background image

Watson SHDSL Router  
Operating Manual 

Watson-SHDSL-Router-Manual.doc 

Version 1.1-07  

 

3-6 

Revision: 2012-02-15

 

port triggering since the outbound traffic triggers to which ports inbound traffic is 
directed.  

For  example,  consider  a  server  that  is  accessed  using  UDP  protocol  on  port 
2222. The server responds by connecting the user using UDP on port 3333 when 
starting sessions. In such a case you must use port triggering, since this scenar-
io conflicts with the following default firewall settings:  

 

  The firewall blocks inbound traffic by default.  

  The  server  replies  to  Watson  SHDSL  router  IP,  and  the  connection  is  not 

sent back to your host, since it is not part of a session.  

In order to solve this you need to define a Port Triggering entry, which allows in-
bound traffic on UDP port 3333, only after a LAN host generated traffic to UDP 
port  2222.  This  will  result  in  accepting  the  inbound  traffic  from  the  server,  and 
sending it back to the LAN Host which originated the outgoing traffic to UDP port 
2222.  

3.2.5  Website Restrictions  

Watson  SHDSL  router  can  be  configured  to  block  specific  Internet  websites  so 
that they cannot be accessed from computers in the local network. Moreover, re-
strictions can be applied to a comprehensive and automatically-updated table of 
sites to which access is not recommended. 

3.2.6  Network Address Translation (NAT)  

Watson  SHDSL  router  features  a  configurable  Network  Address  Translation 
(NAT)  and  Network  Address  Port  Translation  (NAPT)  mechanism,  allowing  to 
control  the  network  addresses  and  ports  of  packets  routed  through  the  router. 
When  enabling  multiple  computers  on  the  local  network  to  access  the  Internet 
using a fixed number of public IP addresses, you can statically define which LAN 
IP address will be translated to which NAT IP address and/or ports.  

By default, Watson SHDSL router operates in NAPT routing mode. However, you 
can  control  your  network  translation  by  defining  static  NAT/NAPT  rules.  Such 
rules map LAN computers to NAT IP addresses.  

The  NAT/NAPT  mechanism  is  useful  for  managing Internet usage in your LAN, 
or  complying  with  various  application  demands.  For  example,  you  can  assign 
your primary LAN computer with a single NAT IP address, in order to assure its 
permanent  connection  to  the  Internet.  Another  example  is  when  an  application 
server  with  which  you  wish  to  connect,  such  as  a  security  server,  requires  that 
packets have a specific IP address - you can define a NAT rule for that address. 

3.2.7  Advanced Filtering  

Advanced filtering is designed to allow comprehensive control over the firewall's 
behavior. You can define specific input and output rules, control the order of logi-
cally similar sets of rules and make a distinction between rules that apply to WAN 
and LAN interfaces 

Summary of Contents for Watson

Page 1: ...Watson SHDSL Router Operating Manual Document Identification Watson SHDSL Router Manual doc Document Version 1 1 07 Document Revision 2012 02 15 Distribution Customer ...

Page 2: ...on Copyright 2012 by Schmid Telecommunication Zurich Switzerland All rights reserved Reproduction of part or all of the contents in any form is expressly prohibited without the prior written consent of Schmid Telecommunication Schmid Telecommunication has used its discretion best judgments and efforts in preparing this document Any in formation contained in this document is provided without any wa...

Page 3: ...by complete application of the following harmonized European Standards EN 60950 1 2006 IEC 60950 1 2005 99 5 EEC Directive containing requirements regarding Radio Telecommunication Terminal Equipment The compliance of the above mentioned product with the re quirements of the directive 99 5 EEC is ensured by complete application of the following harmonized European Standards EN 300386 v1 3 1 EN 609...

Page 4: ......

Page 5: ...duct is intended for use in environments as stated in the technical specifications Do not use this product in areas classified as hazardous loca tions Such areas include patient care areas of medical and dental facilities oxygen laden environments or industrial facilities Contact your local electri cal authority governing building construction maintenance or safety for more information regarding t...

Page 6: ...bject through an opening in this product Unplug the product from the electrical outlet and contact your local Schmid Distributor under the following conditions J The power cord extension cord or plug is damaged J Liquid has been spilled or an object has fallen into this product J This product has been exposed to water J This product has been dropped or damaged in any way J There are noticeable sig...

Page 7: ...op is facing you the front panel is at the top and the back panel with the connectors is at the bottom Cables should only be connected to the unit when the wall mounting installation is completed This product is designed for operation in the electromagnetic environment typi cally found in commercial domestic and telecommunication installations The electromagnetic compatibility EMC requirements for...

Page 8: ......

Page 9: ...tten permission This warranty becomes null and void if Customer modifies or alters the equipment in any way other than as spe cifically authorized by Schmid Telecom Except for the limited warranty described above the foregoing constitutes the sole and exclusive remedy of the Customer and the exclusive liability of Schmid Telecom and is in Lieu of any and all other warranties expressed or implied S...

Page 10: ......

Page 11: ...1 Bridging 3 1 3 1 2 Routing 3 1 3 1 3 Dynamic Host Configuration Protocol DHCP 3 2 3 1 4 Point to Point Protocol over Ethernet PPPoE 3 2 3 1 5 IPSEC VPN 3 3 3 1 6 Point to Point Tunneling Protocol PPTP 3 3 3 2 Security 3 4 3 2 1 Access Control 3 4 3 2 2 Port Forwarding 3 4 3 2 3 DMZ Host 3 5 3 2 4 Port Triggering 3 5 3 2 5 Website Restrictions 3 6 3 2 6 Network Address Translation NAT 3 6 3 2 7 A...

Page 12: ...configuration 3 16 3 8 DSL Performance Monitoring 3 17 3 9 Password protection 3 17 3 10 Restoring the default configuration 3 17 4 LEDs and Alarms 4 1 4 1 LEDs 4 1 4 1 1 Front Panel LEDs 4 1 4 1 2 Back Panel LEDs 4 1 4 2 Alarm Conditions 4 2 5 Front and Rear Panels 5 1 5 1 Front Panel 5 1 5 2 Rear Panel 5 1 6 Connectors and Cables 6 1 6 1 DSL Interface 6 1 6 1 1 Connector 6 1 6 1 2 DSL Cable 6 2 ...

Page 13: ...igure 3 3 Ethernet over DSL with HDLC encapsulation 3 13 Figure 3 4 EFM fragmentation and framing 3 13 Figure 5 1 Front panel 5 1 Figure 5 2 Rear panel 5 1 Figure 6 1 DSL Connector 6 1 Figure 6 2 Ethernet Connector 6 2 Figure 6 3 Power Connector 6 3 Figure 6 4 Ground Connector 6 3 Tables Table 2 1 Watson SHDSL Router types 2 2 Table 3 1 Naming of DSL ports and wire pairs 3 12 Table 3 2 Power Backo...

Page 14: ......

Page 15: ...012 02 15 1 1 1 Related Documents 1 Schmid Telecom Watson SHDSL Router GUI Manual 2 Schmid Telecom Watson SHDSL Router Application Manual 3 Schmid Telecom Watson SHDSL CLI Manual 4 ETSI TS 101 524 2004 5 EN 30059 ...

Page 16: ......

Page 17: ...ata rates of 49 Mbit s over 4 copper pairs can be achieved Watson SHDSL router integrates an eight port Ethernet switch an SPI Firewall and a VPN gateway which protects networks by providing robust security fea tures and standard IPSec Virtual Private Network tunneling Watson SHDSL router features a user friendly graphical Web based manage ment interface This highly intuitive GUI is easily mastere...

Page 18: ...t íëçå peapi êçìíÉê EpwKQQNKsQMMI pwKQQNKsUMMF t íëçå peapi êçìíÉê EpwKQQNKsQMMI pwKQQNKsUMMF peapiI NJQ é áêë t íëçå peapi êçìíÉê EpwKQQNKsQMMI pwKQQNKsUMMF t íëçå peapi êçìíÉê EpwKQQNKsQMMI pwKQQNKsUMMF peapiI NJQ é áêë Figure 2 2 Point to point Ethernet Services For these applications two Watson SHDSL routers are connected back to back with one of the modems being configured as DSL master and t...

Page 19: ...hich guaran tees wire speed performances 2 4 3 IP Router The IP router features bridging routing security VPN and many other functions Bridging bases the forwarding decision on the MAC Media Access Control ad dress while routing does it on the network layer IP address Bridging allows transporting packets of network layer protocols that it does not route In bridge mode all non local packets are bri...

Page 20: ... The SHDSL modem is responsible for transporting the Ethernet packets over the DSL wire pairs The Packet Transport Mode PTM TPS TC layer of the SHDSL ETSI TS 101 524 ITU T G 991 2 standards is used for this purpose The mo dem supports the following two standardized packet mode encapsulation HDLC and IEEE EFM 64b 65b framing ...

Page 21: ...ng With the network bridging feature several network connections can be combined together under one virtual network For example creating one network for LAN Ethernet and WAN Ethernet devices 3 1 2 Routing Watson SHDSL router can be setup to use static or dynamic routing Dynamic routing automatically adjusts how packets travel on the network whereas static routing specifies a fixed routing path to ...

Page 22: ...a lease before its expiration it can send a release message to the DHCP server which will then make the IP address avail able for use by others Watson SHDSL router s DHCP server Displays a list of all DHCP host devices connected to it Defines the range of IP addresses that can be allocated in the LAN Defines the length of time for which dynamic IP addresses are allocated Provides the above configu...

Page 23: ...rable with other IPSec based VPN products VPN IPSec and PPTP features enable Watson SHDSL router to act as a VPN client allowing a user to securely connect with remote computers without need ing to run any additional PC based VPN software or as a VPN server allowing a user to connect to a home or office network from a remote location In addition Watson s VPN pass through support enables a user to ...

Page 24: ...n its default state Watson SHDSL router blocks all external users from connect ing to or communicating with the local network Therefore the system is safe from hackers who may try to intrude on the network and damage it However you may want to expose your local network to the Internet in certain limited and controlled ways in order to enable some applications to work from the LAN and to enable Int...

Page 25: ...ach their intended destinations Watson SHDSL router is equipped with a robust list of ALG modules in order to enable maximum functionality in the local network The ALG is automatically assigned based on the destination port 3 2 3 DMZ Host The DMZ Demilitarized Host feature allows one local computer to be exposed to the Internet Designate a DMZ host when You wish to use a special purpose Internet s...

Page 26: ...tes to which access is not recommended 3 2 6 Network Address Translation NAT Watson SHDSL router features a configurable Network Address Translation NAT and Network Address Port Translation NAPT mechanism allowing to control the network addresses and ports of packets routed through the router When enabling multiple computers on the local network to access the Internet using a fixed number of publi...

Page 27: ... is used to determine VLAN membership Packets are only forwarded to ports that are a member of the VLAN of this pack et Upon transmission the packet will be tagged with the VLAN tag originally re ceived If the packet was untagged then the default tag of the receiving port is added to the packet The port can also be configured to send the packets un tagged In VLAN transparent mode all Ethernet swit...

Page 28: ...LAN Tag VLAN Port Membership VLAN 1 VLAN 2 VLAN 3 1 2 3 1 2 3 2 3 1 Untagged ETH1 ETH2 ETH3 ETH4 ETH5 ETH6 ETH7 ETH8 Tagged WAN Figure 3 1 VLAN configuration for traffic concentration In this example the Switch is configured as 802 1q mode and three Ethernet ports are configured with different VLAN tags Upon ingress into Watson SHDSL router the packets get a default VLAN tag be tween 1 and 3 based...

Page 29: ...ributes receive the same QoS parameters both inbound and outbound 3 4 2 Traffic Shaping Traffic Shaping is the solution for managing and avoiding congestion where a high speed LAN meets limited broadband bandwidth A traffic shaper is essen tially a regulated queue that accepts uneven and or bursty flows of packets and transmits them in a steady predictable stream so that the network is not over wh...

Page 30: ...aps these eight lev els to three main priorities high medium and low By default values six and seven are mapped to high priority which may be assigned to network critical traf fic Values four and five are mapped to medium priority which may be applied to delay sensitive applications such as interactive video and voice Values three to zero are mapped to low priority which may range from controlled ...

Page 31: ...nd 128 level linecode TC PAM 64 and TC PAM 128 The number of timeslots per pair when using TC PAM 64 is from 160 to 199 the line rate when using TC PAM 64 is from 10 240 kbit s to 12 736 kbit s The number of timeslots per pair when using TC PAM 128 is from 200 to 240 the line rate when using TC PAM 128 is from 12 800 kbit s to 15 360 kbit s Please note that the linecodes PAM 64 and PAM 128 are muc...

Page 32: ...m ber of wire pairs within the span the DSL ports 2 3 or 4 might not be used Physical wire pairs available at the DSL connector are named a b c and d see Table 3 1 for the DSL connector pin assignment Depending on the configuration of Watson SHDSL router the following combina tions are possible default DSL ports Wire pairs 1 1 a1 a2 2 1 2 a1 a2 b1 b2 3 1 2 3 a1 a2 b1 b2 c1 c2 4 1 2 3 4 a1 a2 b1 b2...

Page 33: ...MAC client length type DATA MAC client data PAD Padding bytes CRC Cyclic redundancy check sequence generated before transmission over DSL CRC 16 0x7E 0x7E HDLC Framing Flag character DA SA TCI ML T L T DATA MAC frame format with IEEE 802 1p q VLAN tags CRC 32 SFD PRE PAD Figure 3 3 Ethernet over DSL with HDLC encapsulation The EFM 64 65b framing mode is used when two Watson SHDSL routers are conne...

Page 34: ...ise margin calculated by the modem SQ SNR1 SNR0 Where pn is the calculated noise margin pkoN is the signal to noise ratio calculated by the transceiver by analyzing the error correction bits Trellis bits in the line code pkoM is the signal to noise ratio that gives a bit error rate of 10 7 in pres ence of average white Gaussian noise For TC PAM16 the theoretical value for pkoM is 27 7 dB Attenuati...

Page 35: ...ings There are two methods for upgrading the firmware Upgrading from a local computer use a firmware image file pre downloaded to your PC s disk Upgrading from the Internet also referred to as Remote Update use this method to upgrade the firmware by remotely downloading an updated soft ware image file 3 7 Management 3 7 1 Management interfaces Watson SHDSL router has several management possibiliti...

Page 36: ...ttings after the initial login The default user name and password are User name admin Password admin The session will automatically time out after a few minutes of inactivity If you try to operate the Web based management after the session has expired the Login screen will appear and you will have to reenter your user name and password before proceeding This feature helps to prevent unauthorized u...

Page 37: ...dem that is installed at a customer site but is owned and managed by the service provider Password protection is global i e once the correct password is entered access to all commands is granted after each LOGOFF after 5 minutes of inactivity after a restart of the modem The default user name and password are both set to admin It is recommended to change these default values Make sure you remember...

Page 38: ......

Page 39: ...nitialization Amber All DSL links up Green CLI command reboot Off Off Reset button pressed Amber Reset button released 5s Off Off Reset button pressed 5s Amber flashing Reset button released 5s Off Off Duplex Mismatch detected Green flashing Table 4 1 Tabletop front LED indications 4 1 2 Back Panel LEDs Each Ethernet ports on the back panel of Watson SHDSL router is fitted with 2 LEDs indicating t...

Page 40: ...ity Blinking On Table 4 2 Ethernet LED Indicators 4 2 Alarm Conditions An alarm condition is displayed on the LEDs if one of the following conditions oc curs Hardware or software failure Loss of signal frame alignment on the DSL side LOSW Signal to noise ration too low SNR 3dB Attenuation too high Att 20 dB Refer to Table 4 1 for a description of the front panel LEDs ...

Page 41: ...Revision 2012 02 15 5 1 5 Front and Rear Panels 5 1 Front Panel Figure 5 1 Front panel 5 2 Rear Panel Figure 5 2 Rear panel ...

Page 42: ......

Page 43: ...ector pin assignment is as shown below SZ 441 V400 SZ 441 V800 Pin DSL Port Sig nal Description DSL Port Sig nal Description 1 4 d1 Wire pair d tip 2 4 d2 Wire pair d ring 3 2 b1 Wire pair b tip 2 b1 Wire pair b tip 4 1 a1 Wire pair a tip 1 a1 Wire pair a tip 5 1 a2 Wire pair a ring 1 a2 Wire pair a ring 6 2 b2 Wire pair b ring 2 b2 Wire pair b ring 7 3 c1 Wire pair c tip 8 3 c2 Wire pair c ring T...

Page 44: ...mmunity to surges and ESD Any allowed cable construction may be used for the building installation if the patch cable nearest to the CPE is of an unshielded construction Ethernet patch cables up to 50 m in length are recommended Both crossed and normal wiring styles are supported by the auto crossover feature of the product 8 1 Type RJ45 8 Front View Figure 6 2 Ethernet Connector Pin No Signal Nam...

Page 45: ...pose Figure 6 3 Power Connector 6 3 2 Ground Connector Watson SHDSL router is fitted with a ground connector Functional Earth The functional earth does not serve the purpose of providing protection against elec trical shock but instead enhances surge suppression on the SHDSL lines for in stallations where suitable bonding facilities exist Do not connect this terminal to the protective earth PE at ...

Page 46: ......

Page 47: ...ransmit Power 135Ω According to TS 101 524 Overvoltage Protection ITU T K 21 07 03 K 44 7 03 Connector Type RJ 45 8 pin 7 1 2 Ethernet Interfaces Standard referred IEEE 802 3 Crossover Auto Crossover Bitrate 10 100 Mbps Auto negotiation Duplex Mode Half Full Duplex Auto negotiation 7 2 Power Consumption Model Power Consumption SZ 441 V400 10 Watts SZ 441 V800 10 Watts 7 3 Ethernet Maximum Frame Si...

Page 48: ...3584 Telnet RFC 854 Supported MIBs MIB II RFCs 1213 2011 2012 2013 Firmware Upgrade TFTP RFC 1350 7 5 Environment 7 5 1 Climatic Conditions Storage ETS 300 019 1 1 Class 1 2 25 C 55 C 10 100 RH Transportation ETS 300 019 1 2 Class 2 3 40 C 70 C max 95 RH Operation ETS 300 019 1 3 Class 3 2 5 C 45 C 5 95 RH 7 5 2 Safety According to EN 60950 1 2006 IEC 60950 1 2005 7 5 3 EMC According to EN 300 386...

Page 49: ...DSL wire pair EOC Embedded Operations Channel an overhead channel available in SHDSL for management purposes Linerate cf DSL Linerate LTU Line Termination Unit functionally equivalent to STU C NTU Network Termination Unit functionally equivalent to STU R Payload rate Synonymous to linerate STU C Synchronous Terminal Unit Central Office Side The end of a DSL link that starts up and controls the lin...

Reviews: