Alcatel AST570 User Manual Download Page 218

Page: 218 / 300

What is the AST570

Firewall

How the AST570

Firewall works

17 Security Services - Firewalling

218

/ 300

3EC 17766 AAAA TCZZA Ed. 04

17.1 Operation of the Firewall

The

AST570

Firewall is a set of related programs that protects the

resources of your local network from users from other networks.
Basically, a firewall examines each network packet to determine

whether to forward it toward its destination. Firewalls work in most

cases closely together with a proxy server that makes network

requests on behalf of your local network users.
For the

AST570

Firewall the

AST570

acts as well as network

gateway and proxy server to contact the outside world via the DSL

line
The

AST570

Firewall is in fact a packet filter: inside and outside

nodes are visible to each other at the IP level, but the firewall

filters out, i.e. blocks the passage of certain packets, based on

their header.

Packets are intercepted at certain Packet Interception Point (PIP),

called

hooks

, in the

AST570

IP router. At this points, they are

matched against a chain, which comprises rules (at least one).

These rules determine the type of control implemented on the

packets.
Incoming and outgoing traffic is validated by comparing certain

values in the packets with configured Firewall parameters. The

parameters in a rule can be divided according to the protocol to

which they belong: a first group validates traffic on the interface

level, a second group on IP level, a third group filters on TCP, UDP

and ICMP level.

Summary of Contents for AST570

Page 1: ...3EC 17766 AAAA TCZZA Ed 04 SPEED TOUCH 570 User s Guide...

Page 2: ...00 Status Released Change Note BD F aa 35249 Short Title CD UG AST570 R1 0 All rights reserved Passing on and copying of this document use and communication of its contents not permitted without writt...

Page 3: ...Single PC Ethernet Wiring 31 2 2 3 LAN Ethernet Wiring 32 3 Wiring Guide DSL and Power 33 3 1 Locating Ports 34 3 2 Connecting the DSL Port 35 3 3 Connecting the Power Adapter 36 4 WLAN Guide Wireles...

Page 4: ...on and Use Relayed PPPoA 93 10 1 Preparatory Steps 94 10 2 Using Relayed PPPoA 95 10 2 1 Preparing the PC for PPTP Tunneling 96 10 2 2 Using PPTP towards your AST570 97 10 3 Example MS Windows 98 Dial...

Page 5: ...he Phonebook 161 14 Networking Services IP 163 14 1 Speed Touch and IP 164 14 2 Packet Services and IP 166 14 2 1 Transparent Bridging 167 14 2 2 Relayed PPPoA 168 14 2 3 Routed Packet Services 169 14...

Page 6: ...to Defaults 246 20 2 2 Ping to Defaults 247 20 2 3 Switch to Defaults 248 21 Maintenance Speed Touch Web Interface 249 21 1 Web Interface Preconditions 250 21 1 1 Disabling Proxy Servers 251 21 1 2 Di...

Page 7: ...f your data MAC based filtering and encryption tools and a physical authentication mechanism secure your WLAN from unauthorized access For optimal LAN and WLAN performance the Alcatel Speed Touch 570...

Page 8: ...ation The following trademarks are used in this document Speed Touch is a trademark of the Alcatel Company Netscape and Netscape Navigator are registered trademarks of Netscape Communications Corporat...

Page 9: ...ctivity Therefore both will be referred to as W LAN All examples throughout this User s Guide refer to Net 10 IP addresses for local network configurations VPI 0 or VPI 8 to identify the Virtual Path...

Page 10: ...10 300 3EC 17766 AAAA TCZZA Ed 04...

Page 11: ...s chapter 1 Speed Touch Quick Guide 11 300 3EC 17766 AAAA TCZZA Ed 04 1 Speed Touch Quick Guide Use this chapter to quickly connect your AST570 to the Internet Topic See Get Acquainted with your AST57...

Page 12: ...11 RJ11 RJ14 RJ14 1 Wall mounting assembly with Velcro sticker 2 Screws and 2 wall plugs for the wall mounting assembly This User s Guide in hard copy format In the event of damaged or missing items c...

Page 13: ...ottom The marking label for the North American market is similar to the example below Marking Label Information Do not remove the marking label from the bottom nor cover it with another label Next to...

Page 14: ...ation Execution of the steps in this section will bring you on the Internet in no time Topic See What you Need 1 2 1 AST570 Connections 1 2 2 Check your SP s Service Offerings 1 2 3 Select an AST570 P...

Page 15: ...decoupling ADSL and telephone signals Contact your SP for more information For WLAN connectivity The portable PCs intended to be connected via the AST570 need a WLAN networking adapter WLAN NIC Each W...

Page 16: ...e Note In case no wired Ethernet connections have to be made you can omit this step and continue with wiring the DSL port Refer to section 2 2 for more information Use the included DSL cable to wire t...

Page 17: ...Ethernet connection only implies in case the Ethernet port is used for connecting a PC Once all previous steps are completed turn on your AST570 The AST570 is ready for service as soon as the start up...

Page 18: ...1 On the WLAN adapter configure the Service Set ID SSID with the AST570 default SSID printed on the marking label found on the bottom of the AST570 This default SSID exists of the word Alcatel follow...

Page 19: ...different from the Connection Service s default encapsulation Example VPI VCI 0 35 Connection Service ETHoA RFC1483 Br Encapsulation Method ETHoA default i e LLC SNAP Your AST570 supports multiple si...

Page 20: ...Connection Service Protocol s Packet Service ETHoA RFC1483 Bridging Transparent Bridging g g Routed Ethernet Bridged PPPoE Routed PPPoE PPPoA RFC2364 Relayed PPPoA Routed PPPoA PPP to DHCP Spoofing IP...

Page 21: ...In exceptional cases additional or advanced configurations are desired the AST570 offers various access methods Its Web interface See chapter 21 The Command Line Interface See chapter 22 Configure the...

Page 22: ...IP Routing no connection procedure is needed Turn on the AST570 and you are online Note Although no access procedure is needed some SPs require authentication before granting accesss to their resource...

Page 23: ...ced features Alcatel Speed Touch Quick Guide 1 Alcatel Speed Touch Wiring Guide Wired LAN 2 DSL and Power 3 Alcatel Speed Touch WLAN Guide Wireless LAN 4 Alcatel Speed Touch Configuration and Use Pack...

Page 24: ...word 19 Alcatel Speed Touch To Defaults 20 Alcatel Speed Touch Web Interface 21 Alcatel Speed Touch CLI 22 Alcatel Speed Touch Appendices Abbreviations Alcatel Speed Touch Troubleshooting A Alcatel Sp...

Page 25: ...25 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Wiring Guide...

Page 26: ...26 300 3EC 17766 AAAA TCZZA Ed 04...

Page 27: ...to be used as an extension of a traditional wired networking environment it features a 10Base T MDI X Ethernet port on the back panel This chapter will guide you through the wiring of the AST570 Ethe...

Page 28: ...er make sure that these have the correct layout See section D 6 for more information on how to identify straight through and crossover LAN cables Determine the LAN cable type from the following table...

Page 29: ...this section 2 Wiring Guide Wired LAN 29 300 3EC 17766 AAAA TCZZA Ed 04 2 2 Connecting Ethernet Topic See The Ethernet Port on your AST570 2 2 1 Single PC Ethernet Wiring 2 2 2 LAN Ethernet Wiring 2 2...

Page 30: ...Indicator Description Name Color State Integrity Activity Green Off No connection on the Ethernet port Activity On Ethernet link up No activity on the Ethernet port Flashing Data is flowing from to th...

Page 31: ...7766 AAAA TCZZA Ed 04 2 2 2 Single PC Ethernet Wiring In this configuration the AST570 is connected to a single PC Your wired LAN consists of only one PC and the AST570 Proceed as indicated in the fol...

Page 32: ...Repeating Hubs You may cascade up to four repeating hubs in your LAN limitations of Repeating Ethernet V2 0 IEEE802 3 hubs In case more hubs need to be cascaded you must use switching hubs In the abo...

Page 33: ...In this chapter 3 Wiring Guide DSL and Power 33 300 3EC 17766 AAAA TCZZA Ed 04 3 Wiring Guide DSL and Power Topic See Locating Ports 3 1 Connecting the DSL Port 3 2 Connecting the Power Adapter 3 3...

Page 34: ...Port description 3 Wiring Guide DSL and Power 34 300 3EC 17766 AAAA TCZZA Ed 04 3 1 Locating Ports 3 2 Following ports are used 2 DSL line port marked LINE 3 Power socket market DC...

Page 35: ...rt A central splitter or distributed filters for decoupling DSL and POTS signals must be installed on your telephone line or telephone wall outlets In some cases crossover adapters might be required P...

Page 36: ...he AC mains to 9VDC 1A unregulated output voltage Check if the power adapter included in the AST570 package is compatible with your local electrical power specifications See section D 5 for connector...

Page 37: ...37 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 WLAN Guide...

Page 38: ...38 300 3EC 17766 AAAA TCZZA Ed 04...

Page 39: ...n this chapter 4 WLAN Guide Wireless LAN 39 300 3EC 17766 AAAA TCZZA Ed 04 4 WLAN Guide Wireless LAN Topic See Wireless LAN Connectivity 4 1 Wireless LAN Configuration 4 2 Wired LAN vs Wireless LAN 4...

Page 40: ...LAN Access Point behaves as a hub and allows wireless connectivity of several devices to the local W LAN and via the AST570 DSL router to the public network e g the Internet The same technology enable...

Page 41: ...le to communicate with other clients of the W LAN including the AST570 The IEEE802 11b standard for WLANs allows for several WLAN networks using different radio channels to be co located Several chann...

Page 42: ...address Direct Sequence Spread Spectrum DSSS channel number The channel number possible values are dependent of the regulatory domain where you purchased the AST570 FCC 1 to 11 and ETSI 1 to 13 By def...

Page 43: ...el012345 Note In fact this step allows your WLAN to be secure without the physical authentication i e pushing the Association button while your WLAN client tries to join your WLAN no connectivity will...

Page 44: ...WLAN client to AST570 WLAN might be different from the first time joining procedure explained in subsection 4 1 2 The following parameters could influence the way how to allow WLAN clients to join th...

Page 45: ...Control is enabled you must press the Association button on the back panel of the AST570 or click on the Wireless page via an authenticated WLAN client or a wired Ethernet connection 5 Make sure that...

Page 46: ...similar WLAN configuration is located nearby The Wireless page allows also to configure WEP encryption and Association Control for security and privacy of your WLAN network The AST570 Wireless Page T...

Page 47: ...tion table 4 WLAN Guide Wireless LAN 47 300 3EC 17766 AAAA TCZZA Ed 04 Click in the left pane of the AST570 pages to pop up the Wireless page See section 21 2 for more information The following figure...

Page 48: ...able DSSS channel number range is from 1 up to 13 restrictions apply depending on the country where the AST570 is used FCC channels 1 to 11 ETSI channels 1 to 13 WEP Encryption This checkbox allows yo...

Page 49: ...ffect on the Wireless LAN configuration Proceed as follows 1 Browse to the Wireless page 2 The 40 bits WEP key can be Generated by the AST570 Therefor click Manually configured by yourself in the Key...

Page 50: ...ation Control mechanism by clearing the box 4 Click In case of enabling the Association Control mechanism previous WLAN connectivity might be temporary lost 5 Verify connectivity of the WLAN clients b...

Page 51: ...A rejected WLAN client will never be allowed to traffic the AST570 WLAN network even when is clicked or the Association button is pressed 2 Click to finish the procedure To remove a WLAN client from t...

Page 52: ...T570 WLAN configuration click 3 The AST570 will ask to confirm the reset 4 Click if you are sure Otherwise click All WLAN parameters are reset to their factory default Therefore WLAN connectivity will...

Page 53: ...llows local network management via An IP router See section 14 5 A DHCP server See section 14 4 A DNS server See chapter 15 NAPT abilities See chapter 16 A programmable Firewall See chapter 17 All AST...

Page 54: ...4 WLAN Guide Wireless LAN 54 300 3EC 17766 AAAA TCZZA Ed 04...

Page 55: ...55 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Configuration and Use...

Page 56: ...56 300 3EC 17766 AAAA TCZZA Ed 04...

Page 57: ...ter 5 Configuration and Use Packet Services 57 300 3EC 17766 AAAA TCZZA Ed 04 5 Configuration and Use Packet Services Topic See Supported Packet Services 5 1 Packet Services at a Glance 5 2 Selection...

Page 58: ...om the LAN side towards the DSL line and vice versa Transparent Bridging Routed Ethernet Bridged PPPoE Routed PPPoE Relayed PPPoA Routed PPPoA Classical IP IP Routing All examples in this User s Guide...

Page 59: ...ess In this mode access must be explicitly established e g by dialing into a Remote Access Server RAS For dial in access use either of Bridged PPPoE Routed PPPoE Relayed PPPoA Routed PPPoA As their na...

Page 60: ...ference for the remote access server between frames sourced by a bridge and those sourced by the AST570 MER entity PPPoE is one of two popular mechanisms to get in touch with the SP Bridged PPPoE By i...

Page 61: ...ket Service User VC IP Address Protocol W LAN i f Bridging n 1 per user Multiprotocol interface s Routed Ethernet n 1 via NAPT IP Suite Bridged PPPoE n 1 per user Multiprotocol Routed PPPoE n 1 via NA...

Page 62: ...ies of the remote end The access method an Always On connection or a connection that is established when needed i e Dial In Connectivity to a single or multiple remote networks Security features such...

Page 63: ...arent Bridging is the packet service of your choice as it Is platform and OS independent Is true multiprotocol Has no performance limitations in the Alcatel implementation Has almost no constraints on...

Page 64: ...both RFCs You can attach up to four connections VCs to the bridge To conserve DSL upstream bandwidth do not attach more connections than needed Bridging does not impose specific requirements to your P...

Page 65: ...e Phonebook page 2 On the Bridge page select this phonebook entry from the Address pop down list 3 For this entry select the correct encapsulation method from the Encapsulation pop down list 4 Click S...

Page 66: ...Ed 04 6 3 Bridging Configuration This section describes the use of the AST570 Bridge page The Bridge Page The Bridging Ports Table Bridging Ports Table Components The Aging Box Adding Entries Deleting...

Page 67: ...of the Bridging entry Note Unless the interface is created via the CLI Bridging entries are always in state connected i e attached to a Bridge port Port Indicates the name of the Bridge port on the W...

Page 68: ...s Proceed as follows 1 Browse to the Bridge page 2 If needed click 3 Select the phonebook entry from the Address pop down list Note In case the presented phonebook entries do not suite your desired co...

Page 69: ...tely relies on its filtering database for its frame forwarding through the bridge This filtering database is accessible via the Bridge page and allows you to overview all current MAC entries Click on...

Page 70: ...resident inside the bridge as stipulated in the IEEE802 1D standard The AST570 own Ethernet MAC address e g 00 80 9F 01 02 03 The Broadcast MAC address FF FF FF FF FF FF The bridge group MAC address 0...

Page 71: ...e with an IEEE Transparent Bridge Provides Always on type of connections and is auto configurable if DHCP is enabled Allows multiple users to share a single IP address if NA P T is enabled Allows your...

Page 72: ...on service must be supported on this VC Encapsulation method LLC SNAP Whether IP configuration is static or dynamic DHCP The AST570 can manage up to 12 Routed Ethernet connections simultaneously Note...

Page 73: ...page select this phonebook entry from the Address pop down list 3 For this entry select the correct encapsulation method from the Encapsulation pop down list 4 DHCP is per default on If needed unchec...

Page 74: ...TCZZA Ed 04 7 3 Routed Ethernet Configuration This section describes the use of the AST570 MER page The MER Page The MER Settings Table MER Settings Table Components Adding Entries Deleting Entries C...

Page 75: ...is created via the CLI Routed Ethernet entries are always in state connected Encap Encapsulation Indicates the applied encapsulation method for Ethernet frames on the VC The AST570 supports both the L...

Page 76: ...owse to the MER page 2 If needed click 3 Select the phonebook entry from the Address pop down list Note In case the presented phonebook entries do not suite your desired configuration you must firstly...

Page 77: ...570 transparent bridge can be used in combination with a PPP over Ethernet PPPoE client installed on your PC The resulting Bridged PPPoE packet service provides similar dial in experience as found on...

Page 78: ...thod LLC SNAP Remote access server must be a PPPoE server PPPoE client to be installed User name and password for your user account Up to four simultaneous Bridged PPPoE sessions can be active Note Pe...

Page 79: ...reating Dial Up icons with Microsoft s Dial Up Networking application All you need is your user name and password for your account although sometimes also a Service Name and or Access Concentrator is...

Page 80: ...y need to configure the Transparent Bridging packet service of the AST570 in order to meet the requirements of your SP regarding VC s and encapsulation There are no default Bridging entries Therefore...

Page 81: ...a virtual Ethernet segment Requires no PPPoE client on the PC s avoiding special installation procedures Allows multiple users to share a single IP address if NA P T is enabled Allows your local netwo...

Page 82: ...e supported on this VC Encapsulation method LLC SNAP Remote access server must be a PPPoE server User name and password for your user account The AST570 can manage up to 12 Routed PPPoE connections si...

Page 83: ...ook entry from the Address pop down list 3 For this entry select PPPoE in the Protocol field 4 Select the correct encapsulation method from the Encapsulation pop down list 5 Optionally enter user name...

Page 84: ...ing will appear in the State field Once the session is active the field displays up From then you are online and you can start your application or browse the Internet During the time the session is up...

Page 85: ...ations for Routed PPPoE connections are identical to the configuration of Routed PPPoA connections Therefore most configurational aspects in this section will be referred to the configuration sections...

Page 86: ...ee section 13 2 for more information 5 Select the encapsulation method for the Routed PPPoE entry from the Encapsulation pop down list 6 Optionally enter user name and password for the Routed PPPoE en...

Page 87: ...to the highlighted entry in the PPP Configuration table The Detailed Configuration table contains three or four tabs Three tabs PPPoE Routing and Other allow you to overview or configure connection r...

Page 88: ...TCZZA Ed 04 9 4 1 PPPoE Configurations The AST570 Routed PPPoE embedded session client allows to configure your PPPoE session for connecting for a dedicated Service via an Access Concentrator If appli...

Page 89: ...g This field allows you to configure which W LAN members besides the PC that opened the Routed PPPoE session can use the connection Destination networks Specific network These fields allow you to conf...

Page 90: ...after which a running but unused PPPoE session is closed Local IP Remote IP IP addresses are negotiated between the two PPP peers of the Routed PPPoE session The Local IP and Remote IP fields influenc...

Page 91: ...sion is running on the selected Routed PPPoE entry Following session statistics are available IP Address The IP address at the local peer of the current PPP link This address can be dynamically assign...

Page 92: ...9 Configuration and Use Routed PPPoE 92 300 3EC 17766 AAAA TCZZA Ed 04...

Page 93: ...n Has multiprotocol support depending on the PPTP implementation e g for MS Windows TCP IP IPX SPX and NETBEUI Offers complete TCP IP protocol transparency no NA P T is required Supports concurrent ac...

Page 94: ...ns simultaneously Note Check with your SP or corporate whether multiple end to end connectivity is enabled Your PC must support Point to Point Protocol PPP and Point to Point Tunnelling Protocol PPTP...

Page 95: ...PPTP dial up connection is configured you can use it to open a Relayed PPPoA connection to the remote side of the DSL line Because the configuration and use of such a connection follows similar patte...

Page 96: ...or the PPTP connection icon The VPN server s IP address or DNS hostname i e the AST570 IP address or DNS hostname Optionally you can complete this entry with the following string information The VC s...

Page 97: ...on 8 51 DIALUP_PPP3 PPPoA on 8 66 In case these PPPoA phonebook entries do not meet your requirements you can configure a new one See section 13 2 for more information Depending on your OS you can ope...

Page 98: ...etworking The following overview summarizes the necessary steps to setup a Microsoft Windows 98 PC for the use of Relayed PPPoA Step Action See 1 Configure a Private IP address on your PC 2 Create a n...

Page 99: ...cription 1 Double click the My Computer icon on your desktop 2 Double click the Dial Up Networking icon 3 Double click the Make New Connection icon to activate the Make New Connection wizard 4 If you...

Page 100: ...soft VPN Adapter for PPTP tunneling 7 Click to pop up the VPN server window 8 Enter the DNS hostname or IP address of the Virtual Private Network VPN server Note VPN server is another word for PPTP se...

Page 101: ...Use Relayed PPPoA 101 300 3EC 17766 AAAA TCZZA Ed 04 A new icon with the name of the connection you have just created will be added to your Dial Up Networking folder Per destination you can create a...

Page 102: ...on your desktop The Connect To window pops up 2 Fill in your user name and password according your user account at the SP or Corporate Note If you want the current Dial Up connection to remember your...

Page 103: ...m tray The MSDUN icon symbolizes activity on the Relayed PPPoA connection by flashing PC s A flashing Front PC symbolizes upstream TX link activity from your local PC towards the AST570 A flashing Beh...

Page 104: ...n Use Proceed as follows Step Action and Description 1 If the Dial Up connection is minimized click the MSDUN icon in the system tray The Connected To window pops up 2 Click to close the session The P...

Page 105: ...d PPPoA Configuration This section describes the use of the AST570 PPTP page The PPTP Page The Active PPTP Connections Table Active PPTP Connections Table Components Advanced Configuration Tunneling f...

Page 106: ...the Qos column will indicate default Via the CLI you can configure a specific QoS profile Encap Indicates the applied encapsulation method for PPP frames in the VC The AST570 supports both the VC MUX...

Page 107: ...ection the AST570 will always make sure that FF 03 is in front of the frame prior to put it in a PPTP tunnel In order to cope with these PPP frame differences the AST570 adapts to the different format...

Page 108: ...t add a default route for the AST570 via the Routing page See section 14 5 for more information In the example of the figure above the route to be added has the following parameters Destination 0 0 0...

Page 109: ...tion authentication and auto configuration Requires no session client on the PC s avoiding special installation procedures Allows multiple users to share a single IP address if NA P T is enabled Allow...

Page 110: ...supported on this VC Encapsulation method VC MUX Remote access server must be a PPP oA server User name and password for your user account The AST570 can manage up to 12 Routed PPPoA connections simul...

Page 111: ...oA connection Per default following Routed PPPoA connections are preconfigured DIALUP_PPP1 dial in connection DIALUP_PPP2 always on connection DHCP_SPOOF spoofing connection In case these entries do n...

Page 112: ...ur selection is highlighted 4 Click 5 If applicable an Authentication table pops up Enter your user name and password in the appropriate fields If you want the AST570 to remember your credentials chec...

Page 113: ...nnection statistics on the PPP page See section 11 4 3 for more information Proceed as follows 1 Browse to the Dial in page 2 Active PPPoA sessions are indicated via up in the State field Click next t...

Page 114: ...tivity Prior to be able to use a Routed PPPoA or Routed PPPoE entry you may need to configure it This is described in section 11 4 For more information on the use of the Routed PPPoE packet service of...

Page 115: ...the interface name will be the same as the phonebook entry name Destination Indicates available phonebook entries for Routed PPPoA and Routed PPPoE Following phonebook entries are shown Free PPPoA ph...

Page 116: ...P session is opened and active Protocol Indicates the packet service type for the PPP connection It can take following values Protocol Description PPPoA PPPoE The PPP connection is a Routed PPPoE conn...

Page 117: ...te a correct phonebook entry See section 13 2 for more information 5 Select the encapsulation method for the Routed PPPoA entry from the Encapsulation pop down list per default set to VC MUX 6 Optiona...

Page 118: ...nection in the PPP Configuration table The Detailed Configuration table contains three or four tabs The first tab PPPoE is not of importance for Routed PPPoA The second and third tab Routing and Other...

Page 119: ...r advanced users the AST570 allows manual configuration of permanent routes to dedicated destinations See section 14 5 for more information on the AST570 IP router Moreover routes can be configured vi...

Page 120: ...your corporate as their gateway to the Internet Everybody All PC s on the local W LAN can forward frames over this PPP entry This option is the exact opposite to Only me If you open a PPP session to...

Page 121: ...configure which destination can be reached over the particular PPP entry Four options are available All networks The AST570 can potentially route frames to all destinations over this PPP entry The PPP...

Page 122: ...ed Source Subnet Mask Notation All networks 0 0 0 0 0 Remote net only 255 255 255 0 0 Remote host only 255 255 255 255 32 Specific network defined below 255 255 255 0 0 default This value is depending...

Page 123: ...ns The following paragraphs explain which options that are used by a PPP entry when it opens a PPP session Other Tab Mode Triggering of a PPP Session Idle Time Limit Local and or Remote IP AST570 PPP...

Page 124: ...tomatically tries to open a PPP session for the PPP entry Dial on demand The PPP session is opened automatically for a limited period of time The opening of the session is triggered by the arrival of...

Page 125: ...on IP address Setting a remote IP address Forces the remote client if it allows to to accept this IP address as its PPP session IP address These fields allow optionally to enter the IP address es of t...

Page 126: ...n protocols to be used Challenge Handshake Authentication Protocol CHAP Password Authentication Protocol PAP Per default the AST570 will negotiate CHAP with the BroadBand RAS BBRAS as it is the safest...

Page 127: ...ession is running on the selected Routed PPPoA entry Following session statistics are available IP Address The IP address at the local peer of the current PPP link This address can be dynamically assi...

Page 128: ...11 Configuration and Use Routed PPPoA 128 300 3EC 17766 AAAA TCZZA Ed 04...

Page 129: ...ed method next to PPPoA and PPPoE for creating IP networks on top of ATM technology Is traditionally well supported by ATM access routers at the remote end of the connection Similar to Bridging provid...

Page 130: ...For full compliancy to RFC1577 the remote access device must issue and respond to InATMARP messages Note The RFC1577 on which Classical IP over ATM relies is updated by RFC2225 The AST570 fully compli...

Page 131: ...dures to enable connectivity in a Logical IP Subnet LIS via the ATM core network Topic See General CIP Configuration Procedure 12 2 1 Retrieving LIS Parameters 12 2 2 Implicit Assignment Mechanism 12...

Page 132: ...an Existing LIS of subsection 12 2 2 Are you configuring the AST570 for an existing LIS 12 2 2 2 Retrieve the appropriate LIS parameters and check on which VCs identifiable by their VPI VCI values you...

Page 133: ...577 RFC2225 compliancy state The remote access router IP address in the case it is not RFC1577 RFC2225 compliant Of course in case you know the IP address of one member of the LIS and the associated n...

Page 134: ...Description 1 Suppose you added a CIPPVC without supplying an IP address e g CIPPVC2 2 The AST570 will automatically issue an InATMARP request on this PVC 3 Is the remote side is RFC1577 RFC2225 compl...

Page 135: ...address to assign the CIP PVC to the CIP member Therefore you must explicit assign a remote IP address to the CIP PVC The default configuration of the AST570 is an example of the explicit assignment o...

Page 136: ...onebook If this VC does not match the requirements three other CIP phonebook entries are available to add However in the case none of the entries match you must add a CIP phonebook entry yourself Addi...

Page 137: ...xist in your AST570 IP routing table If the remote access router is RFC1577 RFC2225 compliant no routes for LIS connectivity need to be configured by yourself for the AST570 IP router This because it...

Page 138: ...bnet by adding a route pointing to the remote access router implicit or explicit but with now source IP address pool 10 0 1 0 24 Of course then the default IP routes configured by default must be dele...

Page 139: ...0 192 168 0 1 8 80 8 80 172 16 1 2 0 0 0 0 172 16 1 1 255 255 255 0 10 0 0 0 172 16 1 1 LIS 172 16 1 x Subnet 10 1 Local Servers 1 2 In the drawing above a LIS 172 16 1 x represented by the ellipse r...

Page 140: ...because AST570 1 is RFC1577 RFC2225 compliant The routing engine must be configured with routes to the final destinations For the given example the configuration is as follows AST570 1 has its defaul...

Page 141: ...e packet You can check IP connectivity from any PC on the local Ethernet segment Therefor ping the IP address at the far end of the virtual connection e g for the example of subsection 12 2 7 this wou...

Page 142: ...on describes the use of the AST570 CIP page The CIP Page The CIP Interfaces Table CIP Interfaces Table Components The CIP connections Table CIP Connections Table Components Adding CIP members Assignin...

Page 143: ...hows the CIP Interfaces table Field Description Intf Indicates the CIP member name All CIP members are named cipX where X is a number Local Address Indicates the IP address of the local DSL side of th...

Page 144: ...wing figure shows the CIP Connections table Field Description Dest Indicates the CIP VC phonebook name Remote Address Indicates the remote IP address of the remote DSL side of the LIS i e the IP addre...

Page 145: ...P address of the CIP member at your local side of the LIS Mask The associated classful or classless netmask subnetmask for this local IP address 4 Click and to finish the procedure A CIP member of the...

Page 146: ...te your desired configuration you must firstly create a correct phonebook entry See section 13 2 for more information 4 Depending the RFC1577 RFC2225 compliancy of the remote access router the followi...

Page 147: ...147 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Networking...

Page 148: ...148 300 3EC 17766 AAAA TCZZA Ed 04...

Page 149: ...M All data arriving at and departing from your AST570 via the DSL line is carried in Asynchronous Transfer Mode ATM cells In this way ATM is the fundamental communication language for the AST570 towar...

Page 150: ...technology using fixed size packets called cells These cells consist of a header and a payload and are switched through a public or private ATM network depending on the contents of the header End to e...

Page 151: ...line Switched Virtual Channels SVCs are similar to voice telephone network connections These are temporary connections between any two end points on the network and are configured via signaling A Swit...

Page 152: ...annels Wireless Ethernet This channel is not cross connected Symbolizes a cross connection Hence no end to end connectivity Remote LAN Practically speaking a number of VCs to one or multiple remote de...

Page 153: ...encapsulations are For Transparently Bridged connections RFC 1483 Ethernet V2 0 IEEE 802 3 bridged PDUs for both the LLC SNAP method and VC MUX method For Routed Ethernet connections RFC 1483 Etherne...

Page 154: ...mbers However in contrast to a standard phonebook it contains additional connectivity information Basic to the AST570 operation are ATM VCs The AST570 phonebook is the management tool for all possible...

Page 155: ...17766 AAAA TCZZA Ed 04 13 2 1 The AST570 Phonebook Page The Phonebook Page The Phonebook Table Phonebook Table Components Phonebook Defaults The AutoPVC Table Click in the left pane of the AST570 page...

Page 156: ...of the Phonebook table of the Phonebook page Field Description Name Indicates the name or alias of the phonebook entry Any name can be given to an entry Address Indicates the VPI and VCI value of the...

Page 157: ...ter 6 for more information Routed Ethernet MER See chapter 7 for more information IPoA RFC1483 Rt any Any kind of packet service is allowed Bridged PPPoE See chapter 8 for more information Routed PPPo...

Page 158: ...example of the AutoPVC table Any PVC identified by its VPI VCI and communicated via AutoPVC is added to the AutoPVC table If AutoPVC is not supported at the remote side i e the Digital Subscriber Lin...

Page 159: ...are free to give any name to a phonebook entry a few restrictions apply You may not provide an entry with a name which already is supplied in the Phonebook table Phonebook entries which are intended t...

Page 160: ...from the Type pop down list 6 Click and to finish the procedure On the Phonebook page click next to the phonebook entry you want to delete As a result your selection is highlighted Click and Phoneboo...

Page 161: ...o be terminated on the Ethernet port can be notified by the AST570 Basically the following steps are executed 1 The SP configures VCs on the DSLAM 2 Via AutoPVC the VPI VCI values are communicated to...

Page 162: ...f the AST570 default terminated VCs e g 8 35 on the DSLAM VPI VCI 8 35 will end up in the AutoPVC list As this VC matches with the Bridging entry Br1 the AutoPVC field of this phonebook entry will ind...

Page 163: ...tions are possible Although not the same IP is often referred to as Transmission Control Protocol TCP IP This chapter highlights some general IP parameters and some possible IP configurations for the...

Page 164: ...st Configuration Protocol DHCP allows the PC s on your local network to retrieve automatically an IP address from an IP address leasing server i e a DHCP server See subsection 14 4 for more informatio...

Page 165: ...ain Routing CIDR In CIDR an IP network is represented by a prefix which is the IP address of a network followed by a slash and lastly an indication of the number of leftmost contiguous bits correspond...

Page 166: ...section the interaction between IP addresses and packet services is described Apart from Bridging all packet services require the IP suite and even the Bridging packet service will in most cases be us...

Page 167: ...e side of the DSL connection Therefore your AST570 DHCP server must be disabled Your SP may Provide you with an IP address Require you to use DHCP Alternatively a second but Private IP address can be...

Page 168: ...igure IP addresses like 10 0 0 1 10 0 0 2 on your PCs Note IP addresses can be configured automatically via AST570 DHCP server See section 14 4 for more information A second set of Public IP addresses...

Page 169: ...3 and 20 1 for more information The PC IP address can be configured statically no DHCP or dynamically AST570 as DHCP server In addition configure the AST570 IP address as default gateway in your PCs...

Page 170: ...s on basic IP addressing and routing for its packet forwarding i e Both local as remote users on either side of the DSL connection experience the LIS environment as if they are sharing one single netw...

Page 171: ...ke any other member of a W LAN the AST570 must be locally identified by an IP address to be able to communicate with other local W LAN devices This section deals with the IP address configuration of t...

Page 172: ...ned via the Routing page IP addresses assigned via the DHCP Client page IP addresses configured and or negotiated by connections As the AST570 IP layer supports logical multi homing one interface supp...

Page 173: ...onfigured on any of the AST570 interfaces Field Description Intf Indicates the interface Intf to which the IP parameter set was assigned to It can take several values depending on the packet services...

Page 174: ...P parameter set was added through the Routing page The default IP address 10 0 0 138 is also of this type Temp Implies that this additional IP parameter set was added via a Ping of Life Implies that t...

Page 175: ...itial Setup Page Setting an IP Address via the Routing Page Proceed as follows 1 Click in the left pane of the AST570 pages to pop up the Initial Setup page See section 21 2 for more information On th...

Page 176: ...llowing information Select eth0 from the Intf pop down list Enter an IP address in the IP Address field e g 192 6 11 150 Enter an associated sub netmask in the Netmask field e g 255 255 255 0 Select w...

Page 177: ...10 0 0 1 Sub netmask 255 255 0 0 Default Gateway none You can setup a local workgroup around the AST570 as shown in the figure below IP Network 172 16 IP address 172 16 0 4 Sub netmask 255 255 0 0 Def...

Page 178: ...ent and the AST570 as the DHCP server In this configuration each time a compute start it will obtain its IP configuration from the AST570 Advanced Client For advanced networks the role of DHCP server...

Page 179: ...e left pane of the AST570 pages to pop up the DHCP pages See section 21 2 for more information By default the DHCP client page is shown Two buttons on the DHCP pages allow to switch between the DHCP c...

Page 180: ...0 as DHCP client DHCP Server Configuration Table Address Pool Configuration PPP Spoofing Configuration DHCP Server Lease Table Adding Leases Manually On the AST570 DHCP Server page the DHCP Server Sta...

Page 181: ...re information One of the AST570 features is that it can automatically revert from DHCP client to DHCP server At boot time the AST570 probes the W LAN for a specified time limit Client timeout to chec...

Page 182: ...After the client timeout exceeded it switches to DHCP server mode but this might be to late as some clients will already selected an automatic IP address Dynamic IP addressing is a feature allowing DH...

Page 183: ...erver auto Setting auto in the Def Gateway field means that there will be referred to the Routing page Setting auto in the DNS server field means that there will be referred to the DNS page This box a...

Page 184: ...dresses e g FTP server or in case the device is not able to send receive DHCP requests replies These leases are permanent i e will never be released Proceed as follows 1 Click in the DHCP Server Lease...

Page 185: ...DHCP Client Configuration Table Components Enabling an AST570 DHCP Client Apart from being DHCP server the AST570 can also act as DHCP client The dynamically assigned IP addresses can be obtained fro...

Page 186: ...cription Init Requesting The DHCP client requests a DHCP server for an IP address Bound A dynamic IP address has been assigned by the DHCP server Renewing The DHCP client requests a known DHCP server...

Page 187: ...terface pop down list Select eth0 in case you want to enable the DHCP client for the AST570 itself Select the Routed Ethernet entry in case you want to enable the MER DHCP client 4 Optionally enter on...

Page 188: ...TCZZA Ed 04 14 5 Speed Touch Routing Next to the DSL router part the AST570 supports also IP routing via its IP router This section aims to familiarize you with the AST570 IP router abilities Topic S...

Page 189: ...ot all Operating Systems Windows Unix Mac OS The routes in an ordinary routing table or Forwarding Information Base FIB include among others destination IP addresses subnet masks and gateways When an...

Page 190: ...ary routing table it contains information about the source IP address and the source subnet mask The lookup principle may also be extended not only the combination of destination IP address and subnet...

Page 191: ...ld also be written as the prefix 24 For example IP address 10 0 0 138 netmask 255 255 255 0 With the prefix method this will be written as prefix IP address 10 0 0 138 24 In the AST570 routing table t...

Page 192: ...DSL connections and vice versa In this subsection configuration of the AST570 IP routing table is described General ATM DSL End to End IP Architecture ATM DSL IP Routing AST570 Power on IP Routing Ta...

Page 193: ...process will determine the best route that may lead to the final destination of the packet Consequently it will forward the packet to the interface that may reach this destination When the AST570 is p...

Page 194: ...mask or next hop device IP address for the IP route Source Indicates the source IP address pool prefix mask of the IP route Gateway Indicates the IP address of the directly connected gateway to which...

Page 195: ...that all outgoing traffic is sent over this route Source IP address pool in prefix notation Specifying any indicates that all traffic coming from the Ethernet interface is sent over this route Gateway...

Page 196: ...14 Networking Services IP 196 300 3EC 17766 AAAA TCZZA Ed 04...

Page 197: ...to forward packets to their destinations IP addresses being 32 bit numbers are ideally suited for computers but are far from usable to humans Therefore the Domain Name System DNS was designed a distri...

Page 198: ...this scenario it is assumed that the AST570 acts as DHCP server and as DNS server for the local network During start up a first PC launches a DHCP request on the W LAN One of the fields in the DHCP re...

Page 199: ...s the IP address of YourPC lan 3 As the AST570 is the DNS server it will respond with the appropriate IP address being 10 0 0 1 4 The ping utility in MyPC will now submit the ping to 10 0 0 1 which ma...

Page 200: ...1 refers to a new W LAN using the default AST570 configuration i e configured for DHCP server as well as DNS server In case the AST570 is added to a existing W LAN configuration of the AST570 DNS serv...

Page 201: ...of all current DNS clients and optionally allows to add DNS leases manually Field Description Hostname The DNS hostname of the device Address The IP address to which the DNS hostname is assigned This...

Page 202: ...me table allows you to configure DNS leases manually e g for devices which do not support DNS Proceed as follows 1 In this table if needed click 2 Enter the following information in the DNS hostname t...

Page 203: ...203 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Security...

Page 204: ...204 300 3EC 17766 AAAA TCZZA Ed 04...

Page 205: ...nslation PT this single external Public IP address is mapped onto multiple internal ports on the W LAN thus allowing multiple users to share this external IP address simultaneously The amalgam of addr...

Page 206: ...eeded Therefore the AST570 exhibits the NAT page allowing static IP address and UDP TCP port mapping for inbound IP packets to be configured The use of the NAT page is described in section 16 3 All su...

Page 207: ...ia the embedded Routed Ethernet DHCP client used for the Routed Ethernet connection to be shared amongst multiple local PCs You can enable disable NA P T via the Detailed configuration table per Route...

Page 208: ...ented according to this model can be changed without affecting the upper or lower layers An important consequence is that changing IP addresses or TCP UDP ports via NA P T affects the other layers as...

Page 209: ...indows NT UNIX etc 3 Install on this PC a NAT PAT package that supports all TCP IP protocols Now this PC can act as some home gateway 4 Connect the Ethernet port of the AST570 to one of the PC s two E...

Page 210: ...home gateway 4 Connect one of the Ethernet port s of the AST570 to the PC s Ethernet PC NIC port 5 Connect your local W LAN to the other Ethernet PC NIC 6 Configure the PC acting as home gateway as DH...

Page 211: ...ction describes the use of the NAT page for configuring static network address and port mapping for inbound IP packets The NAT Page The NAT Settings Table NAT Settings Table Components The Default Ser...

Page 212: ...PPP connections where the AST570 receives a different IP address each time the connection is established the AST570 allows to save the NAT settings in a template That way you don t have to specify whi...

Page 213: ...tes both IP address and port as IP PORT Note The outside port must only be specified for the TCP and UDP protocols All other protocols do not need a port to be specified Protocol Indicates the protoco...

Page 214: ...tion for the AST570 IP address on which NAT is to be enabled Outside IP address Enter 0 in case of a dynamically assigned IP address Outside port if applicable Note You only have to enter an outside p...

Page 215: ...IP address range 10 0 0 0 8 10 0 0 1 Public IP address 192 6 11 10 Public IP address 10 0 0 138 The AST570 NA P T router must redirect all external FTP connections to 192 6 11 10 to 10 0 0 1 the FTP s...

Page 216: ...NAT Settings table configuration 16 Security Services NAT PAT 216 300 3EC 17766 AAAA TCZZA Ed 04 The following figure shows the NAT Settings table with the added static NAT entry...

Page 217: ...ork in such a way that access is only allowed to authorized traffic Therefore to effectively control the flow of data firewall protection should be placed at each point where the network connects to t...

Page 218: ...tside world via the DSL line The AST570 Firewall is in fact a packet filter inside and outside nodes are visible to each other at the IP level but the firewall filters out i e blocks the passage of ce...

Page 219: ...Static NA P T Module The following modules can be identified See Firewall model Router Module This module which has nothing to do with the AST570 IP router is responsible for the traffic within the A...

Page 220: ...T570 At this point it can be determined whether the packet is allowed to be handled i e routed by the AST570 IP router Source The point of all traffic sourced by the AST570 IP router At this point it...

Page 221: ...et Accept The packet will be submitted to the next processing stage without further action Deny The packet will not be submitted to the next processing stage A message will be sent to the sender that...

Page 222: ...fic treatment of this packet See topic AST570 Firewall Actions A rule is able to operate on the following packet criteria Interface related IP related TCP related UDP related ICMP related Source inter...

Page 223: ...CMP related criteria 17 Security Services Firewalling 223 300 3EC 17766 AAAA TCZZA Ed 04 Source Port number Source Port number range Destination Port number Destination Port number range Type code num...

Page 224: ...input and output the Dynamic NA P T module can always be positioned between the Forward and Output module If you set rules on a hook you should know if the packets that pass through that hook contain...

Page 225: ...fer to a previously defined access list thus allowing nested access lists or chains You can configure the AST570 firewall only via the CLI See chapter 22 for more information The AST570 Firewall is en...

Page 226: ...d on a small W LAN consisting of the AST570 and a small number of PCs all configured with dynamic Net10 IP addresses leased by the AST570 DHCP server Remote LAN Access Point Telnet Server Server ATM N...

Page 227: ...the AST570 Firewall this will result in the following CLI configuration 1 A chain must be created e g Telnet firewall chain create chain Telnet 2 Following rules must be created for that chain For the...

Page 228: ...drop For the AST570 Firewall this will result in the following CLI configuration 1 A chain must be created e g Telnet firewall chain create chain Telnet 2 Following rules must be created for that chai...

Page 229: ...229 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Maintenance...

Page 230: ...230 300 3EC 17766 AAAA TCZZA Ed 04...

Page 231: ...possibilities A new version of the software can be downloaded via the DSL line to your AST570 You can upload new AST570 software yourself from a PC on your local W LAN Both features presented in this...

Page 232: ...ocal W LAN Alcatel DSL products continue to evolve By upgrading software the AST570 is able to follow this evolution The Upgrade Page Upgrade Page Components Upgrade Page Buttons Upgrade Preconditions...

Page 233: ...ormant older version Software path field Allows you to specify the path to the AST570 upgrade software package to be uploaded Clicking allows you to browse to the location of the upgrade software The...

Page 234: ...lows 1 Browse to the Upgrade page 2 In the Active software version field the software package that is running is labeled Check whether the Passive software version field is empty If not click 3 Click...

Page 235: ...the Software path input field 6 Click to start the upload As a result the upgrade software package name will appear in the Passive software version field Note In case you did not remove the passive v...

Page 236: ...the Upgrade page Note Make sure a passive software version is labeled in the Passive software version field If not firstly upload a upgrade software package as described in the previous procedure 2 Cl...

Page 237: ...cated control VCs This feature is controlled by the SP At some point in time he might decide to upgrade the software in your AST570 Software download will happen almost unnoticed while you are connect...

Page 238: ...18 Maintenance Speed Touch Software 238 300 3EC 17766 AAAA TCZZA Ed 04...

Page 239: ...ss to the Web interface or the CLI This chapter describes how to set such a system password Never use an obvious system password to protect the AST570 as your name birth date or phone number Moreover...

Page 240: ...n the Retype your password field Note Asterisks will appear instead of the password The number of asterisks is at random 4 Click 5 To make your password permanent click 6 Authenticate yourself using t...

Page 241: ...lity to your AST570 may occur if wrongly configured simply by forgetting its IP address or forgetting the system password Due to the flexible nature of the AST570 you may end up in a situation where r...

Page 242: ...tended IP address and a special MAC group address in the ARP cache of one of your PCs 2 Power cycle the AST570 and allow the POST to end this takes about 30 seconds 3 Ping this same IP address within...

Page 243: ...n be any address within your subnet as long as it is not used by any other member of your local network 5 To verify whether this step was successful execute arp a a second time In the entries list you...

Page 244: ...PC NICs make sure that the procedure is applied to the one connected to the AST570 In the following syntax Interface IP address identifies the particular PC NIC arp a s d ST IP address 01 90 D0 80 01...

Page 245: ...parameters to original defaults including the system password Wireless LAN settings and IP address Restoring Original Settings Be careful when using To Defaults procedures as these destroy all changes...

Page 246: ...he System setup page the following table is shown 3 Click if you are sure to reset the AST570 to its original defaults 4 The AST570 will ask to confirm the reset 5 Click if you are sure Otherwise clic...

Page 247: ...IP address 01 90 D0 80 01 FF any IP address can be any address within your subnet as long as it is not used by any other member of your local network 4 To verify whether this step was successful execu...

Page 248: ...Make sure your AST570 is turned on 2 Use a pencil to press the push button at the back of the AST570 Hold on the push button for several seconds until all front LEDs go out 3 Release the button Via t...

Page 249: ...tion via a Web browser Configuration through a Command Line Interface CLI The local configuration via the AST570 web interface is based on the HyperText Transfer Protocol HTTP server Web browser conce...

Page 250: ...AST570 is a local device and its IP address cannot be resolved by the Proxy server Therefore prior to access the AST570 pages make sure that either Your Web browser is not using a Proxy server The AST...

Page 251: ...s lost Therefore after configuring your AST570 do not forget to reset your Web browser to its original settings 1 Select Edit from the toolbar 2 Select Preferences 3 In the Category box select Advance...

Page 252: ...2 Select Preferences 3 In the Category box select Advanced Proxies 4 Under Manual Proxies click the view button 5 In the Exceptions box add the IP address of your AST570 or the IP subnetwork address p...

Page 253: ...t 10 0 0 138 The AST570 DNS hostname default SpeedTouch lan 3 If a system password was set See chapter 19 for more information an authentication window will pop up Enter the system password in the Pas...

Page 254: ...ed Touch Web Interface 254 300 3EC 17766 AAAA TCZZA Ed 04 21 3 Speed Touch Page Structure All AST570 pages can be divided into two frames Menu frame User frame Each web page contains The generic Menu...

Page 255: ...existing ATM connections 13 2 Dial in page for Routed PPPoA and Routed PPPoE sessions 11 2 Configure static NA P T entries 16 Configure the AST570 IP router 14 5 Configure the Routed Ethernet packet s...

Page 256: ...21 Maintenance Speed Touch Web Interface 256 300 3EC 17766 AAAA TCZZA Ed 04...

Page 257: ...ll the AST570 functions the AST570 exhibits a low level interface i e the Command Line Interface CLI As the CLI has far more configurational possibilities than the regular AST570 pages it is intended...

Page 258: ...asics Example Command Group Description Executing Commands Example Command Execution Detailed CLI Commands Description To access the CLI page you need one of the following Microsoft s Internet Explore...

Page 259: ...by clicking the mark next to a group name or clicking the group name The following example shows the output if you click next to the wireless group name Clicking on a command name will execute it Comm...

Page 260: ...ch CLI 260 300 3EC 17766 AAAA TCZZA Ed 04 Clicking aplist in the ip command group generates the following immediate output A CLI Reference Guide with detailed CLI configuration description of all the...

Page 261: ...ext to CLI access via the AST570 pages you can use native access via a basic Telnet session This allows configuration via a character based CLI As a consequence the use of a Web browser or even any gr...

Page 262: ...ents Using a Telnet Session to your AST570 Telnet is A fairly general bi directional eight bit byte oriented communication facility A standard method of interfacing terminal devices to each other Prio...

Page 263: ...tionally after supplying the system password telnet 10 0 0 138 Trying 10 0 0 138 Connected to 10 0 0 138 Escape character is User SpeedTouch 00 80 9F 01 23 45 Password ______ ___ _____ ALCATEL SPEED T...

Page 264: ...our commands The CLI access is structured in what is called levels The prompt indicates that you are in the root level of CLI Typing help at the root prompt shows you the available command groups help...

Page 265: ...uration config Typing help followed by a command generates shows you a description of the command and a parameter syntax if applicable For example entering help reset in the config level generates the...

Page 266: ...22 Maintenance Speed Touch CLI 266 300 3EC 17766 AAAA TCZZA Ed 04...

Page 267: ...267 300 3EC 17766 AAAA TCZZA Ed 04 Alcatel Speed Touch 570 Appendices...

Page 268: ...268 300 3EC 17766 AAAA TCZZA Ed 04...

Page 269: ...rect Sequence Spread Spectrum DTE Data Terminal Equipment FIB Forwarding Information Base FTP File Transfer Protocol GUI Graphical User Interface HTML HyperText Markup Language HTTP HyperText Transfer...

Page 270: ...ort Translation PVC Permanent Virtual Channel QoS Quality of Service RAS Remote Access Server REN Ringer Equivalence Number RF Radio Frequency RIP Routing Information Protocol ROW Rest Of the World RT...

Page 271: ...6 AAAA TCZZA Ed 04 VP Virtual Path VPI Virtual Path Identifier VPN Virtual Private Network WAN Wide Area Network WECA Wireless Ethernet Compatibility Alliance WEP Wired Equivalent Privacy Wi Fi Wirele...

Page 272: ...Abbreviations 272 300 3EC 17766 AAAA TCZZA Ed 04...

Page 273: ...when using and configuring the AST570 If the following troubleshooting tips have not resolved the problem contact the company from which you purchased the AST570 for assistance In case you encounter D...

Page 274: ...t 40 bits WEP key in case of WEP encryption No wired LAN connectivity LAN LED does not light up Make sure the cable s are securely connected to the 10Base T port LAN LED does not light up Ethernet por...

Page 275: ...to wall mount your AST570 with the wall fixing assembly delivered in the package Before you start check for the following items The wall fixing assembly 2 screws and 2 wall plugs 1 Velcro sticker 1 Ma...

Page 276: ...les position the wall fixing assembly over the holes insert the screws in the wall plugs and tighten them firmly 4 Place the Velcro sticker on the wall fixing assembly in the outlined area 5 Position...

Page 277: ...revolutionized communication it exhibits an important drawback it provides little network security By implementing the IP Security Protocol Suite RFC2401 RFC2409 RFC2451 and RFC2404 to name just a fe...

Page 278: ...semi automated IP route configuration methods of the AST570 DSL router will be extended with RIPv1 and RIPv2 Routing Information Protocol RIP provides automatic route table construction and maintenanc...

Page 279: ...endixD Speed Touch Specifications Topic See Front Panel Layout and LED Description D 1 Power On Off Behavior D 2 Back Panel Layout D 3 Connector Pin Assignments D 4 Power Supply Adapter D 5 LAN Cables...

Page 280: ...ired and or wireless interfaces Off No activity on the wired and wireless interfaces Line TX Green Flashing ATM cells are being sent over the DSL line Off No transmission activity Line RX Green Flashi...

Page 281: ...As soon your AST570 is turned on you can check the PWR Alarm LED See section D 1 to see how the POST progresses Phase PWR Alarm LED Indication Description 1 Flashing red POST pending 2 Solid amber St...

Page 282: ...el Power Switch Power Socket Ethernet Port Defaults Button Line Port Association button The Ethernet port on the rear panel has a LED Link Integrity Activity LED 10Base T MDI X Indicator Description N...

Page 283: ...B 5 Wire B Subscriber line wire B 2 5 mod els 10Base T MDI X 12345678 RJ 45 1 RX Receive data from DTE MDI X RJ 45 Front view 2 RX Receive data from DTE 3 TX Transmit data to DTE 6 TX Transmit data t...

Page 284: ...or equivalent US model 120V 9V North America wall plug P48 091000 Axxxx UK Sing model 230V 9V UK wall plug F48 091000 Axxxx ROW model 230V 9V Euro wall plug D48 091000 Axxxx Australia model 240V 9V A...

Page 285: ...ayout Straight through LAN cables with the following layout are applicable for interconnecting Ethernet ports 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Crossover LAN cables with...

Page 286: ...C to 40 C 40F to 105F Humidity 20 to 80 AC voltage 100 to 120 VAC 220 to 240 VAC DC voltage 9V 1A Frequency 50 60 Hz Power consumption 7Wmax The AST570 is equipped with two omnidirectional Radio Frequ...

Page 287: ...am user payload data rates Up to 8Mbit s depending on provisioning Upstream user payload data rates Up to 1Mbit s depending on provisioning ADSL standards compliancy ITU G DMT Full rate ITU G 992 1 An...

Page 288: ...Mb s DSSS channel number range 1 2 412GHz 2 2 417GHz 3 2 422GHz 4 2 427GHz 5 2 432GHz 6 2 437GHz 7 2 442GHz 8 2 447GHz 9 2 452GHz 10 2 457GHz 11 2 462GHz default 12 2 467GHz 13 2 472GHz Typical indoor...

Page 289: ...chapter AppendixE Speed Touch Default Assignments 289 300 3EC 17766 AAAA TCZZA Ed 04 AppendixE Speed Touch Default Assignments Topic See General Defaults E 1 Connection Service ATM Encapsulation Defau...

Page 290: ...er AST570 Firewall AST570 System password AppendixE Speed Touch Default Assignments 290 300 3EC 17766 AAAA TCZZA Ed 04 E 1 General Defaults AlcatelXXXXXX where XXXXXX is a placeholder for the last 6 c...

Page 291: ...SNAP for Bridged PDUs FCS not preserved g Routed PPPoE 0 8 48 Relayed PPPoA 0 8 49 y Routed PPPoA 0 8 50 PPPoA 0 8 51 PPPoA AAL5 RFC2364 0 8 64 AAL5 RFC2364 RFC2364 VC MUX f PPP PDU 0 8 65 RFC2364 VC...

Page 292: ...AppendixE Speed Touch Default Assignments 292 300 3EC 17766 AAAA TCZZA Ed 04...

Page 293: ...ides basic Safety Information on Alcatel s Speed Touch product Prior to using the Speed Touch product read this appendix carefully Follow all warnings and instructions marked on the product This chapt...

Page 294: ...provided by Alcatel except to the extent that this restriction is expressly prohibited by local law copy rent loan re sell sublicense or otherwise transfer or distribute the equipment to others modif...

Page 295: ...a Pollution Degree 2 environment This device must be installed so that a separation distance of at least 20 centimeters is maintained between the internal radiating antenna and the body of the user in...

Page 296: ...t on the power cord Do not locate this product where the cord will be subject to persons walking on it Do not overload wall mains outlets and extension cords as this increases the risk of fire or elec...

Page 297: ...change in performance Avoid using a modem telephone other than a cordless type during an electric storm There is a slight risk of electric shock caused by lightning Do not use the telephone to report...

Page 298: ...TCZZA Ed 04 F 2 European Community Declaration of Conformity Products with the marking comply with both EMC and Low Voltage Directives issued by the Commission of the European Community A copy of the...

Page 299: ...quipment This equipment is designed to be connected to the telephone network or premises wiring using a compatible modular jack that is Part 68 compliant The Ringer Equivalence Number REN is used to d...

Page 300: ...Class B limits for radio noise emissions from digital apparatus as set out in the radio interference regulations of the Canadian Department of Communication Le pr sent appareil num rique n met pas de...

Search results

Summary of Contents for AST570

Reviews:

Related manuals for AST570

Brands by name

Popular brands

Alcatel AST570, User Manual

Search results

Summary of Contents for AST570

Reviews:

Related manuals for AST570

Brands by name

Popular brands