background image

Security   13-21

IPX filters

IPX packet filters work ver y similarly to IP packet filters. They filter data traffic coming from or going to remote 
IPX networks. IPX filters can be set up to pass or discard IPX packets based on a number of user-defined 
criteria. Like IP filters, IPX filters must be grouped in sets that are applied to the answer profile or to connection 
profiles.

IPX SAP filters are used for filtering ser ver entries not required to pass over the WAN links. When connecting to 
a large IPX network via dial-up connection, the transfer of large numbers of SAP entries can consume significant 
bandwidth on the WAN link.

Note:

Using SAP filtering to prevent a ser ver from being adver tised does not provide security against that 

ser ver being accessed—IPX packet filtering must be used for that purpose.

Setting up and using IPX filter sets is a four-step process:

1.

Create the filters to use.

2.

Create the filter sets to use.

3.

Add filters to the filter sets.

4.

Attach the filter sets to the answer profile or to connection profiles.

You can configure IPX filters and set up IPX filter sets from the IPX Filters and Filter Sets screen.

Main

Menu

System

Configuration

Filter Sets

IPX Filters

(Firewalls)

and Filter Sets

                        IPX Filters and Filter Sets

                     Display/Change IPX Packet Filters...
                     Add IPX Packet Filter...
                     Delete IPX Packet Filter...

                     Display/Change IPX Packet Filter Sets...
                     Add IPX Packet Filter Set...
                     Delete IPX Packet Filter Set...

                     Display/Change IPX Sap Filters...
                     Add IPX Sap Filter...
                     Delete IPX Sap Filter...

                     Display/Change IPX Sap Filter Sets...
                     Add IPX Sap Filter Set...
                     Delete IPX Sap Filter Set...

Define your filters 1st. IPX Filter Sets refer to, but don't contain, filters.

Summary of Contents for R9100

Page 1: ...Netopia R9100 Ethernet Router for DSL and Cable Modems User s Reference Guide ...

Page 2: ...etopia Inc Under the law copying includes translation to another language or format Netopia Inc 2470 Mariner Square Loop Alameda CA 94501 1010 U S A Patents PhoneNET technology contained in Netopia is covered by U S Patent Numbers 4 901 342 and 5 003 579 Other U S and foreign patents are pending Part Number For additional copies of this electronic manual order Netopia part number 6120339 PF 03 Pri...

Page 3: ...Chapter 4 Connecting to Your Local Area Network 4 1 Overview 4 1 Network Model 4 2 Readying computers on your local network 4 4 Welcome to the Netopia R9100 Ethernet Router User s Reference Guide This guide is designed to be your single source for information about your Netopia R9100 Ethernet Router It is intended to be viewed on line using the powerful features of the Adobe Acrobat Reader The inf...

Page 4: ...ection 5 6 Configuring TCP IP on Windows 95 98 or NT computers 5 6 Configuring TCP IP on Macintosh computers 5 10 Chapter 6 Console Based Management 6 1 Connecting through a Telnet session 6 2 Configuring Telnet software 6 3 Connecting a console cable to your router 6 3 Navigating through the console screens 6 4 Chapter 7 Easy Setup 7 1 Easy Setup console screens 7 1 Accessing the Easy Setup conso...

Page 5: ... Filter sets firewalls 8 12 IP address serving 8 12 Date and time 8 12 Console configuration 8 12 SNMP Simple Network Management Protocol 8 13 Security 8 13 Upgrade feature set 8 13 Logging 8 14 Installing the Syslog client 8 14 Chapter 9 IP Setup and Network Address Translation 9 1 Network Address Translation features 9 1 Using Network Address Translation 9 3 Associating port numbers with nodes 9...

Page 6: ... 10 3 IPX routing tables 10 5 Chapter 11 AppleTalk Setup 11 1 AppleTalk networks 11 1 AppleTalk protocol 11 1 MacIP 11 3 AURP 11 3 Routers and seeding 11 3 Installing AppleTalk 11 4 Configuring AppleTalk 11 6 EtherTalk setup 11 6 LocalTalk setup 11 7 AURP setup 11 8 Chapter 12 Monitoring Tools 12 1 Quick View status overview 12 1 General status 12 2 Status lights 12 2 Statistics Logs 12 3 General ...

Page 7: ...al in console access 13 3 Enable SmartStart SmartView Web server 13 4 Telnet access 13 4 About filters and filter sets 13 4 What s a filter and what s a filter set 13 4 How filter sets work 13 5 How individual filters work 13 7 Design guidelines 13 11 Working with IP filters and filter sets 13 12 Adding a filter set 13 13 Viewing filter sets 13 16 Modifying filter sets 13 17 Deleting a filter set ...

Page 8: ...ansferring configuration and firmware files with TFTP 14 6 Updating firmware 14 7 Downloading configuration files 14 8 Uploading configuration files 14 9 Transferring configuration and firmware files with XMODEM 14 9 Updating firmware 14 10 Downloading configuration files 14 11 Uploading configuration files 14 11 Restarting the system 14 12 Part III Appendixes Appendix A Troubleshooting A 1 Config...

Page 9: ... 8 Using address serving B 8 Tips and rules for distributing IP addresses B 9 Nested IP subnets B 11 Broadcasts B 13 Packet header types B 13 Appendix C Understanding Netopia NAT Behavior C 1 Network configuration C 1 Background C 1 Exported services C 5 Important notes C 6 Configuration C 7 Summary C 8 Appendix D Binary Conversion Table D 1 Appendix E Further Reading E 1 Appendix F Technical Spec...

Page 10: ...viii User s Reference Guide Agency approvals F 3 Regulatory notices F 3 Important safety instructions F 4 Glossary GL 1 Index Index 1 Limited Warranty and Limitation of Remedies 1 ...

Page 11: ...P P P Pa a a ar r r rt t t t I I I I G G G Ge e e et t t tt t t ti i i in n n ng g g g S S S St t t ta a a ar r r rt t t te e e ed d d d ...

Page 12: ...User s Reference Guide ...

Page 13: ... following features Continuous availability networking eliminates dialing and provides lower more predictable transmission costs Interconnects with most cable modems or DSL modems or bridges that have an Ethernet port 8 port Ethernet hub Connectivity to support Ethernet LANs via built in 8 port 10Base T hub with uplink port Status lights LEDs for easy monitoring and troubleshooting Support for IP ...

Page 14: ...net Router It is intended to be viewed on line using the powerful features of the Adobe Acrobat Reader The information display has been deliberately designed to present the maximum information in the minimum space on your screen You can keep this document open while you perform any of the procedures described and find useful information about the procedure you are performing If you prefer to work ...

Page 15: ...rs You could select a cable television company that offers cable modem service as an ISP Another alternative could be a traditional ISP that partners with a Competitive Local Exchange Carrier CLEC telephone service provider to provide a Digital Subscriber Line DSL ISPs typically support Internet connection devices compatible with their service So called cable modems are an example of such devices ...

Page 16: ... technical background they need to support the product Obtaining an IP address Typically each network computer that requires Internet access requires its own unique IP address Consider expected growth in your network when deciding on the number of addresses to obtain Alternatively you can use the Network Address Translation and DHCP features of SmartIP If some or all of your networked computers re...

Page 17: ...llowing If you are connecting to a remote site using Network Address Translation on your router your provider will not define the IP address information on your local LAN You can define this information based on an IP configuration that may already be in place for the existing network Alternatively you can use the default IP address range used by the router where 192 168 1 1 is the default IP addr...

Page 18: ...2 4 User s Reference Guide ...

Page 19: ...he Netopia Router consider Available space and ease of installation Physical layout of the building and how to best use the physical space available for connecting your Netopia Router to the LAN Available wiring and jacks Distance from the point of installation to the next device length of cable or wall wiring Ease of access to the front of the unit for configuration and monitoring Ease of access ...

Page 20: ...em requirements on page 3 1 An Internet modem such as a cable modem or DSL bridge connected to the appropriate wall outlet for your Internet service source Your Internet connection device must have a 10 Base T Ethernet port for connecting it to the router s Line port Identify the connectors and attach the cables Identify the connectors and switches on the back panel and attach the necessary Netopi...

Page 21: ...e port A DB 9 console port for a direct serial connection to the console screens You can use this if you are an experienced user See Connecting a console cable to your router on page 6 3 Auxiliary port An HD 15 auxiliary port for attaching an external modem or the optional AppleTalk kit Crossover switch A crossover switch with Normal and Uplink positions If you use Ethernet Port 1 for a direct Eth...

Page 22: ...N interface detects a collision 3 flashes orange In normal operation 4 is off When data is transmitted or received over the Ethernet link 4 flashes yellow Note 2 5 8 11 are unused Also Console carrier 6 is ignored if the console is not configured for a remote modem 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16171819 2021 M a n a g e m e n t R e a d y C h a n n e l 1 Link Receive C o n s o l e A u x i l i a...

Page 23: ... on page 6 1 This section covers the following topics Overview on page 4 1 Readying computers on your local network on page 4 4 Connecting to an Ethernet network on page 4 5 Adding an external modem on page 4 7 Connecting to a LocalTalk network on page 4 8 Overview You can connect the Netopia R9100 to an IP or IPX network that uses Ethernet If you have purchased the AppleTalk feature expansion kit...

Page 24: ...owing diagrams illustrate network models for typical deployments of the Netopia R9100 Ethernet Router as an Internet access device Before With a DSL or cable modem you can connect a single computer to the Internet using a DSL modem using a cable modem ...

Page 25: ...ers to the Internet with a single user account using a DSL modem with a Netopia R9100 using a cable modem with a Netopia R9100 While this network model is typical other network models are possible For example you may choose to attach the Ethernet WAN port to an external Ethernet hub connected to a number of workstations ...

Page 26: ...e configured with some of the same information you used to configure the Netopia R9100 There are a number of TCP IP stacks available for PC computers Windows 95 includes a built in TCP IP stack See Configuring TCP IP on Windows 95 98 or NT on page 3 2 Macintosh computers use either MacTCP or Open Transport See Configuring TCP IP on a Macintosh Computer on page 3 4 Ethernet Ethernet hardware and so...

Page 27: ...u can connect a standard 10Base T Ethernet network to the Netopia R9100 using any of its available Ethernet ports Netopia R9100 Ethernet Router back panel Attribute EtherWave 10Base T Max length of backbone branch or end to end cable length 330 feet 100 meters 330 feet 100 meters Cable type Twisted pair 10Base T Twisted pair 10Base T Netopia R9100 port used Ethernet Ethernet Other restrictions Max...

Page 28: ...herWave daisy chain or some combination of both If you add devices connected through a hub connect the hub to Ethernet port number 1 on the Netopia R9100 and set the Normal Uplink switch to Uplink When there are no more free ports on the 10Base T hub the network can be extended using EtherWave a daisy chainable solution from Farallon Ethernet 8 4 1 Normal LaserWriter EtherWave Printer Adapter Ethe...

Page 29: ...a R9100 Auxiliary port for connecting an external modem By default the Auxiliary port on your Netopia R9100 is enabled for remote console configuration via an external asynchronous modem This means that all you have to do is connect your modem to the Auxiliary port and configure its settings in the Line Configuration screens under the WAN Configuration menu Full Auxiliary Port PPP capabilities can...

Page 30: ...You can use only one connection on the Auxiliary port You cannot use both the PhoneNET connector and an external modem If your LocalTalk network is not based on standard PhoneNET cabling use a PhoneNET to LocalTalk adaptor cable available from Farallon Communications Inc Connect the adaptor cable s RJ 11 connector to the AppleTalk cable s PhoneNET connector Connect the cable s mini DIN 3 connector...

Page 31: ... Setup on page 11 1 Topology 22 gauge 642 mm 24 gauge 510 mm 26 gauge 403 mm Daisy chain n a n a 1800 ft 549 m Backbone 4500 ft 1372 m 3000 ft 229 m 1800 ft 549 m 4 branch passive star 1125 ft 343 m 750 ft 229 m 450 ft 137 m LocalTalk StarController 12 branch active star 3000 ft 914 m 2000 ft 610 m 1200 ft 366 m Distance is per branch ...

Page 32: ...4 10 User s Reference Guide ...

Page 33: ...ard will help you set up the router and share the connection The SmartStart Wizard walks you through a series of questions and based on your responses automatically configures the router for connecting your LAN to the Internet or to your remote corporate network The SmartStart Wizard will automatically check your Windows 95 98 or NT PC s TCP IP configuration to be sure you can accept a dynamically...

Page 34: ...ase T Either a built in or third party Ethernet card 10Base T Browser software Netscape Communicator or Microsoft Internet Explorer included on the Netopia CD Required for web based registration and web based monitoring Notes The computer running SmartStart must be on the same Ethernet cable segment as the Netopia R9100 Repeaters such as 10Base T hubs between your computer and the Netopia R9100 ar...

Page 35: ...se files If you have received a CD or diskette that has been customized by your reseller or ISP you can run the SmartStart Wizard directly from the CD or diskette and follow the instructions your reseller or ISP provides This makes your Netopia R9100 configuration even easier If you have received only the ini files from your reseller or ISP perform the following Copy the entire directory folder co...

Page 36: ... the 192 168 1 x network and want to continue using it use the Advanced option to assign the router an IP address in your target IP range See Advanced option on page 5 5 If all of the above steps fail to resolve the problem reset the router to its factory default settings and rerun SmartStart See Factory defaults on page 14 6 for instructions Easy or Advanced options screen You can choose either E...

Page 37: ...on Advanced configuration options available via Telnet are explained in Console Based Management on page 6 1 However if you need no further configuration options click Quit Congratulations You re done Router IP Address screen If you selected the Advanced option in the Easy or Advanced options screen on page 5 4 SmartStart asks you to choose between entering the router s current IP address and assi...

Page 38: ...turns you to an Additional Configuration screen on page 5 5 New IP Address screen If you want to change the router s IP address you enter the new IP address the subnet mask and the router s serial number in this screen Remember the serial number is on the bottom of the router It is also found in your documentation folio Note Forcing a new IP address may turn off the Netopia R9100 s IP address serv...

Page 39: ...ssing in advance SmartStart need only be launched once To configure your PC for dynamic addressing do the following Note You can also use these instructions to configure other computers on your network to accept IP addresses served by the Netopia R9100 1 Go to the Start Menu Settings Control Panels and double click the Network icon From the Network components list select the Configuration tab 2 Se...

Page 40: ... tab 2 Select TCP IP Your Network Card Then select Properties In the TCP IP Properties screen shown below select the IP Address tab Click Specify an IP Address Enter the following IP Address 192 168 1 2 Subnet Mask 255 255 255 0 or for 12 user models 255 255 255 240 This address is an example of one that can be used to configure the router with the Easy option in the SmartStart Wizard Your ISP or ...

Page 41: ...ick Enable DNS Enter the following information Host Type the name you want to give to this computer Domain Type your domain name If you don t have a domain name type your ISP s domain name for example netopia com DNS Server Search Order Type the primary DNS IP address given to you by your ISP Click Add Repeat this process for the secondary DNS Domain Suffix Search Order Enter the same domain name ...

Page 42: ...can only be done after the router is configured You must have built in Ethernet or a third party Ethernet card and its associated drivers installed in your Macintosh Dynamic configuration recommended If you configure your Netopia R9100 using SmartStart you can accept the dynamic IP address assigned by your router The Dynamic Host Configuration Protocol DHCP which enables dynamic addressing is enab...

Page 43: ... computer on your network has its own IP address Option Select Type Connect via Ethernet Configure Manually IP Address 192 168 1 2 Subnet mask 255 255 255 0 or for 12 user models 255 255 255 240 Router or Gateway address 192 168 1 1 Name server address Enter the primary and secondary name server addresses given to you by your ISP Implicit Search Path Starting domain name Enter your domain name if ...

Page 44: ...en Transport TCP IP 1 Go to the Apple menu Select Control Panels and then TCP IP 2 With the TCP IP window open go to the Edit menu and select User Mode Choose Advanced and click OK 3 In the TCP IP window select or type information into the fields as shown in the following table 4 Close the TCP IP control panel and save the settings These are the only fields you need to modify in these screens TCP ...

Page 45: ...EtherTalk select an available zone then click the More button In the MacTCP More window select the Server radio button If necessary fill in the Domain Name Server Information given to you by your administrator 5 Restart the computer These are the only fields you need to modify in these screens Note More information about configuring your Macintosh computer for TCP IP connectivity through a Netopia...

Page 46: ...5 14 User s Reference Guide ...

Page 47: ...eens on page 6 4 Console based management screens contain seven entry points to the Netopia Router configuration and monitoring features The entry points are displayed in the Main Menu shown below The Easy Setup menus display and permit changing the values contained in the default WAN and IP configuration Experienced users can use Easy Setup to initially configure the router directly through a con...

Page 48: ...ay a selection of tables and device logs that show information about your router your network and their history See Statistics Logs on page 12 3 for detailed information The Quick Menus screen is a shortcut entry point to a wide variety of the most commonly used configuration menus that are accessed through the other menu entry points The Quick View menu displays at a glance current real time oper...

Page 49: ...9100 back panel has a connector labeled Console for attaching the Router to either a PC or Macintosh computer via the serial port on the computer On a Macintosh computer the serial port is called the Modem port or Printer port This connection lets you use the computer to configure and monitor the Netopia R9100 via the console screens To connect the Netopia R9100 to your computer for serial console...

Page 50: ... router firmware contains an autobaud detection feature If you are at any screen on the serial console you can change your baud rate and press Return HyperTerminal for the PC requires a disconnect The new baud rate is displayed at the bottom of the screen To Use These Keys Move through selectable items in a screen or pop up menu Up Down Left and Right Arrow To set a change to a selected item or op...

Page 51: ...es and IP address serving Password protect configuration access to your Netopia R9100 Ethernet Router Accessing the Easy Setup console screens To access the console screens Telnet to the Netopia Router over your Ethernet network or physically connect with a serial console cable and access the Netopia Router with a terminal emulation program See Connecting through a Telnet session on page 6 2 or Co...

Page 52: ... the Console port your computer s serial port is not being used by another device such as an internal modem or an application Turn off all other programs other than your terminal emulation program that may be interfering with your access to the port You have entered the correct password if necessary Your Netopia R9100 s console access may be password protected from a previous configuration See you...

Page 53: ...your ISP doesn t support DHCP Some ISPs may not be running a DHCP server In this case they may simply assign your router a Static IP Address and will supply you with several values for you to enter into the Router The ISP will provide the values shown below You can record these values print this page and use the spaces above If your ISP assigns your Router a Static IP address do the following 1 Fr...

Page 54: ...address your ISP gave you Press Return A new field Secondary Domain Name Server will appear If your ISP gave you a secondary domain name server address enter it here Press Return until the next field Default IP Gateway is highlighted 10 Enter the Default IP Gateway address your ISP gave you Press Return 11 Press the Down arrow key until you reach NEXT SCREEN Press Return 12 Do this again through t...

Page 55: ...led by default 2 To manually configure an IP address for use on the Ethernet WAN port select Local WAN IP Address and enter the IP address you want to use Otherwise accept the default value 0 0 0 0 If you accept the default the Netopia R9100 Ethernet Router will act as a DHCP client on the Ethernet WAN port and attempt to acquire an address from a DHCP server By default the router acts as a DHCP c...

Page 56: ... 1 Because this is a private network address it should never be directly connected to the Internet Using NAT for all your WAN and IP configurations will ensure this restriction See IP Setup and Network Address Translation on page 9 1 of this guide for more information 2 Select Ethernet Subnet Mask and enter the subnet mask your ISP has given you The Ethernet Subnet Mask defaults to a standard clas...

Page 57: ...The Easy Setup Security Configuration screen lets you password protect your Netopia R9100 Input your Write Access Name and Write Access Password with names or numbers totaling up to eleven digits If you password protect the console screens you will be prompted to enter the name and password you have specified every time you log in to the console screens Do not forget your name and password If you ...

Page 58: ...pia Router and have your selections take effect Note You can also restart the system at any time by using the Restart System utility see Restarting the system on page 14 12 or by turning the Netopia Router off and on with the power switch Easy Setup is now complete ...

Page 59: ...P P P Pa a a ar r r rt t t t I I I II I I I A A A Ad d d dv v v va a a an n n nc c c ce e e ed d d d C C C Co o o on n n nf f f fi i i ig g g gu u u ur r r ra a a at t t ti i i io o o on n n n ...

Page 60: ...User s Reference Guide ...

Page 61: ...r your individual setup This chapter describes how to access the console based management screens This section covers the following topics WAN configuration on page 8 1 Creating a new Connection Profile on page 8 3 Default Answer Profile for Dial in Connections on page 8 7 System configuration screens on page 8 9 Navigating through the system configuration screens on page 8 10 System configuration...

Page 62: ...sociated filter set The Receive RIP pop up controls the reception and transmission of Routing Information Protocol RIP packets on the Ethernet WAN port The default is Both The Transmit RIP pop up is hidden if NAT is enabled Routing Information Protocol RIP is needed if there are IP routers on other segments of your Ethernet network that the Netopia R9100 needs to recognize Set to Both the default ...

Page 63: ...ion the default the screen displays The Data Rate pop up offers a limited set of clock rates 19 2 38 4 57 6 115 2 and 230 4 For broadest application 57 6 is the default You may specify an Aux Modem Init String for your modem type Creating a new Connection Profile For a Netopia R9100 Connection profiles are useful only on an asynchronous modem attached to the Auxiliary port This requires enabling t...

Page 64: ...le Parameters screen appears Add Connection Profile Profile Name Profile 02 Profile Enabled Yes IP Enabled Yes IP Profile Parameters IPX Enabled No Data Link Encapsulation PPP Data Link Options Telco Options ADD PROFILE NOW CANCEL Return accepts ESC cancels Left Right moves insertion point Del deletes Configure a new Conn Profile Finished ADD or CANCEL to exit IP Profile Parameters Address Transla...

Page 65: ...s menu item becomes available Select IPX Profile Parameters and press Return The IPX Profile Parameters screen appears 6 Toggle or enter any IPX Parameters you require and return to the Add Connection Profile screen by pressing Escape For more information see IPX Setup on page 10 1 IPX Profile Parameters Remote IPX Network 00000000 Path Delay 10 NetBios Packet Forwarding Off Incoming Packet Filter...

Page 66: ...arameters are used when receiving dial in clients such as via RAS configuration Return to the Add Connection Profile screen by pressing Escape 8 Select Telco Options and press return the Telco Options screen appears Datalink PPP MP Options Data Compression Ascend LZS Receive User Name Receive Password Maximum Packet Size 1500 In this Screen you will configure the PPP MP specific connection params ...

Page 67: ... works The Default Answer Profile works like a guard booth at the gate to your network it scrutinizes incoming calls Like the guard booth the Default Answer Profile allows calls based on a set of criteria that you define The main criterion used to check calls is whether they match one of the Connection Profiles already defined The default profile checks that the incoming call s name and password m...

Page 68: ...that use the same authentication method defined in the Authentication item If PAP or CHAP are involved the caller must have a name and password or secret that match one of the connection profiles The caller must obtain these from you or your network administrator before initiating the call For example if Must Match a Defined Profile is set to Yes and Authentication is set to PAP then only incoming...

Page 69: ...le Must Match a Defined Profile to No To only accept calls that match a connection profile through use of a name and password or secret Toggle Must Match a Defined Profile to Yes and Set Authentication to PAP or CHAP Note The authentication method you choose determines which connection profiles are accessible to callers For example if you choose PAP callers using CHAP or no authentication will be ...

Page 70: ... The path guide represents these steps 1 Beginning in the Main Menu select System Configuration and press Return The System Configuration screen appears 2 Select Network Protocols and press Return The Network Protocols screen appears 3 Select IP Setup and press Return The IP Setup screen appears To go back in this sequence of screens use the Escape key Netopia R9100 v4 3 Easy Setup WAN Configurati...

Page 71: ...guration of connections to AppleTalk networks through the Internet or any IP network using AURP AppleTalk tunneling To access the system configuration screens select System Configuration in the Main Menu then press Return The System Configuration menu screen appears Network protocols setup These screens allow you to configure your network s use of the standard networking protocols IP Details are g...

Page 72: ...en and press Return The Set Date and Time screen appears Follow these steps to set the system s date and time 1 Select Current Date and enter the date in the appropriate format Use one or two digit numbers for the month and day and the last two digits of the current year The date s numbers must be separated by forward slashes 2 Select Current Time and enter the time in the format HH MM where HH is...

Page 73: ...ese screens allow you to monitor and configure your network by means of a standard Simple Network Management Protocol SNMP agent Details are given in SNMP on page 12 12 Security These screens allow you to add users and define passwords on your network Details are given in Security on page 13 1 Upgrade feature set You can upgrade your Netopia R9100 by adding new feature sets through the Upgrade Fea...

Page 74: ...me up to 63 characters You can specify the UNIX syslog Facility to use by selecting the Facility pop up Installing the Syslog client The Goodies folder on the Netopia CD contains a Syslog client daemon program that can be configured to report the WAN events you specified in the Logging Configuration screen To install the Syslog client daemon exit from the graphical Netopia CD program and locate th...

Page 75: ...10 14 06 tsnext netopia com WAN 56K Modem 1 activated at 115 Kbps Nov 5 10 14 06 tsnext netopia com Connect Confirmed to our DN 5108645534 Nov 5 10 14 06 tsnext netopia com PPP Channel 1 up Answer Profile name Default Profile Nov 5 10 14 06 tsnext netopia com PPP NCP up session 1 Channel 1 Final fallback negotiated auth Local PAP Remote NONE Nov 5 10 14 06 tsnext netopia com PPP PAP we accepted re...

Page 76: ...8 16 User s Reference Guide ...

Page 77: ...slation features on page 9 1 Using Network Address Translation on page 9 3 IP setup on page 9 6 IP address serving on page 9 16 Network Address Translation allows communication between the LAN connected to the Netopia R9100 and the Internet using a single IP address instead of a routed account with separate IP addresses for each computer on the network Network Address Translation also provides inc...

Page 78: ...Web FTP or other services available to the WAN To support these services with NAT enabled a service can be associated with only one machine on the LAN When connected to the Internet or some other large network using Network Address Translation the individual machines on your LAN are not directly accessible from the WAN NAT provides an inherently secure method of connection to the outside world 163...

Page 79: ...gn 10 0 0 1 to your Netopia R9100 10 0 0 2 to a node running as a World Wide Web server 10 0 0 3 to an FTP server 10 0 0 4 to a Windows NT PC 10 0 0 5 to a Windows 95 PC Note See Associating port numbers with nodes on page 9 5 3 By default Network Address Translation is enabled in the Netopia R9100 If you disabled it and now want to reenable it From the WAN Configuration menu in the Main Menu scre...

Page 80: ...ng select Local WAN IP Address and enter the local WAN address your ISP gave you Then select Local WAN IP Mask and enter the WAN subnet mask of the remote site you will connect to The default address is 0 0 0 0 which allows for dynamic addressing meaning that your ISP assigns an address via DHCP each time you connect However if you want to use static addressing enter a specific address WAN Etherne...

Page 81: ...rious services For example Web servers typically use port number 80 All FTP servers use port number 21 Telnet uses port number 23 SNMP uses port number 161 To help direct incoming IP traffic to the appropriate server the Netopia R9100 lets you associate these and other port numbers with distinct IP addresses on your internal LAN using exported services See IP setup on page 9 6 for details Network ...

Page 82: ...nd enter the IP address for the Netopia R9100 s Ethernet port Select Ethernet Subnet Mask and enter the subnet mask for the Ethernet IP address that you entered in the last step For unlimited user models if you desire multiple subnets select Define Additional Subnets 12 user models do not offer this option If you select this item you will be taken to the IP Subnets screen This screen allows you to...

Page 83: ... Routing Information Protocol RIP is needed if there are IP routers on other segments of your Ethernet network that the Netopia R9100 needs to recognize If this is the case select Receive RIP and select v1 v2 or Both from the popup menu With Receive RIP set to v1 the Netopia R9100 s Ethernet port will accept routing information provided by RIP packets from other routers that use the same subnet ma...

Page 84: ...e Add Exported Service screen appears Exported Services Local Port to IP Address Remapping Show Change Exports Add Export Delete Export Return Enter to configure UDP TCP Port to IP Address redirection Add Exported Service Service Local Server s IP Address 0 0 0 0 ADD EXPORT NOW CANCEL ...

Page 85: ... address 10 0 0 2 Some services such as Timbuktu require the export of multiple TCP ports When you associate Timbuktu with a local server or Timbuktu host all of the major Timbuktu services are exported i e Observe Control Send and Exchange Note If the TCP port of a service you want to use is not listed you can add it by selecting Other on the pop up menu Add Exported Service Type Port Service ftp...

Page 86: ...ight Ethernet IP subnets on unlimited user models one primary subnet and up to seven secondary subnets by entering IP address subnet mask pairs IP Setup Ethernet IP Address 192 128 117 162 Ethernet Subnet Mask 255 255 255 0 Define Additional Subnets Default IP Gateway 192 128 117 163 Primary Domain Name Server 0 0 0 0 Secondary Domain Name Server 0 0 0 0 Domain Name Receive RIP Both Transmit RIP v...

Page 87: ...onfigured To add an IP subnet enter the Netopia R9100 s IP address on the subnet in the IP Address field in a particular row and the subnet mask for the subnet in the Subnet Mask field in that row For example To delete a configured subnet set both the IP address and subnet mask values to 0 0 0 0 either explicitly or by clearing each field and pressing Return or Enter to commit the change When a co...

Page 88: ...w to reach a particular network However static routes are used only if they appear in the IP routing table which contains all of the routes used by the Netopia R9100 see IP routing table on page 12 8 Static routes are helpful in situations where a route to a network must be used and other means of finding the route are unavailable For example static routes are useful when you cannot rely on RIP To...

Page 89: ... shown below will appear The table has the following columns Dest Network The network IP address of the destination network Static Routes Display Change Static Route Add Static Route Delete Static Route Configure View Delete Static Routes from this and the following Screens Dest Network Subnet Mask Next Gateway Priority Enabled 0 0 0 0 0 0 0 0 163 176 8 1 Low Yes Select a Static Route to modify ...

Page 90: ...15 Select Destination Network IP Address and enter the network IP address of the destination network Select Destination Network Subnet Mask and enter the subnet mask used by the destination network Select Next Gateway IP Address and enter the IP address for the router that the Netopia R9100 will use to reach the destination network This router does not necessarily have to be part of the destinatio...

Page 91: ...creen are the same as the ones in the Add Static Route screen see Adding a static route on page 9 14 Deleting a static route To delete a static route in the Static Routes screen select Delete Static Route to display a table of static routes Select a static route from the table and press Return to delete it To exit the table without deleting the selected static route press Escape Rules of static ro...

Page 92: ...ootP address assignments are permanent since there is no lease renewal mechanism in BootP The third protocol called Dynamic WAN is part of the PPP MP suite of wide area protocols used for WAN connections It allows remote terminal adapters and NAT enabled routers to be assigned a temporary IP address for the duration of their connection The fourth protocol called MacIP is used only for computers on...

Page 93: ...ant to first figure out what machines are going to be allocated specific static IP addresses so that you can determine the pool of IP addresses that you will be serving addresses from via DHCP BootP Dynamic WAN and or MacIP Example Your ISP has given your Netopia R9100 the IP address 192 168 6 137 with a subnet mask of 255 255 255 248 The subnet mask allocated will give you six IP addresses to use...

Page 94: ...tead If you select Configure Address Pools you will be taken to the IP Address Pools screen that allows you to configure an address serving pool for each of the configured Ethernet IP subnets See IP Address Pools in the next section IP Address Serving Configure Address Pools Serve DHCP Clients Yes DHCP NetBios Options Serve BOOTP Clients Yes Serve Dynamic WAN Clients Yes Serve MacIP KIP Clients Ye...

Page 95: ... to specify the base and extent of the address serving pool for a particular subnet Entering 0 0 0 0 for the first client address or 0 for the number of clients indicates that no addresses will be served from the corresponding Ethernet IP subnet The Client Gateway column allows you to specify the default gateway address that will be provided to clients served an address from the corresponding pool...

Page 96: ...the address is available The client stores this address in non volatile storage for example on disk and the specific storage method location differs depending on the client operating system When requesting an address a client may provide a client identifier or if it does not the Netopia R9100 may construct a pseudo client identifier for the client When the client subsequently requests an address t...

Page 97: ...rks with NetBIOS a non IBM network operating system or network interface card must offer a NetBIOS emulator Many vendors either provide a version of NetBIOS to interface with their hardware or emulate its transport layer communications services in their network products A NetBIOS emulator is a program provided by NetWare clients that allow workstations to run applications that support IBM s NetBIO...

Page 98: ...inished setting up DHCP NetBIOS Options To return to the IP Address Serving screen press Escape To enable BootP s address serving capability select Serve BOOTP Clients and toggle to Yes Note Addresses assigned through BootP are permanently allocated from the IP Address Serving pool until you release them To release these addresses navigate back to the Main Menu then Statistics Logs Served IP Addre...

Page 99: ...teway to communicate with the Internet or any other IP network Users should point their MacTCP or TCP IP control panel to look in the LocalTalk zone for the MacIP server Macintosh computers that have Ethernet selected in the MacTCP or TCP IP control panel can do their own AppleTalk IP conversions Setting up MacIP involves choosing MacIP dynamic address serving and then configuring that type KIP fo...

Page 100: ... that the address pool IP range is listed for your referral in this screen You have finished your IP setup MacIP KIP Forwarding Setup This screen tells the Netopia how many static addresses to allocate for MacIP KIP clients The addresses must fall within one of the address pools from the previous screen Number of Static Addresses 0 First Static Client Address 0 0 0 0 Enter the number of static Mac...

Page 101: ...PX setup screen on page 10 3 IPX routing tables on page 10 5 IPX features The Netopia R9100 supports the following IPX features IPX RIP and SAP NetBIOS broadcast packet forwarding IPX type 20 IPX packet filtering definable by source and destination IPX address and socket number for added security IPX SAP filtering to aid in optimizing WAN bandwidth Dial on demand features Spoofing of IPX keep aliv...

Page 102: ... and provides timing information ticks so that the fastest route to a destination can be determined IPX routers use RIP to create and dynamically maintain databases of internetwork routing information See IPX routing tables on page 10 5 for more information Service Advertising Protocol SAP SAP is a protocol that provides servers and routers with a method for exchanging service information Using SA...

Page 103: ...ithout bringing up the dial up link SPX keep alive packets are also treated in this manner IPX RIP and SAP messages will not be sent if the link is down Together these features enable the user to remain connected to a Novell server or SPX peer without bringing up the dial up link except to send and receive actual user data IPX setup screen You will use the IPX Setup screen to configure the Etherne...

Page 104: ...tBios Forwarding and toggle it to Yes This parameter will determine whether IPX Packet type 20 packets are forwarded on the Ethernet interface These packets are used by NetBIOS and some other applications 6 Select Ethernet Inbound SAP Filter Set to filter incoming IPX SAP advertisements on the Ethernet By attaching an incoming SAP filter on the Ethernet you can restrict the number of SAP entries l...

Page 105: ...IPX internet IPX routing tables IPX routing tables provide information on current IPX routes and services To go to the IPX Routing Table screen select IPX Routing Table in the Statistics Logs screen This table shows detailed information about current IPX network routes To go to the IPX SAP Bindery Table screen select IPX SAP Bindery Table in the Statistics Logs screen This table shows detailed inf...

Page 106: ...10 6 User s Reference Guide ...

Page 107: ...twisted pair or coaxial over which information travels from one device to another AppleTalk protocol AppleTalk is a protocol set for local area networks developed by Apple Computer While initially applied to the LocalTalk cabling system for connecting Macintosh computers and LaserWriter printers it has been expanded to use other cabling systems such as Ethernet as well as dial up telephone network...

Page 108: ... choosing a zone from which the service can be selected Like network numbers zone names are assigned by routers A routing table is maintained by each AppleTalk router The table serves as a map of the internet specifying the path and distance in hops between its router and other networks The routing table is used to determine whether a router will forward a data packet and if so to which network Yo...

Page 109: ...rs on a network a seed router is configured with the correct information and other routers obtain their information from that router when they are turned on or reset Routers commonly use one of three types of seeding procedures hard seeding soft seeding and non seeding Hard seeding When a router that uses hard seeding is turned on or reset it requests network number and zone name information from ...

Page 110: ...ust be soft seeding or non seeding and the Netopia R9100 must already be active when those other routers are rebooted If you want the Netopia R9100 and all other routers on your network to use only their own configurations set the Netopia R9100 and all other routers to hard seeding In this case any router including the Netopia R9100 that is rebooted will not begin routing if it detects a routing c...

Page 111: ...pgrade Feature Set Netopia Feature Set Upgrade You may be able to extend the features of your Netopia by purchasing a Software Upgrade For a list of available upgrades please see the release notes that came with your Netopia or visit the Netopia Communications web site at www netopia com To purchase an upgrade you must provide your Serial Number which is xx xx xx You will receive an Upgrade Key wh...

Page 112: ...e EtherTalk network that you will be connecting to the Netopia R9100 use the zone names and network numbers used by that router for that EtherTalk network Otherwise your EtherTalk network may experience routing conflicts The Netopia R9100 supports creating up to 32 zone names As an alternative you can set EtherTalk seeding to soft seeding and let the Netopia R9100 receive the zone name and network...

Page 113: ...If you are using LocalTalk with the Netopia R9100 select LocalTalk Enabled and make sure LocalTalk is set to On which is the default Note Since the LocalTalk connector attaches to the Auxiliary port on the router that port will no longer be available for a third external modem Select LocalTalk Zone Name and enter a new or existing zone name Note Your LocalTalk network may already have a zone and n...

Page 114: ...creen appears To activate AURP and enable connections to and from AURP partners select AURP Enable and toggle it to On Viewing AURP partners To see a table of existing AURP partners select Display Change Partner and press Return Note The Netopia R9100 can define a total of 32 AURP partners AURP Free Trade Zone The Free Trade Zone is an AURP security feature It allows the Netopia administrator to s...

Page 115: ...ople for example chagall arts edu Domain names are matched to the IP addresses actually used by IP routers for example 163 7 8 202 To initiate a connection with an AURP partner select Initiate Connection and toggle it to Yes This will open a connection to the remote AppleTalk network after rebooting You can choose to restrict this partner to the Free Trade Zone by toggling Restrict to Free Trade Z...

Page 116: ...AURP tunnels select Accept Connections From and choose Anyone or Configured Partners Only from the pop up menu If you choose Anyone all incoming AURP connections will be accepted The more secure option is Configured Partners Only which accepts connections only from recognized AURP partners the ones you have set up Configuring AURP Options In the AURP Setup screen select Advanced Options and go to ...

Page 117: ...g a remote AppleShare volume In many AppleTalk internets individual AppleTalk networks come and go Routers are designed to notify each other at the end of their Update Interval every time there s such a change in the network topology This will cause the Netopia s WAN link to be brought up To minimize what may be unnecessary calls change the Update Interval value to some larger value At the end of ...

Page 118: ... range select Cluster Remote Networks and toggle it to Yes This setting takes any number of remote networks being remapped and causes them to be remapped into a continuous range To override the AppleTalk maximum limit of 15 hops select Enable Hop Count Reduction and toggle it to Yes Hosts on a local AppleTalk network will then see AppleTalk destinations across the IP tunnel as being only one hop a...

Page 119: ...e following topics Quick View status overview on page 12 1 Statistics Logs on page 12 3 Event histories on page 12 5 Routing tables on page 12 7 Served IP Addresses on page 12 10 System Information on page 12 12 SNMP on page 12 12 SmartView on page 12 16 Quick View status overview You can get a useful overall status report from the Netopia R9100 in the Quick View screen To go to the Quick View scr...

Page 120: ... address on its EtherTalk Phase II interface entered in the EtherTalk Phase II Setup screen only if the optional AppleTalk feature set is installed LocalTalk Address The Netopia R9100 s AppleTalk address on its LocalTalk interface entered in the LocalTalk Setup screen only if the optional AppleTalk feature set is installed Status lights This section shows the current real time status of the Netopi...

Page 121: ... on page 3 4 describes the meanings of the colors for each LED Statistics Logs When you are troubleshooting your Netopia R9100 the Statistics Logs screens provide insight into the recent event activities of the router From the Main Menu go to Statistics Logs and select one of the options described in the sections below PWR WAN1 CON AUX WAN2 EN LEDS LNK RDY CH1 Ch2 LNK LNK LNK RDY CH1 CH2 DATA Off ...

Page 122: ...stalled SDSL 1 Network Interface The bottom left side of the screen lists total packets received and total packets transmitted for the following protocols IP IP packets on the Ethernet IPX IPX packets on the Ethernet if IPX is enabled AppleTalk AppleTalk packets on Ethernet using EtherTalk Phase II if the optional AppleTalk feature set is installed General Statistics Phys I F Rx Bytes Tx Bytes Rx ...

Page 123: ...ces in event histories Event histories are useful for diagnosing problems because they list what happened before during and after a problem occurs You can view two different event histories one for the router s system and one for the WAN The Netopia R9100 s built in battery backup prevents loss of event history from a shutdown or reset The router s event histories are structured to display the mos...

Page 124: ...OLL UP and SCROLL DOWN items To scroll up select SCROLL UP at the top of the list and press Return To scroll down select SCROLL DOWN at the bottom of the list and press Return To get more information about any event listed in the WAN Event History select the event and then press Return A dialog box containing more information about the selected event will appear Press Return or Escape to dismiss t...

Page 125: ...le screen select the routing table you are interested in from the Statistics Logs screen Each of the routing table screens represents a snapshot of the routing table information at the time the screen is first invoked To take a new snapshot select Update at the bottom of the screen and press Return Device Event History Current Date 12 11 98 12 26 39 PM Date Time Event SCROLL UP 08 11 98 12 25 28 T...

Page 126: ...Event History Device Event History IP Routing Table IPX Routing Table IPX SAP Bindery Table AppleTalk Routing Table Served IP Addresses General Statistics System Information IP Routing Table Network Address Subnet Mask via Router Port Type SCROLL UP 0 0 0 0 255 0 0 0 0 0 0 0 Other 127 0 0 1 255 255 255 255 127 0 0 1 Loopback Local 192 168 1 0 255 255 255 240 192 168 1 1 Ethernet Local 192 168 1 1 ...

Page 127: ...lied by the AppleTalk router in the Next Rtr Addr column If a network number is preceded by an asterisk it has multiple zones To display the zones select the network entry and press Return Range Displays the ending network number for the extended network Def Zone Name Displays the zone or zones associated with the specified network or network range The zone name shown is either the only zone or th...

Page 128: ...sing AURP IP address means a connection transports over AURP AppleTalk encapsulated IP Pkts Fwded The number of packets sent to the router shown Served IP Addresses You can view all of the IP addresses currently being served by the Netopia R9100 Ethernet Router from the Served IP Addresses screen From the Statistics Logs menu select Served IP Addresses The Served IP Addresses screen appears To man...

Page 129: ... lease period to elapse Release BootP Leases Releases any BootP leases that may be in place and which may no longer be required Reclaim Declined Addresses Reclaims served leases that have been declined for example by devices that may no longer be on the network IP Address Lease Management Reset All Leases Release BootP Leases Reclaim Declined Addresses Hit RETURN ENTER you will return to the previ...

Page 130: ...MP manager The Netopia R9100 supports the following management information base MIB documents MIB II RFC 1213 Interface MIB RFC 1229 Ethernet MIB RFC 1643 AppleTalk MIB I RFC 1243 Netopia MIB These MIBs are on the Netopia R9100 CD included with the Netopia R9100 Load these MIBs into your SNMP management software in the order they are listed here Follow the instructions included with your SNMP mana...

Page 131: ...in the MIB II system group Although optional the information you enter in these items can help a system administrator manage the network more efficiently Community strings The Read Only Community String and the Read Write Community String are like passwords that must be used by an SNMP manager querying or configuring the Netopia R9100 An SNMP manager using the Read Only Community String can examin...

Page 132: ... Read Write community string To change a community string select it and enter a new value Caution Even if you decide not to use SNMP you should change the community strings This prevents unauthorized access to the Netopia R9100 through SNMP For more information on security issues see Suggested security measures on page 13 1 SNMP traps An SNMP trap is an informational message sent from an SNMP agen...

Page 133: ...Change IP Trap Receiver in the IP Trap Receivers screen Modifying IP trap receivers 1 To edit an IP trap receiver select Display Change IP Trap Receiver in the IP Trap Receivers screen 2 Select an IP trap receiver from the table and press Return 3 In the Change IP Trap Receiver screen edit the information as needed and press Return Deleting IP trap receivers 1 To delete an IP trap receiver select ...

Page 134: ...y run under Java enabled browsers Be sure that the browser you are using is at least Microsoft Internet Explorer Version 3 0 or higher or Netscape Navigator Version 3 0 or Communicator Version 4 0 or higher If your browser does not meet this requirement you can upgrade with a browser supplied on the Netopia CD The information you can view about your router using SmartView is shown in the table bel...

Page 135: ...al representation of the Netopia R9100 s status lights LEDs This is particularly useful if the router is located out of visual range such as in a wiring closet Event history pages The Netopia R9100 records certain relevant occurrences in event histories Event histories are useful for diagnosing problems because they list what happened before during and after a problem occurs You can view two diffe...

Page 136: ... to distinguish error messages from informational messages Error messages are prefixed with an asterisk Both the WAN Event History and Device Event History pages retain records of up to 128 of the most recent events Device Event History page WAN Event History page You can refresh the Event history logs by clicking the Update button ...

Page 137: ...or users without Java enabled browsers Unlike the SmartView pages they are not dynamically updated You access the Web based monitoring pages by launching your Web browser and entering the URL http router_IP_address where router_IP_address is the address of your router To view event histories click the Statistics icon To go to SmartView if your browser is Java enabled click the SmartView icon ...

Page 138: ...12 20 User s Reference Guide ...

Page 139: ...cess and filters all of which are covered later in this chapter there are other actions you can take to make the Netopia R9100 and your network more secure Change the SNMP community strings or passwords The default community strings are universal and could easily be known to a potential intruder Set the answer profile so it must match incoming calls to a connection profile Set the Enable Dial in C...

Page 140: ...s access to the configuration screens Access to the Security Options screen can be protected with a password Select Password for This Screen in the Security Options screen and enter a password Make sure this password is secure and is different from any of the user account passwords Protecting the configuration screens You can protect the configuration screens with user accounts You can administer ...

Page 141: ...ist of accounts Select an account from the list and press Return to delete it To exit the list without deleting the selected account press Escape Dial in console access Remote modem terminal emulator setups can dial in to the modem line and establish a remote console session even though they are not using PPP This allows Netopia Inc s Up and Running Guaranteed department or other administrator wit...

Page 142: ... No See SNMP traps on page 12 14 To restrict Telnet access to all of the configuration screens select Enable Telnet Console Access and toggle it to No About filters and filter sets Security should be a high priority for anyone administering a network connected to the Internet Using packet filters to control network communications can greatly improve your network s security The Netopia R9100 s pack...

Page 143: ...uld be as specific as a street address or as broad as an entire country and checks each package s destination address to see if it matches that destination A filter inspects data packets like a customs inspector scrutinizing packages Filter priority Continuing the customs inspectors analogy imagine the inspectors lined up to examine a package If the package matches the first inspector s criteria t...

Page 144: ...rejected by the second inspector and never seen by the others A package from London is ignored by the first two inspectors so it s seen by the third inspector In the same way filter sets apply their filters in a particular order The first filter applied can pass or discard a packet before that packet ever reaches any of the other filters If the first filter can neither pass nor discard the packet ...

Page 145: ... packet is blocked Here is what this rule looks like when implemented as a filter on the Netopia R9100 To understand this particular filter look at the parts of a filter Parts of a filter A filter consists of criteria based on packet attributes A typical filter can match a packet on any one of the following attributes The source IP address where the packet was sent from The destination IP address ...

Page 146: ...mber specified in the filter Less Than or Equal For the filter to match the packet s port number must be less than or equal to the port number specified in the filter Equal For the filter to match the packet s port number must equal the port number specified in the filter Greater Than For the filter to match the packet s port number must be greater than the port number specified in the filter Grea...

Page 147: ...est priority is first in the table Source IP Addr The packet source IP address to match Dest IP Addr The packet destination IP address to match Proto The protocol to match This can be entered as a number see the table below or as TCP or UDP if those protocols are used Protocol Number to use Full name N A 0 Ignores protocol type ICMP 1 Internet Control Message Protocol TCP 6 Transmission Control Pr...

Page 148: ...ese IP addresses are masked determines what the final match will be although the mask is not displayed in the table that displays the filter sets you set it when you create the filter In fact since the mask for the destination IP address is 0 0 0 0 the address for Dest IP Addr could have been anything The mask for Source IP Addr must be 255 255 255 255 since an exact match is desired Source IP Add...

Page 149: ...t and that can actually make your network less secure Be sure each individual filter s purpose is clear Determine how filter priority will affect the set s actions Test the set on paper by determining how the filters would respond to a number of different hypothetical packets Consider the combined effect of the filters If every filter in a set fails to match on a particular packet the packet is Pa...

Page 150: ...take the latter and safer approach to all of your filter set designs Working with IP filters and filter sets This section covers IP filters and filter sets For working with IPX filters and filter sets see IPX filters on page 13 21 To work with filters and filter sets begin by accessing the filter set screens Note Make sure you understand how filters work before attempting to use them Read the sect...

Page 151: ...ts have a default name The first filter set you add will be called Filter Set 1 the next filter will be Filter Set 2 and so on To give a new filter set a different name select Filter Set Name and enter a new name for the filter set To save the filter set select ADD FILTER SET The saved filter set is empty contains no filters but you can return to it later to add filters see Modifying filter sets o...

Page 152: ...ilter your local network is the destination of the packets it checks and the remote network is their source From the perspective of an output filter your local network is the source of the packets and the remote network is their destination Adding filters to a filter set In this section you ll learn how to add an input filter to a filter set Adding an output filter works exactly the same way provi...

Page 153: ...s allows you to further modify the way the filter will match on the destination address Enter 0 0 0 0 to force the filter to match on all destination IP addresses 7 Select Protocol Type and enter ICMP TCP UDP Any or the number of another IP transport protocol see the table on page 13 9 Note If Protocol Type is set to TCP or UDP the settings for port comparison that you configure in steps 8 and 9 w...

Page 154: ... parameters in this screen are set in the same way as the ones in the Add Filter screen see Adding filters to a filter set on page 13 14 Deleting filters To delete a filter select Delete Input Filter or Delete Output Filter in the Add IP Filter Set screen to display a table of filters Select the filter from the table and press Return to delete it Press Escape to exit the table without deleting the...

Page 155: ... in the IP Filter Sets screen to display a list of filter sets Select a filter set from the list and press Return to delete it Press Escape to exit the list without deleting the filter set A sample IP filter set This section contains the settings for a filter set called Basic Firewall which is part of the Netopia R9100 s factory configuration Basic Firewall blocks undesirable traffic originating f...

Page 156: ...s pass all TCP and UDP traffic respectively when the destination port is greater than 1023 This type of traffic generally does not allow a remote host to connect to the LAN using one of the potentially intrusive Internet services such as Telnet FTP and WWW Output filter 1 This filter passes all outgoing traffic to make sure that no outgoing connections from the LAN are blocked Setting Input filter...

Page 157: ...the only one used with Basic Firewall The results of combining filter set modifications can be difficult to predict It is recommended that you take special care if you are making more than one modification to the sample filter set Trusted host To allow unlimited access by a trusted remote host with the IP address a b c d corresponding to a numbered IP address such as 163 176 8 243 insert the follo...

Page 158: ...omparison Equal Dest Port ID 21 Note A similar filter could be used to permit Telnet or WWW access Set the Dest Port ID to 23 for Telnet or to 80 for WWW AURP tunnel To allow an AURP tunnel between a remote AURP router with the IP address a b c d corresponding to a numbered IP address such as 163 176 8 243 and a local AURP router including the Netopia R9100 itself insert the following input filter...

Page 159: ...nst that server being accessed IPX packet filtering must be used for that purpose Setting up and using IPX filter sets is a four step process 1 Create the filters to use 2 Create the filter sets to use 3 Add filters to the filter sets 4 Attach the filter sets to the answer profile or to connection profiles You can configure IPX filters and set up IPX filter sets from the IPX Filters and Filter Set...

Page 160: ...sired filter and press Return to go to the Change Packet Filter screen The parameters in this screen are the same as the ones in the Add Packet Filter screen see the next section Adding a packet filter To add a new IPX packet filter select Add IPX Packet Filter in the IPX Filters and Filter Sets screen and press Return The Add Packet Filter screen appears By default the filter s socket numbers and...

Page 161: ...en without saving the new filter Deleting a packet filter To delete a packet filter select Delete IPX Packet Filter in the IPX Filters and Filter Sets screen to display a table of filters Select a filter from the table and press Return to delete it Press the Escape key to exit the table without deleting the filter IPX packet filter sets Before the individual filters can be used IPX packet filters ...

Page 162: ...he Show Filters Change Actions on Match screen appears Select a filter and toggle the packet forwarding action to Yes pass or No discard Add Packet Filter Set Filter Set Name Show Filters Change Action on Match Append Filter Remove Filter ADD FILTER SET NOW CANCEL Configure an IPX Filter Set here You must ADD FILTER SET NOW to save Show Filters Change Actions on Match Filter Name Forward Filter 1 ...

Page 163: ...lter set Note Deleting a filter set does not delete the filters in that set However the filters in the deleted set are no longer in effect unless they are part of another set The deleted set will no longer appear in the answer profile or any connection profiles to which it was added IPX SAP filters For each IPX SAP filter you can configure a set of parameters to match on certain attributes of IPX ...

Page 164: ...A and NETOPIA 3 To specify a socket for the filter to match on select Socket and enter an IPX socket number 4 To specify a type number for the filter to match on select Type and enter an IPX type number 5 To specify an IPX network address for the filter to match on select IPX Network and enter an IPX network address 6 To specify an IPX node address for the filter to match on select IPX Node Addres...

Page 165: ... in the Add SAP Filter Set screen see the previous section Adding a SAP filter set To add a new IPX SAP filter set select Add IPX SAP Filter Set in the IPX Filters and Filter Sets screen The Add SAP Filter Set screen appears Follow these steps to configure the new SAP filter set 1 Select Filter Set Name and enter a descriptive name for the filter set 2 To change the forwarding action of filters in...

Page 166: ... the filter press Escape 5 To save the current filter set select ADD FILTER SET NOW in the Add SAP Filter Set screen Select CANCEL to exit the Add SAP Filter Set screen without saving the new filter set Deleting a SAP filter set To delete a SAP filter set select Delete IPX SAP Filter Set in the IPX Filters and Filter Sets screen to display a list of filter sets Select a filter set from the list an...

Page 167: ...er information is what the packet filter uses to make filtering decisions It is important to note that a packet filter does not look into the IP data stream the User Data from above to make filtering decisions Basic protocol types TCP Transmission Control Protocol TCP provides reliable packet delivery and has a retransmission mechanism so packets are not lost RFC 793 is the specification for TCP U...

Page 168: ...d filter rule ordering is critical If a packet is passed through a series of filter rules and then the packet matches a rule the appropriate action is taken The packet will not pass through the remainder of the filter rules For example if you had the following filter set Allow WWW access Allow FTP access Allow SMTP access Deny all other packets and a packet goes through these rules destined for FT...

Page 169: ...re as follows 0 AND 0 0 0 AND 1 0 1 AND 0 0 1 AND 1 1 For example Filter rule Deny IP 163 176 1 15 BINARY 10100011 10110000 00000001 00001111 Mask 255 255 255 255 BINARY 11111111 11111111 11111111 11111111 Incoming Packet IP 163 176 1 15 BINARY 10100011 10110000 00000001 00001111 If you put the incoming packet and subnet mask together with AND the result is 10100011 10110000 00000001 00001111 whic...

Page 170: ...t screen This is an example of the Netopia IP filter set screen Filter basics In the source or destination IP address fields the IP address that is entered must be the network address of the subnet A host address can be entered but the applied subnet mask must be 32 bits 255 255 255 255 The Netopia R9100 has the ability to compare source and destination TCP or UDP ports These options are as follow...

Page 171: ... Matches the port or any port greater Greater Than Matches anything greater than the port defined Filter Rule 200 1 1 0 Source IP Network Address 255 255 255 128 Source IP Mask Forward No What happens on match IP Address Binary Representation 200 1 1 28 00011100 Source address in incoming IP packet AND 255 255 255 128 10000000 Perform the logical AND 00000000 Logical AND result Netopia Internet IP...

Page 172: ...ecause the packet does not match Example 3 Incoming packet has the source address of 200 1 1 184 Filter Rule 200 1 1 0 Source IP Network Address 255 255 255 128 Source IP Mask Forward No What happens on match IP Address Binary Representation 200 1 1 184 10111000 Source address in incoming IP packet AND 255 255 255 128 10000000 Perform the logical AND 10000000 Logical AND result Filter Rule 200 1 1...

Page 173: ...e passed Example 5 Incoming packet has the source address of 200 1 1 96 Filter Rule 200 1 1 96 Source IP Network Address 255 255 255 240 Source IP Mask Forward No What happens on match IP Address Binary Representation 200 1 1 104 01101000 Source address in incoming IP packet AND 255 255 255 240 11110000 Perform the logical AND 01100000 Logical AND result Filter Rule 200 1 1 96 Source IP Network Ad...

Page 174: ...de Since the Source IP Network Address in the Netopia R9100 is 01100000 and the source IP address after the logical AND is 01100000 this rule does match and this packet will NOT be passed This rule masks off a single IP address ...

Page 175: ...console session on page 14 6 Factory defaults on page 14 6 Transferring configuration and firmware files with TFTP on page 14 6 Transferring configuration and firmware files with XMODEM on page 14 9 Restarting the system on page 14 12 Note These utilities and tests are accessible only through the console based management screens See Chapter 6 Console Based Management for information on accessing t...

Page 176: ...295 3 Select Data Size to change the default setting This is the size in bytes of each Ping packet sent The default setting is adequate in most cases but you can change it to any value from 0 only header data to 1664 4 Select Delay seconds to change the default setting The delay in seconds determines the time between Ping packets sent The default setting is adequate in most cases but you can chang...

Page 177: ...ime Message Description Resolving host name Finding the IP address for the domain name style address Can t resolve host name IP address can t be found for the domain name style name Pinging Ping test is in progress Complete Ping test was completed Cancelled by user Ping test was cancelled manually Destination unreachable from w x y z Ping test was able to reach the router with IP address w x y z w...

Page 178: ...re dropped and a destination unreachable notification is returned to the sender see the table on the previous page This ensures that no infinite routing loops occur The TTL value can be set and retrieved using the SNMP MIB II ip group s ipDefaultTTL object Trace Route You can count the number of routers between your Netopia Router and a given destination with the Trace Route utility In the Statist...

Page 179: ... select Telnet from the Utilities Diagnostics menu The Telnet client screen appears Enter the host name or the IP address in dotted decimal format of the machine you want to telnet into and press Return Either accept the default control character Q used to suspend the Telnet session or type a different one START A TELNET SESSION becomes highlighted Press Return and the Telnet session will be initi...

Page 180: ...s factory default settings Call Netopia Tech Support for instructions on using the Reset switch Note Reset to factory defaults with caution You will need to reconfigure all of your settings in the router Transferring configuration and firmware files with TFTP Trivial File Transfer Protocol TFTP is a method of transferring data over an IP network TFTP is a client server application with the router ...

Page 181: ...ter firmware updates are also periodically posted on the Netopia website To update either the router s or the internal WAN module s firmware follow these steps Select TFTP Server Name and enter the server name or IP address of the TFTP server you will use The server name or IP address is available from the site where the server is located Select Firmware File Name and enter the name of the file yo...

Page 182: ...m Idle to Reading Firmware The TFTP Current Transfer Bytes item will reflect the number of bytes transferred Downloading configuration files The Netopia R9100 can be configured by downloading a configuration file using TFTP Once downloaded the file reconfigures all of the router s parameters as if someone had manually done so through the console port To download a configuration file follow these s...

Page 183: ...r your network administrator To upload a configuration file follow these steps 1 Select TFTP Server Name and enter the server name or IP address of the TFTP server you will use The server name or IP address is available from the site where the server is located 2 Select Config File Name and enter a name for the file you will upload The file will appear with the name you choose on the TFTP server Y...

Page 184: ...hout downloading the file or select CONTINUE to download the file If you choose CONTINUE you will have ten seconds to use your terminal emulation software to initiate an XMODEM transfer of the firmware file If you fail to initiate the transfer in that time the dialog box will disappear and the terminal emulation software will inform you of the transfer s failure You can then try again X Modem File...

Page 185: ...will have ten seconds to use your terminal emulation software to initiate an XMODEM transfer of the configuration file If you fail to initiate the transfer in that time the dialog box will disappear and the terminal emulation software will inform you of the transfer s failure You can then try again The system will reset at the end of a successful file transfer to put the new configuration into eff...

Page 186: ...e dialog box will disappear and the terminal emulation software will inform you of the transfer s failure You can then try again Restarting the system You can restart the system by selecting the Restart System item in the Utilities Diagnostics screen You must restart the system whenever you reconfigure the Netopia R9100 and want the new parameter values to take effect Under certain circumstances r...

Page 187: ...P P P Pa a a ar r r rt t t t I I I II I I II I I I A A A Ap p p pp p p pe e e en n n nd d d di i i ix x x xe e e es s s s ...

Page 188: ...User s Reference Guide ...

Page 189: ...on process review the following suggestions before calling for technical support There are four zones to consider when troubleshooting initial configuration 1 The computer s connection to the router 2 The router s connection to the telecommunication line s 3 The telecommunication line s connection to your ISP 4 The ISP s connection to the Internet If the connection from the computer to the router ...

Page 190: ... Characters are missing from some of the configuration screens Try changing the Netopia R9100 s default speed of 9600 bps and setting your terminal emulation software to match the new speed Network problems This section contains tips for troubleshooting a networking problem Problems communicating with remote IP hosts Verify the accuracy of the default gateway s IP address entered in the IP Setup o...

Page 191: ...ip size Reset Switch slot 3 Carefully insert the larger end of a standard size paper clip until you contact the internal Reset Switch No need to unwind the paper clip 4 Press this switch 5 This will reset the unit to factory defaults and you will now be able to reprogram the router Power outages If you suspect that power was restored after a power outage and the Netopia R9100 is connected to a rem...

Page 192: ...on appears in the Netopia R9100 s Main Menu screen Model number Serial number Firmware version What kind of local network s do you have with how many devices Ethernet LocalTalk EtherTalk TCP IP IPX Other How to reach us We can help you with your problem more effectively if you have completed the environment profile in the previous section If you contact us by telephone please be ready to supply Ne...

Page 193: ...ound in the following Netopia World Wide Web server via http www netopia com Internet via anonymous FTP to ftp netopia com pub FAX Back This service provides technical notes that answer the most commonly asked questions and offers solutions for many common problems encountered with Netopia products FAX Back 1 510 814 5040 ...

Page 194: ...A 6 User s Reference Guide ...

Page 195: ...network protocol is the Internet Protocol also known as IP Like many other protocols IP uses packets or formatted chunks of data to communicate Note This guide uses the term IP in a very general and inclusive way to identify all of the following Networks that use the Internet Protocol along with accompanying protocols such as TCP UDP and ICMP Packets that include an IP header within their structur...

Page 196: ...ly Class C networks have a small number of possible host numbers but a large number of possible network numbers Thus the InterNIC assigns Class A addresses to large organizations that have very large numbers of IP hosts while smaller organizations with fewer hosts get Class B or Class C addresses You can tell the various classes apart by the value of the first or high order byte Class A networks u...

Page 197: ...determine this information simply from an IP address Subnet mask information is configured as part of the process of setting up IP routers and gateways such as the Netopia R9100 Note If you receive a routed account from an ISP there must be a mask associated with your network IP address By using the IP address with the mask you can discover exactly how many IP host addresses you actually have To c...

Page 198: ... 255 128 mask 192 168 1 2 via router Usable IP Addresses available to Customer Site A 192 168 1 1 192 168 1 126 Netopia R9100 A IP Address 192 168 1 2 Subnet Mask 255 255 255 128 Remote IP 192 168 1 129 Remote Sub 255 255 255 128 Gateway 192 168 1 1 Usable IP Addresses avail able to Customer Site A 192 168 1 1 192 168 1 126 PC 1 IP Address 192 168 1 3 Subnet Mask 255 255 255 128 Gateway 192 168 1 ...

Page 199: ...ess Customer Site A but not the Internet If it is not possible to define a static route on Router B RIP could be enabled to serve the same purpose To use RIP instead of a static route enable Transmit RIP on Netopia R9100 A and Transmit and Receive RIP on Router B This will allow the route from Customer Site B to propagate on Router B and Customer Site A Example Working with a Class C subnet Suppos...

Page 200: ...n is helpful in determining dynamic address allocation for a network The term lease describes the action of a workstation requesting and using an IP address The address is dynamic and can be returned to the address pool at a later time The term renew refers to what the workstations do to keep their leased IP address At certain intervals the workstation talks to the DHCP or MacIP server and renews ...

Page 201: ... requests and renews its lease every half hour The Mac workstation relinquishes its address upon shutdown in all but one case If the TCP IP control panel is set to initialize at startup and no IP services are used or the TCP IP control panel is not opened the DHCP address will NOT be relinquished upon shutdown However if the TCP IP control panel is opened or if an IP application is used the Mac WI...

Page 202: ...manually remove it That s why manually distributed addresses are sometimes called static addresses Static addresses are useful in cases when you want to make sure that a host on your network cannot have its address taken away by the address server Appropriate candidates for a static address include a network administrator s computer a computer dedicated to communicating with the Internet and route...

Page 203: ...Profile s IP Setup screen This method requires a static value to be used Thus any user dialing in can obtain the same IP address for every connection to the profile If you want to obtain addresses statically define the address in the Connection Profile Notes The addresses that are to be served cannot be used elsewhere For example you wouldn t want to define a static address in a Connection Profile...

Page 204: ...ss 199 1 1 32 is reserved as the network address Address 199 1 1 47 is reserved as the broadcast address This leaves 14 addresses to allocate from 199 1 1 33 through 199 1 1 46 If you want to allocate a sub block of 10 addresses using DHCP enter 10 in the DHCP Setup screen s Number of Addresses to Allocate item Then in the same screen s First Address item enter the first address in the sub block t...

Page 205: ...k address can be used on your main network while portions of it can be subnetted to the two remaining networks Note The IP address a b c 0 has letters in place of the first three numbers to generalize it for this example The figure at left shows a possible network configuration following this scheme The main network is set up with the Class C address a b c 0 and contains Router A which could be a ...

Page 206: ...ss The Netopia R9100 compares the packet s destination IP address with the routes in its IP routing table It begins with the route at the bottom of the list and works up until there s a match or the route to the default gateway is reached When a b c 249 is masked by the first route s subnet mask it yields a b c 248 which matches the network address in the route The Netopia R9100 uses the connectio...

Page 207: ...ckets as well as to packets addressed to their specific individual host addresses Depending on the age and type of IP equipment you use broadcasts will be addressed using either all zeros or all ones but not both If your network requires zeros broadcasting you must configure this through SNMP Packet header types As previously mentioned IP works with other protocols to allow communication over IP n...

Page 208: ...B 14 User s Reference Guide ...

Page 209: ...appendix Background NAT is a mechanism employed within the Netopia R9100 to acquire a statically or dynamically assigned IP address on its WAN interface and proxy against locally assigned IP addresses on its LAN interface The Netopia R9100 uses a one to many IP address mapping scheme that is against a single IP address the Netopia R9100 acquires on its WAN interface the Netopia R9100 can proxy 14 ...

Page 210: ...ified 192 168 X X Class C address range which is used for networks not attached to the Internet This address range is described in RFC 1597 The dynamic IP address acquisition on the WAN interface of the Netopia R9100 is one of several features of NAT Another is the mapping of locally assigned IP addresses to the single globally unique IP address acquired by the Netopia R9100 on its WAN interface N...

Page 211: ...e IP address is substituted with 200 1 1 40 and the source port is substituted with 5001 then the IP packet checksum is recalculated When this modified packet reaches the WWW server on the Internet the WWW server responds and sends the IP packet back to destination IP address 200 1 1 40 and destination port 5001 When the Netopia R9100 receives this IP packet from the WWW server the Netopia R9100 r...

Page 212: ... the single globally unique IP address that was acquired on the WAN interface which is 200 1 1 40 Netopia Router WWW Server 163 176 4 32 ISP Router 200 1 1 1 Netopia Router LAN 192 168 5 1 WAN 200 1 1 40 Workstations A B ISP Router to WWW Src IP 200 1 1 40 Dst IP 163 176 4 32 Src Port 5001 Dst Port 80 ISP Router to WWW Src IP 200 1 1 40 Dst IP 163 176 4 32 Src Port 5002 Dst Port 80 WWW to ISP Rout...

Page 213: ...xported services are essentially user defined pointers for a particular type of incoming TCP or UDP service from the WAN interface to a host on the local LAN interface This is necessary since the Netopia R9100 and thus the attached local LAN has only one IP presence on the WAN interface and Internet Exported services allows the user to redirect one type of service for example Port 21 FTP to a sing...

Page 214: ...W and FTP servers or AURP partners on the Netopia R9100 s local LAN interface In this case if a dynamic IP address is assigned to the WAN interface of the Netopia R9100 each time the administrator of the Netopia R9100 will have to notify clients who want to access services on the Netopia R9100 s LAN interface of the new IP address after each connection With NAT enabled there cannot be two or more ...

Page 215: ...lt gateway under IP Setup in System Configuration This is done for profile matching purposes and because the IP address of the router the Netopia R9100 is dialing is not always known As mentioned earlier in this appendix NAT works well for IP sessions originated on the Netopia R9100 s LAN interface destined for the Internet without any additional configuration For incoming IP connections from the ...

Page 216: ...removed from the pop up list since only one type of service can be redirected to a single host However several different types of services can be redirected to a single or multiple hosts For example port 80 WWW server could be redirected to 192 168 5 3 on the Netopia R9100 s LAN interface and port 23 Telnet can be redirected to that same host Summary NAT is a powerful feature of the Netopia R9100 ...

Page 217: ...0 104 1101000 9 1001 41 101001 73 1001001 105 1101001 10 1010 42 101010 74 1001010 106 1101010 11 1011 43 101011 75 1001011 107 1101011 12 1100 44 101100 76 1001100 108 1101100 13 1101 45 101101 77 1001101 109 1101101 14 1110 46 101110 78 1001110 110 1101110 15 1111 47 101111 79 1001111 111 1101111 16 10000 48 110000 80 1010000 112 1110000 17 10001 49 110001 81 1010001 113 1110001 18 10010 50 1100...

Page 218: ...1 173 10101101 205 11001101 237 11101101 142 10001110 174 10101110 206 11001110 238 11101110 143 10001111 175 10101111 207 11001111 239 11101111 144 10010000 176 10110000 208 11010000 240 11110000 145 10010001 177 10110001 209 11010001 241 11110001 146 10010010 178 10110010 210 11010010 242 11110010 147 10010011 179 10110011 211 11010011 243 11110011 148 10010100 180 10110100 212 11010100 244 1111...

Page 219: ... T C Brown A Malis Multiprotocol Interconnect over Frame Relay Network Working Group Internet Engineering Task Force RFC 1490 July 1993 Case J D J R Davins M S Fedor and M L Schoffstall Introduction to the Simple Gateway Monitoring Protocol IEEE Network March 1988 Case J D J R Davins M S Fedor and M L Schoffstall Network Management and the Design of SNMP ConneXions The Interoperability Report Vol ...

Page 220: ... 20 No 14 October 1991 McNamara J E Local Area Networks Digital Press Educational Services Digital Equipment Corporation 12 Crosby Drive Bedford MA 01730 Malamud C Analyzing Novell Networks New York NY Van Nostrand Reinhold 1991 Malamud C Analyzing Sun Networks New York NY Van Nostrand Reinhold 1991 Martin J SNA IBM s Networking Solution Englewood Cliffs NJ Prentice Hall 1987 Martin J with K K Cha...

Page 221: ...blishing Company 1991 Stallings W Handbook of Computer Communications Standards Vols 1 3 Carmel IN Howard W Sams 1990 Stallings W Local Networks 3rd ed New York NY Macmillan Publishing Company 1990 Stevens W R TCP IP Illustrated Vol 1 Reading MA Addison Wesley Publishing Company 1994 Sunshine C A ed Computer Network Architectures and Protocols 2nd ed New York NY Plenum Press 1989 Tannenbaum A S Co...

Page 222: ...E 4 User s Reference Guide ...

Page 223: ... nd d d d S S S Sa a a af f f fe e e et t t ty y y y I I I In n n nf f f fo o o or r r rm m m ma a a at t t ti i i io o o on n n n Pinouts for Auxiliary port modem cable HD 15 DB 25 Pin 1 Ground Pin 1 not used Pin 2 TDA Pin 2 TD Pin 3 TDB Pin 3 RD Pin 4 RDA Pin 4 RTS Pin 5 RDB Pin 5 CTS Pin 6 not used Pin 6 DCE Ready Pin 7 DTR Pin 7 Ground Pin 8 CTS Pin 8 RLSD 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 S...

Page 224: ...ure 0 to 40 C Storage temperature 0 to 70 C Relative storage humidity 20 to 80 noncondensing Pin 9 DSR Pin 9 RSET EIA 530 Pin 10 DCD Pin 10 not used Pin 11 not used Pin 11 TSET EIA 530 Pin 12 TCA Pin 12 not used Pin 13 TCB Pin 13 not used Pin 14 RCA Pin 14 TD EIA 530 STD EIA 232 Pin 15 RCB Pin 15 not used Pin 16 RD EIA 530 SRD EIA 232 Pin 17 RSET Pin 18 not used Pin 19 RTS EIA 530 SRTS EIA 232 Pin...

Page 225: ...cal distance between this product and other electrical devices United States This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radia...

Page 226: ...by means of a certified connector assembly telephone extension cord The customer should be aware that compliance with the above conditions may not prevent degradation of service in some situations Repairs to the certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier Any repairs or alterations made by the user to this equipment or equipment malf...

Page 227: ... using a telephone other than a cordless type during an electrical storm There may be a remote risk of electric shock from lightning Do not use the telephone to report a gas leak in the vicinity of the leak Battery The Netopia R9100 s lithium battery is designed to last for the life of the product The battery is not user ser viceable Caution Danger of explosion if battery is incorrectly replaced R...

Page 228: ...F 6 User s Reference Guide ...

Page 229: ...ection points bandwidth The range of frequencies expressed in Kilobits per second that can pass over a given data transmission channel within a network The bandwidth determines the rate at which information can be sent through a channel the greater the bandwidth the more information that can be sent in a given amount of time BAP Bandwidth Allocation Protocol Protocol that manages the dynamic bandw...

Page 230: ...acters that serve much like passwords for devices using SNMP Different community strings may be used to allow an SNMP user to gather device information or change device configurations CRC Cyclic Redundancy Check A computational means to ensure the integrity of a block of data The mathematical function is computed before the data is transmitted at the originating device Its numerical value is compu...

Page 231: ...ateways provide address translation services but do not translate data Gateways must be used in conjunction with special software packages that allow computers to use networking protocols not originally designed for them hard seeding A router setting In hard seeding if a router that has just been reset detects a network number or zone name conflict between its configured information and the inform...

Page 232: ...s Internet related services Most importantly an ISP provides Internet access services and products to other companies and consumers ITU International Telecommunication Union United Nations specialized agency for telecommunications Successor to CCITT LAN local area network A privately owned network that offers high speed communications channels to connect information processing equipment in a limit...

Page 233: ... pathway but are arranged in proper sequence at the destination side before forwarding the complete message to an addressee packet switching network A telecommunications network based on packet switching technology wherein a transmission channel is occupied only for the duration of the transmission of the packet PAP PPP authentication protocol A method for ensuring secure network access parameter ...

Page 234: ...eding non seeding seed router and soft seeding seed router A router that provides network number and zone information to any router that starts up on the same network See also hard seeding non seeding seeding and soft seeding serial port A connector on the back of the workstation through which data flows to and from a serial device server A device or system that has been specifically configured to...

Page 235: ...media such as telephone lines WANs can span a state a country or even the world WAN IP In addition to being a router the Netopia ISDN Router is also an IP address server There are four protocols it can use to distribute IP addresses over the WAN which include DHCP BootP IPCP and MacIP WAN IP is a feature for both the Small Office and Corporate Netopia ISDN Router models wiring closet A central loc...

Page 236: ...8 User s Reference Guide ...

Page 237: ...necting to a partner 11 9 hop count reduction 11 12 network number remapping 11 11 receiving connections 11 10 setup 11 3 11 8 tunnel 13 20 authentication and answer profile 8 8 B back panel 3 2 ports 3 3 basic firewall 13 18 BootP 9 16 clients 9 22 broadcasts B 13 C cable modem 2 1 Call acceptance scenarios 8 9 capabilities 1 1 change static route 9 15 CHAP and answer profile 8 8 community string...

Page 238: ...esses B 5 downloading configuration files 14 8 14 11 with TFTP 14 8 with XMODEM 14 11 Dynamic Host Configuration Protocol DHCP 9 16 Dynamic Host Configuration Protocol see DHCP Dynamic WAN 9 16 E Easy Setup connection profile 7 5 IP setup 7 6 IPX setup 7 6 navigating 6 4 overview 7 1 quick connection path 7 3 Enabling CNA 8 8 Ethernet 4 4 Ethernet address 12 2 EtherTalk 4 4 event history device 12...

Page 239: ... 9 6 IP trap receivers deleting 12 15 modifying 12 15 setting 12 15 viewing 12 15 IPX packet filter sets 13 23 IPX packet filters 13 22 IPX SAP Bindery Table 10 5 IPX SAP filters 13 25 IPX setup 10 1 IPX spoofing 10 3 ISP account types 2 2 information to obtain 2 2 L LED status 12 2 LEDs 3 4 12 2 LocalTalk 11 7 connecting 4 8 setup 11 7 M MacIP 9 16 defined B 8 MacIP KIP Forwarding options 9 23 Ma...

Page 240: ...ounts 13 1 ping 14 2 ping test configuring and initiating 14 2 port number comparisons 13 8 port numbers 13 7 Q Quick View 12 1 R restarting the system 14 12 restricting telnet access 13 4 RIP 8 2 9 7 router to serve IP addresses to hosts 9 1 Routing Information Protocol RIP 10 2 routing tables AppleTalk 12 9 IP 9 12 12 8 S SAP filter sets viewing and modifying 13 28 SAP server types 10 3 screens ...

Page 241: ...ing configuration files 14 9 TFTP transferring files 14 6 Trivial File Transfer Protocol TFTP 14 6 Trivial File Transfer Protocol see TFTP troubleshooting A 1 configuration PC A 1 console based management 7 2 event histories 12 5 12 17 WAN statistics 12 4 trusted host 13 19 trusted subnet 13 19 tunneling 11 3 U updating firmware router 14 7 with TFTP 14 7 with XMODEM 14 10 uploading configuration ...

Page 242: ...Index 6 ...

Page 243: ...FITNESS FOR A PARTICULAR PURPOSE REGARDING THE ENCLOSED PRODUCT EXCEPT AS OTHERWISE EXPRESSLY PROVIDED ABOVE NETOPIA AND ITS LICENSOR S DO NOT WARRANT GUARANTEE OR MAKE ANY REPRESENTATION REGARDING THE USE OR THE RESULTS OF THE USE OF THE PRODUCT IN TERMS OF ITS CORRECTNESS ACCURACY RELIABILITY CURRENTNESS OR OTHERWISE THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE PRODUCT IS ASSUMED BY ...

Page 244: ...2 User s Reference Guide ...

Reviews: