RX3141
User’s Manual
Revision 1.01 Oct. 21, 2004
Page 1: ...RX3141 User s Manual Revision 1 01 Oct 21 2004 ...
Page 2: ...t 4 2 3 2 3 Defense against DoS Attacks 4 2 4 1 1 Application Level Gateway ALG 5 2 4 1 2 Log 5 2 4 Finding Your Way Around 6 2 4 1 Front Panel 6 2 4 2 Rear Panel 7 2 4 3 Bottom View 8 2 5 Placement Options 9 2 5 1 Desktop Placement 9 2 5 2 Magnet Mount Instructions 9 2 5 3 Wall Mount Instructions 9 3 Quick Start Guide 11 3 1 Part 1 Connecting the Hardware 11 3 1 1 Step 1 Connect an ADSL or a cabl...
Page 3: ...ns 21 4 3 Overview of System Configuration 22 5 Router Connection Setup 23 5 1 LAN Configuration 23 5 1 1 LAN IP Address 23 5 1 2 LAN Configuration Parameters 23 5 1 3 Configuring the LAN IP Address 24 5 2 WAN Configuration 25 5 2 1 WAN Connection Mode 25 5 2 2 PPPoE 26 5 2 2 1 WAN PPPoE Configuration Parameters 27 5 2 2 2 Configuring PPPoE for WAN 28 5 2 2 3 Configuring PPPoE Multi session for WA...
Page 4: ...guration Parameters 44 8 2 Configuring HTTP DDNS Client 45 9 Configuring Firewall NAT Settings 47 9 1 Firewall Overview 47 9 1 1 Stateful Packet Inspection 47 9 1 2 DoS Denial of Service Protection 47 9 1 3 Firewall and Access Control List ACL 47 9 1 3 1 Priority Order of ACL Rule 47 9 1 3 2 ACL Rule and Connection State Tracking 48 9 1 4 Default ACL Rules 48 9 2 Router Security Settings 49 9 2 1 ...
Page 5: ...Format 62 10 Virtual Sever and Special Application 63 10 1 NAT Overview 63 10 1 1 NAPT Network Address and Port Translation or PAT Port Address Translation 63 10 1 2 Reverse NAPT Virtual Server 64 10 2 Configure Virtual Server 64 10 2 1 Virtual Server Configuration Parameters 64 10 2 2 Virtual Server Example 66 10 2 3 Special Application Configuration Parameters 67 10 2 4 Special Application Examp...
Page 6: ...store System Configuration 81 12 IP Addresses Network Masks and Subnets 83 12 1 IP Addresses 83 12 1 1 Structure of an IP address 83 12 2 Network classes 84 12 3 Subnet masks 85 13 Troubleshooting 87 13 1 Diagnosing Problem using IP Utilities 88 13 1 1 ping 88 13 1 2 nslookup 89 14 Index 91 ...
Page 7: ...econd ACL Rule Settings using domain name for Forwarding Packets to PPPOE1 Session 29 Figure 5 9 WAN Outbound ACL Rule Settings for PPPoE Multi session Example 30 Figure 5 10 WAN Default Outbound ACL Rule for PPPoE Multi session Example 30 Figure 5 11 WAN PPPoE Unnumbered Configuration 31 Figure 5 12 WAN Dynamic IP DHCP client Configuration 33 Figure 5 13 WAN Static IP Configuration 34 Figure 6 1 ...
Page 8: ...1 3 Date and Time Configuration Page 73 Figure 11 4 Factory Reset Page 74 Figure 11 5 Factory Reset Confirmation 74 Figure 11 6 Factory Reset Count Down Timer 75 Figure 11 7 Firmware Upgrade Page 75 Figure 11 8 File Manager 76 Figure 11 9 Firmware Upgrade Confirmation 76 Figure 11 10 Firmware Upgrade Status 76 Figure 11 11 Firmware Upgrade Count Down Timer 77 Figure 11 12 System Reboot Page 78 Fig...
Page 9: ...arameters 32 Table 5 4 WAN Static IP Configuration Parameters 34 Table 6 1 DHCP Configuration Parameters 36 Table 7 1 Static Route Configuration Parameters 40 Table 8 1 DDNS Configuration Parameters 44 Table 9 1 Firewall Basic Configuration Parameters 49 Table 9 2 DoS Attack Definition 50 Table 9 3 ACL Rule Configuration Parameters 52 Table 10 1 Virtual Server Configuration Parameters 65 Table 10 ...
Page 10: ......
Page 11: ...cure Internet access for your LAN f Automatic network address assignment through DHCP Server f Services including IP route DNS and DDNS configuration f Configuration program accessible via a web browser such as Microsoft Internet Explorer 6 0 or newer 1 2 System Requirements In order to use the RX3141 for Internet access you must have the following f ADSL or cable modem and the corresponding servi...
Page 12: ...k the Router Setup menu and then click the Connection submenu 1 3 2 Typographical conventions f Boldface type text is used for items you select from menus and drop down lists and text strings you type when prompted by the program 1 3 3 Special messages This document uses the following icons to call your attention to specific instructions or explanations Note Provides clarification or non essential...
Page 13: ...ddress of hosts connected to the LAN with valid ones for Internet access RX3141 also provides reverse NAT capability which enables users to host various services such as e mail servers web servers etc The NAT rules drive the translation mechanism The following types of NAT are supported by RX3141 f NAPT Network Address and Port Translation Also called IP Masquerading or ENAT Enhanced NAT Maps many...
Page 14: ...locks the packet from passing or allows it to pass based on the contents of the source address destination address source port destination port and protocol defined in the ACL rules ACL is a very appropriate measure for providing isolation of one subnet from another It can be used as the first line of defense in the network to block inbound packets of specific types from ever reaching the protecte...
Page 15: ...spective application parameter To go through the firewall on the RX3141 packets pertaining to an application require a corresponding allow rule In the absence of such rules the packets will be dropped by the RX3141 Firewall As it is not feasible to create policies for numerous applications dynamically at the same time without compromising security intelligence in the form of Application Level Gate...
Page 16: ...net link is established and active Data is transmitted or received via the connection No Ethernet link 4 SPEED Green Amber ON ON OFF Speed is 1000Mbps Speed is 100Mbps Speed is 10Mbps or no link is established 5 DUPLEX Amber ON Blinking OFF The LAN port is operating in full duplex mode The LAN port is operating in half duplex mode and collision is occurring The LAN port is operating in half duplex...
Page 17: ... rear panel contains the ports for the unit s data and power connections Figure 2 2 Rear Panel Connectors Table 2 3 Rear Panel Labels and LEDs Label Indication 7 1 4 LAN Ports connects to your PC s Ethernet port or to the uplink port on your LAN s hub switch using the Ethernet cable 8 WAN WAN Port connects to your WAN device such as ADSL or cable modem 9 RESET Reset Button 1 Reboots the device 2 R...
Page 18: ...Depending on your particular requirement by taking into account the location of the power outlet power cord length Ethernet cable length and etc you can hang RX3141 in 4 different orientations front panel up rear panel up left side up or right side up 12 Magnets The magnets allow you to place RX3141 on any metal surface to save space 11 11 11 12 11 12 ...
Page 19: ... cabinets and etc 2 5 3 Wall Mount Instructions 1 Attach two screws on the wall separated by 115mm if you want the front or rear panel facing upward 76mm if you want left or right side facing upward Make sure that the two screws are leveled Note that there are four wall mount slots and you may choose any adjacent slots for wall mounting 2 Line up the wall mount slots with the screws and maneuver R...
Page 20: ......
Page 21: ...u begin turn the power off for all devices These include your computer s your LAN hub switch if applicable and the RX3141 Figure 3 1 illustrates the hardware connections Please follow the steps that follow for specific instructions 3 1 1 Step 1 Connect an ADSL or a cable modem For the RX3141 Connect one end of the Ethernet cable to the port labeled WAN on the rear panel of the device Connect the o...
Page 22: ...igure 3 1 Overview of Hardware Connections You should verify that the LEDs are illuminated as indicated in Table 3 1 Table 3 1 LED Indicators This LED should be POWER Solid green to indicate that the device is turned on If this light is not on check if the AC adapter is attached to the RX3141 and if it is plugged into a power source 1 4 STATUS LED Solid green to indicate that the device can commun...
Page 23: ...nding to your network interface card NIC and select Properties Often this icon is labeled Local Area Connection The Local Area Connection dialog box displays with a list of currently installed network items 4 Ensure that the check box to the left of the item labeled Internet Protocol TCP IP is checked and click Properties button 5 In the Internet Protocol TCP IP Properties dialog box click the rad...
Page 24: ... w TCP IP and the name of your network adapter and then click Properties button You may have to scroll down the list to find this entry If the list includes such an entry then the TCP IP protocol has already been enabled Skip to step 8 3 If Internet Protocol TCP IP does not display as an installed component click Add button 4 In the Select Network Component Type dialog box select Protocol and then...
Page 25: ...d save your changes and then close the Control Panel 3 2 6 Assigning static IP addresses to your PCs In some cases you may want to assign IP addresses to some or all of your PCs directly often called statically rather than allowing the RX3141 to assign them This option may be desirable but not required if f You have obtained one or more public IP addresses that you want to always associate with sp...
Page 26: ...PC connected to one of the four LAN ports on the RX3141 open your Web browser and type the following URL in the address location box and press Enter http 192 168 1 1 This is the predefined IP address for the LAN port on the RX3141 A login screen displays as shown in Figure 3 2 Figure 3 2 Login Screen If you have problem connecting to the RX3141 you may want to check if your PC is configured to acc...
Page 27: ...this point the RX3141 should enable any computers on your LAN to use the RX3141 s ADSL or cable modem connection to access the Internet To test the Internet connection open your web browser and type the URL of any external website such as http www asus com The LED labeled WAN should be blinking rapidly and may appear solid as the device connects to the site You should also be able to browse the we...
Page 28: ...w Chapter 4 for general information about accessing and using the Configuration Manager program We strongly recommend that you contact your ISP prior to changing the default configuration Table 3 2 Default Settings Summary Option Default Setting Explanation Instructions DHCP Dynamic Host Configuration Protocol DHCP server enabled with the following pool of addresses 192 168 1 100 through 192 168 1...
Page 29: ...A web browser installed on the computer The program is designed to work best with Microsoft Internet Explorer 6 0 or later You may access the program from any computer connected to the RX3141 via the LAN or WAN ports However the instructions provided here are for computers connected via the LAN ports 1 From a LAN computer open your web browser type the following in the web address or location box ...
Page 30: ...onfiguration pane is where you interact with the Configuration Manager to configure the settings for RX3141 Menu navigation tips show how the current configuration can be accessed via the menus Figure 4 2 Typical Configuration Manager Page 4 2 1 Menu Navigation f To expand a group of related menus double click the menu or the icon f To contract a group of related menus double click the menu or the...
Page 31: ...only Used Buttons and Icons Button Icon Function Stores any changes you have made on the current page Adds a new configuration to the system e g a static route or a firewall ACL rule and etc Modifies existing configuration in the system e g a static route or a firewall ACL rule and etc Redisplays the current page with updated statistics or settings Selects the item for editing Trash Deletes the se...
Page 32: ...nual 22 4 3 Overview of System Configuration To view the overall system configuration log into the Configuration Manager and then click Status menu Figure 4 3 shows sample information available in the System Information page Figure 4 3 System Information Page ...
Page 33: ...here a device connects to the network such as the RX3141 s LAN port and the network interface cards on your PCs See Appendix 12 for an explanation of subnets You can change the default IP address to reflect the true IP address that you want to use with your network 5 1 2 LAN Configuration Parameters Table 5 1 describes the configuration parameters available for LAN IP configuration Table 5 1 LAN C...
Page 34: ...st name for RX3141 Note that the host name is used for identification only and is not used for any other purpose 3 Enter the LAN IP address and subnet mask for the RX3141 in the spaces provided 4 Proceed to the WAN Configuration section for instructions on setting up the WAN port if you have not yet done so 5 Click to save the settings If you are using an Ethernet connection for the current sessio...
Page 35: ...d DNS server for your WAN in this section 5 2 1 WAN Connection Mode Four modes of WAN connection are supported by the RX3141 PPPoE multi session PPPoE unnumbered dynamic IP and static IP You may select one of the WAN connection modes required by your ISP from the Connection Mode drop down list in Network Setup Configuration page as shown in Figure 5 2 Figure 5 2 Network Setup Configuration Page WA...
Page 36: ...Chapter 5 Router Connection Setup RX3141 User s Manual 26 5 2 2 PPPoE PPPoE connection is most often used by ADSL service providers Figure 5 3 WAN PPPoE Configuration Connection Mode drop down list ...
Page 37: ...ssword Enter the username and password you use to log into your ISP Note this is different from the information you used to log into Configuration Manager Service Name Enter the service name provided by your ISP Service name is optional but may be required by some ISP IP Address Enter a static IP address here only when your service provider requires a static IP for PPPoE connection This IP address...
Page 38: ...ter appropriate connection settings for Disconnect after Idle min and Connect on Demand 7 Click to save the settings 5 2 2 3 Configuring PPPoE Multi session for WAN Follow the instructions below to configure PPPoE multi session settings for the PPPoE multi session example as shown in Figure 5 4 Internet ISP RX3141 PPPoE0 myService PPPoE1 211 0 0 0 8 myserv net Figure 5 4 WAN PPPoE Multi session Ex...
Page 39: ...P address and the domain name to access the myService network you ll need to configure both rules Figure 5 7 WAN First ACL Rule Settings using network address subnet mask for Forwarding Packets to PPPOE1 Session Figure 5 8 WAN Second ACL Rule Settings using domain name for Forwarding Packets to PPPOE1 Session 4 Verify that you have all the rules properly configured as indicated in the Existing Out...
Page 40: ...apter 5 Router Connection Setup RX3141 User s Manual 30 Figure 5 9 WAN Outbound ACL Rule Settings for PPPoE Multi session Example Figure 5 10 WAN Default Outbound ACL Rule for PPPoE Multi session Example ...
Page 41: ...tion Setup 31 5 2 3 PPPoE Unnumbered Some of the ADSL service providers may offer PPPoE unnumbered service Choose this connection mode if your ISP provides such service Figure 5 11 WAN PPPoE Unnumbered Configuration Connection Mode drop down list ...
Page 42: ...eriod at which you want to disconnect the Internet connection when there is no traffic A value of 0 means no activity time out Note that SNTP service may interfere with this function if there are activities from the service IP Address Enter a static IP address here for the PPPoE unnumbered connection This IP address must be provided by your service provider Unnumbered network address Enter the net...
Page 43: ...nection settings for Disconnect after Idle min and Connect on Demand 6 Click to save the settings 5 2 4 Dynamic IP Dynamic IP is most often used by the cable modem service providers Figure 5 12 WAN Dynamic IP DHCP client Configuration 5 2 4 1 Configuring Dynamic IP for WAN Follow the instructions below to configure dynamic IP settings 1 Open the Router Connection configuration page by double click...
Page 44: ...DNS Server You must at least enter the IP address of the primary DNS server Secondary DNS server is optional 5 2 5 2 Configuring Static IP for WAN Follow the instructions below to configure static IP settings 1 Open the Router Connection configuration page by double clicking the Router Setup Î Connection menu 2 Select Static from the Connection Mode drop down list as shown in Figure 5 13 3 Enter W...
Page 45: ... defined pool of IP addresses and leases them for a specified amount of time to your computers when they request an Internet session It monitors collects and redistributes the addresses as needed On a DHCP enabled network the IP information is assigned dynamically rather than statically A DHCP client can be assigned a different address from the pool each time it reconnects to the network 6 1 2 Why...
Page 46: ...gin End Specify the lowest and highest addresses in the DHCP address pool Lease Time The amount of time in seconds the assigned address will be used by a device connected on the LAN Default Gateway IP Address The address of the default gateway for computers that receive IP addresses from this pool The default gateway is the device that the DHCP client computers first contacted to communicate with ...
Page 47: ...ter this information unless your network has WINS servers 3 Click to save the DHCP server configurations 6 1 4 Viewing Current DHCP Address Assignments When the RX3141 functions as a DHCP server for your LAN it keeps a record of any addresses it has leased to your computers To view a table of all current IP address assignments just open the DHCP Server Configuration page and click on the link Curr...
Page 48: ......
Page 49: ...ters and for the RX3141 provide the most appropriate path for all your Internet traffic f On your LAN computers a default gateway directs all Internet traffic to the LAN port on the RX3141 Your LAN computers know their default gateway either because you assigned it to them when you modified their TCP IP properties or because you configured them to receive the information dynamically from a server ...
Page 50: ...his is the route that creates the default gateway Note that destination IP must be a network ID The default route uses a destination IP of 0 0 0 0 Refer to Appendix 12 for an explanation of network ID Subnet Mask Indicates which parts of the destination address refer to the network and which parts refer to a computer on the network Refer to Appendix 12 for an explanation of network masks The defau...
Page 51: ...clicking the Advanced Î Static Route menu 2 Enter static routes information such as destination IP address destination subnet mask gateway IP address and the interface in the corresponding fields For a description of these fields refer to Table 7 1 Static Route Configuration Parameters To create a route that defines the default gateway for your LAN enter 0 0 0 0 in both the Destination IP Address ...
Page 52: ...chable 7 2 4 Viewing the Static Routing Table All IP enabled computers and routers maintain a table of IP addresses that are commonly accessed by their users For each of these destination IP addresses the table lists the IP address of the first hop the data should take This table is known as the device s routing table To view the RX3141 s routing table double click the Advanced Î Static Route menu...
Page 53: ... an external interface comes up f Force DNS update Only HTTP DDNS client is supported HTTP Dynamic DNS Client HTTP DDNS client uses the mechanism provided by the popular DDNS service providers for updating the DNS records dynamically In this case the service provider updates DNS records in the DNS RX3141 uses HTTP to trigger this update RX3141 supports HTTP DDNS update with the following service p...
Page 54: ...button to enable the DDNS Service Disable Click on this radio button to disable the DDNS Service Domain Name Enter the registered domain name provided by your ISP into this field For example If the host name of your RX3141 is host1 and the domain name is yourdomain com The fully qualify domain name FQDN is host1 yourdomain com Username Enter the username provided by your DDNS service provider in t...
Page 55: ...e details 2 Log into the Configuration Manager and then click Advanced Î DDNS Service menu to open the DDNS Configuration page 3 In the DDNS Configuration page select Enable for the Dynamic DNS 4 Enter the domain name in the Domain Name field 5 Enter the username and password provided by your DDNS service providers 6 Click on button to send a DNS update request to your DDNS service provider Note t...
Page 56: ......
Page 57: ...packet inspection engine in the RX3141 maintains a state table that is used to keep track of connection states of all the packets passing through the firewall The firewall will open a hole to allow the packet to pass through if the state of the packet that belongs to an already established connection matches the state maintained by the stateful packet inspection engine Otherwise the packet will be...
Page 58: ...n t need to create another inbound ACL rule because stateful packet inspection engine tracks the connection state and allows the ICMP echo reply to pass through the firewall 9 1 4 Default ACL Rules The RX3141 supports three types of default access rules f Inbound Access Rules for controlling incoming access to your LAN f Outbound Access Rules for controlling outbound access to external networks fo...
Page 59: ...the closed TCP UDP ports To configure firewall basic settings follow the instructions below 1 Open the Router Security configuration page as shown in Figure 9 1 by double clicking on Router Setup Î Security menu 2 Check or uncheck individual check box for each security option 3 Click to save the settings 9 2 2 DoS Configuration The RX3141 has an Attack Defense Engine that protects internal network...
Page 60: ...le the logging for SYN ICMP UDP flooding attacks These attacks involve sending lots of TCP SYN ICMP UDP to a host in a very short period of time RX3141 will not drop the flooding packets to avoid affecting the normal traffic TCP XMAS NULL FI N Scan A hacker may be scanning your system by sending these specially formatted packets to see what services are available Sometimes this is done in preparat...
Page 61: ...figure DoS settings follow the instructions below 1 Open the Router Security configuration page as shown in Figure 9 1 by double clicking on Router Setup Î Security menu 2 Check or uncheck individual check box for each type DoS attack 3 Click to save the settings Figure 9 1 Router Security Configuration Page ...
Page 62: ...a deny rule This rule when bound to the Firewall will not allow matching packets to pass through Route to only for outbound ACL This field is used for policy routing needed for PPPoE unnumbered or PPPoE multi session Available options include AUTO ppp0 unnumbered ppp1 1st PPPoE session ppp2 2nd PPPoE session These options are selectable from the drop down list If AUTO is selected the router will r...
Page 63: ...stem restart Multiple ACL rules can be associated to the same domain name IP addresses association f Maximum of 30 domain name variables is supported f Each domain name variable IP addresses association is updated only when the LAN client issues the DNS query to RX3141 For example when entering the address http www yahoo com on your browser RX3141 will update the IP address association w www yahoo...
Page 64: ...wn list to select one of the following options Any Select this option if you want this rule to apply to all applications with an arbitrary destination port number Single Range Select any of these and enter details as described in the Source Port section above ICMP available only when protocol type is set to ICMP This option allows you to select the ICMP message type for the ACL rule The supported ...
Page 65: ... in Figure 9 2 by double clicking the Router Setup Î Inbound ACL menu 2 Select Add New from the ID drop down list 3 Set desired action Allow or Deny from the Action drop down list 4 Make changes to any or all of the following fields source destination IP source destination port protocol ICMP message type and log Please see Table 9 3 for explanation of these fields 5 Assign a priority for this rule...
Page 66: ...2 by double clicking the Router Setup Î Inbound ACL menu 2 Click on the icon of the rule to be modified in the inbound ACL table or select the rule number from the ID drop down list 3 Make desired changes to any or all of the following fields action source destination IP source destination port protocol ICMP message type and log Please see Table 9 3 for explanation of these fields 4 Click on the b...
Page 67: ...5 you can control allow or deny Internet or external network access for computers on your LAN Options in this configuration page allow you to f Add a rule and set parameters for it f Modify an existing rule f Delete an existing rule f View configured outbound ACL rules Figure 9 5 Outbound ACL Configuration Page 9 5 1 Add an Outbound ACL Rule To add an outbound ACL rule follow the instructions belo...
Page 68: ...Please see Table 9 3 for explanation of these fields 7 Click on the button to create the new ACL rule The new ACL rule will then be displayed in the outbound access control list table at the bottom half of the Outbound ACL Configuration page Figure 9 6 illustrates how to create a rule to allow outbound HTTP traffic This rule allows outbound HTTP traffic destination port 80 to be forwarded to any h...
Page 69: ...ttom half of the Outbound ACL Configuration page 9 5 3 Delete Outbound ACL Rules To delete an outbound ACL rule just open the Outbound ACL Rule configuration page by double clicking the Router Setup Î Outbound ACL menu and then click on the in front of the rule to be deleted 9 5 4 Display Outbound ACL Rules Open the Outbound ACL Rule configuration page by double clicking the Router Setup Î Outboun...
Page 70: ... any or all of the following fields source destination IP source destination port protocol ICMP message type and log Please see Table 9 3 for explanation of these fields 6 Click on the button to create the new Self Access rule The new rule will then be displayed in the Existing Self Access ACL list table at the bottom half of the Self Access ACL configuration page Example Figure 9 9 shows a sample...
Page 71: ... by double clicking the Router Setup Î Self Access ACL menu and then click on the icon of the rule to be deleted 9 6 4 View Configured Self Access Rules To see existing Self Access Rules just open the Self Access ACL configuration page by double clicking Router Setup Î Self Access ACL menu Figure 9 10 Existing Self Access ACL Rules 9 7 Firewall Log Router Setup Î Log You may open the firewall log ...
Page 72: ... is detected by the system security model TCP XMAS NULL the type of attack detected 192 168 1 100 source of the attack Firewall Access Control Log Example Jan 1 00 03 11 2000 klogd fw OUTBOUND rule 1 allow icmp from 192 168 1 100 to 211 1 1 1 type 8 code 0 id 512Explanation Jan 1 00 03 11 2000 indicates the time of the access klogd fw indicates the log is related to firewall access control OUTBOUN...
Page 73: ...addressing management tasks Because of the translation of IP addresses NAT also conceals true network address from privy eyes and provide a certain degree security to the local network 10 1 1 NAPT Network Address and Port Translation or PAT Port Address Translation Also called IP Masquerading this feature maps many internal hosts to one globally valid Internet address The mapping contains a pool o...
Page 74: ...TCP 21 on PC D This means that the inbound traffic of these four services will be directed to respective host hosting these services 10 2 Configure Virtual Server Virtual server allows you to configure up to ten public servers such as a Web E mail FTP server and etc accessible by external users of the Internet Each service is provided by a dedicated server configured with a fixed IP Address Althou...
Page 75: ... Available settings are All TCP UDP TCP UDP and ESP Redirect Port Range Enter the desired port numbers To IP Address Enter the server IP address Table 10 2 Port Numbers for Popular Applications Application Service Port Numbers AOE II Server 2300 2400 AUTH 113 Baldurs Gate II 2300 2400 Battle Isle 3004 3004 Counter Strike 27005 27015 Cu See Me 7648 7648 56800 24032 Diablo II 4000 4000 DNS UDP 53 53...
Page 76: ...0 2 2 Virtual Server Example Following describes the procedure to setup a FTP server 1 Open the Virtual Server configuration page as shown in Figure 10 3 by double clicking the Advanced Î Virtual Server menu 2 Select FTP from the Enable drop down list and the check the check box to activate this policy Note that the protocol and the redirect port range are automatically selected 3 Enter the IP add...
Page 77: ...access to the FTP server except those from this particular IP address For detail information about configuring an inbound ACL rule please refer to the section 9 4 Configuring Inbound ACL Rules Figure 10 4 Virtual Server Example Inbound ACL RuleConfigure Special Application Some applications use multiple TCP UDP ports to transmit data Due to the NAT operation these applications cannot work with the...
Page 78: ...er For a list of port numbers used by some popular applications please refer to Table 10 4 Incoming Port Range The port range that the corresponding inbound packet used For a list of port numbers used by some popular applications please refer to Table 10 4 Table 10 4 Port Numbers for Popular Applications Application Outgoing Port Number Incoming Port Range Battle net 6112 6112 DialPad 7175 51200 5...
Page 79: ...ty concerns or any other reasons you may want to restrict the use of these applications to a particular group of users Then configure an outbound ACL rule to control outbound access as illustrated in Figure 10 6 This example restricts the access to hosts in the IP address range from 192 168 1 110 to 192 168 1 115 Note that you must remove the default firewall outbound ACL rule for the access restr...
Page 80: ...and time f Reset system configuration f Reboot system f Update firmware f Backup restore system configuration 11 1 Login Password and System Wide Settings The first time you log into the Configuration Manager you use the default username and password admin and admin Note This username and password is only used for logging into the Configuration Manager it is not the same login password that you us...
Page 81: ... keep the default setting the factory assigned MAC address for the WAN port 4 Auto logout after idle min Click Enable radio button and enter in activity time out period to enable this option otherwise click on the Disable radio button or enter 0 in the text field to diable this option When this option is enabled you will be automatically disconnected from the router when the idle timer expires dur...
Page 82: ...m Management RX3141 User s Manual 72 11 2 Viewing System Information System Information page displays whenever you log into RX3141 It contains information for the overall system settings Figure 11 2 System Status Page ...
Page 83: ...ing the date and time on RX3141 does not affect the date and time on your PCs Figure 11 3 Date and Time Configuration Page The maintain accurate time for the router 1 Open the Date and Time configuration page as shown in Figure 11 3 by double clicking the Router Setup Î Timezone menu 2 Select your time zone from the drop down list 3 Check the Enable check box to activate the SNTP Simple Network Ti...
Page 84: ...lt Settings using GUI At times you may want to revert to the factory default settings to eliminate problems resulted from incorrect system configuration Follow the steps below to reset system configuration 1 Log into Configuration Manager by double clicking the Management Î Factory Reset menu The Default Settings Configuration page displays as shown in Figure 11 4 Figure 11 4 Factory Reset Page 2 ...
Page 85: ... in this scenario is to reset the system configuration to the factory default by pressing the reset button located on the rear panel the router for at least 5 seconds The system configuration will be reverted back to the factory default settings after RX3141 is rebooted 11 5 Firmware Upgrade ASUSTeK may from time to time provide you with an update to the firmware running on the RX3141 All system s...
Page 86: ...are image on your computer Figure 11 8 File Manager 3 Click on button to update the firmware A dialog window such as the one below will pop up to ask for confirmation of the firmware upgrade Click the button to proceed otherwise click the button to cancel the action Figure 11 9 Firmware Upgrade Confirmation 4 Firmware upgrade status and progress will be shown as illustrated in Figure 11 10 Firmwar...
Page 87: ...ected back to RX3141 automatically Figure 11 11 Firmware Upgrade Count Down Timer 6 When you are reconnected to the RX3141 click Status menu to check if the new firmware is properly upgraded Note that you probably need to clear the cache of your web browser to see the new System Information page Following is the procedure to clear the browser cache for Microsoft Internet Explorer a Click on Tools ...
Page 88: ...on the button in the reboot the system Figure 11 12 System Reboot Page 3 A dialog window will popup as illustrated in Figure 11 13 Click on the button to proceed or click on the button to cancel Figure 11 13 System Reboot Confirmation Your browser will be reconnected back to the RX3141 when the timer as illustrated in 4 Figure 11 14 elapses Figure 11 14 System Reboot Countdown Timer ...
Page 89: ... illustrated in Figure 11 15 by double clicking the Management Î Backup Restore menu Figure 11 15 System Configuration Backup Page 2 Click the Backup system configuration radio button 3 Click the button to backup the system configuration 4 If you are using Microsoft Windows a File Download dialog window will pop up click on the button as illustrated in Figure 11 16 Figure 11 16 System Configuratio...
Page 90: ...d in Figure 11 17and click on the button to continue Figure 11 17 System Configuration Backup Page Save As Dialog 6 Finally a message as shown in Figure 11 18 will display to let you know whether the system configuration is successfully saved to your computer Figure 11 18 System Configuration Backup Status Enter desired filename ...
Page 91: ...ename of the system configuration file that you want to restore in the text field Figure 11 19 System Configuration Restore Page Alternatively you may click on the button to search for the system configuration file on your computer A window similar to the one shown in Figure 11 20 will pop up for you to select the configuration file to restore Select the desired configuration file and then click o...
Page 92: ...he system configuration 4 A message will pop up as illustrated in Figure 11 21 to let you know whether the system configuration is successfully restored Note that you must reboot the RX3141 to make the new system configuration in effect Figure 11 21 System Configuration Restore Status ...
Page 93: ...2 1 1 Structure of an IP address IP addresses have a hierarchical design similar to that of telephone numbers For example a 7 digit telephone number starts with a 3 digit prefix that identifies a group of thousands of telephone lines and ends with four digits that identify one specific line in that group Similarly IP addresses contain two kinds of information f Network ID Identifies a particular n...
Page 94: ...ass B networks are smaller but still quite large each able to hold over 65 000 hosts There can be up to 16 384 class B networks in existence A class B network might be appropriate for a large organization such as a business or government agency Class C networks are the smallest only able to hold 254 hosts at most but the total possible number of class C networks exceeds 2 million 2 097 152 to be e...
Page 95: ...0000000 As with any class C address all of the bits in field1 through field 3 are part of the network ID but note how the mask specifies that the first bit in field 4 is also included Since this extra bit has only two values 0 and 1 this means there are two subnets Each subnet uses the remaining 7 bits in field4 for its host IDs which range from 0 to 127 instead of the usual 0 to 255 for a class C...
Page 96: ......
Page 97: ...ur network requirements A 100 Mbit sec network 100BaseTx should use cables labeled Cat 5 10Mbit sec cables may tolerate lower quality cables Internet Access PC cannot access Internet Use the ping utility discussed in the following section to check whether your PC can communicate with the RX3141 s LAN IP address by default 192 168 1 1 If it cannot check the Ethernet cabling If you statically assign...
Page 98: ...not check the Ethernet cabling Verify that you are using Internet Explorer 6 0 or newer Support for Javascript must be enabled in your browser Support for Java may also be required Verify that the PC s IP address is defined as being on the same subnet as the IP address assigned to the LAN port on the RX3141 Changes to Configuration Manager are not being retained Be sure to click on button to save ...
Page 99: ...ompt or through a system administration utility 13 1 2 nslookup You can use the nslookup command to determine the IP address associated with an Internet site name You specify the common name and the nslookup command looks up the name on your DNS server usually located with your ISP If that name is not an entry in your ISP s DNS table the request is then referred to another higher level server and ...
Page 100: ...ty There may be several addresses associated with an Internet name This is common for web sites that receive heavy traffic they use multiple redundant servers to carry the same information To exit from the nslookup utility type exit and press Enter at the command prompt ...
Page 101: ...1 Dynamically assigned IP addresses 39 Eth 0 interface defined 16 Ethernet cable 9 Features 1 Firmware Upgrade page 92 93 94 Firmware upgrades 91 Front panel 5 Gatewas in DHCP pools 41 Gateway defined 43 Hardware connections 9 10 Host ID 101 HTTP DDNS 51 Inbound ACL Configuration page 61 Internet troubleshooting access to 105 IP address in device s routing table 47 IP addresses explained 101 IP co...
Page 102: ...figuration 65 Parts checking for 3 Password changing 85 default 14 17 recovering 106 PC configuration 10 PC Configuration static IP addresses 13 Ping 106 Power adapter 9 Primary DNS 36 Quick Configuration logging in 14 Rear Panel 6 Routing Configuration page 44 45 46 Secondary DNS 36 Static IP addresses 13 Static routes adding 45 46 Statically assigned IP addresses 39 Subnet masks 102 System Infor...
