manualshive.com logo in svg

CTC Union SHDTU03b, Руководство пользователя

Поделиться
Скачать
CTC Union SHDTU03b Скачать руководство пользователя страница 14

 

14 

Internet

192.168.0.10:1025

192.168.0.11:4406

192.120.8.5

Firewall

Internal/Protected Network

External/Unprotected Network

PAT (Port Address Translation)

192.168.0.10

192.168.0.11

1025

4406

Client IP

Internal Port

External Port

2205

2206

192.120.8.5:2205

192.120.8.5:2206

 

 

2.1.2 Circuit 

Gateway 

 
Also called a "Circuit Level Gateway," this is a firewall approach that validates connections before 
allowing data to be exchanged. What this means is that the firewall doesn't simply allow or disallow 
packets but also determines whether the connection between both ends is valid according to 
configurable rules, then opens a session and permits traffic only from the allowed source and possibly 
only for a limited period of time.   
 

Level 5: Application

Level  4: TCP

Level  3:  IP

Level  2: Data Link

Level  1: Physical

destination IP address and/or port
source IP address and/or port
time of day
protocol
user
password

 

 

2.1.3 Application 

Gateway 

 
The Application Level Gateway acts as a proxy for applications, performing all data exchanges with the 
remote system in their behalf. This can render a computer behind the firewall all but invisible to the 
remote system. It can allow or disallow traffic according to very specific rules, for instance permitting 
some commands to a server but not others, limiting file access to certain types, varying rules according 
to authenticated users and so forth. This type of firewall may also perform very detailed logging of traffic 
and monitoring of events on the host system, and can often be instructed to sound alarms or notify an 
operator under defined conditions. Application-level gateways are generally regarded as the most 
secure type of firewall. They certainly have the most sophisticated capabilities. 
 

Содержание SHDTU03b

Страница 1: ...USER MANUAL SHDTU03b G SHDSL bis Bridge Router Modems CTC Union Technologies Co Ltd ...

Страница 2: ......

Страница 3: ... Modem with Firewall SHDTU03bAF ET10RS Four Switch Port 4 Wire G SHDSL bis Modem with Firewall This document is the first official release manual Please check CTC Union s website for any updated manual or contact us by E mail at info ctcu com Please address any comments for improving this manual or to point out omissions or errors to marketing ctcu com Thank you CTC Union maintains a support web s...

Страница 4: ...h claim alleges that CTC Union Technologies was negligent regarding the design or manufacture of said product TRADEMARKS Microsoft is a registered trademark of Microsoft Corp HyperTerminal is a registered trademark of Hilgraeve Inc FCC WARNING This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are design...

Страница 5: ...TING TO KNOW YOUR ROUTER 20 4 1 FRONT PANEL 20 4 2 REAR PANEL 21 4 3 SHDSL BIS LINE CONNECTOR 22 4 4 CONSOLE CABLE 22 5 CONFIGURATION OF THE ROUTER 23 5 1 STEP 1 CHECK THE ETHERNET ADAPTER IN PC OR NB 23 5 2 STEP 2 CHECK THE WEB BROWSER IN PC OR NB 23 5 3 STEP 3 CHECK THE TERMINAL ACCESS PROGRAM 23 5 4 STEP 4 DETERMINE CONNECTION SETTING 23 5 5 STEP 5 INSTALL THE SHDSL BIS ROUTER 24 6 CONFIGURATIO...

Страница 6: ...C 57 10 UTILITY 58 10 1 SYSTEM INFO 58 10 2 CONFIG TOOL 58 10 3 UPGRADE 59 10 4 LOGOUT 59 10 5 RESTART 59 11 STATUS 60 12 LAN TO LAN CONNECTION WITH BRIDGE MODE 61 12 1 CO SIDE 61 12 2 CPE SIDE 62 13 LAN TO LAN CONNECTION WITH ROUTING MODE 63 13 1 CO SIDE 63 13 2 CPE SIDE 64 14 CONFIGURATION VIA SERIAL CONSOLE OR TELNET WITH MENU DRIVEN INTERFACE 65 14 1 SERIAL CONSOLE 65 14 2 TELNET 65 14 3 OPERA...

Страница 7: ...ord and ID 77 14 13 5 SNTP 77 14 14 UTILITY 79 14 15 EXIT 79 14 16 SETUP 80 14 16 1 Mode 80 14 16 2 SHDSL bis 80 14 16 3 WAN 81 14 16 4 Bridge 82 14 16 5 VLAN 83 14 16 6 802 11Q VLAN 83 14 16 7 Route 84 14 16 8 LAN 86 14 16 9 IP share 86 14 16 10 NAT 86 14 16 11 PAT 88 14 16 12 DMZ 89 14 16 13 Firewall 89 14 16 14 Packet Filtering 90 14 16 15 DoS Protection 90 14 16 16 IPQoS 91 14 16 17 DHCP 92 14...

Страница 8: ......

Страница 9: ...f SHDSL bis products you can access superior manageability and reliability 1 1 Features Easy configuration and management with password control for various application environments Efficient IP routing and transparent learning bridge to support broadband Internet services VPN pass through for safeguarded connections Virtual LANs VLANs offer significant benefit in terms of efficient use of bandwidt...

Страница 10: ...AM F5 AIS RDI and loopback AAL5 ATM QoS UBR Unspecified bit rate CBR Constant bit rate VBR rt Variable bit rate real time VBR nrt Variable bit rate non real time AAL5 Encapsulation VC multiplexing and SNAP LLC Ethernet over ATM RFC 2684 1483 PPP over ATM RFC 2364 Classical IP over ATM RFC 1577 PPP PPP over Ethernet for fixed and dynamic IP RFC 2516 PPP over ATM for fixed and dynamic IP RFC 2364 Us...

Страница 11: ...ter bridge with 1 port LAN VLAN and business class firewall G shdsl bis 2 wire router bridge with 4 port switching hub LAN G shdsl bis 2 wire router bridge with 4 port switching hub LAN VLAN and business class firewall G shdsl bis 4 wire router bridge with 4 port switching hub LAN G shdsl bis 4 wire router bridge with 4 port switching hub LAN VLAN and business class firewall 1 3 Applications Inter...

Страница 12: ...traffic by packet attribute or state An Internet firewall cannot prevent the damage from the individual users with modems dialing into or out of the network which bypass the firewall altogether The misconduct or carelessness of employee is not in the control of firewalls either Authentication Policies which is involved in the use and misuse of passwords and user accounts must be strictly enforced ...

Страница 13: ...2 16 3 4 Filter remember this information UDP SP 1525 SA 172 16 3 4 DP 3264 DA 192 168 0 5 Matches outgoing so allows in UDP SP 1525 SA 172 168 3 4 DP 2049 DA 192 168 0 5 Nomatches so disallows in Stateful Inspection Internet 192 168 0 10 192 168 0 11 192 120 8 5 Firewall Internal Protected Network External Unprotected Network NAT Network Address Translation 192 168 0 10 192 168 0 11 192 120 8 5 1...

Страница 14: ... IP Level 2 Data Link Level 1 Physical destination IP address and or port source IP address and or port time of day protocol user password 2 1 3 Application Gateway The Application Level Gateway acts as a proxy for applications performing all data exchanges with the remote system in their behalf This can render a computer behind the firewall all but invisible to the remote system It can allow or d...

Страница 15: ...irement of an individual with malicious intent attacker using or attempting to use resources specifically to deny those resources to other users Ping of death On the Internet ping of death is a kind of denial of service DoS attack caused by deliberately sending an IP packet which size is larger than the 65 536 bytes allowed in the IP protocol One of the features of TCP IP is fragmentation which al...

Страница 16: ...transmits a volume of ICMP request packets to cause all CPU resources to be consumed serving the phony requests UDP Flood The attacker transmits a volume of requests for UDP diagnostic services which cause all CPU resources to be consumed serving the phony requests Land attack The attacker attempts to slow your network down by sending a packet with identical source and destination addresses origin...

Страница 17: ... be used 6 The look up process starts with VLAN look up to determine whether the VID is valid If the VID is not valid the packet will be dropped and its address will not be learned If the VID is valid the VID destination address and source address lookups are performed 7 The VID and destination address lookup determines the forwarding ports If it fails the packet will be broadcasted to all members...

Страница 18: ...icator NCFI carried in the RIF to signal the bit order of address information carried in the encapsulated frame 3 The VID uniquely identifies the VLAN to which the frame belongs 3 3 Applications WAN LAN1 LAN2 LAN3 LAN4 Group 1 Group 2 Group 3 Port based VLAN 1 8 PWR OK WIC0 ACT CH0 ACT CH1 WIC0 ACT CH0 ACT CH1 ETH ACT COL PWR OK WIC0 ACT CH0 ACT CH1 WIC0 ACT CH0 ACT CH1 ETH ACT COL SHDSL connectio...

Страница 19: ...19 P OW E RF A ULT DA TA A L A RM LAN1 LAN2 LAN3 LAN4 WAN1 WAN2 WAN3 WAN4 WAN5 WAN6 WAN7 WAN8 Backbone ATM Switch VID30 VID10 SHDSL Router VID20 VID20 VID10 VID30 ...

Страница 20: ...ived data over LAN 2 On Ethernet cable is connected to LAN 3 3 Blink Transmit or received data over LAN 3 On Ethernet cable is connected to LAN 4 LAN 4 Blink Transmit or received data over LAN 4 On SHDSL bis line connection is dropped ALM Blink SHDSL bis self test LED status of 2 wire 1 port router LEDs Active Description PWR On Power adaptor is connected to the router On SHDSL bis line connection...

Страница 21: ...adaptor inlet Input voltage 9VDC CONSOLE RS 232C DB9 for system configuration and maintenance LINE SHDSL bis interface for WAN port RJ 11 RST Reset button for reboot or load factory default The reset button can be used only in one of two ways 1 Press the Reset Button for one second will cause system reboot 2 Pressing the Reset Button for four seconds will cause the product loading the factory defa...

Страница 22: ...22 4 3 SHDSL bis Line Connector 4 4 Console Cable Pin Number Description Fuigure 1 No connection 2 RxD O 3 TxD I 4 No connection 5 GND 6 No connection 7 CTS O 8 RTS I 9 No connection 1 2 3 4 5 6 7 8 9 ...

Страница 23: ...guration of the router TCP IP protocol is necessary for web configuration so please check the TCP IP protocol whether it has been installed 5 2 Step 2 Check the Web Browser in PC or NB According to the Web Configuration the PC or NB need to install Web Browser IE or Netscape Note Suggest to use IE5 0 Netscape 6 0 or above and 800x600 resolutions or above 5 3 Step 3 Check the Terminal Access Progra...

Страница 24: ... MDIX switching hub so both straight through and cross over Ethernet cable can be used 9 Connect the phone cable to the product and the other side of phone cable to wall jack 9 Connect the power adapter to power source 9 Turn on the PC or NB which is used for configuration the Router VPI VCI Encapsulation IP Address Subnet Mask Gateway DNS Server Host Name if applicable VPI VCI Encapsulation Gatew...

Страница 25: ...1 port router 4 port router with complex network topology PC NB Wall Jack Power Adpater Pass Through Ethernet Cable DB 9 Cable HUB Switch Server File Server Workstation Mobile Device Wireless LAN PC NB Wall Jack Power Adapter Cross Over Ethernet Cable DB 9 Cable G shdsl bis G shdsl bis ...

Страница 26: ... Win85 98 and Me click the start button Select setting and control panel Step 2 Double click the network icon In the Configuration window select the TCP IP protocol line that has been associated with your network card and then click property icon ...

Страница 27: ...and 255 255 255 0 Because the router acts as DHCP server in your network the router will automatically assign IP address for PC or NB in the network Type User Name root and Password root and then click OK The default user name and password both are root For the system security suggest changing them after configuration Note After changing the User Name and Password strongly recommend you to save th...

Страница 28: ... PC IP 192 168 0 2 Netmask 255 255 255 0 Gateway 192 168 0 254 VPI 0 VCI 32 Encapsulation LLC DSLAM ISP Bridge BAS IP 192 168 0 1 Netmask 255 255 255 0 Gateway 192 168 0 254 IP 192 168 0 254 Before configuration the router in bridge mode check with your ISP about this information Click Bridge and CPE Side to setup Bridging mode of the Router and then click Next for the next setting This product ca...

Страница 29: ...e Host Name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored WAN1 VPI 0 VCI 32 Click LLC Click Next The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting or Continue to configure another parameters ...

Страница 30: ... another part of the network a new IP address must be entered DHCP lets a network administrator to supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network If the DHCP server is Enable you have to setup the following parameters for processing it as DHCP server The embedded DHCP server assign...

Страница 31: ...ce by which the PC in LAN can access IP information automatically To setup the DHCP client mode follow the procedure LAN IP Type Dynamic Click Next to setup WAN1 parameters 7 2 3 DHCP relay If you have a DHCP server in LAN and you want to use it for DHCP services the product provides DHCP relay function to meet yours need IP Type Fixed IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Host Name SOH...

Страница 32: ...ich supports multiple users in a local area network The PPP protocol information is encapsulated within an Ethernet frame or ATM frame PC IP 192 168 0 2 Netmask 255 255 255 0 Gateway 192 168 0 254 VPI 0 VCI 32 Encapsulation LLC DSLAM ISP Bridge BAS IP 192 168 0 1 Netmask 255 255 255 0 Gateway 192 168 0 254 IP 192 168 0 254 Before configure the router check with your ISP about this information Ente...

Страница 33: ... IP address of WAN1 Some of the ISP will provide fixed IP address over PPP For fixed IP address IP Type Fixed IP Address 192 168 1 1 Click Next Note For safety the password will be prompt as star symbol The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to...

Страница 34: ...otocol IPoA EoA IPoA NAT or EoA NAT Click Next to setup the IP parameters For more understanding about NAT review NAT DMZ at page 44 IP Address 10 1 2 1 It is router IP address seem from Internet Your ISP will provide it and you need to specify here Subnet mask 255 255 255 0 This is the router subnet mask seen by external users on Internet Your ISP will provide it to you Gateway 10 1 2 2 Your ISP ...

Страница 35: ...en will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to setup another parameter ...

Страница 36: ... bis data rate in the multiple of 64kbps The default data rate is 5696Kbps n 89 Under Annex F G TCPAM32 data rate is 768Kbps 5696Kbps Nx64kbps N 12 89 TCPAM16 data rate is 192Kbps 3840Kbps Nx64kbps N 3 60 Under Annex A B TCPAM16 192Kbps 2304Kbps Nx 64kbps N 3 36 Current G SHDSL bis Router does not support the adaptive data rate SNR margin is an index of line connection quality You can see the actu...

Страница 37: ...stem error If the WAN Protocol is IPoA or EoA leave the ISP parameters as default setting The system will ingore the information but erasion or blank in default setting will cause system error QoS Quality of Service The Traffic Management Specification V4 0 defines ATM service cataloges that describe both the traffic transmitted by users onto a network as well as the Quailty of Service that the ne...

Страница 38: ...4kbps to 2400kbps SCR Substained Cell Rate The sustained rate at which you expect to transmit data voice and video Consider SCR to be the true bandwidth of a VC and not the lone term average traffic rate The range of SCR is 64kbps to 2400kbps MBS Maximum Burst Size The amount of time or the duration at which the router sends at PCR The range of MBS is 1 cell to 255 cells Press Finish to finish set...

Страница 39: ...sh the filtering table Put the MAC address in MAC Address field and select Filter in LAN field If you want to filter the designated MAC address of WAN PC to access LAN press Add to establish the filtering table Key the MAC address in MAC Address field and select Filter in WAN field For example if your VC is setup at WAN 1 select WAN 1 Filter The screen will prompt the parameters that will be writt...

Страница 40: ...ely flexible Click VLAN to configure VLAN The product support two types of VLAN 802 1Q Tag Based VLAN Port Based VLAN User can configure one of them to the router For setting 802 1Q VLAN click the 802 1Q Tag Based VLAN The screem will prompt as follow VID Virtual LAN ID It is an definite number of ID which number is from 1 to 4094 PVID Port VID which is an untagged member of default VLAN Link Type...

Страница 41: ... based on the destination MAC address and its associated port Click Port Based VLAN to configure the router 8 4 Ethernet This page of function let user configure the media type of Ethernet Click ETHERNET to configure Ehernet Here are several options AutoSense 100Base TX ...

Страница 42: ...le the Router to automatically adjust to physical changes in the network s layout The Router using the RIP protocol determines the network packets route based on the fewest number of hops between the source and the destination The RIP protocol regularly broadcasts routing information to other routers on the network Click Route to modify the routing information To modify the RIP Routing information...

Страница 43: ...v1 it only sends RIP v1 messages only RIP v2 it send RIP v2 messages in multicast and broadcast format Authentication required None for RIP there is no need of authentication code Password the RIP is protected by password authentication code MD5 The RIP will be decoded by MD5 than protected by password authentication code Poison Reserve is for the purpose of promptly broadcast or multicast the RIP...

Страница 44: ...that has company private data In a typical DMZ configuration for an enterprise a separate computer or host receives requests from users within the private network to access via Web sites or other companies accessible on the public network The DMZ host then initiates sessions for these requests to the public network However the DMZ host is not able to initiate a session back into the private networ...

Страница 45: ...i NAT table will be setup as Virtual Start IP Address 192 168 0 10 Count 40 Global Start IP Address 69 210 1 9 Count 2 Press Finish to continue The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or Continue to configure another parameter ...

Страница 46: ... to 6PM other requests with UDP made to 69 210 1 8 25 are remapped to server 2 on 192 168 0 3 25 and always on You can setup the router as Index 1 protocol TCP interface WAN1 service name test1 private IP 192 168 0 2 private port 80 public port 80 schedule from Day Monday to Friday and time 8 0 to 16 0 and index 2 protocol UDP interface WAN1 service name test2 private IP 192 168 0 3 private port 2...

Страница 47: ...e remote management security The NAT firewall will take effect if NAT function is enabled The remote management security is default to block any WAN side connection to the device Non empty legal IP pool in ADMIN will block all remote management connection except those IPs specified in the pool Press Finish to finish setting of firewall The screen will prompt the parameters which router will record...

Страница 48: ...r priority than the default SPI filter Note that an improper filter policy may degrade the capability of the firewall and or even block the normal network traffic Click Advanced Firewall Security and then press Finish A SYN flood attack attempts to slow your network by requesting new connections but not completing the process to open the connection Once the buffer for these pending connections is ...

Страница 49: ...ictim IP Spoofing Falsify the IP header information to deceive the destination host Traditional firewall are stateless meaning they have no memory of the connections of data or packets that pass through them Such IP filtering firewalls simply examine header information in each packet and attempt to match it to a set of define rule If the firewall finds a match the prescribe action is taken If no m...

Страница 50: ...ll be configured as follow Index Protocol Direction Action Source Destination Dest Port Schedule 1 TCP Inbound Permit External Internal 25 Always 2 TCP Outbound Permit Internal External 1023 Always 3 TCP Outbound Permit Internal External 25 Always 4 TCP Inbound Permit External Internal 1023 Always 5 Any Either Deny Any Any Any Always Packet Direction Source Destination Protocol Dest Port Action Ru...

Страница 51: ...Dest Port 1 TCP Inbound Permit A 192 168 3 4 171 16 1 1 1234 25 2 TCP Outbound Permit B 171 16 1 1 192 168 3 4 25 1234 3 TCP Outbound Permit C 171 16 1 1 192 168 3 4 1357 25 4 TCP Inbound Permit D 192 168 3 4 171 16 1 1 25 1357 5 TCP Inbound Deny E 10 1 2 3 171 16 3 4 5150 6000 6 TCP Outbound Deny E 171 16 3 4 10 1 2 3 6000 5150 Rule Order The rules order affects the filtering result The filtering...

Страница 52: ...16 6 1 Deny B 3 10 1 1 1 172 16 6 1 Permit A 4 10 1 1 1 172 16 1 1 Deny C 5 192 168 3 4 172 16 6 1 Deny C The rule order will deny 10 1 99 1 to access 172 6 6 1 8 9 IP QoS IP QoS is a good function to decide which PCs can get the priorities to pass though router once if the bandwidth is exhausted or fully saturated Click Enable at item Trigger IP QoS Sevice in General IP QoS Parameter which turn o...

Страница 53: ... type the service port number of remote host in prioritized session Protocol identify the transportation layer protocol type you want to prioritize ex TCP or UDP The default is ANY Precedence type the session s prioritized level you classify 0 is lowest priority 5 is highest priority This is an example for your reference 192 168 1 60 is the highest priority to undergo the over full bandwidth situa...

Страница 54: ...urity to setup the parameters For greater security change the Supervisor ID and password for the gateway If you don t set them all users on your network can be able to access the gateway using the default IP and Password root You can authorize five legal users to access the router via telnet or console There are two UI modes menu driven mode and command mode to configure the router Legal address p...

Страница 55: ...nt Protocol SNMP provides for the exchange of messages between a network management client and a network management agent for remote management of network nodes These messages contain requests to get and set variables that exist in network nodes in order to obtain statistics set configuration parameters and monitor network events SNMP communications can occur over the LAN or WAN connection The rou...

Страница 56: ...manager Click Modify to modify the trap host pool Version select version for trap host Version 1 is for SNMPv1 Version 2 for SNMPv2 IP Adress type the trap host IP adress Community type the community password The community is setup in community pool Press OK to finish the setup The browser will prompt the configured parameters and check it before writing into EPROM Press Restart to restart the gat...

Страница 57: ...l Sync with PC synchronization with PC For synchronization with PC select Sync with PC The gateway will synchronize the time with the connecting PC SNTP is the acronym for Simple Network Time Protocol which is an adaptation of the Network Time Protocol NTP used to synchronize computer clocks in the Internet SNTP can be used when the ultimate performance of the full NTP implementation For SNTP sele...

Страница 58: ...ill load the factory default parameters to the gateway Note This action will change all of the settings to factory default On the other hand you will lose all the existing configured parameters Restore Configuration Sometime the configuration crushed occasionally it will help you to recover the backup configuration easily Click Finish after selecting Restore Configuration Browse the route of backu...

Страница 59: ...Upgrade in UTILITY Browse the file and press OK button to upgrade The system will reboot automatically after finishing 10 4 Logout To logout the router press LOGOUT in UTILITY 10 5 Restart For restarting the router click the Restart in UTILITY Press Restart to reboot the router ...

Страница 60: ...and CRC error count LAN status will prompt the MAC address IP address Subnet mask and DHCP client table WAN status will display the WAN interface information You can view the routing table in the status of ROUTE INTERFACE status inculdes LAN and WAN statistics information FIREWALL status display DoS protection status and dropped packets statistics ...

Страница 61: ...WAN1 Parameters VPI 0 VCI 32 Click LLC Click Next The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting PC IP 192 168 0 1 Netmask 255 255 255 0 STU C CO STU R CPE Bridge IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 1 Bridge IP 192 168 0 2 Netmask 255 255 255 0 VPI 0 VCI 32 Encapsulation LLC IP 192 168 0 2...

Страница 62: ... Next Enter LAN Parameters IP 192 168 0 2 Subnet Mask 255 255 255 0 Gateway 192 168 0 2 Host Name SOHO Enter WAN1 Parameters VPI 0 VCI 32 Click LLC Click Next The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting ...

Страница 63: ...5 255 0 Gateway 192 168 30 2 IP 192 168 30 2 Netmask 255 255 255 0 Gateway 192 168 30 1 13 1 CO Side Click ROUTE and CO Side then Next Type LAN parameters IP Address 192 168 20 1 Subnet Mask 255 255 255 0 Host Name SOHO Tigger DHCP Service Disable or Enable For more DHCP service review DHCP Service on page 30 Type the WAN1 Parameters VPI 0 VCI 32 AAL5 Encap LLC Protocol IPoA EoA IPoA NAT or EoA NA...

Страница 64: ...ame SOHO DHCP Service Disable or Enable For more DHCP service review DHCP Service on page 30 Type the WAN Parameters VPI 0 VCI 32 AAL5 Encap LLC Protocol IPoA EoA IPoA NAT or EoA NAT Note The Protocol used in CO and CPE have to be the same Click Next to setup the IP parameters For more understanding about NAT review NAT DMZ on page 44 IP Address 192 168 30 2 Subnet mask 255 255 255 0 Gateway 192 1...

Страница 65: ...after login screen pop up User admin Password Note The default IP address is 192 168 0 1 14 3 Operation Interface For serial console and Telnet management the ROUTER implements two operational interfaces Command Line Interface CLI and menu driven interface The CLI mode provides users a simple interface which is better for working with script file The menu driven interface is a user friendly interf...

Страница 66: ...and Description ip An item enclosed in brackets is required If the item is shown in lower case bold it represents an object with special format For example ip may be 192 168 0 3 Route Bridge Two or more items enclosed in brackets and separated by vertical bars means that you must choose exactly one of the items If the item is shown in lower case bold with leading capital letter it is a command par...

Страница 67: ...l menu LEFT or J Move back to previous menu RIGHT or L Move forward to submenu ENTER Move forward to submenu TAB To choose another parameters Ctrl C To quit the configuring item Ctrl Q For help 14 6 Menu Tree The menu three are as following figures All of the configuration commands are placed in the subdirectories of Enable protected by supervisor password On the other hand unauthorized user canno...

Страница 68: ...ript Add Delete Modify List MAC LAN_port WAN1_port WAN2_port WAN3_port WAN4_port WAN5_port WAN6_port WAN7_port WAN8_port Static RIP Add Delete List Generic LAN WAN LIst Attrib Version Authe IP_type Address Attrib SHDSL WAN Route Interface Firewall System Config Script NAT PAT DMZ Virtual Global Fixed Range Delete List Range Interface Delete List Modify Interface Delete List Clear Modify List Inter...

Страница 69: ...ity TFTP upgrade utility exit Quit system Command Description Command Description enable Modify command privilege When you login via serial console or Telnet the router defaults to a program execution read only privileges to you To change the configuration and write changes to nonvolatile RAM NVRAM you must work in enable mode setup To configure the product you have to use the setup command status...

Страница 70: ...l bis The SHDSL bis status includes line rate SNR margin TX power attenuation and CRC error of the product and SNR margin attenuation and CRC error of remote side The product access remote side information via EOC embedded operation channel wan WAN status shows the 8 PVC information which are configured route You can see the routing table via route command interface The statistic status of WAN and...

Страница 71: ...ess enter system Show general information config Show all configuration script Show all configuration in command script Command Description system The general information of the system will show in system command config Config command can display detail configuration information script Configuration information will prompt in command script ...

Страница 72: ...nfiguration you must write the new configuration to EPROM using write command and reboot the router to take affect Move cursor to to write and press enter Command write CR Message Please input the following information Are you sure y n y ...

Страница 73: ...73 14 11 Reboot To reboot the router use reboot command Move cursor to to write and press enter Command reboot CR Message Please input the following information Do you want to reboot y n y ...

Страница 74: ...p 1 65534 t 1 1999 Message Please input the following information IP address IP 10 0 0 1 Number of ping request packets to send TAB select t Data size 1 1999 32 There are 3 types of number of ping request packet to send default 1 65534 and t Default will send 4 packet and t continuous packet until you key in Ctrl c to stop ...

Страница 75: ...ser profile table however users who have the supervisor password can change the configuration of the router Move the cursor to user and press enter key clear Clear user profile modify Modify the user profile list List the user profile You can delete the user by number using clear command If you do not make sure the number of user you can use list command to check it Modify command is to modify an ...

Страница 76: ...erate SNMP traps to indicate alarm conditions and it relies on SNMP community strings to implement SNMP security This router support MIB I II Move the cursor to snmp and press enter community Configure community parameter trap Configure trap host parameter 5 SNMP community entry can be configured in this system Move the cursor to community and press enter Command admin snmp community 1 5 more Mess...

Страница 77: ...tion Legal user name Enter for default root test 14 13 5 SNTP Time synchronization is an essential element for any business that relies on an IT system The reason for this is that these systems all have clocks that are the source of time for files or operations they handle Without time synchronization time on these systems varies with each other or with the correct time and this can cause virtual ...

Страница 78: ...lect Enable Enable Move the cursor to time_server1 and press enter Command admin sntp time_server1 string Message Please input the following information Time server address Enter for default ntp 2 vt edu ntp 2 vt edu You can configure three time server in this system Move the cursor to update_rate and press enter Command admin sntp update_rate 10 268435455 Message Please input the following inform...

Страница 79: ...nd restore the configuration via TFTP restore tool For upgrade TFTP server with the new firmware will be supported by supplier but for backup and restore you must have your own TFTP server to backup and restore the file Move the cursor to utility and press enter upgrade Upgrade main software backup Backup system configuration Restore Restore system configuration 14 15 Exit If you want to exit the ...

Страница 80: ... setting is routing mode You can change the system operation mode by using mode command Move the cursor to mode and press enter Command setup mode Route Bridge Message Please input the following information System operation mode TAB select Route Route 14 16 2 SHDSL bis You can setup the SHDSL bis parameters by the command shdsl bis Move the cursor to shdsl bis and press enter mode Configure SHDSL ...

Страница 81: ...I value encap Configure encapsulation type qos Configure VC QoS isp Configure account name password and idle time ip_type Configure IP type in PPPoA and PPPoE list WAN interface configuration There are four types of protocols IPoA EoA PPPoA and PPPoE which you can setup For dynamic IP of PPPoA and PPPoE you do not need to setup IP address and subnet mask There is an unique VPI and VCI value for In...

Страница 82: ...c bridge in static command After entering static menu the screen will prompt as below add Add static MAC entry delete Delete static MAC entry modify Modify static MAC entry list Show static bridging table After enter add menu the screen will prompt as follow mac Configure MAC address lan_port Configure LAN interface bridging type wan1_port Configure WAN1 interface bridging type wan2_port Configure...

Страница 83: ...enter The products support two types of VLAN 802 11q and Port Based The IEEE 802 1Q defines the operation of VLAN bridges that permit the definition operation and administration of VLAN topologies within a bridged LAN infrastructure Port Based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port 14 16 6 802 11Q VLAN Follow the followi...

Страница 84: ...se input the following information Port index 1 12 1 Port link type Tab select Trunk Access To view the VLAN table move the cursor to list and press enter 14 16 7 Route You can setup the routing parameters in route command If the product is configured as a bridge you do not want to setup the route parameters Move the cursor to route and press enter static Configure static routing table rip Configu...

Страница 85: ... command can setup RIP mode and auto summery mode If there are any routers in your LAN you can configure LAN interface RIP parameters via lan command The product supports 8 PVCs and you can configure the RIP parameters of each WAN via wan command Move the cursor to wan and press enter Command setup route rip wan 1 8 more Message Please input the following information Active interface number 1 8 1 ...

Страница 86: ... back into local IP addresses This ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request NAT also conserves on the number of global IP addresses that a company needs and lets the company to use a single IP address of its communication in the Internet wor...

Страница 87: ...mand setup ip_share nat global range 1 5 ip 1 253 Message Please input the following information NAT global IP address range entry number 1 5 1 Base address 122 22 22 2 Number of address 3 After configuration global IP address range You can bind address pool to specific interface via bind command Command setup ip_share nat global interface 1 5 1 8 Message Please input the following information NAT...

Страница 88: ...using delete command You can view the fixed NAT mapping entry via list command 14 16 11 PAT To configure Port Address Translation move the cursor to pat and press enter clear Clear virtual server mapping modify Modify virtual server mapping list Show virtual server mapping pool You can delete virtual server mapping entry from 1 to 10 by using clear command You can create up to 10 virtual server ma...

Страница 89: ...MZ To setup demilitarized zone move the cursor to dmz and press enter active Tigger DMZ host function address Configure virtual IP address and interface You can enable the demilitarized zone via active command After enabling the DMZ shift the cursor to address and press enter Command setup ip_share dmz address ip 1 10 Message Please input the following information Virtual IP address 192 168 0 251 ...

Страница 90: ...irewall security level can configure via level command 14 16 14 Packet Filtering Packet filtering function can be configured by pkt_filter command Move the cursor to pkt_filter and press enter active Tigger packet filtering function drop_flag Drop fragment packets add Add packet filtering rule delete Delete packet filtering rule modify Modify packet filtering rule exchange Exchange the filtering r...

Страница 91: ...iants of the ping of death include teardrop bonk and nestea A land attack is an attempt to slow your network down by sending a packet with identical source and destination addresses originating from your network IP Spoofing is a method of masking the identity of an intrusion by making it appeared that the traffic came from a different computer This is used by intruders to keep their anonymity and ...

Страница 92: ...configured by modify command You can view the IPQoS configuration via list command 14 16 17 DHCP Dynamic Host Configuration Protocol DHCP is a communication protocol that lets network administrators to manage centrally and automate the assignment of Internet Protocol IP addresses in an organization s network Using the Internet Protocol each machine that can connect to the Internet needs a unique I...

Страница 93: ...and The subnet mask for DHCP client is configured by netmask command Ip_range command is to configure dynamic assigned IP address range The dynamic IP maximum lease time is configured by lease_time command You can setup 3 domain name servers via name_server commands Fixed Host IP Address list are setup via fixed command add Add a fixed host entry delete Delete a fixed host entry You can view the D...

Страница 94: ... setup hostname name Message Please input the following information Local hostname ENTER for default SOHO test 14 16 20 Default If you want to restore factory default first move the cursor to default and then press enter Command setup default name Message Please input the following information Are you sure Y N y ...

Страница 95: ......

Страница 96: ...C Union Technologies Co Ltd Far Eastern Vienna Technology Center Neihu Technology Park 8F No 60 Zhouzi Street Neihu District Taipei Taiwan Phone 886 2 2659 1021 Fax 886 2 2799 1355 E mail info ctcu com Url http www ctcu com ...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды