Gnet BB0050 Скачать руководство пользователя | Manualshive

Страница: 53 / 55

background image

BB005x Installation and Configuration Guide

6. After configuring the above items, click on

Apply

. The

Firewall Trigger

Configuration page

will then show the details of the trigger that you

have just configured.

Example

: To configure NetMeeting using H.323 protocols for outgoing calls you

need to configure a firewall trigger with the following parameters:

Transport Type

tcp

Port Number Start

1720

Port Number End

1720

Allow Multiple Hosts

allow

Max Activity Interval

30000

Enable Session Chaining

allow

Enable UDP Session Chaining

block

Binary Address Replacement

allow

Address translation type

tcp

Another way of resolving the problem of NAT and firewall compatibility with a
certain application is having a special program called an Application Layer
Gateway (ALG) running inside the BB005x. The ALG examines all of the packets
related to the application and handles all of the necessary connections and
translations. Most applications can be run successfully across NAT by just
configuring Firewall Triggers. The BB005x features both ALGs and the
capability of enabling flexible triggers for a wide variety of applications.

Intrusion Detection

Intrusion Detection is a method of defending a network against outside threats
by constantly monitoring access to the network and looking for patterns of
activity that may indicate that an attack is about to be launched or is already in
progress. Intrusion Detection systems can effectively detect and block such
attacks as Ping of Death, Port Scanning, Address Spoofing and others. The
BB005x features comprehensive Intrusion Detection capability as part of its
firewall functionality.

To Configure Intrusion Detection:

►

1. Click on

Advanced Configuration

and then on

Security.

2. Make sure that the

Intrusion Detection Enabled

option is selected and

click on

Change State

3. Go to

Policies, Triggers and Intrusion

and click on

Configure

Intrusion Detection

. The Firewall

Configure Intrusion Detection

page

is displayed.

53

«
...
51
52
53
54
55
»

Содержание BB0050

Страница 1: ...Gnet BB005x ADSL modem router Configuration and Installation Guide ...

Страница 2: ...11 Chapter 3 System Menu Commands 13 Save Configuration 14 Authentication 14 Error Log 17 Remote Access 18 Upgrade 19 Restart Reset 20 Chapter 4 Basic Configurations 21 Configuring the BB005x in RFC 1483 MPoA Bridging 21 RFC 1483 Bridging mode using the factory default settings 21 RFC 1483 Bridged mode using non default settings 22 Configuring the BB005x in RFC 2516 PPPoE mode 28 Other Configurati...

Страница 3: ...ls including RFC 1483 MPoA Bridging RFC 1483 MPoA Routing RFC 1577 IPoA Routing RFC 2516 PPPoE Routing and RFC 2364 PPPoA Routing Software support for DHCP server relay client NAT and PPPoE internal client Firewall capability with support for flexible security policies and intrusion detection Built in Application Layer Gateways ALGs and firewall triggers that enable popular applications such as Ne...

Страница 4: ...ng administering and maintaining the BB005x Chapter 4 Basic Configurations includes step by step instructions on how to configure the BB005x in some of the most popular ADSL configuration modes including RFC 1483 MPoA Bridging and RFC 2516 PPPoE Routing Chapter 5 Advanced Features describes some of the more complex features of the BB005x It includes information about Network Address Translation NA...

Страница 5: ... Physical Configuration Before installation please examine the front and rear panels of the BB005x and correctly identify the existing connectors switches and indicators Front Panel Indicators BB0050 The table below lists the BB0050 Front Panel LED Indicators and describes their significance LED Status Significance Pwr On Off Unit is powered on Unit is powered off ADSL On Off ASDL link established...

Страница 6: ...ve No PC link established or active Back Panel Connector Ports and Switches A diagram for the back panel of the BB0050 router modem together with the functionality of the connectors and switches are shown in the figure and table below BB0050 Back Panel Connector Switch Functionality ON OFF Switches the unit on and off Power Connects the device to an electrical outlet using the power adapter Consol...

Страница 7: ... 45 straight through Ethernet cable L1 L2 L3 L4 Connects the device to your PC s Ethernet port using an RJ 45 straight through Ethernet cable DSL Connects the device to a telephone jack using an RJ 11 telephone cable Configuration Methods The BB005x can be configured and administered through the Web interface or through the Command Line Interface CLI Web Interface The recommended and most efficien...

Страница 8: ...e following procedure You must set up the TCP IP properties for your LAN card to be on the same subnet as the BB005x 192 168 7 2 and 255 255 255 0 Turn on the modem From the MS DOS prompt telnet into the Ethernet port of the BB005x by typing the word telnet followed by the IP address of the Ethernet interface Example telnet 198 168 7 1 You will be prompted for the Login Name and the Password Pleas...

Страница 9: ...8 Me Procedure A Assigning a predetermined IP address value to be referred below as known IP address to the network card in your computer 1 In the Windows task bar click on the Start button highlight Settings and click on Control Panel 2 Double click the Network icon 3 Click on the network component TCP IP for your Network Interface Card for example Realtek RTL8139 PCI Fast Ethernet NIC and then c...

Страница 10: ...and save your changes 8 Click on the Yes button to restart the computer Systems running Windows 2000 XP Procedure C Assigning a predetermined IP address value to be referred below as known IP address to the network card in your computer 1 In the Windows task bar click on the Start button highlight Settings and click on Control Panel 2 Double click the Network and Dial Up Connections icon 3 In the ...

Страница 11: ...hat the black dot is beside this option Do not change any other settings 7 Click on the OK button twice to confirm and save your changes and then close the Control Panel Connection Parameters The BB005x like all ADSL access devices is only one component of the complex network infrastructure that makes its operation possible Its configuration depends on many parameters that are external to the BB00...

Страница 12: ... requirements for a few ADSL configurations Please make sure that you obtain the information from your ISP or Network Administrator before installing and configuring the BB005x RFC 1483 Bridged RFC 1483 Routed RFC 1577 IPoA RFC 2364 PPPoA RFC 2516 PPPoE Description VPI VCI Encapsulation method Static WAN IP address Netmask Gateway Authentication mode User Name Password 12 ...

Страница 13: ...Password admin To access the System Menu commands click on the System link on the left side of the ADSL configuration page that opens after you point your browser to the 192 168 7 1 address The table below lists the available options Option Function Save config Saves current configuration to flash memory Clear config Clears current configuration Authentication Creates edits and deletes user accoun...

Страница 14: ...lashFS The following message is displayed when the Save operation is complete Saved information model to file flashfs im conf Authentication This option helps administer the accounts of users who have access to the BB005x To create edit or delete user accounts 1 Select Authentication from the System menu A table appears on the Authentication page that shows all of the current login accounts 14 ...

Страница 15: ...nd comment optional in the text boxes provided 3 At May login select either true or false Selecting true enables the user to access the Web interface Selecting false will prevent the user from accessing the Web interface 4 Click on Create The Authentication page displays again but the user information you have just typed in is now displayed inside the table You will also notice that the Authentica...

Страница 16: ...rresponding Edit user links 2 Edit the information in the text boxes and then click on Apply To delete an account 1 Click on Delete user to delete a user account After editing or deleting a user account the Authentication page displays the user information including the changes that were just made 16 ...

Страница 17: ...de Error Log Select Error Log from the System menu The following page is displayed The table shows all configuration errors the time in seconds since the system was restarted of the error and the process during which the error has occurred 17 ...

Страница 18: ...mote access so if it is not configured already click on the NAT hyperlink on the page below or click on Advanced Configuration Security from the left hand window After completing the NAT configuration click on Remote Access and type in the amount of time desired for remote access The Remote Access page will appear and display the number of seconds remaining for remote access Click on Disable to st...

Страница 19: ...lick on Upgrade The file is uploaded into the RAM of the BB005x and is written to flash memory A status page will then appear informing you that the upload is complete and how much of the file bytes and percentage has been written to flash The Firmware Upgrade page refreshes after the file is written to flash A page then appears confirming completion of update and asks that the BB005x be restarted...

Страница 20: ...System menu The following page is displayed 2 Click on Restart title in the page to restart the BB005x To restart and restore the BB005x to is factory default settings 1 Click on Restart Reset from the System menu 2 Place a check mark in the Reset to factory default settings box and then click on the Restart button 3 Close your Web browser wait 45 seconds and then open your Web browser again You w...

Страница 21: ...e factory default values are VPI 0 VCI 35 ATM encapsulation type LLC SNAP or VcMux The factory default value is LLC SNAP RFC 1483 Bridging mode using the factory default settings If your configuration uses the factory default settings RFC 1483 Bridging VPI VCI 0 35 LLC SNAP encapsulation please go through the following steps to complete the configuration and installation process 1 Connect the RJ 1...

Страница 22: ...net ADSL modem router 4 Close all programs 5 Proceed to confirm or change if necessary the settings of the network card on your computer by using the procedures described in the Changing your computer settings section Procedure A for Windows 95 98 ME or Procedure C for Windows 2000 XP In all cases the known IP address value to be entered is 192 168 7 2 6 Close all programs 7 Launch your web browse...

Страница 23: ...Configuration Guide 13 Click on the Apply button You will now see the following screen 14 Click on Configuration Wizard You will now see the following screen 15 Click on the next button You will now see the following screen 23 ...

Страница 24: ...you must enter a name Example RFC 1483 Bridging 18 In the VPI and VCI fields enter the values provided to you by your ISP 19 In the Encapsulation method field enter either LLC SNAP or VcMux null based on the information provided to you by your ISP 20 Click on the Apply button You will now see the following screen Do not make any changes 24 ...

Страница 25: ...BB005x Installation and Configuration Guide 21 Click on the Apply button You will now see the following screen 22 Click on Save config You will see the following screen 25 ...

Страница 26: ...ing steps 1 Connect the RJ 11 phone cable to your modem 2 Close your web browser 3 Close all programs 4 Proceed to confirm or change if necessary the settings of the network card on your computer by following the procedures described in the Changing your computer settings section Procedure B for Windows 95 98 ME or Procedure D for Windows 2000 XP You are now ready to connect to the Internet using ...

Страница 27: ...n called transparent bridging is shown in the figure below where 2 computers are connected on the Ethernet Interface of BB0055 The 2 computers have public IP addresses on the same subnet with the WAN Gateway Those addresses are entered either manually or are assigned by a DHCP server at the ISP site Because the BB0055 acts as a transparent bridge there is no IP address on the WAN or LAN side of th...

Страница 28: ...m your modem 2 Connect the RJ 45 Ethernet cable between the computer and the modem Please remove the serial cable if it is connected 3 Connect the AC Power adapter and turn on the Gnet ADSL modem router 4 Close all programs 5 Proceed to confirm or change if necessary the settings of the network card on your computer by using the procedures described in the Change the settings of your computer sect...

Страница 29: ...the OK button You will now see the following screen 13 Click on the Apply button You will now see the following screen 14 Click on Configuration Wizard You will now see the following screen 15 Click on the next button You will now see the following screen 29 ...

Страница 30: ...thentication mode PAP CHAP or No Authentication based on the information provided by your ISP 20 In User name field enter your user name example jsmith or the user name plus the domain information example jsmith abc ca provided by your ISP This information is case sensitive 21 In the Password field enter the Password provided to you by your ISP This information is case sensitive 22 Place a check m...

Страница 31: ...er settings 25 Click on the Apply button Please wait until the Apply action has been completed this may take up to one minute 26 After the Apply action has been completed you will see the following screen Do not change any settings 27 Click on the Apply button You will now see the following screen Do not change any settings 31 ...

Страница 32: ...BB005x Installation and Configuration Guide 28 Click on the Apply button You will now see the following screen 29 Click on Advanced Configuration You will now see the following screen 32 ...

Страница 33: ...llation and Configuration Guide 30 Click on DHCP server relay agent You will now see the following screen 31 Select the DHCP server option and click on the Configure button You will now see the following screen 33 ...

Страница 34: ...it is already entered you do not need to enter the number again 35 In the Maximum Lease Time field enter 86400 if it is already entered you do not need to enter the number again 36 Place a check mark beside Use the Router as the DNS Server if it is already checked DO NOT remove the check mark 37 Place a check mark beside Use the Router as the Default Gateway if it is already checked DO NOT remove ...

Страница 35: ...ck on Save config You will now see the following screen 41 Click on the Save button Please wait until the Save operation has been completed this may take up to one minute After the Save operation has been completed you will see the following screen 35 ...

Страница 36: ...ormation use the drop down menu to select your network card Example Realtek 8139 series PCI NIC 5 Click on the Release button and wait for about 5 seconds 6 Click on the Renew button 7 Close the Winipcfg program You have completed the configuration and installation process for the RFC 2516 Routed PPPoE mode and you can start accessing the Internet by launching your browser Windows 2000 XP 1 Close ...

Страница 37: ...192 168 7 3 PC1 IP Address 192 168 7 2 Gnet BB0055 LAN WAN LAN IP Address 192 168 7 1 WAN IP Address To be obtained by BB0055 PPPoE client Other Configurations As mentioned at the beginning of Chapter 3 there are several other configuration modes for ADSL modem routers beside RFC 1483 MPoA Bridging and RFC 2516 PPPoE Routing The diagrams below illustrate the basic architectures of such configurati...

Страница 38: ...d with NAT disabled WAN Gateway IP Address 203 18 6 1 PC2 IP Address 202 24 8 3 PC1 IP Address 202 24 8 2 Gnet BB0055 LAN WAN LAN IP Address 202 24 8 1 WAN IP Address 203 16 6 15 In the configuration above the 2 computers behind BB0055 have public address on the same segment defined on the LAN side of the BB0055 Those addresses could be manually entered or could be automatically assigned by the DH...

Страница 39: ...obtains its IP address from the DHCP server that is normally located at the ISP site As a DHCP server the BB005x assigns IP addresses to computer hosts located behind the modem router in a NAT arrangement As a DHCP relay the BB005x passes through messages to and from the computer hosts behind the router that are obtaining IP addresses from the DHCP server at the ISP location To configure the DHCP ...

Страница 40: ...eference to the DNS client 1 Type the IP address of the server into the DNS Servers text box 2 Click on Add The IP address appears in the DNS servers table Up to three server IP addresses can be added To delete an IP address entry from the list click on its Delete button To configure DNS search 1 Type search string in Domain search order text box 2 Click on Add The search string appears in the Dom...

Страница 41: ... Gateway address Click on IP routes from the Configuration menu The page that opens displays Destination IP address Gateway address Netmask address To edit the destination gateway and netmask address of a route Click the relevant textbox update the information and click on Apply To edit the cost and interface setting of the route Click on Advanced Options for the specific route and update the rele...

Страница 42: ...ing 3 Click on Apply The LAN connection page appears and displays the details of the service that you have just created To delete a LAN service 1 Click on LAN service description link 2 Check the details of the LAN service of the service you want to delete 3 Click on Delete this connection Security Security is an important consideration for any network even for networks that include only one host ...

Страница 43: ...order for NAT or firewall triggers to be configured at least one of the following pair of interfaces needs to be defined External Internal External DMZ DMZ Internal The DMZ is normally a network area that is protected from unauthorized access coming from the external network so that certain computer hosts for example a Web Server can be placed on the DMZ where they can be accessed by requests from...

Страница 44: ...ecify the type of interface added external internal or DMZ 6 Click on Apply The Security page appears This page has a table that includes information about each security interface that you created To delete the security interface 1 Click on Delete Interface to display Security Delete Interface page 2 Check details and click on Delete Configuring NAT NAT Network Address Translation is essentially a...

Страница 45: ...llow this access In the BB005x NAT is always associated with a pair of security interfaces Configuring NAT Enable security and add the two different security interfaces between which you wish to enable NAT see previous section When you have created more than one security interface the NAT column informs you that you can enable NAT between the two interfaces For example if you create an external in...

Страница 46: ...dresses NAT must be configured first 1 Click on NAT Advanced Configuration from the NAT security interface table 2 Click on Add Global Address Pool The following screen will appear This page allows you to create a pool of public IP addresses that can be used by NAT 3 Fill in the required fields as follows Interface type The internal interface that you want to map your external IP addresses to Sele...

Страница 47: ... To delete global address pool click on the Delete hyperlink and then click on Delete Global Address Pool Configuring NAT Reserved Mapping Reserved mapping allows the user to direct packets from an external security interface or a public IP address to a particular private IP address on the local network In order to configure reserved mapping NAT must be configured first 1 Click on Advanced NAT Con...

Страница 48: ...rk and the outside world The BB005x firewall features provide effective protection from unauthorized access and threats from the outside network while allowing for flexible security policies that can control both the outbound and inbound data traffic Using the BB005x configuration procedures security policies can be adjusted in every detail in order to fit the specific requirements of any network ...

Страница 49: ...X X Icmp N A X Yes X Yes X Yes H 323 1720 X X X X X X T 120 1503 X X X X X X SSH 22 X X X X X X Security Level Medium External Internal External DMZ DMZ Internal Protocol Port In Out In Out In Out http 80 X Yes Yes Yes Yes Yes dns 53 X Yes Yes Yes Yes Yes ftp 21 X Yes Yes Yes Yes Yes telnet 23 X Yes X Yes X Yes smtp 25 X Yes Yes Yes Yes Yes pop3 110 X Yes Yes Yes Yes Yes nntp 119 X Yes Yes Yes Yes...

Страница 50: ...n and then click on Security 2 Make sure that the Firewall option is enabled and click on Change State 3 Click on Firewall Policy Configuration under the Policies Triggers and Intrusion Detection section at the bottom of the screen 4 Click on New Policy The Firewall Add Policy Screen will appear 5 Select interfaces of type internal or external 6 Decide whether validators will block or allow traffi...

Страница 51: ... that you want to block access from in the Host IP Address text box 4 Type the IP mask address in the Host Subnet Mask box 5 Select the direction of traffic that you want to filter from the Direction drop down box 6 Click Apply You should now save the configuration and restart the BB005x To delete a validator click on the Delete Host Validator hyperlink on the Configure Validator page Then click o...

Страница 52: ...iguration page appears 4 Click on New Trigger link 5 Configure the following items Transport type Select TCP or UDP from the drop down list Port number start Start point of the trigger port range Port number end End point of the trigger port range Allow multiple hosts Select allow to permit initiation to from different remote hosts or select block to permit only initiation from same remote hosts M...

Страница 53: ...necessary connections and translations Most applications can be run successfully across NAT by just configuring Firewall Triggers The BB005x features both ALGs and the capability of enabling flexible triggers for a wide variety of applications Intrusion Detection Intrusion Detection is a method of defending a network against outside threats by constantly monitoring access to the network and lookin...

Страница 54: ...ected Maximum Ping Count Type in a maximum number of pings per second that are allowed before the Firewall detects an Echo Storm attack Maximum ICMP Count Type in a maximum amount of IMCP packets per second allowed by a Firewall before an ICMP Flood DOS is detected Universal Plug and Play UPnP Universal Pug and Play UPnP is an established networking standard that enables automatic installation and...

Страница 55: ... in this case the BB005x Disconnecting can be done by choosing Disconnect from the right click menu When connected double clicking the Internet Gateway icon will display an Internet Gateway Status window showing the status of the device whether it is connected and if so the total number of bytes sent received To add services that use NAT Transversal 1 Click on Properties from the Internet Connecti...

Отзывы:

Нет отзывов

Похожие инструкции для BB0050

Бренд: D-Link Страницы: 2

Бренд: D-Link Страницы: 72

Бренд: D-Link Страницы: 8

Бренд: D-Link Страницы: 3

Бренд: D-Link Страницы: 56

Бренд: ZyXEL Communications Страницы: 113

Бренд: NetComm Страницы: 1

Бренд: Belkin Страницы: 4

Hotwire 6310 MVL

Бренд: Paradyne Страницы: 17

GSM1208PB001MAN

Бренд: Enfora Страницы: 26

Enabler EDG0208

Бренд: Enfora Страницы: 65

Бренд: Cradlepoint Страницы: 130

Бренд: Telecom Страницы: 41

Бренд: NETGEAR Страницы: 30

HomeConnect 3CR29223

Бренд: 3Com Страницы: 1

Impact External ISDN Modem

Бренд: 3Com Страницы: 6

Barricade SMC7904BRB2

Бренд: SMC Networks Страницы: 2

7901BRA - FICHE TECHNIQUE

Бренд: SMC Networks Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды