NB712 / NB714 User Guide
17
YML829 Rev1
Bridge EoA
Route EoA
IPoA
PPPoA
Page 1: ......
Page 2: ...3 2 Frame Speci cation 12 3 3 Applications 13 4 Getting to know the router 14 4 1 Front Panel 14 4 2 Rear Panel 15 5 Connecting your G SHDSL Modem Router 16 6 Con guration via Web Browser 19 7 Basic...
Page 3: ...erface 80 14 1 Serial Console 80 14 2 Telnet 80 14 3 Operation Interface 81 14 4 Window structure 82 14 5 Menu Driven Interface Commands 83 14 6 Menu Tree 84 14 7 Con guration 85 14 8 Status 87 14 9 S...
Page 4: ...st broadband technology to meet the growing need for high performance data communication 1 1 Features Easy con guration and management with password control for various applications and environments E...
Page 5: ...DMZ Multi NAT function Virtual server mapping RFC1631 VPN pass through for PPTP L2TP IPSec tunnelling Natural NAT rewall Advanced Stateful packet inspection SPI rewall Application level gateway for U...
Page 6: ...TM for xed and dynamic IP RFC 2364 User authentication with PAP CHAP MS CHAP WAN Interface SHDSL ITU T G 991 2 Annex A Annex B Encoding scheme 16 TCPAM Data Rate 2 wire mode N x 64Kbps N 0 36 0 for ad...
Page 7: ...dity 0 95 RH non condensing Memory 2MB Flash Memory 8MB SDRAM Product Information G shdsl 2 wire router bridge with 4 port switching hub LAN VLAN and business class rewall G shdsl 2 or 4 wire selectab...
Page 8: ...rigger alarms when hostile or unauthorized entry is attempted Firewalls can lter packets based on their source and destination addresses and port numbers This is known as address ltering Firewalls can...
Page 9: ...offer the advantages of packet ltering rewalls but can also hide the IP addresses of computers behind the rewall and offer a level of circuit based ltering Level 5 Application Level 4 TCP Level 3 IP L...
Page 10: ...all may also perform very detailed logging of traf c and monitoring of events on the host system and can often be instructed to sound alarms or notify an operator under de ned conditions Application l...
Page 11: ...nce number that is a cookie of the connection and forgets everything it knows about the connection It can then recreate the forgotten information about the connection where the next packets come in fr...
Page 12: ...multiple VLANs and be tagged members of these VLANs 3 A port must not be a tagged member of its default VLAN 4 If a non tagged or null VID tagged packet is received it will be assigned with the defau...
Page 13: ...e Tag Control Information TCI consists of the following elements 1 User priority allows the tagged frame to carry user priority information across bridged LANs in which individual LAN segments may be...
Page 14: ...escription PWR On Power on WAN LNK On SHDSL line connection is established Blink SHDSL handshake ACT On Transmit or received data over SHDSL link LAN 1 On Ethernet cable is connected to LAN 1 Blink Tr...
Page 15: ...11 RST Reset button to reboot or load factory default The reset button can be used in one of two ways 1 Press the Reset Button for one second to reboot the system only 2 Pressing the Reset Button for...
Page 16: ...for web con guration so please check that the PC has TCP IP protocol installed Step 2 Check the Web Browser in PC For Web Con guration ensure that the PC has a Web Browser installed such as IE or Nets...
Page 17: ...NB712 NB714 User Guide 17 YML829 Rev1 Bridge EoA Route EoA IPoA PPPoA...
Page 18: ...rnet cable to the PC Note The 4 port modem router supports auto MDIX switching so both straight and cross over Ethernet cables can be used Connect the phone cable to the product and the other side of...
Page 19: ...via Web Browser For Win95 98 and Me click the start button Select Setting and Control Panel Double click the Network icon In the Con guration window select the TCP IP protocol line associated with yo...
Page 20: ...outer acts as DHCP server in your network the router will automatically assign an IP address for the PC in the network Type User Name admin and Password admin and then click OK The default user name a...
Page 21: ...y setup the router After successfully completing it you can access the Internet This is the easiest and quickest way to setup the router Note The advanced functions are only for advanced users The inc...
Page 22: ...er Premises Equipment For a connection with a DSLAM the correct SHDSL mode is CPE For a LAN to LAN connection one side must be CO and the other side must be CPE LAN Parameters Enter IP 192 168 1 1 Ent...
Page 23: ...1 WAN1 Parameters Enter VPI 0 Enter VCI 32 Click LLC Click Next The screen will display the new parameters Check the parameters and click Restart The router will reboot with the new settings Select Co...
Page 24: ...hernet and IP over ATM and Ethernet over ATM The type of Internet protocol is provided by your ISP Click ROUTE and CPE Side then press Next Two SHDSL modes are available CO Central Of ce and CPE Custo...
Page 25: ...ev1 7 2 1 DHCP Client Some ISPs provide a DHCP server service whereby the PC in the LAN can access IP information automatically To setup the DHCP client mode follow the procedure LAN IP Type Dynamic C...
Page 26: ...s move to another location in another part of the network a new IP address must be entered DHCP lets a network administrator supervise and distribute IP addresses from a central point and automaticall...
Page 27: ...are reserved for broadcast so the legal IP address range is from 1 to 254 On the other hand you cannot assign an IP greater than 254 or less then 1 Lease time 72 hours indicates that the DHCP server...
Page 28: ...IP Type Fixed IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Host Name SOHO Some ISPs require the host name as identi cation Check with your ISP to see if your Internet service has been con gured wi...
Page 29: ...milar devices Users share a common Digital Subscriber Line DSL cable modem or wireless connection to the Internet PPPoE and PPPoA combine the Point to Point Protocol PPP commonly used in dialup connec...
Page 30: ...here are three IP types Dynamic Fixed and IP Unnumbered which you can setup The default IP type is Dynamic It means that ISP PPP server will provide IP information including a dynamic IP address when...
Page 31: ...ss on STEP 2 Note For security the password will be displayed as asterisk characters The screen will display the parameters that will be written to EPROM Check the parameters before writing to EPROM P...
Page 32: ...more information refer to the section on NAT DMZ IP Address 10 1 2 1 The router s IP address as seen from the Internet Your ISP will provide it and you need to specify it here Subnet mask 255 255 255...
Page 33: ...L829 Rev1 The screen will display the parameters that will be written to EPROM Check the parameters before writing to EPROM Press Restart to restart the router with the new parameters or press Continu...
Page 34: ...34 NB712 NB714 User Guide YML829 Rev1 8 Advanced Setup Advanced setup contains SHDSL WAN Bridge VLAN Route NAT DMZ Virtual server and rewall parameters...
Page 35: ...following screen displays the Advanced SHDSL settings page for the NB714 with the option to select the Link Type Annex Type There are three Annex types Annex A ANSI Annex B ETSI or Annex AB in SHDSL...
Page 36: ...ection If you set the SNR margin in the eld to 2 the SHDSL connection will drop and reconnect when the SNR margin is lower than 2 I e the device will reduce the line rate and reconnect for better line...
Page 37: ...ISPs otherwise you do not need to setup WAN The WAN Number 1 will be the parameters setup in Basic Setup If you want to setup another PVC you can con gure them in WAN 2 to WAN 8 Enter the parameters I...
Page 38: ...ingle cell during the CBR connection s assigned cell slot VBR rt Variable Bit Rate real time VBR rt is intended for real time applications such as compressed voice over IP and video conferencing that...
Page 39: ...bridge information If you want to lter the MAC address of a LAN PC to access the Internet press Add to establish the ltering table Enter the MAC address in the MAC address eld and select Filter in the...
Page 40: ...L829 Rev1 The screen will display the parameters that will be written to EPROM Check the parameters before writing to EPROM Press Restart to restart the router with the new parameters or press Continu...
Page 41: ...en in fact they are located on a number of different LAN segments Because VLAN is based on logical instead of physical connections it is extremely exible Click VLAN to con gure VLAN Two types of VLAN...
Page 42: ...ault VLAN Link Type Access means the port can receive or send untagged packets Link Type Trunk means that the port can receive or send tagged packets Port Based VLANs are VLANs where the packet forwar...
Page 43: ...col regularly broadcasts routing information to other routers on the network Click Route to modify the routing information To modify the RIP Routing Information Protocol Parameters RIP Mode Enable Aut...
Page 44: ...MD5 The RIP will be decoded by MD5 rather than be protected by password authentication code Poison Reverse Poison Reverse promptly broadcasts or multicasts the RIP while the route is changed e g shut...
Page 45: ...ch it to a previous request NAT also conserves the number of global IP addresses that a company needs and lets the company use a single IP address for its communication in the Internet world DMZ demil...
Page 46: ...ned to the WAN for enabling DMZ functions for the virtual IP address Multi DMZ Some users who have two or more global IP addresses assigned by their ISP can be used as a multi DMZ The table is for the...
Page 47: ...for working days from Monday to Friday 8 AM to 6PM other requests with UDP made to 69 210 1 8 25 are remapped to server 2 on 192 168 1 3 25 which is always on You can setup the router as Index 1 proto...
Page 48: ...he remote management security The NAT rewall will take effect if the NAT function is enabled The default remote management security is to block any WAN side connection to the device Non empty legal IP...
Page 49: ...level enables basic rewall security as well as all DoS protection and the SPI lter function Press Finish to nish setting up the rewall The screen will display the parameters which will be written to E...
Page 50: ...ed Firewall Security and then press Finish SYN Attack A SYN ood attack attempts to slow your network by requesting new connections but not completing the process to open the connection Once the buffer...
Page 51: ...responses to the ping As many responses are generated for only one attack the attacker is able use many ampli ers on the same victim Traditional rewalls are stateless meaning they have no memory of th...
Page 52: ...1 1 1 to access the all PCs e g 192 168 1 2 192 168 1 50 in the LAN key in the parameter as Protocol ANY Direction INBOUND INBOUND is from WAN to LAN and OUTBOUND is LAN to WAN Description Hacker Src...
Page 53: ...ternal Internal 1023 Always 5 Any Either Deny Any Any Any Always Packet Direction Source Destination Protocol Dest Port Action Rule 1 Inbound 192 168 3 4 172 16 1 1 TCP 25 Permit A 2 Outbound 172 16 1...
Page 54: ...bound Permit External Internal 25 1023 5 Any Either Deny Any Any Any Any Filtering Result Index Protocol Direction Action Source Destination Source Port Dest Port 1 TCP Inbound Permit A 192 168 3 4 17...
Page 55: ...o 254 On the other hand 0 and all 0 successive with 0 represents any When the rule is ordered as ABC Index Source Address Destination Address Action 1 10 1 99 1 172 16 1 1 Deny B 2 10 1 99 1 172 16 6...
Page 56: ...ng Quality of Service This is particularly useful for Voice over IP VoIP where the amount of bandwidth can affect the line quality in a phone call Select Enable to enable IP QoS and then click on the...
Page 57: ...ML829 Rev1 The screen will display the con gured parameters Check the parameters In this example 192 168 1 60 is the highest priority 192 168 1 50 is the second high priority 192 168 1 40 is the third...
Page 58: ...58 NB712 NB714 User Guide YML829 Rev1 9 Administration This section details security simple network management protocol SNMP and time synchronous...
Page 59: ...ute Web browser telnet and serial console Press Security to setup the parameters For greater security de ne the Supervisor ID and password for the gateway If you don t set them all users on your netwo...
Page 60: ...to access the router Leaving blank the Trust Host List will block all PCs from WAN to access the router I e only PCs on the LAN would be able to access the router If you type the exact IP address in...
Page 61: ...in statistics set con guration parameters and monitor network events SNMP communications can occur over the LAN or WAN connection The router can generate SNMP traps to indicate alarm conditions and it...
Page 62: ...v1 SNMP status Enable Access Right Deny for deny all access Access Right Read for access read only Access Right Write for access read and write Community Serves as password for access right Click on t...
Page 63: ...pool Version Select version for trap host SNMP v1 or SNMP v2 IP Type the trap host IP Community Type the community password The community is setup in community pool Click on OK to nish the setup The b...
Page 64: ...elies on an IT system The reason for this is that these systems all have clocks that are the source of time for les or operations they handle Without time synchronization time on these systems can var...
Page 65: ...the world can be used but it is suggested that you use the nearest timeserver Time Zone You have to choose the right time zone Click on Finish to nish the setup The browser will display the con gured...
Page 66: ...714 User Guide YML829 Rev1 10 Utility This section describes the utility of the router including system information loading the factory default con guration upgrading the rmware logout and restarting...
Page 67: ...NB712 NB714 User Guide 67 YML829 Rev1 10 1 System Info Click on System Info to review the information The browser will display your system information on the screen...
Page 68: ...hand you will lose all the con gured parameters Restore Con guration Will help you to recover your backup con guration Click Finish after selecting Restore Con guration Browse the router for the backu...
Page 69: ...714 User Guide 69 YML829 Rev1 10 3 Upgrade You can upgrade the gateway using the upgrade function Press Upgrade Browse the le and press OK button to upgrade The system will reboot automatically after...
Page 70: ...70 NB712 NB714 User Guide YML829 Rev1 10 4 Logout To logout the router press logout...
Page 71: ...NB712 NB714 User Guide 71 YML829 Rev1 10 5 Restart To restart the router select Restart in UTILITY Click on the Restart button to reboot the router...
Page 72: ...rgin attenuation and CRC error count LAN status will display the MAC address IP address Subnet mask and DHCP client table WAN status will display the WAN interface information Route status will displa...
Page 73: ...NB712 NB714 User Guide 73 YML829 Rev1 12 LAN to LAN connection with bridge Mode 12 1 CO side Click Bridge and CO Side to setup Bridging mode of the Router and then click Next LAN Parameters...
Page 74: ...et Mask 255 255 255 0 Enter Gateway 192 168 1 1 Enter Host Name SOHO WAN1 Parameters Enter VPI 0 Enter VCI 32 Encap Click LLC Click Next The screen will display the con gured parameters Check the para...
Page 75: ...hen click Next LAN Parameters IP Address Enter192 168 1 2 Subnet Mask Enter 255 255 255 0 Gateway Enter 192 168 1 2 Host Name Enter SOHO WAN1 Parameters VPI 0 VCI 32 Encap LLC Click Next The screen wi...
Page 76: ...ev1 13 LAN to LAN Connection with Routing Mode 13 1 CO side Click ROUTE and CO Side then press Next LAN parameters IP Address 192 168 20 1 Subnet Mask 255 255 255 0 Host Name SOHO DHCP Service For mor...
Page 77: ...Next to setup the IP parameters Refer to the section NAT DMZ for more information IP Address 192 168 30 1 Subnet mask 255 255 255 0 Gateway 192 169 30 2 Click Next The screen will display the paramete...
Page 78: ...uide YML829 Rev1 13 2 CPE side Click ROUTE and CPE Side then press Next LAN parameters IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Host Name SOHO DHCP Service For more DHCP service review DHCP S...
Page 79: ...t to setup the IP parameters Refer to the section NAT DMZ for more information IP Address 192 168 30 2 Subnet mask 255 255 255 0 Gateway 192 168 30 1 Click Next The screen will display the parameters...
Page 80: ...the login screen appears When you see the login screen you can logon to Router Note You have to use the SPACE key Pressing other keys will not work User admin Password Note The factory default user a...
Page 81: ...iven interface displays all available commands for you to select This means that you don t need to remember the command syntax and can save you time by not requiring you to type the whole command line...
Page 82: ...he brackets Command Description ip An item enclosed in brackets is required If the item is shown in lower case bold it represents an object with special format For example ip may be 192 168 1 3 Route...
Page 83: ...stroke list are also displayed on the window Menu Driven Interface Commands Keystroke Description UP or I Move to above eld in the same level menu DOWN or K Move to below eld in the same level menu LE...
Page 84: ...The menu tree is shown below All con guration commands are included in the Enable directory and are protected by a supervisor password Unauthorized users can view the status and con guration of the r...
Page 85: ...e flash configuration reboot Reset and boot system ping Packet internet groper command admin Setup management features utility TFTP upgrade utility exit Quit system The description of the commands are...
Page 86: ...L829 Rev1 Command Description ping Packet internet groper command admin You can set management features with this command utility Upgrade software and backup and restore con guration are done via util...
Page 87: ...ription shdsl The SHDSL status includes line rate SNR margin TX power attenuation and CRC error of the product and SNR margin attenuation and CRC error of remote side The product access remote side in...
Page 88: ...or to show and press enter system Show general information config Show all configuration script Show all configuration in command script Command Description system The general information of the syste...
Page 89: ...nd press enter Command ping ip 1 65534 t 1 1999 Message Please input the following information IP address IP 10 0 0 1 Number of ping request packets to send TAB select t Data size 1 1999 32 There are...
Page 90: ...y any user information or add a new user to user pro le To modify or add a new user move the cursor to modify and press enter Command admin user modify 1 5 more Message Please input the following info...
Page 91: ...trap Configure trap host parameter Up to 5 SNMP community entries can be con gured in this system Move the cursor to community and press enter Command admin snmp community 1 5 more Message Please inpu...
Page 92: ...r via telnet or console mode have to use the password to con gure the router Change the ID and password after con guration and save it When you access to the router again you have to use the new passw...
Page 93: ...SNTP v4 0 service time_server1 Configure time server 1 time_server2 Configure time server 2 time_server3 Configure time server 3 updaterate Configure update period time_zone Configure GMT time zone of...
Page 94: ...st way to know the time zone offset hour is from your PC clock Double click the clock at the right corner of monitor and check the time zone Command admin sntp time_zone 12 12 Message Please input the...
Page 95: ...e setup parameters are located in the subdirectories of setup Move the cursor to setup and press enter mode Switch system operation mode shdsl Configure SHDSL parameters wan Configure WAN interface pr...
Page 96: ...roduct 4 wire product can be worked under 2 wire mode You can set the data rate in multiples of 64Kbps where n is from 0 to 32 If you con gure n to 0 the product will perform in adaptive mode There ar...
Page 97: ...do not need to setup the IP address and subnet mask There is an unique VPI and VCI value for Internet connection supported by ISP The range of VIP is from 0 to 255 and VCI from 0 to 65535 There are tw...
Page 98: ...d static MAC entry delete Delete static MAC entry modify Modify static MAC entry list Show static bridging table After enter add menu the screen will prompt as follow mac Configure MAC address lan_por...
Page 99: ...re is no layer 3 routing involved The unit supports up to 8 active VLANs with shared VLAN learning SVL bridge out of 4096 possible VLANs speci ed in IEEE 802 1Q Move the cursor to vlan and press enter...
Page 100: ...untagged members To assign PVID Port VID move the cursor to PVID and press enter The port index 1 to 4 represents LAN1 to LAN4 respectively and port index 5 to 12 represents WAN1 to WAN8 VID value is...
Page 101: ...entry by using add command Type the IP information of the static route including IP address subnet mask and gateway You can delete the static route information via delete command You can review the st...
Page 102: ...One network is designated the inside network and the other is the outside Typically a company maps its local inside network addresses to one or more global outside IP addresses and reverse the global...
Page 103: ...e virtual IP address range via list command To setup global IP address pool move the cursor to global command and press enter range Edit global IP address pool interface Bind address pool to specific...
Page 104: ...1 1o ip ip Message Please input the following information Fixed NAT mapping entry number 1 10 1 Local address 192 168 1 250 Global address 122 22 22 2 After con guration xed IP address entry you can b...
Page 105: ...r key in enter the screen will prompt as below interface Active interface port TCP UDP port number server Host IP address and port number protocol Transport protocol name Service name begin The schedu...
Page 106: ...otection There are three levels of rewall Level one basic only enables the NAT rewall and the remote management security The NAT rewall will take effect if NAT function is enabled The remote managemen...
Page 107: ...ow packet filtering table To enable the packet ltering function you can use active command Add the packet ltering rule via add command protocol Configure protocol type Direction Configure direction mo...
Page 108: ...me of requests for UDP diagnostic services which cause all CPU resources to be consumed serving the phony requests A ping of death attack attempts to crash your system by sending a fragmented packet w...
Page 109: ...figure local IP parameter remote_ip Configure remote IP parameter Port Configure port parameter description Policy description Enable Enable the policy Precedence Configure precedence parameter The po...
Page 110: ...n the network To con gure DHCP server move the cursor to dhcp and press enter generic Configure generic DHCP parameters fixed Configure fixed host IP address list list Show DHCP configuration The gene...
Page 111: ...or default 168 95 1 1 10 0 10 1 DNS server 2 10 10 10 1 DNS server 3 14 16 19 Host name Enter local host name via hostname command Move cursor to hostname and press enter Command setup hostname name M...
Page 112: ...tion in this manual If you are still not sure about cable connections please contact a professional computer technician or NetComm for further advice RJ 45 Network Ports RJ 45 Network Ports can connec...
Page 113: ...crossover cable the wires of 1 2 3 6 are reversed so that wire 1 become 3 at the other end of the cable 2 becomes 6 and so forth To determine which wire is wire 1 hold the RJ 45 cable tip with the spr...
Page 114: ...114 NB712 NB714 User Guide YML829 Rev1 SHDSL Line Connector Console Cable Pin Number Description 1 No connection 2 RxD O 3 TxD I 4 No connection 5 GND 6 No connection 7 CTS O 8 RTS I 9 No connection...
Page 115: ...out notice NetComm is a registered trademark of NetComm Limited All other trademarks are acknowledged the property of their respective owners Customer Information ACA Australian Communications Authori...
Page 116: ...someone else use the product or attempts to use it other than as speci ed by NetComm 2 The fault or defect in your product is the result of a voltage surge subjected to the product either by the way o...
Page 117: ......
