background image

4.6.4 Access Control

Access control can also be called port blocking.
Specific types of traffic that is destined to a selected
LAN IP address can be blocked. To enable any of
the Access Control features, click Advanced and
under Advanced, select Access Control. A page simi-
lar to the port-forwarding page appears. Similar to
the port-forwarding page, an IP address can be
added to a rule. All Access Control rules have pre-
cedence over rules that were added via the port-for-
warding page.
The apply button will temporarily save this connec-
tion. To make the change permanent you need to
click on Save Settings (at the side of the page). At
the system commands page, click on Save All.

4.6.5 LAN clients

To add a LAN client, click Advanced and under
Advanced, select LAN Clients. If DHCP is used, all
DHCP clients are automatically assigned. If a fixed
IP address server is on the LAN and you want this
server to be visible via the WAN, you must add its IP
address. Once the IP address has been added to
you can apply Port Forwarding and Access Control
rules to this IP address.
The apply button will temporarily save this connec-
tion. To make the change permanent you need to
click on Save Settings (at the side of the page). At
the system commands page, click on Save All.

4.6.6 MAC Address Filters

The MAC filtering mechanism provides a way for the
users to define rules to allow/deny frames through
the bridge based on source MAC address, destina-
tion MAC address and/or frame type. When bridge
filtering is enabled, each frame is examined against
the defined filter rules sequentially, and when a
matched is determined, the appropriate filtering
action (determined by the access type selected ...
i.e. allow or deny) is performed. The user should
note that the MAC filter will only examined frames
from interfaces that are part of the bridge itself.
Twenty filter rules are supported with MAC filtering.
To enable MAC Filters, click Advanced and under
Advanced, select MAC Filters. Figure 15 illustrates a
typical Bridge filter configuration.

The User Interface for MAC Filter allows the user to
add/edit/delete, as well as, enables the filter rules.
To add rules, simply define the source MAC address,
destination MAC address and frame type with des-
ired filtering type (i.e. allow/deny), and press the
"Add” button. The MAC address must be in a xx-xx-
xx-xx-xx-xx format, with 00-00-00-00-00-00 as
"don’t care”. Blanks can be used in the MAC
address space, and would be considered also as
"don’t care”.

To edit/modify an existing filter rule, select the des-
ired rule created previously from "Add” in the
"Edit” select box. The selected filter rule will appear
on top section, as with the "Add” filter rule. Make
the desired change to the MAC address, frame type
and/or access type, and press "Apply”.

To delete filter rule(s), select the filter rule entry to
delete in the "Delete” selection box. Note that mul-
tiple deletions are possible. Once all the desired fil-
ter rule(s) is/are selected for deletion, press the
"Apply” button. The "Select All” select box can also
be used to delete the entire filter rule. It provides a
quick method of selecting all filter rules for deletion.

The "Enable MAC Filters” button allow the user to
enable or disable MAC filtering. It can be set/unset
during any add/edit/delete operation. It can also be
set/unset independently by just pressing the
"Apply” button.

Figure 15 (MAC Filters)

NOTE:

The MAC filter table contains 3 hidden rules.

These rules are entered automatically by the

ALL 0333AU – DSL ETHERNET MODEM ROUTER

A L L N E T

®

2 0 0 4

1 5

ALL0333AU_Manual_a  07.04.2004  14:12 Uhr  Seite 15

Summary of Contents for ALL0333AU

Page 1: ...ALL0333AU DSL Ethernet Modem Router Web Interface User s Guide ALL0333AU_Manual_a 07 04 2004 14 12 Uhr Seite 1 ...

Page 2: ...ment 12 4 5 3 Firewall NAT Services 12 4 6 Advanced for advance user only 13 4 6 1 UPnP 13 4 6 2 Port Forwarding 13 4 6 3 Advanced Security 14 4 6 3 1 DMZ configuration 14 4 6 3 2 Enable Web from WAN 14 4 6 3 3 Enable Remote Telnet 14 4 6 3 4 Enable Incoming ICMP Ping 14 4 6 4 Access Control 15 4 6 5 LAN clients 15 4 6 6 MAC Address Filters 15 4 6 7 Multicast 16 4 6 8 Static Routing 16 4 6 9 Dynam...

Page 3: ...Routed LLC and VC Mux support RFC2364 PPPoA Client support RFC2516 PPPoE Client support RFC2225 RFC1577 Classical IP Support Transparent Bridge Support Network Support Static IP Dynamic RIP routing support IP TCP UDP ICMP ARP RARP Application Support Network Address Translation NAT Port Mapping Forwarding Easy setup of Port Forwarding rules for popular Games Application NAT Application Level Gatew...

Page 4: ...sed PCs via an RNDIS driver included in the soft ware DSL port This is the WAN interface that connects directly to your phone line 2 2 LED description 1 PWR POWER Z Lights up when power is supplied to the ADSL Router 2 ETH ACT Z Lights up when the Ethernet cable is properly connected from your ADSL Router to the Ethernet Card Flickers when the ADSL is trans mitting receiving data 3 USB Z Lights up...

Page 5: ...Quick Start screen By default the ADSL Router has being configured to PPP connec tion and user would only need to enter the userna me and password as specified by the local ISP to make connection to the internet The Quick Start page is meant for basic users whom only require easy and seamless connectivity to the internet without worrying about any other advance configuration setting Important Afte...

Page 6: ...ort multiple connection types hence the user must set up diffe rent profiles for each connection The ADSL Router supports the following protocols DHCP RFC2364 PPPoA RFC2516 PPPoE Static Bridged RFC1577 CLIP 4 4 1 New Connection A new connection is basically a virtual connection Your ADSL Router can support up to 8 different uni que virtual connections If you have multiple diffe rent virtual connec...

Page 7: ...1 Select the encapsulation type LLC or VC if you are not sure just use the default mode Select the VPI and VCI settings your DSL service provider or your ISP will supply these in this case the DSL service provider is using 0 100 Also select the quality of service QOS leave the default value if you are unsure or the ISP did not provide this information Following is a description of the different op...

Page 8: ...s information Following is a description of the different options h Username The username for the PPPoE access this is provided by your DSL service provider or your ISP i Password The password for the PPPoE access this is provided by your DSL service provider or your ISP j On Demand Enables on demand mode The connection will disconnect if no activity is detected after the specified idle timeout va...

Page 9: ...unsure or the ISP did not provide this information If your DSL line is connected and your DSL IPS provi der is supporting DHCP you can click the renew but ton and the gateway will retrieve an IP address Subnet mask and Gateway address At anytime you can renew the DHCP address by clicking on the renew button in most cases you will never have to use this button Figure 7 DHCP Connection Setup To comp...

Page 10: ...l IP over ATM CLIP support provides the ability to transmit IP packets over an ATM net work CLIP support will encapsulate IP in an AAL5 packet data unit PDU frame using RFC1577and it utilizes an ATM aware version of the ARP protocol ATMARP support only allows for PVC support it does not support SVC To configure the ADSL Router for a CLIP connection click on Setup and then click on New Connection T...

Page 11: ...than the ADSL Router IP address value For example if the ADSL Router IP address is 192 168 1 1 default than the starting IP address must be 192 168 1 2 or higher The End IP Address is where the DHCP server stops issuing IP addresses The ending address cannot exceed a subnet limit of 254 Hence the max value for our default gateway is 192 168 1 254 If the DHCP server runs out of DHCP addresses users...

Page 12: ... same subnet The default gateway is the routing device used to forward all traffic that is not addressed to a station within the local subnet Your ISP will provide you with the default gateway Address Figure 12 shows a default gateway address of 203 125 64 1 because this was the default gateway defined when the CLIP connection was configured The hostname can be any alphanumeric word that does not ...

Page 13: ... appropriate PC Port forwarding can be used with DHCP assigned addresses but remem ber that a DHCP address is dynamic not static For example if you were configuring a Netmeeting ser ver you would want to assign this server a static IP address so that the IP address is not reassigned Also remember that if an Internet user is trying to access an Internet application they must use the WAN IP address ...

Page 14: ...etwork traffic that is not redi rected to another computer via the port forwarding feature to the computer s IP address This opens the access to the DMZ computer from the Internet 4 6 3 2 Enable Web from WAN Enabling the Web from WAN on your local network allows Web requests that come from the Internet to be re routed to a Web Server that is on a different subnet This is different that the Web ser...

Page 15: ... e allow or deny is performed The user should note that the MAC filter will only examined frames from interfaces that are part of the bridge itself Twenty filter rules are supported with MAC filtering To enable MAC Filters click Advanced and under Advanced select MAC Filters Figure 15 illustrates a typical Bridge filter configuration The User Interface for MAC Filter allows the user to add edit de...

Page 16: ...ting click on Advanced and under Advanced select Muliticast Figure 16 illustra tes a typical Multicast configuration Figure 16 Multicast The apply button will temporarily save this connec tion To make the change permanent you need to click on Save Settings at the side of the page At the system commands page click on Save All 4 6 8 Static Routing If the ADSL Router is connected to more than one net...

Page 17: ... If Rip V1 Compatible is selected routing data will be sent in RIP v2 format using multicasting To enable Dynamic Routing click Advanced and under Advanced select Dynamic Routing Figure 18 illustrates a typical Dynamic Route Figure 18 Dynamic Routing The apply button will temporarily save this connec tion To make the change permanent you need to click on Save Settings at the side of the page At th...

Page 18: ...upgrade is complete the ADSL Router will reboot You will need to log back onto the ADSL Router after the firmware upgrade is comple ted The firmware upgrade should take about 5 minutes to complete NOTE Do not remove power from the ADSL Router during the firmware upgrade procedure Figure 19 Update Firmware 4 7 4 Ping Test Once you have your ADSL Router configured it is a good idea to make sure you ...

Page 19: ...DSL 4 8 2 Connection Status Select to view the Status of different connections 4 8 3 DHCP Clients Select to view the list of DHCP clients 4 8 4 Modem Status Select to view the Status and Statistics of your bro adband DSL connection 4 8 5 Product Information You can display the ADSL Router s driver and run time information by going under Status title and click on Product Information Figure 21 illus...

Page 20: ... the cor rect protocols with the correct VPI VCI values 9 Make sure NAT is enabled for your connection If NAT is disabled the ADSL Router will not route frames correctly except in Bridge connection 5 2 I can t connect to the ADSL Router 1 Check to see that the power LED is green and that the network cables are installed correctly see the easy start guide for more details 2 Make sure you are not co...

Page 21: ... Problems and Solutions 5 4 The DSL Link LED is always off 1 Make sure you have DSL service You should get some kind of information from your ISP that sta tes that DSL service is installed You can usually tell if the service is installed by listening to the phone line you will hear some high pitched noise If you do not hear high pitched noise contact your ISP 2 Verify that the phone line is connec...

Page 22: ...these are blocked from working by the NAT functionality The solution is to isolate the single local computer into a DMZ This makes the single computer look like it is directly on the Internet and others can access this machine Your machine isn t really directly connected to the Internet and it really has an internal local network address When you provide the servers network address to others you m...

Page 23: ...Hersteller ALLNET www allnet de Mai 2004 ALL 0333AU DSL ETHERNET MODEM ROUTER A L L N E T 2 0 0 4 2 3 ALL0333AU_Manual_a 07 04 2004 14 12 Uhr Seite 23 ...

Page 24: ...ALLNET GmbH Maistraße 2 82110 Germering Tel 089 89422222 Fax 089 89422233 www allnet de E Mail info allnet de ALL0333AU_Manual_a 07 04 2004 14 12 Uhr Seite 24 ...

Reviews: