background image

LinkMAX

 HSA300 User Manual

 

  

21

 

7. Click 

A DSL Installer dialog box displays while the program searches 
for your USB hardware. After a few seconds, a second dialog 
box displays to prompt you to attach the USB cable, as shown 
in Figure7. 

 

 

Figure  7. USB Driver Installation: DSL Installer 

 

8.  Attach the USB cable to HSA300 and to your PC. 

The USB cable provided has a flat connector on one end 
(called Type A) and a square connector on the other (Type B). 
Connect the flat connector to your PC and the square 
connector to HSA300. 

A window displays briefly, indicating that the system has found 
new hardware. 

9.  If a Microsoft digital signature dialog box displays, click 

 to continue. 

The System Settings Change dialog box displays to prompt you 
to restart your computer, as shown in Figure8: 

 

Figure 8. USB Driver Installation: System Settings Change 

 

Summary of Contents for LinkMAX HSA300

Page 1: ...LinkMAX HSA300 User Manual 1 LinkMAX HSA300 User Manual BroadMax Technology Limited BMTBEHSA304 Edition V1 1 ...

Page 2: ...the Ethernet cable 13 Step 3 Attach the power connector 13 Step 4 Install USB software and connect the USB cable 13 Part 2 Configuring Your Computers 14 Before you begin 14 Windows 95 98 PCs 14 Windows NT 4 0 workstations 15 Windows 2000 PCs 16 Windows Me PCs 17 Assigning static Internet information to your PCs 18 Configuring a computer connected to the USB port 19 Part 3 Configuring HSA300 24 Log...

Page 3: ...1 Viewing IP Global Statistics 42 7 Configuring Dynamic Host Configuration Protocol 43 Overview of DHCP 43 What is DHCP 43 Why use DHCP 43 HSA300 DHCP modes 44 Configuring DHCP Server 45 Viewing modifying and deleting address pools and excluding IP addresses from a pool 48 Viewing current DHCP address assignments 49 Configuring DHCP Relay 50 Setting the DHCP Mode 51 8 Configuring Network Address T...

Page 4: ...outing to telephone switching 72 Hops and gateways 73 Using IP routes to define default gateways 73 Do I need to define IP routes 73 Viewing the IP Routing Table 74 Adding IP Routes 76 11 Configuring the Routing Information Protocol 77 RIP Overview 77 When should you configure RIP 77 Configuring HSA300 s Interfaces with RIP 78 Viewing RIP Statistics 80 12 Configuring the ATM VCC 81 Viewing Your AT...

Page 5: ...Bridging Feature 100 Defining Bridge Interfaces 101 Deleting a Bridge Interface 102 17 Configuring Firewall Settings 103 Configuring Global Firewall Settings 103 Managing the Black List 106 18 Configuring IP Filters 107 Overview 107 Configuring IP Filter Global Settings 109 Creating IP Filter Rules 110 IP filter rule examples 115 Viewing IP Filter Statistics 117 Managing Current IP Filter Sessions...

Page 6: ...dresses Network Masks and Subnets 124 IP Addresses 124 Structure of an IP address 124 Network classes 125 Subnet masks 125 B Binary Numbers 127 Binary Numbers 127 Bits and bytes 127 C Troubleshooting 128 Diagnosing Problem using IP Utilities 130 ping 130 nslookup 131 D Glossary 132 Index 139 ...

Page 7: ...ering functions to provide security for your LAN Network configuration through DHCP Server and DHCP Relay Services including IP route and DNS configuration RIP and IP and DSL performance monitoring Configuration program you access via an HTML browser System Requirements In order to use HSA300 ADSL Ethernet router you must have the following ADSL service up and running on your telephone line with a...

Page 8: ... defined in the glossary Appendix D Bolded text is used for items you select from menus and drop down lists and text strings you type when prompted by the program Special messages This document uses the following icons to call your attention to specific instructions or explanations Note Provides clarifying or non essential information on the current topic Definition Explains terms or acronyms that...

Page 9: ...is document your HSA300 should arrive with the following The LinkMAX HSA300 6 ft straight Ethernet cable RJ45 RJ45 6 ft Phone line cable RJ11 RJ11 Optional USB cable Power supply adaptor CD ROM contains User s manual and USB driver Figure 1 HSA300 ADSL Ethernet Router Package Contents ...

Page 10: ...atus of the device see figure above Figure 2 Front panel LEDs functionality Label Function Status if LED is ON 1 Power Power Indicator Power up ready to service 2 Line ADSL Link LED steady ADSL link is in operation LED blinking ADSL link is initializing 3 Link Ethernet Link Ethernet link is in operation 4 Data Ethernet Rx Tx Activity Data is being received from transmitted out the Ethernet interfa...

Page 11: ...re 3 Rear Panel Connections Label Function 1 Power Connects to the supplied power adapter cable 2 USB Connects to the USB port on your PC 3 LAN Connects the device to your PC s Ethernet port or to the uplink port on your LAN s hub using the cable provided 4 LINE Connects the device to an ADSL telephone jack for data communication ...

Page 12: ...SL service with your Internet service provider ISP These instructions provide a basic configuration that should be compatible with your home or small office network setup Refer to the subsequent chapters for additional configuration instructions Part 1 Connecting the Hardware In Part 1 you connect the device to the phone jack the power outlet and your computer or network WARNING Before you begin t...

Page 13: ... wires on each end of a straight through cable they will be in the same sequence on crossover cables they will not Contact your ISP for assistance Step 3 Attach the power connector Connect the AC power adapter to the Power connector on the back of the device and plug in the adapter to a wall outlet or power strip Step 4 Install USB software and connect the USB cable You can attach a single compute...

Page 14: ...pond to the operating system installed on your PC Windows 95 98 PCs First check for the IP protocol and if necessary install it 1 In the Windows task bar click the Start button point to Settings and then click Control Panel 2 Double click the Network icon The Network dialog box displays with a list of currently installed network components If the list includes TCP IP and then the protocol has alre...

Page 15: ...ry install it 1 In the Windows NT task bar click the Start button point to Settings and then click Control Panel 2 In the Control Panel window double click the Network icon 3 In the Network dialog box click the Protocols tab The Protocols tab displays a list of currently installed network protocols If the list includes TCP IP then the protocol has already been enabled Skip to step 9 4 If TCP IP do...

Page 16: ...rties dialog box displays with a list of currently installed network components If the list includes Internet Protocol TCP IP then the protocol has already been enabled Skip to step 10 4 If Internet Protocol TCP IP does not display as an installed component click 5 In the Select Network Component Type dialog box select Protocol and then click 6 Select Internet Protocol TCP IP in the Network Protoc...

Page 17: ...o step 11 4 If Internet Protocol TCP IP does not display as an installed component click 5 In the Select Network Component Type dialog box select Protocol and then click 6 Select Microsoft in the Manufacturers box 7 Select Internet Protocol TCP IP in the Network Protocols list and then click You may be prompted to install files from your Windows Me installation CD or other media Follow the instruc...

Page 18: ...default gateway for your LAN In most cases this is the address assigned to the LAN port on HSA300 By default the LAN port is assigned this IP address 192 168 0 1 You can change this number or another number can be assigned by your ISP See Chapter 5 for more information The IP address of your ISP s Domain Name System DNS server On each PC to which you want to assign static information follow the in...

Page 19: ... PC In Part 2 you configure the IP properties on the USB PC Part 1 Installing the USB Driver 1 Ensure that the USB cable is not connected to the USB port on the PC or to the USB port on the G8100 device The installation program will prompt you when to connect the cable 2 Copy the USB installation file to a temporary directory on the USB computer 3 In the folder where you copied the files double cl...

Page 20: ...reement 5 After reviewing the license agreement click to continue 6 If a Microsoft digital signature dialog box displays click to continue The installation program will begin copying the necessary installation files to the required locations When finished the Setup Complete dialog box will display as shown in Figure6 Figure 6 USB Driver Installation Setup Complete ...

Page 21: ... and to your PC The USB cable provided has a flat connector on one end called Type A and a square connector on the other Type B Connect the flat connector to your PC and the square connector to HSA300 A window displays briefly indicating that the system has found new hardware 9 If a Microsoft digital signature dialog box displays click to continue The System Settings Change dialog box displays to ...

Page 22: ...m displays as an item on your Windows Start menu 11 Click the Start button point to Programs GlobeSpan DSL Modem and click on Configure The DSL Modem Installer dialog box should display as shown in Figure9 Figure 9 DSL Modem Installer Dialog Box This step is only verification You do not need to access the configuration program at this time 12 Click ...

Page 23: ...P address to the PC follow the instructions on page 19 and use the following information In the Network and Dial up Connections window be sure to select the icon that corresponds to your new USB connection not the one that corresponds to your Ethernet NIC When you display the properties for the icon the following text should display in the Connect Using text box GlobeSpan USB IAD LAN Modem n The U...

Page 24: ... called Configuration Manager which enables you to configure the operation of the device via your Web browser The settings that you are most likely to need to change before using the device are grouped onto a single Quick Start page To access the Configuration Manager Quick Start page open the Web browser on any PC connected to HSA300 via Ethernet or USB Type the following URL in the address locat...

Page 25: ...rimary Secondary DNS If you selected User Configured in the DNS Proxy Selection enter the Primary and Secondary DNS addresses provided by your ISP If you selected Auto Discovery User Configured you are not required to enter addresses here they will be used in addition to any addresses discovered automatically PPP Settings Username and Password Enter the username and password you use to log in to y...

Page 26: ...tions DHCP Dynamic Host Configuration Protocol DHCP server enabled addresses 192 168 0 3 through 192 168 0 34 subnet mask 255 255 255 0 HSA300 maintains a pool of 32 private IP addresses for dynamic assignment to your LAN computers and a pool containing 1 IP address for assignment to your USB computer To use this service you must have set up your computers to accept IP information dynamically as d...

Page 27: ...o determine which settings you may need to change if any Accessing the Configuration Manager The Configuration Manager program is preinstalled into memory on HSA300 To access the program you need the following A PC or laptop connected to the LAN port on the device as described in the Quick Start chapter An web browser installed on the PC The program is designed to work best with Microsoft Internet...

Page 28: ...first time you log into the program use these defaults Default User Name root Default Password root Note You can change the password at any time see Changing Your Login Password on page 33 The user name cannot be changed The System View page displays each time you log into the program shown in Figure on page 29 ...

Page 29: ...e same task may appear in more than one tab when appropriate For example the Lan Config task displays in both the LAN tab and the Routing tab Commonly used buttons The following buttons are used throughout the application Button Function Stores in temporary system memory any changes you have made on the current page See Committing your changes on page 34 for instructions on storing changes permane...

Page 30: ...ays basic information about HSA300 hardware and software versions the system uptime since the last reboot and the preconfigured operating mode DSL Displays performance statistics for the DSL line You can click the DSL link in the Advanced title bar to display additional DSL settings which are described in Chapter 14 WAN Interfaces Displays the software name s and various settings for the device in...

Page 31: ...properties of these interfaces as described in Chapter 5 Services Summary Displays the following service that HSA300 performs to help you manage your network o Translating private IP addresses to your public IP address NAT Chapter 8 o Setting up filtering rules that accept or deny incoming or outgoing data IP Filter Chapter 16 o Enabling router to router communication RIP Chapter 9 o Dynamic assig...

Page 32: ...ur PCs Follow these instructions to change the date and time 1 At the bottom of the System View page click The System Modify page displays in a separate browser window Figure 13 System Modify Page 2 Use the drop down lists to select a new date and time 3 Click A page displays to confirm your change 4 Click to return to the System View page 5 Click the Admin tab and then click Commit Reboot in the ...

Page 33: ...hapter 12 To change the Configuration Manager login password 1 Click the Admin tab The User Password Configuration page displays by default Figure 14 User Password Configuration Page 2 Type your current password in the Old Password text box 3 Type the new password in the New Password text box and again in the Confirm New text box The password can be up to eight ASCII characters long When logging i...

Page 34: ...from RAM to permanent storage called flash memory Note Submitting changes saves them only until the device is reset or powered down Committing changes saves them permanently Follow these steps to commit changes to permanent storage 1 Click the Admin tab and then click Commit Reboot in the task bar The Commit Reboot page displays Figure 15 Commit Reboot Page 2 Click Disregard the selection in the R...

Page 35: ...any changes you just committed Reboot from Backup Configuration Reboots the device using settings stored in backup memory These are the settings that were in effect before you committed new settings in the current session Reboot from Default Configuration Reboots the device to default settings provided by your ISP or the manufacturer Choosing this option erases any custom settings WARNING Do not r...

Page 36: ...cription of crossover versus straight through Ethernet cables If the PC is USB enabled you can connect it directly to the device s USB port called usb 0 Only one computer can be connected in this manner You can also use the USB and Ethernet ports simultaneously connecting your LAN to the Ethernet port and a standalone PC to the USB port You must assign a unique IP address to each device port that ...

Page 37: ...at you want to use with your network If your network uses a local DHCP server other than the ADSL Ethernet router to assign IP addresses you can configure the device to accept and use a LAN IP address assigned by that server In this mode the ADSL Ethernet router is considered a DHCP client of your DHCP server Note HSA300 itself can function as a DHCP server for your LAN computers as described in C...

Page 38: ...d NAT you will want to assign a fixed LAN IP address and mask This ensures that your LAN computers have a fixed address that they use to communicate with the device The IP address you assign must be on the same subnet as your LAN computers that connect to this port that is the network ID portion of their IP addresses and their subnet masks must be the same See Appendix 0 for an explanation of IP a...

Page 39: ...our connection will remain active If you enabled the DHCP service the ADSL Ethernet router will initiate a request for an IP address from your LAN s DHCP server Assuming a different IP address is assigned your current connection will be terminated 4 Reconfigure your PCs if necessary so that their IP addresses place them in the same subnet as the new IP address of the LAN port See the Quick Start c...

Page 40: ...8 0 1 192 168 0 x x 3 254 USB 192 168 0 2 192 168 0 x x 3 254 3 Click If you are currently communicating with the device via the USB interface then the connection will be terminated because the IP address that the connection was using has now changed If you are currently using the Ethernet interface a page will display to confirm your change and your connection will remain active 4 If necessary re...

Page 41: ...P enabled interfaces The listed IP addresses may include The IP address of the device s LAN Ethernet port called eth 0 See Chapter 5 for instructions on configuring this address The IP address of the device s USB port named usb 0 See Chapter 5 for instructions on configuring this address The IP address of the WAN ADSL line interface which your ISP and other external devices use to identify your ne...

Page 42: ...mission You will not typically need to view this data but you may find it helpful when working with your ISP to diagnose network and Internet data transmission problems To view global IP statistics click on the IP Address Table page Figure 8 shows the IP Global Statistics page Figure 18 IP Global Statistics Page To display updated statistics showing any new data since you opened the page click ...

Page 43: ... an IP address or you specified that it will receive IP information dynamically automatically If you chose to have the information assigned dynamically then you configured your PCs as DHCP clients that will accept IP addresses assigned from a DCHP server such as HSA300 The DHCP server draws from a defined pool of IP addresses and leases them for a specified amount of time to your computers when th...

Page 44: ...P performs the DCHP server function for your network then you can configure the device as a DHCP relay agent When HSA300 receives a request for Internet access from a computer on your network it contacts your ISP for the necessary IP information and then relays the assigned information back to the computer If you have another PC or device on your network that is already performing the DHCP server ...

Page 45: ...fine the pools of IP addresses you want to make available for distribution to your computers These addresses can be multiple public addresses that you have purchased from your ISP but are typically private addresses that you create LAN administrators often create private IP addresses for use only on their networks See Overview of NAT on page 53 2 Log into Configuration Manager click the LAN tab an...

Page 46: ...LinkMAX HSA300 User Manual 46 Figure 20 DHCP Server Pool Add Page ...

Page 47: ... which portion refers to the host computer For a description of network masks and LAN network masks see Appendix 0 You can use the network mask to distinguish which pool of addresses should be distributed to a particular subset of computers on your LAN called a subnet Domain Name A user friendly name that refers to the group of computers subnet that will be assigned addresses from this pool Gatewa...

Page 48: ...ifying and deleting address pools and excluding IP addresses from a pool To view modify or delete an existing address pool display the DHCP Server Configuration page and click the icons in the corresponding row in the address pool table To delete an IP address pool click then submit and commit your changes To view details on an IP address pool click A page displays with all the same information yo...

Page 49: ...ts any IP addresses that are currently leased to LAN devices For each leased address the table lists the following information Field Description IP Address The address that has been leased from the pool Netmask The network mask associated with the leased address which identifies the network ID and host ID portions of the address see Appendix A Mac Address A hardware ID for the device to which the ...

Page 50: ...ess of the DHCP server and select the interfaces on your network that will be using the relay service 2 Log into the Configuration Manager click the LAN tab and then click DHCP Relay in the task bar The DHCP Relay Configuration page displays Figure 23 DHCP Relay Configuration Page 3 Type the IP address of your ISP s DHCP server in the fields provided If you do not have this number it is not essent...

Page 51: ...relay or DHCP server settings See Configuring DHCP Server on page 45 or Configuring DHCP Relay on page 50 for additional instructions Follow these instructions to set the DHCP mode 1 Click the LAN tab and then click DHCP Mode in the task bar 2 From the DHCP Mode drop down list choose DHCP Server DHCP Relay or none If you choose none your LAN computers must be configured with static IP addresses 3 ...

Page 52: ...fy that whenever one of your computers communicates with the Internet that is it sends and receives IP data packets its private IP address which is referenced in each packet will be replaced by the LAN s public IP address Definitions An IP data packet contains bits of data bundled together in a specific format for efficient transmission over the Internet Such packets are the building blocks of all...

Page 53: ...r example providing outside access to your LAN or translating multiple private addresses to multiple public addresses Your Default NAT Setup By default NAT is enabled with an napt rule configured to perform the following translation These private IP addresses are translated to 192 168 0 3 192 168 0 4 192 168 0 34 Your ISP assigned public IP address For a description of napt rules see page 60 This ...

Page 54: ...llowing settings that apply to all NAT rule translations Field Description TCP Idle Timeout sec For a NAT translation session on data that uses the TCP protocol the translation will no longer be performed if no matching data packets are received after the specified time has elapsed TCP Close Wait sec For a NAT translation on data using the TCP protocol after a communication session has been closed...

Page 55: ...be translated to sequential numbers in this range If you change any values click and then click the Admin tab and commit your changes to permanent system memory You can click to view accumulated data on how many NAT rules have been invoked and how much data has been translated A page similar to the one shown in Figure 25 displays Figure 25 NAT Rule Global Statistics Page The table provides basic i...

Page 56: ...se fields refer to the instructions for adding rules pages 61 through 70 From the NAT Rule Configuration page you can click to add a new rule or use the icons in the right column to delete or view details on a rule To view data on how often a specific NAT rule has been used click in the Action s column A page similar to the one show in Figure 27 displays Figure 27 NAT Rule Statistics Page The stat...

Page 57: ...on Rule ID The ID of the NAT rule invoked Interface The device interface on which the NAT rule was invoked from the rule definition Protocol The IP protocol used by the data packets that are undergoing translations from the rule definition Example TCP UDP ICMP Alg Type The Application Level Gateway ALG if any that was used to enable this NAT translation ALGs are special settings that certain appli...

Page 58: ...ate IP address was translated In Address The private IP address that was translated Out Address The IP address of the outside destination web ftp site etc In Out Packets The number of incoming and outgoing IP packets that have been translated in this translation session In Ports The actual port number corresponding to the LAN computer Out Ports The port number associated with the destination addre...

Page 59: ...The napt rule also translates the source port numbers to port numbers that are defined on the NAT Global Configuration page see page 56 The Introduction to NAT on page 52 describes how the napt rule works 1 Click the NAT tab then select NAT Rule Entry from the NAT Options drop down list on the right side of the page The NAT Rule entry page displays a row for each currently configured NAT rule 2 Cl...

Page 60: ...pecify that data from all LAN addresses should be translated type 0 zero in each From field and 255 in each To field If you have several non sequential private addresses you can create an additional napt rule for each address These addresses should correspond to private addresses already in use on your network either assigned statically to your PCs or assigned dynamically using DHCP as discussed i...

Page 61: ...nal access to your web server Your ADSL Ethernet router receives a packet containing a request for access to your Web server The packet header contains the public address for your LAN as the destination IP address and a destination port number of 80 Because you have set up an rdr rule for incoming packets with destination port 80 the device recognizes the data as a request for Web server access Th...

Page 62: ... 4 In the Local Address From and Local Address To fields type the same private IP address or the lowest and highest addresses in a range If you type the same IP address in both fields incoming traffic that matches the criteria you specify in steps 5 and 6 will be redirected to that IP address If you type a range of addresses incoming traffic will be redirected to any available computer in that ran...

Page 63: ... expect that incoming packets destined for that computer would contain the well known web server port number 80 This setting serves as a filter data packets not containing this port number would not be granted access to you local computer 7 If the LAN computer that you are making publicly available is configured to use a non standard port number for the type of traffic it receives type the non sta...

Page 64: ...nter a Rule ID 2 Select the interface on which this rule will be effective 3 Select a protocol to which this rule applies or choose ALL This selection specifies which type of Internet communication will be subject to this translation rule You can select ALL if the rule applies to all data Or select TCP UDP ICMP or a number from 1 255 that represents the IANA specified protocol number 4 In the Loca...

Page 65: ...dresses on a one to one basis The filter flavor extends the capability of the basic rule Refer to The basic Rule on page 66 for a general description You can use the filter rule if you want an address translation to occur only when your LAN computers initiate access to specific destinations The destinations can be identified by their IP addresses server type such as FTP or Web server or both Figur...

Page 66: ...ess in both fields if you also specified a single address in step 4 6 Specify a Destination Address or addresses Destination Port or ports or both You can specify a single value by entering that value in both fields Specify a destination address or range if you want this rule to apply only to outbound traffic to the address or range If you enter only the network ID portion of the destination addre...

Page 67: ...lated to the LAN s public IP address To the rest of the Internet it appears as if the data packet originated from the public IP address Bimap rules can be used to provide external access to a LAN device They do not provide the same level of security as rdr rules because rdr rules also reroute incoming packets based on the port ID Bimap rules do not account for the port number and therefore allow e...

Page 68: ...want a specific IP address or range of addresses to not be subject to an existing rule say rule ID 5 then you can create a pass rule with ID 1 through 4 Follow these instructions to add a pass rule see steps 1 4 under The napt rule on page 61 for detailed instructions corresponding to steps 1 and 2 below 1 Display the NAT Rule Add Page select PASS as the Rule Flavor and enter a Rule ID 2 Select th...

Page 69: ...countering heavy traffic ISPs typically provide primary and secondary DNS addresses and may provide additional addresses Your LAN PCs learn these DNS addresses in one of the following ways Statically If your ISP provides you with their DNS server addresses you can assign them to each PC by modifying the PCs IP properties Dynamically from a DHCP pool You can configure the DHCP Server feature on the...

Page 70: ...he advantage that you will not need to reconfigure the PCs or the ADSL Ethernet router if the ISP changes their DNS addresses Configured on the ADSL Ethernet router You can use the device s DNS feature to specify the ISP s DNS addresses If the device also uses a PPP interface with the Use DNS property enabled then these configured addresses will be used in addition to the two addresses learned thr...

Page 71: ...Click the Admin tab and then click Commit Reboot in the task bar 4 Click to save your changes to permanent memory Note DNS addresses that are assigned to LAN PCs prior to enabling DNS relay will remain in effect until the PC is rebooted DNS relay will only take effect when a PC s DNS address is the LAN IP address Similarly if after enabling DNS relay you specify a DNS address other than the LAN IP...

Page 72: ... number you dialed the middle set of three numbers and connect to a more localized switchboard that handles numbers with that prefix This final switchboard can then look at the last four digits of the phone number to open a connection with the person or company you dialed In comparison when your computer initiates communication over the Internet such as viewing a web page connecting to an web serv...

Page 73: ... the data intelligently If it cannot determine which of these devices provides a good next hop because no such route has been defined then that device will forward the data to its default gateway Eventually a high level device using a predefined IP route will be able to forward the data along a path to its destination Do I need to define IP routes Most users do not need to define IP routes On a ty...

Page 74: ... s routing table click the Routing tab The IP Route page displays by default as shown in Figure 37 Figure 37 IP Route Table Page The IP Route Table displays a row for each existing route These include routes that were predefined on the device routes you may have added and routes that the device has identified automatically through communication with other devices The routing table should reflect a...

Page 75: ...ts final destination is that shown in the destination column IFName Displays the name of the interface on the device through which data is forwarded to the specified next hop Route Type Displays whether the route is direct or indirect In a direct route the source and destination computers are on the same network and the router attempts to directly deliver the data to the computer In an indirect ro...

Page 76: ... 0 0 0 in both the Destination and Net Mask fields Enter your ISP s IP address in the Gateway NextHop field Note that you cannot specify the interface name route type or route origin These parameters are used only for routes that are identified automatically as the device communicates with other routing devices For routes you create the routing table displays system default values in these fields ...

Page 77: ... devices that can access it from remote locations such as the computers telecommuters use Using RIP each device sends its routing table to its closest neighbor every 30 seconds The neighboring device in turn passes the information on to its next neighbor and so on until all devices in the autonomous network have the same set of routes When should you configure RIP Most small home or office network...

Page 78: ...Time These are global settings for all interfaces that use RIP Age is the amount of time in seconds that the device s RIP table will retain each route that it learns from adjacent computers Update Time specifies how frequently HSA300 will send out its routing table its neighbors 3 In the IFName column select the name of the interface on which you want to enable RIP For communication with RIP enabl...

Page 79: ... be accepted into its routing table RIP version 1 is the original RIP protocol Select RIP1 if you have devices that communicate with this interface that understand RIP version 1 only RIP version 2 is the preferred selection because it supports classless IP addresses which are used to create subnets and other features Select RIP2 if all other routing devices on the autonomous network support this v...

Page 80: ...RIP Configuration page you can click to view statistics on attempts to send and receive route table data over RIP enabled interfaces on HSA300 Figure 40 RIP Global Statistics Page You can click to reset all statistics to 0 and to display any newly accumulated data ...

Page 81: ... Area Network WAN that connects you to your ISP the ATM protocol performs functions like those that the Ethernet protocol performs on your LAN This chapter describes how to configure the ATM virtual channel connection VCC The VCC properties define the path HSA300 uses to communicate with your ISP over the ATM network Viewing Your ATM VC Setup To view your current configuration log into Configurati...

Page 82: ...our ADSL Ethernet router and your ISP Max Proto per AAL5 If you are using an AAL5 type of interface this setting indicates the number of higher level interfaces that the VC can support the higher level interfaces can be PPP EoA or IPoA interfaces Contact your ISP to determine which connection protocol s they require Actions Displays an icon you can click on to delete the associated interface Addin...

Page 83: ...ask bar 7 Click to save your changes to permanent memory The new interface should now display in the ATM VCC Configuration table You may need to create a new WAN interface or modify an existing interface so that it uses the new VCC See the instructions for configuring a PPP Chapter 12 EoA Chapter 14 or IPoA Chapter 15 interfaces depending on the type you use to communicate with your ISP You can ve...

Page 84: ...age 2 Enter the new VPI and VCI values select the MUX type or change the maximum number of protocols that the VCC can carry as directed by your ISP You cannot modify the interface type over which an existing VCC operates aal5 0 for example If you want to change the interface type you must delete the existing interface create a new one and select the desired interface type 3 Click 4 On the confirma...

Page 85: ...omputers Your ISP may or may not use the PPP protocol Contact your ISP to determine if you will need to change the default settings in order to connect to their server Viewing Your Current PPP Configuration To view your current PPP setup log into Configuration Manager click the WAN tab and then click PPP in the task bar The PPP Configuration page displays as shown in Figure 44 Figure 44 PPP Config...

Page 86: ...bject to the most restrictive set of firewall protections defined in the software o A private interface connects to your LAN such as the Ethernet interface Packets received on a private interface are subject to a less restrictive set of protections because they originate within the network o The term DMZ de militarized zone in Internet networking terms refers to computers that are available for bo...

Page 87: ...uted to clients of the device s DHCP server This option is useful only when the ADSL Ethernet Router is configured to act as a DHCP Server for your LAN When set to Disable LAN hosts will use the DNS address es preconfigured in the DHCP pool see Configuring DHCP Server on page 45 and in the DNS feature see Chapter 9 Configuring DNS Server Addresses Oper Status Indicates whether the link is currentl...

Page 88: ...r use when the device is turned on or rebooted o Disabled The PPP interface cannot currently be used o Start On Data The PPP connection will be made only when data is sent to the interface e g when a LAN user attempts to use the Internet Service Name The name of the ISP service you are using with this PPP connection ISPs may offer different types of services for example for online gaming or busine...

Page 89: ... on the PPP Configuration page o Auth Failure The ISP could not authorize the connection based on the user name and or password provided o PADT recvd The ISP issued a special packet type to terminate the PPP connection o VC down The Virtual Circuit between the unit and the ISP is down o Internal failure A system software failure occurred DNS The IP address of the DNS server located with your ISP u...

Page 90: ...Add page displays as shown in Figure 46 Figure 46 PPP Interface Add Page 2 Select a PPP interface name from the drop down list and then enter or select data for each field Note You can create multiple PPP interfaces only if you are using the PPoA protocol only one PPP interface can be define if you are using PPoE Check with your ISP which version of the protocol they require The fields are defined...

Page 91: ...protocol your login name and your password To modify the other settings you must delete the interface and create a new one To delete a PPP interface display the PPP Configuration page and click in the Action s column for the interface you want to delete You should not delete a PPP interface unless you have received instructions to do so from your ISP Without an appropriately defined PPP interface ...

Page 92: ...d connection data is shared between the ISP s network and their customer s as if the networks were on the same physical LAN Bridged connections do not use the IP protocol EOA can also be configured to provide a routed connection with the ISP which uses the IP protocol to exchange data Before creating an EOA interface or modifying the default settings contact your ISP to determine which type of pro...

Page 93: ... protections defined in the software o A private interface connects to your LAN such as the Ethernet interface Packets received on a private interface are subject to a less restrictive set of protections because they originate within the network o The term DMZ de militarized zone in Internet networking terms refers to computers that are available for both public and in network accesses such as a c...

Page 94: ... ISP and you will not be routing data through it leave this checkbox unselected Default Route Indicates whether HSA300 should use the IP address assigned to this interface if any as its default route for your LAN This can be Enable or Disable See Chapter 9 for an explanation of default routes Status A green or red ball will display to indicate that the interface is currently up or down respectivel...

Page 95: ...your LAN enter the IP address and network mask you want to assign to the interface This address serves as the public IP address for your entire LAN and is usually assigned by your ISP Or if your ISP will assign this information click the Enable radio button to set up the DHCP service Also specify whether this interface should serve as the default route for your LAN for accessing the Internet 7 Cli...

Page 96: ...or each EOA interface currently defined on the device The table may initially contain no entries The following table describes the fields on this page Field Description Interface The name the software uses to identify the IPoA interface IPoA Type Specifies whether or not the IPoA protocol to be used complies with the IEFT RFC 1577 Classical IP and ARP over ATM contact your ISP if unsure Lower inte...

Page 97: ... computers that are available for both public and in network accesses such as a company s public Web server Packets incoming on a DMZ interface whether from a LAN or external source are subject to a level of protection that is in between those for public and private interfaces Config IP Address and Net Mask The IP address and network mask you want to assign to the interface Status A green or red b...

Page 98: ...he interface by selecting the IPF Type as Public Private or DMZ 5 In the Lower Interface dialog box select the lower level interface name over which this protocol is being configured and click Typically an IPoA interface is configured to operate over an aal5 interface 6 Click A confirmation page will display to confirm your changes 7 Click to return to the EOA page and view the new interface in th...

Page 99: ...evice s interfaces and others represent computers connected via other interfaces For example the hardware IDs of your home computers are attached via the Ethernet port and the hardware IDs of your ISP s computers are attached via the WAN DSL port It stores the ID list and the interface associated with each ID in its bridge forwarding table When the bridge receives a data packet it compares its des...

Page 100: ...n hardware ID or through all its ports if it does not recognize the ID The hardware ID is often referred to as the Media Access Control MAC address Routers are considered more intelligent and flexible devices than bridges and often provide a variety of security and network administration services based on the IP protocols Using the Bridging Feature Although HSA300 is preconfigured to serve as a ro...

Page 101: ...lows bridging with your ISP You may want to check with your ISP to determine whether they use the eoa protocol See Chapter 14 for instructions on creating an EOA interface Note If you enable bridging on an interface that has already been assigned an IP address then it is considered IP enabled and will route rather than bridge IP packets received on the interface The interface will bridge non IP da...

Page 102: ...age 5 Click the Admin tab and then click Commit Reboot in the task bar 6 Click to save your changes to permanent memory Deleting a Bridge Interface To make an interface non bridgeable display the Bridge Configuration page and click next to the interface you want to delete Click to confirm the deletion The interface remains defined in the system but is no longer capable of performing bridging ...

Page 103: ...lly notified Configuring Global Firewall Settings Follow these instructions to configure global firewall settings 1 Log into Configuration Manager click the Services tab and then click Firewall in the task bar The Firewall Configuration page displays as shown in Figure 53 Figure 53 Firewall Configuration Page Note that the Firewall Configuration page contains a drop down list on the right side of ...

Page 104: ... Land Attack Sending packets that use the same address as the source and destination address o Ping of Death Illegal IP packet length DoS Protection Click the Enable radio button to use the following denial of service protections o SYN DoS o ICMP DoS o Per host DoS protection Max Half open TCP Connection Sets the percentage of concurrent IP sessions that can be in the half open state In ordinary T...

Page 105: ...olations Type the addresses in standard internet e mail address format e g jxsmith onecompany com The e mail message will contain the time of the violation the source address of the computer responsible for the violation the destination IP address the protocol being used the source and destination ports and the number violations occurring the previous 30 minutes If the ICMP protocol were being use...

Page 106: ...uration page The Firewall Blacklisted Hosts page displays as shown in Figure 4 Figure 54 Firewall Blacklisted Hosts Page The table displays the following information for each entry Field Description Host IP Address The IP address of the computer that sent the packet s that caused the violation Reason A short description of the type of violation If the packet violated an IP Filter rule the custom t...

Page 107: ...or internet protocol it is carrying the direction in which it is traveling for example from the LAN to the Internet or vice versa the IP address of the sending computer the destination IP address and other characteristics of the packet data If the packet matches the criteria established in a rule the packet can be either accepted forwarded towards its destination or denied discarded depending on t...

Page 108: ...LinkMAX HSA300 User Manual 108 edit delete and view details on the corresponding rule ...

Page 109: ...ic Packets received on a public interface are subject to the most restrictive set of firewall protections defined in the software Typically the global setting for public interfaces is Deny so that all accesses to your LAN initiated from external computers are denied discarded at the public interface except for those allowed by a specific IP Filter rule A private interface connects to your LAN such...

Page 110: ...ous criteria that must be met in order for the rule to be invoked Use these instructions to add a new IP filter rule and refer to the examples on page 115 for assistance 1 On the main IP Filter page click The IP Filter Rule Add page displays as shown in Figure 56 Figure 56 IP Filter Rule Add Page ...

Page 111: ...e examples on page 115 for suggestions on choosing the appropriate interface for various rule types In Interface The interface from which packets must have been forwarded to the interface specified in the previous selection This option is valid only for the outgoing direction Log Option When Enabled is selected a log entry will be created on the system each time this rule is invoked The log entry ...

Page 112: ...ddress lteq any source IP address that is numerically less than or equal to the specified address gt any source IP address that is numerically greater than the specified address eq any source IP address that is numerically equal to the specified address neq any source IP address that is not equal to the specified address range any source IP address that is within the specified range inclusive out ...

Page 113: ...ia See the description of Src IP Address for the selection options Dest Port Port number criteria for the destination computer s i e the port number of the type of computer to which the packet is being sent This field will be dimmed unavailable for entry unless you have selected TCP or UDP as the protocol See the description of Src IP Address for the selection options TCP Flag Specifies whether th...

Page 114: ... to packets whether or not they contain fragments assuming that they match the other criteria IP Option Pkt Determines whether the rule should apply to IP packets that have options specified in their packet headers o Yes The rule will be applied only to packets that contain header options o No The rule will be applied only to packets that do not contain header options o Ignore Default The rule wil...

Page 115: ...t Reboot in the task bar 5 Click to save your changes to permanent memory IP filter rule examples Example 1 Blocking a specific computer on your LAN from using accessing web servers on the Internet 1 Add a new rule for outgoing packets on the ppp 0 interface from any incoming interface this would include the eth 0 and usb 0 interfaces for example 2 Specify a source IP address of the computer you w...

Page 116: ...or packets incoming on the ppp 0 interface 2 Specify that the packet must contain the TCP protocol and must be destined for port 23 the well known port number used for the Telnet protocol 3 Enable the rule by clicking the radio button at the top of the page 4 Click to create the rule and commit your changes Figure 57 shows how this rule could be configured Figure 57 IP Filter Rule Example 2 ...

Page 117: ...o reset the count to zero and to display newly accumulated data Managing Current IP Filter Sessions When two computers communicate using the IP protocol an IP session is created for the duration of the communication HSA300 allows a fixed number of concurrent IP sessions You can view information about each current IP session and delete sessions for security reasons for example To view all current I...

Page 118: ...n which the IP Filter rule is effective IP Address The IP addresses involved in the communication The first one shown is the initiator of the communication Port The hardware addresses of the ports involved in the communication In Out Rule Index The number of the IP Filter rule that is applies to this session assigned when the rule was created In Out Action The action accept deny or unknown being t...

Page 119: ...tus page displays current information on the DSL line performance The page refreshes according to the setting in the Refresh drop down list which you can configure You can click to reset all counters to zero and to redisplay the page with newly accumulated values Although you generally will not need to view this data it may be helpful when troubleshooting connection or performance problems with yo...

Page 120: ...s preconfigured by the product manufacturer or your ISP The Config Data table lists various types of error and defects measurements found on the DSL line You cannot modify this data From the DSL Status page you can click to display DSL line performance statistics as shown in Figure 62 Figure 62 DSL Statistics Page ...

Page 121: ...t the bottom of the page the Detailed Interval Statistic table displays links you can click on to display detailed data for each 15 minute interval in the past 24 hours For example when you click on 1 4 data displays for the 16 intervals 15 minutes each that make up the previous 4 hours Figure 63 shows an example Figure 63 DSL Interval Statistics Page ...

Page 122: ... troubleshoot problems you encounter with the device Despite their name not all alarms indicate problems in the functioning of the system Viewing the Alarm Table To display the Alarm page log into the Configuration Manager click the Admin tab and then click Alarm in the task bar The Alarm page displays as shown in Figure 64 Figure 64 Alarm Page Each row in the table displays the time and date that...

Page 123: ...you can click to display a separate Alarm Monitor window as shown in Figure 65 Figure 65 Alarm Monitor Window You can click on the Refresh Rate drop down list to select a recurring time interval after which the page will redisplay with new data You can leave the Alarm Monitor window open and active even after closing the Configuration Manager ...

Page 124: ...ero dot two eleven Structure of an IP address IP addresses have a hierarchical design similar to that of telephone numbers For example a 7 digit telephone number starts with a 3 digit prefix that identifies a group of thousands of telephone lines and ends with four digits that identify one specific line in that group Similarly IP addresses contain two kinds of information Network ID Identifies a p...

Page 125: ...es The class can be determined easily from field1 field1 1 126 Class A field1 128 191 Class B field1 192 223 Class C field1 values not shown are reserved for special uses A host ID can have any value except all fields set to 0 or all fields set to 255 as those values are reserved for special uses Subnet masks Definition mask A mask looks like a regular IP address but contains a pattern of bits tha...

Page 126: ...11111 11111111 11000000 The two extra bits in field4 can have four values 00 01 10 11 so there are four subnets Each subnet uses the remaining six bits in field4 for its host IDs ranging from 0 to 63 Note Sometimes a subnet mask does not specify any additional network ID bits and thus no subnets Such a mask is called a default subnet mask These masks are Class A 255 0 0 0 Class B 255 255 0 0 Class...

Page 127: ... Binary 1 000 s 100 s 10 s 1 s 8 s 4 s 2 s 1 s 1 3 1 1 0 1 Also since binary uses only two digits to represent all numbers a binary number has more digits than the same number in decimal In the example above you can see that the decimal number 13 is the same as the binary number 1101 8 4 1 13 Bits and bytes Computers handle binary numbers by grouping them into units of distinct sizes The smallest ...

Page 128: ... this information automatically Verify that a Network Address Translation rule has been defined on HSA300 to translate the private address to your public IP address The assigned IP address must be within the range specified in the NAT rules see Chapter 8 Or configure the PC to accept an address assigned by another device see the Quick Start Part 2 The default configuration includes a NAT rule for ...

Page 129: ...ault 192 168 0 1 If it cannot check the Ethernet cabling Verify that you are using Internet Explorer v5 0 or later or Netscape Navigator v4 7 or later Support for Javascript must be enabled in your browser Support for Java may also be required Verify that the PC s IP address is defined as being on the same subnet as the IP address assigned to the LAN port on HSA300 Changes to Configuration Manager...

Page 130: ...te IP address on your LAN or a public IP address for an Internet site if known If the target computer receives the message a Command Prompt window displays like that shown in Figure 66 Figure 66 Using the ping Utility If the target computer cannot be located you will receive the message Request timed out Using the ping command you can test whether the path to HSA300 is working using the preconfigu...

Page 131: ...ndows based computers you can execute the nslookup command from the Start menu Click the Start button and then click Run In the Open text box type the following nslookup Click A Command Prompt window displays with a bracket prompt At the prompt type the name of the internet address your are interested in such as www microsoft com The window will display the associate IP address if known as shown i...

Page 132: ...cate To verify a user s identity such as by prompting for a password binary The base two system of numbers that uses only two digits 0 and 1 to represent all numbers In binary the number 1 is written as 1 2 as 10 3 as 11 4 as 100 etc Although expressed as decimal numbers for convenience IP addresses in actual use are binary numbers e g the IP address 209 191 4 240 is 11010001 10111111 00000100 111...

Page 133: ...ndly name used in place of its associated IP address For example www globespan net is the domain name associated with IP address 209 191 4 240 Domain names must be unique their assignment is controlled by the Internet Corporation for Assigned Names and Numbers ICANN Domain names are a key element of URLs which identify a specific file at a web site e g http www globespan net index html See also DN...

Page 134: ... An Internet protocol used to report errors and other network related information The ping command makes use of ICMP IGMP Internet Group Management Protocol An Internet protocol that enables a computer to share information about its membership in multicast groups with adjacent routers A multicast group of computers is one whose members have designated as interested in receiving specific content fr...

Page 135: ...y known IP address into a private IP address for each computer on your LAN Only your router and your LAN know these addresses the outside world sees only the public IP address when talking to a computer on your LAN NAT rule A defined method for translating between public and private IP addresses on your LAN network A group of computers that are connected together allowing them to communicate with ...

Page 136: ...s of PPP interfaces you can define for a Virtual Circuit VC the other type being PPPoA You can define one or more PPPoE interfaces per VC protocol A set of rules governing the transmission of data In order for a data transmission to work both ends of the connection have to follow the rules of the protocol remote In a physically separate location For example an employee away on travel who logs in t...

Page 137: ...ask subnet mask A mask that defines a subnet See also network mask TCP See TCP IP TCP IP Transmission Control Protocol Internet Protocol The basic protocols used on the Internet TCP is responsible for dividing data up into packets for delivery and reassembling them at the destination while IP is responsible for delivering the packets from source to destination When TCP and IP are bundled with high...

Page 138: ...al area such as a country or continent With respect to HSA300 WAN refers to the Internet Web browser A software program that uses Hyper Text Transfer Protocol HTTP to download information from and also upload to web sites and displays the information which may consist of text graphic images audio or video to the user Web browsers use Hyper Text Transfer Protocol HTTP Popular web browsers include N...

Page 139: ... interfaces 115 with IP enabled interfaces 116 Broadband 149 Broadcast 149 Bytes 143 Commit Reboot page 40 Computers configuring IP information 18 Configuration Manager overview 33 troubleshooting 146 Connectors rear panel 13 Data packet 61 Date and time changing in the system 38 Default configuration 30 Default gateway 84 De militarized zones 123 Denial of Service 118 DHCP defined 51 149 device m...

Page 140: ...fined 30 Ethernet defined 150 Ethernet cable 17 straight through vs crossover 145 Features 9 FILTER NAT flavor 74 Filtering rule 150 Firewall 150 settings 118 Firewall Blacklisted Hosts page 120 Firewall Configuration page 117 Front panel 12 FTP 151 Gatewas in DHCP pools 55 Gateway defined 84 Gigabit 151 Hardware connections 15 16 Home Tab 36 Hop 151 defined 84 Hop count 90 151 Host 151 Host ID 13...

Page 141: ...ge 44 LAN interface 58 configuring multiple 49 LAN IP address 43 45 configuring 44 specifying 44 viewing 49 LAN network mask 45 LAN port default IP information 22 LEDs 12 152 troubleshooting 145 Login to Configuration Manager 33 Loopback IP address 49 MAC addresses 152 in DHCP Address Table 57 in DHCP pools 55 Mask See Network mask Mbps 152 Microfilter 152 NAPT NAT flavor 68 NAT 152 adding rules 6...

Page 142: ...figuration 81 DSL Interval Statistics 135 DSL Parameters 134 DSL Statistics 134 DSL Status 133 EOA 106 EOA Interface Add 107 Firewall Blacklisted Hosts 120 Firewall Configuration 117 IP Address Table 49 IP Filter Configuration 122 IP Filter Rule Add 124 IP Filter Rule Statistics 131 IP Filter Sessions 131 IP Global Statistics 50 IP Route Add 87 IP Route Table 85 IPoA 109 IPoA Interface 111 LAN Con...

Page 143: ...ote 153 Reset button 41 RIP 153 configuring on device 90 overview 89 viewing statistics 92 RIP Configuration page 90 RIP Global Statistics page 92 RJ 11 153 RJ 45 153 Routing 153 Routing Information Protocol See RIP Security levels setting 123 Splitter 154 Splitterless 154 Static IP addresses 22 Statically assigned IP addresses 51 Submitting vs committing 40 Subnet 154 defined 55 Subnet mask See N...

Page 144: ...tion 43 47 User Password Configuration page 39 Username default 34 VC 155 VCI 155 VPI 155 WAN 155 WAN interface configuring multiple 49 IP address 49 Web browser 155 requirements 9 version requirements 33 Web browsers compatible versions 33 Web page 155 Web site 155 Windows NT configuring IP information 19 World Wide Web 155 ...

Reviews: