Your Computer’s IP Address Check your TCP/IP properties in the TCP/IP Control Panel window. Macintosh OS X 1. Click the Apple menu, and click System Preferences to open the System Preferences wi n d o w. 2. Click Netw ork in the icon bar. - Select Automatic from the Loc[...]

  • Page 338

    [...]

  • Page 339

    HomeSafe User’s Guide Wireless LAN and IEEE 802.11 F -1 Appendix F Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, emai l, printer services, etc.) without the use of a cabled connection. In effect a wireless LAN environment prov[...]

  • Page 340

    HomeSafe User’s Guide Wireless LAN and IEEE 802.11 F-2 time two or more wireless adapters are within ra nge of each other, they can set up an independent network, which is commonly referred to as an Ad -hoc network or Indepe ndent Basic Service Set (IBSS). See the following diagram of an example of an Ad-hoc wireless LAN. Diagram F-1 Peer-to-Peer[...]

  • Page 341

    HomeSafe User’s Guide Wireless LAN and IEEE 802.11 F -3 Diagram F-2 ESS Provides Campus-Wide Coverage[...]

  • Page 342

    [...]

  • Page 343

    HomeSafe User’s Guide Wireless LAN with IEEE 802.1x G-1 Appendix G Wireless LAN With IEEE 802.1x As wireless networks become popular for both portable computing and corporate networks, security is now a priority. Security Flaws wi th IEEE 802.1 1 Wireless networks based on the original IEEE 802 .11 have a poor reputation for safety. The IEEE 802.[...]

  • Page 344

    HomeSafe User’s Guide Wireless LAN with IEE E 802.1x G-2 Diagram G-1 Sequences for EAP MD5–Challenge Authentication Client computer access authorized. Client computer access not autho r ized.[...]

  • Page 345

    HomeSafe User’s Guide Types of EAP Authentication H-1 Appendix H Types of EAP Authentication This appendix discusses the four popular EAP authentication types: EAP-MD5 , EAP-TLS , EAP-TTLS and PEAP . The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for m o re information. EAP-MD5 (Messa[...]

  • Page 346

    HomeSafe User’s Guide H-2 Types of EAP Authentication Comparison of EAP Authentication T ypes EAP-MD5 EAP-TLS EAP-TTLS PEAP Certificate – Client No Yes Optional Optional Certificate – Server No Yes Yes Yes Dynamic Key Exchange No Yes Yes Yes Credential Security None Strong Strong Strong Deployment Difficulty Easy Hard Moderate Moderate Wirele[...]

  • Page 347

    HomeSafe User’s Guide Antenna Selection and Positioning Recommendation I-1 Appendix I Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitte r within a wireless device sends an RF signal to the antenna, which propagates the signal throu gh the air. The antenna also operates in reverse by capturing RF[...]

  • Page 348

    HomeSafe User’s Guide I-2 • Directional antennas conce ntrate the RF signal in a beam , like a flashlight. The angle of the beam width determ ines the direction of the covera ge pattern; typically ranges from 20 degrees (less directional) t o 90 degrees (very directio nal). Th e directi onal antennas are ideal for hallways and outdoor poi nt-to[...]

  • Page 349

    HomeSafe User’s Guide Brute-Force Password Guessing Protection J- 1 Appendix J Brute-Force Password Guessing Protection The following describes the comma nds for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See other appendice s for information on the command structure. Chart 6 Brute[...]

  • Page 350

    [...]

  • Page 351

    HomeSafe User’s Guide Triangle Route K-1 Appendix K Triangle Route The Ideal Setup When the firewall is on, your HomeSafeacts as a secure gateway between y our LAN and the Internet. In an ideal network topology, all incom ing and outgoing network traffic passes through the HomeSafeto protect your LAN against attacks. Diagram K-1 Ideal Setup The ?[...]

  • Page 352

    HomeSafe User’s Guide K-2 Triangle Route Step 1. A computer on the LAN initiates a connection by se nding a SYN pac ket to a receiving server on the WAN. Step 2. The HomeSafereroutes the packet to Gateway B which is in Sub n et 2. Step 3. The reply from WAN goes through the HomeSafeto the computer on th e LAN in Subn et 1. Diagram K-3 IP Alias Ga[...]

  • Page 353

    HomeSafe User’s Guide Index L-1 Appendix L Index 8 802.1x ........................................................... 7-11 A Active ........................................................... 22-2 Address Assignment ................................ 3-8, 3-9 Address Resolution Prot ocol (ARP) ............... 5-3 Ad-hoc Configuration...............[...]

  • Page 354

    HomeSafe User’s Guide L-2 Index Ethernet Encapsulation ........9-5, 21-1, 22-1, 22-7 Extended Service Set ............................... F-2, 6-2 Extended Service Set I Dentification............... 6-5 F Factory Default ............................................. 19-1 Factory LAN Defa ults .................................... 5-1 Fail Toleranc[...]

  • Page 355

    HomeSafe User’s Guide Index L-3 Management Informat ion Base (MIB ) 14-6, 28-1 Many to Many No Overloa d .................. See NAT Many to Many Overload ....................... See NAT Many to One .......................................... See NAT MD5 .............................................................. H-1 Message Digest Algorithm 5 .[...]

  • Page 356

    HomeSafe User’s Guide L-4 Index Roaming ......................................................... 6-5 Enable on ZyAIR ..................................... 20-8 Example ..................................................... 6-6 Requirements ............................................. 6-6 Route ....................................................[...]

  • Page 357

    HomeSafe User’s Guide Index L-5 V VPN ................................................................ 8-4 W WAN DHCP ................................................. 30-7 WAN Setup ........................................... 3-9, 19-1 Warranty .............................................................v Web ...................................[...]