PROLiNK Hurricane 9200/S Скачать руководство пользователя

Страница: 141 / 205

Chapter

. Configuring Filters and Blocking Protocols

141

C '

The IP Filter Configuration page enables you to configure the

following global IP filter settings.

Security Level:

This setting determines which IP filter rules

take effect, based on the security level specified in each

rule. For example, when High is selected, only those rules

that are assigned a security value of High will be in effect.

The same is true for the Medium and Low settings. When

None is selected, IP filtering is disabled.

Private/Public/DMZ Default Action:

This setting specifies

a default action to be taken (Accept or Deny) on private,

public, or DMZ-type device interfaces when they receive

packets that do not match any of the filtering rules. You can

specify a different default action for each interface type.

(You specify an interface's type when you create the

interface; see the PPP configuration page, for example.)

A public interface typically connects to the Internet.

PPP, EoA, and IPoA interfaces are typically public.

Packets received on a public interface are subject to

the most restrictive set of firewall protections defined in

the software. Typically, the global setting for public

interfaces is Deny, so that all accesses to your LAN

initiated from external computers are denied (discarded

at the public interface), except for those allowed by a

specific IP filter rule.

A private interface connects to your LAN, such as the

Ethernet interface. Packets received on a private

interface are subject to a less restrictive set of

protections, because they originate within the network.

Typically, the global setting for private interfaces is

Accept, so that LAN computers have access to the

ADSL/Ethernet routers' Internet connection.

The term DMZ (de-militarized zone), in Internet

networking terms, refers to computers that are

available for both public and in-network accesses

(such as a company's public Web server). Packets

received on a DMZ interface — whether from a LAN or

external source—are subject to a set of protections that

is in between public and private interfaces in terms of

restrictiveness. The global setting for DMZ-type

interfaces may be set to Deny so that all attempts to

access these servers are denied by default; the

administrator may then configure IP filter rules to allow

accesses of certain types.

Содержание Hurricane 9200/S

Страница 1: ...ADSL Ethernet Router User s Guide Revision 1 0 ...

Страница 2: ...eradicated Singapore Service Centre Tel 65 62965455 Fax 65 63925455 Email support fida com Address Blk 105 Boon Keng Rd 06 13 Singapore 339776 Operating Hours Mon Fri 0900 1745 hrs Sat 0900 1300 hrs Malaysia Service Centre Tel 603 8023 9151 Fax 603 8024 9161 Email support_my fida com Address 29 Jalan USJ 1 31 47600 Subang Jaya Selangor Darul Ehsan Malaysia Operating Hours Mon Fri 0900 1730 hrs Sat...

Страница 3: ...nect the ADSL cable and optional telephone 18 Step 2 Connect the Ethernet cable 18 Install USB software and connect the USB cable H9200 only 18 Step 3 Attach the power connector 19 Step 4 Turn on the Hurricane 9200 S and power up your systems 19 Quick Start Part 2 Configuring Your Computers 20 Before you begin 20 Windows XP PCs 20 Windows 2000 PCs 21 Windows Me PCs 22 Windows 95 98 PCs 23 Windows ...

Страница 4: ...Time 42 Specifying the Hurricane 9200 S s Name and Network Domain Name 44 Committing Changes and Rebooting 45 Committing Changes 45 Rebooting the device using Configuration Manager 46 About Part 2 48 4 Configuring the LAN and USB Interfaces 49 Connecting Your PCs via Ethernet and or USB 49 Configuring the LAN Ethernet Interface 50 Configuring the USB Interface IP Address 53 5 Configuring WAN Inter...

Страница 5: ...ios 81 Scenario 1 Routed Connection to ISP 81 Scenario 2 Bridged Connection to ISP 82 Scenario 3 Routed and Bridged Connections to ISP 83 Configuring Special Bridging Features 84 Configuring WAN to WAN Bridging 84 Configuring Bridge Router AutoSense BRAS Mode 85 Configuring ZIPB Mode 86 About Part 3 90 7 Viewing System IP Addresses and IP Performance Statistics 91 Viewing the Hurricane 9200 S s IP...

Страница 6: ...figuring IP Routes 106 Overview of IP Routes 106 IP routing versus telephone switching 106 Hops and gateways 107 Using IP routes to define default gateways 107 Do I need to define IP routes 107 Viewing the IP Routing Table 108 Adding IP Routes 110 11 Configuring the Routing Information Protocol 111 RIP Overview 111 When should you configure RIP 111 Configuring the Hurricane 9200 S s Interfaces wit...

Страница 7: ...iguring Global Firewall Settings 135 Managing the Blacklist 138 14 Configuring Filters and Blocking Protocols 139 Configuring IP Filters 140 Viewing Your IP Filter Configuration 140 Configuring IP Filter Global Settings 141 Creating IP Filter Rules 142 IP filter rule examples 147 Viewing IP Filter Statistics 148 Managing Current IP Filter Sessions 148 Configuring Bridge Filters 150 Configuring Glo...

Страница 8: ...Diagnostics Program 174 Using the Ping Utility 175 Using the Traceroute Utility 176 17 Upgrading the Software and Storing and Restoring the Configuration Data 178 Upgrading the Image 178 Upgrading Using an Image Stored Locally 178 Uploading an Image Stored Remotely 179 Storing and Restoring Configuration Settings 180 18 Modifying Port Settings 182 Overview of IP port numbers 182 Modifying the Hurr...

Страница 9: ...Table of Contents 9 C Glossary 191 Index 199 ...

Страница 10: ......

Страница 11: ... Hurricane 9200 S s interfaces These instructions will be of particular use when your network or Internet connection requirements differ from those reflected in the default product settings Part 3 Routing and IP Related Features provides configuration instructions and detailed information on using the Hurricane 9200 S s routing features such as DHCP server DNS relay and IP routes Part 4 Security F...

Страница 12: ... terms that are defined in the glossary Appendix A Bolded text is used to identify items you select from menus and drop down lists and text strings you type This document uses the following icons to call your attention to specific instructions or explanations Note Provides clarifying or non essential information on the current topic Definition Explains terms or acronyms that may be unfamiliar to m...

Страница 13: ...13 Part 1 Getting Started ...

Страница 14: ...h no additional changes required to the product settings Part 1 contains the following chapters Chapter 1 Getting to Know the Hurricane 9200 S describes the product features and provides a parts list Chapter 2 Quick Start provides instructions for setting up the hardware and for performing initial configuration of the Hurricane 9200 S and your LAN PCs Chapter 3 Getting Started with the Configurati...

Страница 15: ...figuration RIP and IP and DSL performance monitoring Configuration program you access via your Web browser In order to use the Hurricane 9200 S ADSL Ethernet router you must have the following ADSL service up and running on your telephone line One or more computers each containing an Ethernet 10Base T 100Base T network interface card NIC and or a single computer with a USB port H9200 only An Ether...

Страница 16: ... s Guide 16 In addition to this document your Hurricane 9200 S should arrive with the following Hurricane 9200 S ADSL Ethernet Bridge Router Power adapter and power cord USB cable H9200 only Setup CD Ethernet cable Standard phone DSL line cable ...

Страница 17: ...to verify that it is working properly This Quick Start assumes that you have already established ADSL service with your Internet service provider ISP These instructions provide a basic configuration that should be compatible with your home or small office network setup If necessary refer to the subsequent chapters for additional configuration instructions In Quick Start Part 1 you connect the devi...

Страница 18: ... the Hurricane 9200 S with a single computer and no hub you must use a crossover Ethernet cable to attach the PC directly to the device The crossover cable is wired differently than the cable you would use to connect to a hub When you compare the colored wires on each end of a straight through cable they will be in the same sequence on crossover cables they will not Contact your ISP for assistance...

Страница 19: ...ower connector on the back of the device and plug in the adapter to a wall outlet or power strip 2 3 Press the On Off switch on the back panel of the device to the On position Turn on and boot up your computer s and any connected LAN devices such as hubs or switches ...

Страница 20: ...ave connected your PC s or LAN via Ethernet to the Hurricane 9200 S follow the instructions that correspond to the operating systems installed on your PCs 5 6 7 1 In the Windows task bar click and then click Control Panel 2 Double click the Network Connections icon 3 In the LAN or High Speed Internet window right click on the icon corresponding to your network interface card NIC and select Propert...

Страница 21: ...6 Select Internet Protocol TCP IP in the Network Protocols list and then click You may be prompted to install files from your Windows 2000 installation CD or other media Follow the instructions to install the files 7 If prompted click to restart your computer with the new settings Next configure the PCs to accept IP information assigned by the Hurricane 9200 S 8 In the Control Panel double click t...

Страница 22: ...crosoft in the Manufacturers box 7 Select Internet Protocol TCP IP in the Network Protocols list and then click You may be prompted to install files from your Windows Me installation CD or other media Follow the instructions to install the files 8 If prompted click to restart your computer with the new settings Next configure the PCs to accept IP information assigned by the Hurricane 9200 S 9 In t...

Страница 23: ... 6 Click to return to the Network dialog box and then click again You may be prompted to install files from your Windows 95 98 installation CD Follow the instructions to install the files 7 Click to restart the PC and complete the TCP IP installation Next configure the PCs to accept IP information assigned by the Hurricane 9200 S 8 Open the Control Panel window and then click the Network icon 9 Se...

Страница 24: ...n click You may be prompted to install files from your Windows NT installation CD or other media Follow the instructions to install the files After all files are installed a window displays to inform you that a TCP IP service called DHCP can be set up to dynamically assign IP information 6 Click to continue and then click if prompted to restart your computer Next configure the PCs to accept IP inf...

Страница 25: ...the Hurricane 9200 S By default the LAN interface is assigned this IP address 192 168 1 1 You can change this number or another number can be assigned by your ISP See Chapter 4 for more information The IP address of your ISP s Domain Name System DNS server On each PC follow the instructions on pages 20 through 24 relating only to checking for and or installing the IP protocol Once it is installed ...

Страница 26: ... on the PC 1 Ensure that the USB cable is not connected to the USB port on the PC The installation program will prompt you when to connect the cable 2 Copy the USB installation files to a temporary directory on the USB computer 3 In the folder where you copied the files double click on setup exe to start the DSL Modem Setup Wizard 4 The Installing window displays as the Wizard prepares your system...

Страница 27: ...r Type B Connect the flat connector to your PC and the square connector to the Hurricane 9200 S See Figure 4 To ADSL Ethernet router To PC Figure 4 USB Cable Connectors If a Microsoft digital signature dialog box again displays click to continue A window displays briefly indicating that the system has found new hardware and the wizard requires you to reboot your computer to complete the installati...

Страница 28: ...mically assigned IP information Follow the instruction on pages 20 through 24 that correspond to the operating system installed on your PC If you want to assign a static IP address to the PC follow the instructions on page 25 and use the following information o In the Network and Dial up Connections window be sure to select the icon that corresponds to your new USB connection not the one that corr...

Страница 29: ...owser The settings that you are most likely to need to change before using the device display on the Quick Configuration page Follow these instructions configure the device settings 1 At any PC connected to the Hurricane 9200 S via Ethernet or USB H9200 only open your Web browser and type the following URL in the address location box 192 168 1 1 When you press Return you will be prompted to key in...

Страница 30: ...Hurricane 9200 S ADSL Ethernet Router User s Guide 30 Figure 6 Quick Configuration Page in Configuration Manager ...

Страница 31: ... IP address to your LAN enter the address and the associated subnet mask in the boxes provided Note In bridge configurations the public IP address may be entered on your PC rather than on the ADSL Ethernet router check with your ISP Chapter 5 Use DHCP When enabled your ISP will assign IP addresses to your WAN interface When disabled the WAN interface must Chapter 5 Default Route When enabled speci...

Страница 32: ...cane 9200 S can provide a variety of services to your network The device is preconfigured with default settings for use with a typical home or small office network Table 1 lists some of the most important default settings these and other features are described fully in subsequent chapters If you are familiar with network configuration review the settings in Table 1 to verify that they meet the nee...

Страница 33: ...gle USB enabled computer with an IP address in the same subnet See Chapter 4 for instructions WAN interface connecting to the Internet ATM VC VPI 0 VCI 100 The VPI and VCI values make up a VC virtual circuit that determines the path your data must take to connect over the phone lines to the ISP These values must be changed as directed by your ISP See Chapter 5 for more information PPP interface PP...

Страница 34: ...ata is being sent to and received from your LAN PCs ADSL Displays solid green when the DSL line is up Flashes during DSL handshake Internet Flashes while data is being sent to and received from the Internet If the LEDs illuminate as expected test your Internet connection from a LAN computer and from the USB computer if applicable Open your web browser and type the URL of any external website such ...

Страница 35: ...m you need the following A PC or laptop connected to the LAN port on the device as described in the Quick Start chapter A web browser installed on the PC The program is designed to work best with Microsoft Internet Explorer version 5 0 Netscape Navigator version 6 1 or later versions You can access the program from any computer connected to the Hurricane 9200 S via the LAN or USB ports H9200 only ...

Страница 36: ...d and then click The first time you log into the program use these defaults Default User Name admin Default Password password Note You can change the password at any time see Chapter 15 for instructions The System View page on the Home tab displays each time you log into the program shown in Figure 9 on page 38 ...

Страница 37: ... displays when you click each task in the task bar The left most task displays by default when you click on a new tab The same task may appear in more than one tab when appropriate For example the Lan Config task displays in both the LAN tab and the Routing tab The following buttons are used throughout the application Button Function Stores in temporary system memory any changes you have made on t...

Страница 38: ...Guide 38 Button Function On pages that display accumulated statistics this button resets the statistics to their initial values Launches the online help for the current topic in a separate browser window Help is available from any main topic page ...

Страница 39: ...r 3 Getting Started with the Configuration Manager 39 The Home page displays when you first access the program or if another tab is already displaying when you click on the Home tab Figure 9 System View Table ...

Страница 40: ...bout the Hurricane 9200 S hardware and software versions the system uptime since the last reboot and the preconfigured operating mode DSL Displays the operational status version DSL standard and performance statistics for the DSL line You can click on DSL in the table heading or display the WAN tab to view additional DSL settings which are described in Chapter 16 DSL Displays the operational statu...

Страница 41: ...on on modifying properties of these interfaces see Chapter 4 Services Summary Displays the status of various services that the Hurricane 9200 S performs to help you manage your network A green check mark indicates the service is active and a red X indicates that it is inactive o NAT Translates private IP addresses to your public IP address The type of NAT interface is indicated inside outside See ...

Страница 42: ...t the date and time revert to default values and must again be updated Note Setting the Hurricane 9200 S date and time manually does not affect the date and time on your PCs Follow these instructions to change the system date and time 1 At the bottom of the Home page click The System Modify page displays in a separate browser window Figure 11 System Modify Page 2 Modify the fields on this page as ...

Страница 43: ...lect your time zone from the drop down list and then click the appropriate radio button to indicate whether Daylight Savings Time is currently in effect After you initially set the time turning DST on or off will adjust the current displayed time by one hour in the appropriate direction You must remember to change the DST option each spring and fall it will not change automatically 3 When you are ...

Страница 44: ...d type the following in your Web browser to access Configuration Manager http myrouter If you also specify a domain name for the ADSL Ethernet router the next time you access Configuration Manager type the domain name and the device name in your Web browser For example if you entered myrouter in the Name field and mydomain com in the Domain Name field then you would type the following in your Web ...

Страница 45: ...ing changes activates them immediately but saves them only until the device is reset or powered down Committing changes saves them permanently Follow these steps to commit changes 1 Click the Admin tab and then click in the task bar The Commit Reboot page displays Figure 12 Commit Reboot Page 2 Click Disregard the selection in the Reboot Mode drop down list it does not affect the commit process Th...

Страница 46: ...s intended only for technicians who have a serial port connection to the device and knowledge of its command line interface Reboot from Minimum Configuration Reboots the device with only these settings o An Ethernet interface is configured with IP address 192 168 1 1 mask 255 255 255 0 o The user login is set to the following User Name admin Password password Rebooting may take 20 30 seconds If yo...

Страница 47: ...47 Part 2 Interfaces and Operating Modes ...

Страница 48: ...g modes determine which protocols the device can use to communicate with LAN computers and the ISP and which product features are made available to the user Part 2 contains the following chapters Chapter 4 Configuring the LAN and USB Interfaces explains how to configure the Ethernet and USB interfaces which connect though distinct ports to your LAN hub switch and optional USB enabled PC Because th...

Страница 49: ... port using a crossover Ethernet cable See Appendix B Troubleshooting for a description of crossover versus straight through Ethernet cables If the PC is USB enabled you can connect it directly to the device s USB port H9200 only Only one computer can be connected in this manner You can also use the USB and Ethernet ports simultaneously connecting your LAN via the Ethernet port and a standalone PC...

Страница 50: ...igure one PC as indicated in the Quick Start Then access Configuration Manager and change the LAN IP address as required When done change the IP properties on the PC to so that it is also in the appropriate subnet If your network uses a DHCP server other than the ADSL Ethernet router to assign IP addresses you can also configure the device to accept and use a LAN IP address assigned by that server...

Страница 51: ...ons for how the device s LAN interface is assigned an IP address o Manual indicates that you will be assigning a static IP address which you can enter in the fields below o External DHCP Server indicates that your ISP will be assigning an IP address from their own DHCP server dynamically each time you log on o Internal DHCP Server indicates that you have a DHCP server device on your network that w...

Страница 52: ...r internal DHCP server in the Get LAN Address field Keep these points in mind Manually specifying an address If you are using routing services on you LAN such as DHCP and NAT you must assign a fixed LAN IP address and mask to the interface The IP address must be in the same subnet as your LAN computers that connect to it See Appendix A for an explanation of IP addresses and network masks If you ch...

Страница 53: ...ion Manager by typing the new IP address in your Web browser s address location box 7 If you want the changes to be permanent follow the instructions on page 45 to commit them 0 1 If the LAN Configuration page is not already displaying click the LAN tab If the USB Configuration table does not display below the LAN Configuration table then your system does not support a USB connection Contact your ...

Страница 54: ...ace a page will display to confirm your change and your connection will remain active 6 If necessary reconfigure your USB PC so that its IP address places it in the same subnet as the new IP address of the USB interface See Quick Start Part 2 Configuring Your Computers for instructions 7 Log into Configuration Manager by typing the new USB interface IP address in your Web browser s address locatio...

Страница 55: ...t router uses to communicate via the ATM based network with the telephone company central office equipment The higher level protocol interface s operate on top of the ATM VC interface The higher level interface handles the protocols needed to log onto and exchange data with the ISP s access server ISPs can use several different protocols including the Point to Point Protocol PPP Ethernet over ATM ...

Страница 56: ...nterface The name of the ATM interface to which these VC properties apply The ATM interface names identify the type of traffic that can be supported such as data or voice Internet data services typically use an AAL5 type interface Vpi Vci and Mux Type These settings identify a unique ATM data path for communication between your ADSL Ethernet router and your ISP Max Proto per AAL5 If you are using ...

Страница 57: ... 15 ATM VC Interface Modify Page 2 Enter the new VPI and VCI values select the MUX type or change the maximum number of protocols that the VC can carry as directed by your ISP 3 Click 4 On the confirmation page click to return to the ATM VC Configuration page 5 If you want the changes to be permanent follow the instructions on page 45 to commit them If you already have defined a higher level PPP E...

Страница 58: ...ct the mux type from the drop down list 4 In the Max Proto per AAL5 text box enter the number of higher level protocols PPP EoA and IPoA that the ISP indicated that you will need to configure to operate over this VC For many users only one is required 5 Click 6 When the confirmation page displays click to return to the ATM VC Configuration page The new interface should now display in the ATM VC Co...

Страница 59: ...er of two types PPP over ATM PPPoA and PPP over Ethernet PPPoE Although to the end user they function similarly the ISP s network may be configured to handle only one protocol type Furthermore an ISP may not use the PPP protocol at all instead offering EoA type connections described on page 65 Contact your ISP before changing the preconfigured WAN interface type 4 To view your current PPP setup lo...

Страница 60: ... this PPP data is sent The VC identifies the physical path the data takes to reach your ISP Interface Sec Type The type of firewall protections that are in effect on the interface public private or DMZ o A public interface connects to the Internet PPP interfaces are typically public Packets received on a public interface are subject to the most restrictive set of firewall protections defined in th...

Страница 61: ...NS When set to Enable the DNS address learned through the PPP connection will be distributed to clients of the device s DHCP server This option is useful only when the ADSL Ethernet Router is configured to act as a DHCP server for your LAN When set to Disable LAN hosts will use the DNS address es specified in the DHCP pool see Configuring DHCP Server on page 95 and specified in the DNS configurati...

Страница 62: ...s been manually disabled and cannot currently be used It can only be used after being manually returned to the Start state o Start On Data The PPP connection will be established automatically whenever data is sent to the interface e g when a LAN user attempts to use the Internet and will time out whenever the interface is idle for a specified amount of time Service Name This feature is available w...

Страница 63: ...cified on the PPP Configuration page o Auth Failure The ISP could not authorize the connection based on the user name and or password provided o PADT Recvd The ISP issued a special packet type to terminate the PPP connection o VC down The Virtual Circuit between the device and the ISP is down o Internal failure A system software failure occurred DNS The IP address of the DNS server located with yo...

Страница 64: ...create PPPoA or PPPoE and whether other WAN interface types have already been configured EoA or IPoA Contact your ISP for assistance 1 From the PPP Configuration Page click The PPP Interface Add page displays Figure 19 PPP Interface Add Page 2 Select a PPP interface name from the drop down list and then enter or select data for each field The fields are defined in the tables on page 60 and 62 3 Cl...

Страница 65: ...ith the ISP which uses the IP protocol to exchange data See Chapter 6 Configuring the System Operating Mode for more information on bridged and routed Internet connections Before creating an EoA interface or modifying the default settings contact your ISP to determine which type of protocol they use Note PPP and EoA Bridged Internet connections must use an EoA WAN interface Routed Internet connect...

Страница 66: ... lowest level they are associated with a physical port the WAN port This field should reflect an interface name defined in the next lower level of software over which the EoA interface will operate This will be an ATM VC interface such as aal5 0 Config IP Address and Netmask The IP address and network mask you want to assign to the interface If the interface will be used for bridging with your ISP...

Страница 67: ... an EoA interface 1 Click the WAN tab and then click in the task bar 2 Click The EoA Interface Add page displays Figure 21 EoA Interface Add Page 3 Select one of the predefined interface names from the EoA Interface drop down list 4 From the Interface Sec Type drop down list select the level of IP Firewall to be used on this interface as defined on page 66 5 In the Lower Interface field select the...

Страница 68: ...then deselect this field 9 In the Gateway IP Address field enter the address of your ISP s access server 10 Click A confirmation page displays to confirm your changes 11 Click to return to the EoA page and view the new interface in the table If the interface will be used to provide only a routed connection to your ISP skip to step Error Reference source not found If the interface will be used to p...

Страница 69: ...rface will be capable of handling both bridged and routed data packets 14 Click the Bridging Enable Disable link The System Mode page displays Figure 23 System Mode Page You can also access the System Mode page from the task bar in the Home tab 15 Click the Bridging Enabled radio button if not already selected and then click A page will briefly display to confirm your changes and will return you t...

Страница 70: ...f security protections in effect on the interface public private or DMZ o A public interface connects to the Internet IPoA interfaces are typically public Packets received on a public interface are subject to the most restrictive set of firewall protections defined in the software o A private interface connects to your LAN such as the Ethernet interface Packets received on a private interface are ...

Страница 71: ... DHCP is enabled this address serves as a request to the remote computer s DHCP server which may assign another address Gateway Address The external IP address that the ADSL Ethernet router communicates with via the IPoA interface to gain access to the Internet This is typically an ISP server Status A green or red ball will display to indicate that the interface is currently up or down respectivel...

Страница 72: ... Sec Type drop down list select the level of firewall security for the interface Public Private or DMZ see page 70 for definitions 5 In the RFC 1577 field click the Yes radio button if the interface complies with the IETF specification RFC 1577 and click 6 If the remote IPoA computer provides a DHCP server you can click the Enable radio button in the Use DHCP field to have the IP address dynamical...

Страница 73: ...ays Figure 26 IPoA Interface Map Page 12 From the Lower Interface drop down list select the ATM VC interface you want to map the IPoA interface to and then click 13 Click to return to the IPoA Configuration page 14 If you want the changes to be permanent follow the instructions on page 45 to commit them To view all IPoA to ATM VC interface mappings click at the bottom of the IPoA Configuration pag...

Страница 74: ...ork interface cards that enable computers to connect to networks The bridge determines which hardware IDs are connected on each side of the bridge and stores these associations in its bridge forwarding table For example when the Hurricane 9200 S is acting as a bridge it learns to associate the hardware IDs of each of your LAN computers with its LAN interface e g eth 0 or usb 0 and the hardware IDs...

Страница 75: ... MAC address When a PC initiates communication through the router outside the network the router sends out IP packets to the Internet on behalf of the PC revealing only the PC s IP address As IP packets are received in response the router reconciles the IP address with the PCs MAC address and sends Ethernet MAC layer packets on the network for the PC to claim Because they use a standardized higher...

Страница 76: ...the Home page as shown in Figure 28 Figure 28 Viewing the Operating Mode Figure 29 Viewing the Operating Mode The system mode that displays is not configured using a single setting Rather it is determined at system startup based on whether the device s LAN and WAN interfaces are configured with IP information i e are IP enabled and whether the Bridging setting on the System Mode page is enabled or...

Страница 77: ...n this case you would not be able to access Configuration Manager without being IP enabled the Ethernet interface could not communicate using the Internet protocol HTTP which is used to display information in your Web browser Instead of focusing on selecting a system mode of operation users should ensure that the appropriate settings are in place to enable communication with the ISP and to provide...

Страница 78: ...e an interface bridgeable you enable the software to receive Ethernet packets through that interface for forwarding through the device s other bridgeable interfaces If an interface is not bridgeable it can only forward IP packets assuming the interface has been IP enabled Note If you create a LAN or WAN interface it must be IP enabled bridge enabled or both An interface that has no IP address and ...

Страница 79: ...rovides links shown in red to the System Mode page where you can enable or disable the corresponding bridging services The Bridge Configuration page also displays a table for specifying the interfaces that support bridging The table may be empty if bridging has not yet been configured ...

Страница 80: ...ined in the system but is no longer capable of performing bridging 8 After you have created bridgeable interfaces you must enable the bridging service on the system as a whole 1 Click the Home tab and then click in the task bar The System Mode page displays Figure 31 System Mode Page You can also access the System Mode page from Bridging page Click any of the links that display in red near the top...

Страница 81: ...ut they are rarely used in customer settings See Chapter 5 for instructions o If an EoA interfaces is created an IP address should be assigned to it Or the interface should be configured to receive an IP address through DHCP o For PPP interfaces IP information is assigned when the link is negotiated o For either type of WAN interface the Default Gateway check box is normally selected Each PC s IP ...

Страница 82: ...tinue to provide certain IP based services to your LAN such as DHCP server and DNS relay Both the LAN eth 0 and or usb 0 and the WAN interfaces eoa 0 are enabled for bridging See Making Interfaces Bridgeable Bridge Enabled on page 78 The bridging service is enabled See Enabling Bridging Mode on page 80 The ISP should provide setup instructions for the LAN PC s which may involve installing software...

Страница 83: ... may be able to use the same interface Check with your ISP Bridging is enabled on the LAN interface eth 0 and or usb 0 and on the EoA interface to be used for the bridging path If separate interfaces are created for the bridging and routing paths then enable bridging only on the EoA interface to be used for bridging See Making Interfaces Bridgeable Bridge Enabled on page 78 The bridging service is...

Страница 84: ...ble for all users due to security concerns and bandwidth constraints If this is the case WAN to WAN bridging should be disabled Follow this procedure to enable or disable WAN to WAN bridging 1 Click the Bridging tab 2 In the interface table select all WAN interfaces and any others on which you want to perform bridging and click 3 Click the WAN to WAN bridging Enable Disable link 4 On the System Mo...

Страница 85: ...ridge deployment then the modem automatically switches to bridging mode by stopping its own PPPoE client causing PPPoE packets to be bridged from the LAN side 3 Otherwise no PPPoE traffic is detected the modem continues to operate as before in bridging mode non PPPoE traffic as well as routing mode Follow these instructions to enable Bridge Router AutoSense 1 Ensure that both a PPPoE and an EoA in...

Страница 86: ...e IP address Working with your ISP follow this procedure to enable ZIPB mode 1 Ensure that your PCs are configured to accept IP information assigned by a DHCP server See Quick Start Part 2 Configuring Your Computers for instructions 2 Ensure that at least one PPPoE or PPPoA interface has been created on the Hurricane 9200 S See Chapter 5 for instructions The Status field for the PPP interface must...

Страница 87: ...uring the System Operating Modes 87 8 Click A page displays briefly to confirm the change and the System Mode page redisplays 9 If you want the changes to be permanent follow the instructions on page 45 to commit them ...

Страница 88: ......

Страница 89: ...89 Part 3 Routing and IP Related Features ...

Страница 90: ... describes how to configure the Hurricane 9200 S s DHCP server and DHCP relay agent to dynamically assign IP information to your LAN PCs Chapter 9 Configuring DNS Server Addresses describes how to specify the IP addresses for the Domain Name Servers that your LAN will use when accessing the Internet Chapter 10 Configuring IP Routes describes how to create rules that specify the device interfaces t...

Страница 91: ... Name for each of its IP enabled interfaces The listed IP addresses may include The IP address of the device s LAN Ethernet port called eth 0 See Chapter 4 for instructions on configuring this address The IP address of the device s USB interface named usb 0 See Chapter 4 for instructions on configuring this address The IP address of the WAN ADSL line interface which your ISP and other external dev...

Страница 92: ...ction of data that has been bundled for transmission You will not typically need to view this data but you may find it helpful when working with your ISP to diagnose network and Internet data transmission problems To view global IP statistics click on the IP Address Table page Figure 33 shows the IP Global Statistics page Figure 33 IP Global Statistics Page To display updated statistics showing an...

Страница 93: ...ess or you specified that it will receive IP information dynamically automatically If you chose to have the information assigned dynamically then you configured your PCs as DHCP clients that will accept IP addresses assigned from a DCHP server such as the Hurricane 9200 S The DHCP server draws from a defined pool of IP addresses and leases them for a specified amount of time to your computers when...

Страница 94: ...our ISP performs the DCHP server function for your network then you can configure the device as a DHCP relay agent When a computer logs onto the network the Hurricane 9200 S contacts the ISP for the necessary IP information which it relays back to the computer If you have another PC or device on your network already performing the DHCP server function then you can configure the device s LAN interf...

Страница 95: ...to a USB connected computer as long you have assigned to the USB and Ethernet interfaces static IP addresses that place them in the same subnet See Appendix A for an explanation of subnets For example assume you assigned the following addresses to the Ethernet and USB interfaces Ethernet interface eth 0 IP address 192 168 1 1 mask 255 255 255 0 USB interface usb 0 IP address 192 168 1 2 mask 255 2...

Страница 96: ... interfaces and the addresses in pool 1 would only be assigned only over the Wireless LAN interface Follow these instructions to create an IP address pool 1 Log into Configuration Manager click the LAN tab and then click in the task bar The DHCP Server Configuration page displays Figure 34 DHCP Configuration Page Depending on your preconfigured settings the table may display up to two address pool...

Страница 97: ... for which the DHCP server can lease out an IP address to a DHCP client Net Mask Specifies which portion of each IP address in this range refers to the network and which portion refers to the host computer For a description of network masks and LAN network masks see Appendix A You can use the network mask to distinguish which pool of addresses should be distributed to a particular subnet as explai...

Страница 98: ...g the DHCP Mode on page 101 to enable the DHCP Server To view modify or delete an existing address pool display the DHCP Server Configuration page and click the icons in the corresponding row in the address pool table To delete an IP address pool click then submit and commit your changes To view details on an IP address pool click A page displays with the same information that you entered when you...

Страница 99: ...gure 37 DHCP Server Address Table Page The DHCP Server Address Table lists any IP addresses that are currently leased to your computers For each leased address the table lists the following information Field Description IP Address The address that has been leased from the pool Netmask The network mask associated with the leased address This identifies the network ID and host ID portions of the add...

Страница 100: ...ng system For detailed instructions see Quick Start Part 2 Configuring Your Computers for instructions Next you specify the IP address of the DHCP server and select the interfaces on your network that will be using the relay service 2 Log into the Configuration Manager click the LAN tab and then click in the task bar The DHCP Relay Configuration page displays Figure 38 DHCP Relay Configuration Pag...

Страница 101: ...te DHCP mode to activate your DHCP relay or DHCP server settings Follow these instructions to set the DHCP mode 1 Click the LAN tab and then click in the task bar The DHCP Configuration page displays Figure 39 DHCP Configuration Page 2 From the DHCP Mode drop down list choose DHCP Server DHCP Relay or None If you choose none your LAN computers must be configured with static IP addresses 3 Click 4 ...

Страница 102: ......

Страница 103: ...ally provide primary and secondary DNS addresses and may provide additional addresses Your LAN PCs learn these DNS addresses in one of the following ways Statically If your ISP provides you with their DNS server addresses you can assign them to each PC by modifying the PCs IP properties Dynamically from a DHCP pool You can configure the DHCP Server feature on the ADSL Ethernet router and create an...

Страница 104: ...antageous in that you will not need to reconfigure the PCs or the ADSL Ethernet router if the ISP changes their DNS addresses Configured on the ADSL Ethernet router You can use the device s DNS feature to specify the ISP s DNS addresses If the device also uses a PPP interface with the Use DNS property enabled then these configured addresses can be used in addition to the two addresses learned thro...

Страница 105: ... table then an alert will display in the System Log window see the Admin tab System Log page You can specify the interval in minutes between each DNS poll message in the DNS Relay Poll Timeout text box d Click the Enable radio button and then click 3 If you want the changes to be permanent follow the instructions on page 45 to commit them Note DNS addresses that are assigned to LAN PCs prior to en...

Страница 106: ...bers and connect to a more localized switchboard that handles numbers with that prefix This final switchboard can then look at the last four digits of the phone number to open a connection with the person or company you dialed In comparison when your computer initiates communication over the Internet such as viewing a web page connecting to an web server the data it sends out includes the IP addre...

Страница 107: ...es provides a good next hop because no such route has been defined then that device will forward the data to its default gateway Eventually a high level device using a predefined IP route will be able to forward the data along a path to its destination B Most users do not need to define IP routes On a typical small home or office LAN the existing routes that set up the default gateways for your LA...

Страница 108: ...Hurricane 9200 S s routing table click the Routing tab The IP Route page displays by default Figure 41 IP Route Table Page The IP Route Table displays a row for each existing route These include routes that were predefined on the device routes you may have added and routes that the device has identified automatically through communication with other devices The routing table should reflect a defau...

Страница 109: ... its final destination is that shown in the destination column IFName Displays the name of the interface on the device through which data is forwarded to the specified next hop Route Type Indicates whether the route is direct or indirect In a direct route the source and destination computers are on the same network and the router attempts to directly deliver the data to the computer In an indirect...

Страница 110: ...N enter 0 0 0 0 in both the Destination and Netmask fields Enter your ISP s IP address in the Gateway NextHop field Note that you cannot specify the interface name route type or route origin These parameters are used only for routes that are identified automatically as the device communicates with other routing devices For routes you create the routing table displays system default values in these...

Страница 111: ...it from remote locations such as the computers telecommuters use Using RIP each device sends its routing table to its closest neighbor every 30 seconds The neighboring device in turn passes the information on to its next neighbor and so on until all devices in the autonomous network have the same set of routes 5 B Most small home or office networks do not need to use RIP they have only one router ...

Страница 112: ...be empty 2 If necessary change the Age and Update Time values These are global settings for all interfaces that use RIP Age is the amount of time in seconds that the device s RIP table will retain each route that it learns from adjacent computers Update Time specifies how frequently the Hurricane 9200 S will send out its routing table to its neighbors 3 In the IFName column select the name of the ...

Страница 113: ... setting indicates the RIP version s in which information must be passed to the Hurricane 9200 S in order for it to be accepted into its routing table RIP version 1 is the original RIP protocol Select RIP1 if you have devices that communicate with this interface that understand RIP version 1 only RIP version 2 is the preferred selection because it supports classless IP addresses which are used to ...

Страница 114: ...iguration page you can click to view statistics on attempts to send and receive route table data over RIP enabled interfaces on the Hurricane 9200 S Figure 44 RIP Global Statistics Page You can click to reset all statistics to zero and to display any newly accumulated data ...

Страница 115: ...115 Part 4 Security Features ...

Страница 116: ...ernet address to be shared among multiple PCs on your LAN This chapter explains how to configure NAT rules of various types Chapter 13 Configuring Firewall Settings describes the protections available in the embedded firewall and how to enable and disable them Chapter 14 Configuring Filters and Blocking Protocols describes how to create filters that allow or disallow various types of content and h...

Страница 117: ...address Or you define a pool of private IP addresses for dynamic assignment to your computers as described in Chapter 8 On the Hurricane 9200 S you set up a NAT rule to specify that whenever one of your computers communicates with the Internet that is it sends and receives IP data packets its private IP address which is referenced in each packet will be replaced by the LAN s public IP address Defi...

Страница 118: ... NAT rules such as these provide several benefits They eliminate the need for purchasing multiple public IP addresses for computers on your LAN You can make up your own private IP addresses at no cost and then have them translated to the public IP address when your computers access the Internet They provide a measure of security for you LAN by enabling you to assign private IP addresses and then h...

Страница 119: ...ains the following elements The NAT Options drop down list which provides access to the NAT Configuration page and Global Information table shown by default and in Figure 45 the NAT Rule Configuration page see Figure 47 and the NAT Translations page see Figure 49 Enable Disable radio buttons which allow you to turn on or off the NAT feature The NAT Global Information table which displays the follo...

Страница 120: ...ckets are received for the time specified in TCP Close Wait When in the establishing state the session will timeout if no packets are received for the time specified in TCP Def Timeout UDP Timeout sec Same as TCP Idle Timeout but for UDP based communication sessions ICMP Timeout sec Same as TCP Idle Timeout but for ICMP based communication sessions GRE Timeout sec Same as TCP Idle Timeout but for ...

Страница 121: ...twork Address Translation 121 Figure 46 NAT Rule Global Statistics Page The table provides basic information for each NAT rule you have set up You can click to restart the accumulation of the statistics at their initial values ...

Страница 122: ...the instructions for adding rules pages 125 through 134 From the NAT Rule Configuration page you can click to add a new rule or use the icons in the right column to delete or view details on a rule To view data on how often a specific NAT rule has been used click in the Action s column A page displays similar to the one shown in Figure 48 Figure 48 NAT Rule Statistics Page The statistics show how ...

Страница 123: ...voked from the rule definition Protocol The IP protocol used by the data packets that are undergoing translations from the rule definition Example TCP UDP ICMP Alg Type The Application Level Gateway ALG if any that was used to enable this NAT translation ALGs are special settings that certain applications require in order to work while NAT is enabled NAT Direction The direction Inside or Outside o...

Страница 124: ...ich the private IP address was translated In Address The private IP address that was translated Out Address The IP address of the outside destination web ftp site etc In Out Packets The number of incoming and outgoing IP packets that have been translated in this translation session In Ports The actual port number corresponding to the LAN computer Out Ports The port number associated with the desti...

Страница 125: ...APT flavor translates private source IP addresses to a single public IP address The NAPT rule also translates the source port numbers to port numbers that are defined on the NAT Global Configuration page see page 119 The introduction to NAT on page 117 describes how the NAPT rule works 1 Click the NAT tab and then select NAT Rule Entry from the NAT Options drop down list The NAT Rule entry page di...

Страница 126: ...ess To fields type the starting and ending IP addresses respectively of the range of private address you use on your network that you want to be translated You can specify that data from all LAN addresses should be translated by typing 0 zero in each From field and 255 in each To field Or type the same address in both fields if the rule only applies to one computer 7 In the Global Address From and...

Страница 127: ...est for access to your Web server The packet header contains the public address for your LAN as the destination IP address and a destination port number of 80 Because you have set up an RDR rule for incoming packets with destination port 80 the device recognizes the data as a request for Web server access The device changes the packet s destination address to the private IP address of your Web ser...

Страница 128: ...ed for load balancing whereby traffic is distributed among several redundant servers to help ensure efficient network performance These addresses should correspond to private addresses already in use on your network either assigned statically to your PCs or assigned dynamically using DHCP as discussed in Quick Start Part 2 Configuring Your Computers 5 In the Global Address From and Global Address ...

Страница 129: ...vailable is configured to use a non standard port number for the type of traffic it receives type the non standard port number in the Local Port field This option translates the standard port number in packets destined for your LAN computer to the non standard number you specify For example if your Web server uses non standard port 2000 but you expect incoming data packets to refer to standard por...

Страница 130: ... be effective 3 Select a protocol to which this rule applies or choose ANY This selection specifies which type of Internet communication will be subject to this translation rule You can select ALL if the rule applies to all data Or select TCP UDP ICMP or a number from 1 255 that represents the Internet Assigned Numbers Authority IANA specified protocol number 4 In the Local Address From and Local ...

Страница 131: ...ity of the Basic rule Refer to The Basic Rule on page 130 for a general description You can use the Filter rule if you want an address translation to occur only when your LAN computers initiate access to specific destinations The destinations can be identified by their IP addresses port type which identifies it as a FTP or Web server for example or both Figure 54 shows the fields used to establish...

Страница 132: ... and ending address that identify the range of public IP addresses to translate your private addresses to Or type the same address in both fields if you also specified a single address in step 4 6 In the Destination Address From To fields specify a destination address or range if you want this rule to apply only to outbound traffic to the address or range If you enter only the network ID portion o...

Страница 133: ...ss to a LAN device They do not provide the same level of security as RDR rules because RDR rules also reroute incoming packets based on the port ID Bimap rules do not account for the port number and therefore allow external access regardless of the destination port type specified in the incoming packet Figure 55 shows the fields used to establish a Bimap rule Figure 55 NAT Rule Add Page Bimap Flav...

Страница 134: ...ss rule with an ID number from 1 to 4 Follow these instructions to add a Pass rule see steps 1 4 under The NAPT rule on page 125 for detailed instructions corresponding to steps 1 and 2 below 1 Display the NAT Rule Add Page select PASS as the Rule Flavor and enter a Rule ID 2 Select the interface on which this rule will be effective 3 In the Local Address From and Local Address To fields type the ...

Страница 135: ...ther unwelcome or malicious accesses to your LAN You can also specify how to monitor attempted attacks and who should be automatically notified C Follow these instructions to configure global firewall settings 1 Log into Configuration Manager click the Services tab and then click in the task bar The Firewall Configuration page displays Figure 57 Firewall Configuration Page ...

Страница 136: ...and Attack Sending packets that use the same address as the source and destination address o Ping of Death Illegal IP packet length DoS Protection Click the Enable radio button to use the following denial of service protections o SYN DoS o ICMP DoS o Per host DoS protection Max Half open TCP Connection Sets the percentage of concurrent IP sessions that can be in the half open state In ordinary TCP...

Страница 137: ...ed firewall violations Type the addresses in standard internet e mail address format e g jxsmith onecompany com The e mail message will contain the time of the violation the source address of the computer responsible for the violation the destination IP address the protocol being used the source and destination ports and the number violations occurring the previous 30 minutes If the ICMP protocol ...

Страница 138: ...wall Configuration page The Firewall Blacklisted Hosts page displays Figure 58 Firewall Blacklisted Hosts Page The table displays the following information for each entry Field Description Host IP Address The IP address of the computer that sent the packet s that caused the violation Reason A short description of the type of violation If the packet violated an IP filter rule the custom text from t...

Страница 139: ...ol user activity they can also be complex and generally require an advanced understanding of IP protocols The bridge filter feature is similar to the IP filter feature but operates at a lower protocol level While IP filter rules act on IP data packets known as layer 3 data bridge filter rules act on Ethernet and similar packets often referred to as layer 2 or MAC layer data The blocked protocols f...

Страница 140: ...hes the criteria established in a rule the packet can either be accepted forwarded towards its destination or denied discarded depending on the action specified in the rule 4 To view your current IP filter configuration log into Configuration Manager click the Services tab and then click in the task bar The IP Filter Confirmation page displays Figure 59 IP Filter Confirmation Page The IP Filter Co...

Страница 141: ...to the most restrictive set of firewall protections defined in the software Typically the global setting for public interfaces is Deny so that all accesses to your LAN initiated from external computers are denied discarded at the public interface except for those allowed by a specific IP filter rule o A private interface connects to your LAN such as the Ethernet interface Packets received on a pri...

Страница 142: ... you set various criteria that must be met in order for the rule to be invoked Use these instructions to add a new IP filter rule Also refer to the examples on page 147 1 On the IP Filter Configuration page click The IP Filter Rule Add page displays Figure 60 IP Filter Rule Add Page ...

Страница 143: ... examples on page 147 for suggestions on choosing the appropriate interface for various rule types In Interface The interface from which packets must have been forwarded to the interface specified in the previous selection This option is valid only for the outgoing direction Log Option When Enabled is selected a log entry will be created on the system each time this rule is invoked The log entry w...

Страница 144: ... to be invoked on packets containing any any source IP address lt any source IP address that is numerically less than the specified address lteq any source IP address that is numerically less than or equal to the specified address gt any source IP address that is numerically greater than the specified address eq any source IP address that is numerically equal to the specified address neq any sourc...

Страница 145: ...ntify the type of traffic that the computer or server can handle and are specified by the Internet Assigned Numbers Authority IANA For example port number 80 indicates a Web server 21 indicates an FTP server You can choose a port type by name from the drop down lists or if not available in the list specify the IANA port number in the text boxes Select Any other port if this criteria will not be us...

Страница 146: ...be applied to packets whether or not they contain fragments assuming that they match the other criteria IP Option Pkt Determines whether the rule should apply to IP packets that have options specified in their packet headers o Yes The rule will be applied only to packets that contain header options o No The rule will be applied only to packets that do not contain header options o Ignore Default Th...

Страница 147: ...anent follow the instructions on page 45 to commit them D Example 1 Blocking a specific computer on your LAN from accessing Web servers on the Internet 1 Add a new rule for outgoing packets on the ppp 0 interface from any incoming interface this would include the eth 0 and usb 0 interfaces for example 2 Specify the source IP address of the computer you want to block 3 Specify the Protocol as TCP a...

Страница 148: ...s were accepted or denied Display the IP Filter Configuration page and then click in the row corresponding to the rule The IP Filter Rule Statistics page displays Figure 61 IP Filter Rule Statistics Page You can click to reset the count to zero and to display newly accumulated data 8 When two computers communicate using the IP protocol an IP session is created for the duration of the communication...

Страница 149: ...CP UDP IGMP etc I F The interface on which the IP filter rule is effective IP Address The IP addresses involved in the communication The first one shown is the initiator of the communication Port The hardware addresses of the ports involved in the communication In Out Rule Index The number of the IP filter rule that applies to this session assigned when the rule was created In Out Action The actio...

Страница 150: ...ilter rules specify which bits of the packet are to be examined and what criteria those bits must meet in order to qualify as a match for the rule When a packet matches a rule it can either be accepted forwarded towards its destination or denied discarded depending on the action specified in the rule Note Bridge filters can be used when the unit is configured in either bridge or router mode C To d...

Страница 151: ...terfaces except those specifically accepted by a bridge filter rule Do not select CallMgt option it is for manufacturer use only Adding and enabling a new bridge filter rule is a multi step process First you add the rule which defines general information such as the rule number the direction of traffic it applies to and the action to be taken when a match is detected Next you add one or more subru...

Страница 152: ...e criteria is set to ppp 0 then the In Interface could be set to usb 0 This specifies that the rule applies only to packets passed from the USB computer through the router s PPP interface This option is valid only for rules defined for the outgoing direction Action Specifies what the rule will do to a packet when the packet matches the rule criteria The action can be Accept forward to destination ...

Страница 153: ...ent from the main rule number The bridge filter processes subrules in sequential order if a packet fails to match the criteria of any subrule then the rule will not be invoked and bridge filter processing will continue to the next rule Offset The number of bits into a packet starting from a designated location where the subrule comparison should begin Offset from The location in a Layer 2 packet w...

Страница 154: ... both fields otherwise enter a value only in the Lower Value field 7 When you are finished entering criteria and are ready to make this subrule effective you can click the Enable radio button at the top of the Bridge Filter Subrule Add page and then click You could also leave it disabled and edit the subrule to enable it later A page displays to confirm your changes 8 Click to return to the Bridge...

Страница 155: ... page 45 D The following instructions create a rule for preventing Telnet access to the device from a specific WAN interface 1 Add rule 100 with the following settings Interface ppp 0 Direction Incoming Action Accept 2 Click the Enable radio button at the top of the Bridge Filter Rule Add page and then click 3 Add subrule 1 with the following settings Offset 2 Offset from TCP Header Mask 0x0FFF Cm...

Страница 156: ...figured by the ISP these rules and related statistics can be viewed but not otherwise accessed via the Web based interface You can view statistics for each rule and total statistics for all rules To view statistics for an individual rule click in the corresponding Action s column on the Bridge Filter Configuration page The Bridge Filter Rule Stats page reports the accumulated number of packets tha...

Страница 157: ... Services tab and then click in the task bar The Blocked Protocols page displays Figure 66 Blocked Protocols Page WARNING Blocking certain protocols may disrupt or disable your network communication or Internet access If you are unfamiliar with how your network or Internet connection uses these protocols contact your ISP before disabling The following list describes each of the available protocols...

Страница 158: ...ket Exchange A networking protocol used on Novell Netware based LANs BPDU Bridge Protocol Data Unit BPDUs are data messages that are exchanged across the switches between LANs that are connected by a bridge BPDU packets contain information on ports addresses priorities and costs and are exchanged across bridges to detect and eliminate loops in a network ARP Address Resolution Protocol Computers on...

Страница 159: ...159 Part 5 Administrative Tasks and System Monitoring ...

Страница 160: ...stem Status and Performing Diagnostics describes how to view information on system events and DSL line performance how to run the diagnostic utility to troubleshoot system problems and how to use the ping and traceroute utilities Chapter 17 Upgrading the Software explains how to upgrade the system by uploading new software files Chapter 18 Modifying Port Settings describes how to change the Port I...

Страница 161: ...lowing privilege levels to each additional login Root level privileges enable users to modify all the features available in Configuration Manager The default login has root level privileges Intermediate level privileges enable users to change their own passwords They can also change the PPP interface username and password and the ATM VC interface values Note however that Intermediate users can cha...

Страница 162: ...ters but cannot contain spaces or special characters The password can also be up to 128 characters Be sure to retype the password in the Confirm Password text box exactly as before including lowercase and uppercase characters 4 Click 5 If you want the changes to be permanent follow the instructions on page 45 to commit them You cannot change or delete the default login To delete a subsequently cre...

Страница 163: ...ur ISP described in Chapter 5 1 From the User Configuration page click next to the login whose password you want to modify The User Config Modify page displays Figure 69 User Config Modify Page 2 Type your current password in the Old Password text box 3 Type your new password in both the New Password and Confirm New text boxes The password can be up to 128 ASCII characters long When logging in you...

Страница 164: ...Page The table on this page provides a check box to enable or disable HTTP i e Web browser based access to the configuration program through the WAN port In the Inactivity TimeOut text box you can specify a length of time in minutes after which external access will be blocked assuming that there is no access during that time If you want your changes to be in effect the next time you log in click I...

Страница 165: ...mmunity is defined as having either read only or read write privileges The data stored in the MIB includes the standard items defined for the SNMP protocol and custom items defined by the ISP The MIB contents are preconfigured by the ISP and cannot be managed via the Web based interface A complete SNMP setup includes the following items A management station equipped with an SNMP manager client tha...

Страница 166: ...72 SNMP Host Add Page 2 Enter the IP address of the host computer you want to add and click A page displays briefly to confirm the addition and the SNMP Add Host page redisplays 3 Continue adding hosts as required and click when done The newly added hosts now have access to the MIB with the privilege level associated with the community To view all hosts and the communities to which they are assign...

Страница 167: ...te problems in the functioning of the system To display the Alarm page log into the Configuration Manager click the Admin tab and then click in the task bar The Alarm page is shown in Figure 73 Figure 73 Alarm Page Each row in the table displays the time and date that an alarm occurred the type of alarm and a brief statement indicating its cause You can click on the Refresh Rate drop down list to ...

Страница 168: ...epresent unexpected or improper functioning and is not captured by the system traps that create alarms This information accumulates and displays in a system log window To view the system log click the Admin tab and then click in the task bar Figure 74 System Log page You can click to display a Windows File Download dialog box that enables opening or saving the contents of the log to your PC The fi...

Страница 169: ...e 9200 S s DSL line log into Configuration Manager and then click the WAN tab The DSL Status page displays by default Figure 75 DSL Status Page Figure 76 DSL Status Page The DSL Status page displays current information on the DSL line performance The page refreshes according to the setting in the Refresh drop down list which you can configure ...

Страница 170: ...LT you need to select Delt from drop down menu and click Although you generally will not need to view the remaining data it may be helpful when troubleshooting connection or performance problems with your ISP You can click to reset all counters to zero You will not be able to clear Counter if connected standard is of ADSl2 2 category Click to redisplay the page with newly accumulated values You ca...

Страница 171: ...rs and Status table displays settings preconfigured by the product manufacturer or your ISP The Config Data table lists various types of error and defects measurements found on the DSL line You cannot modify this data From the DSL Status page you can also click to display DSL line performance statistics ...

Страница 172: ...interval the current day and the previous day At the bottom of the page the Detailed Interval Statistic table displays links you can click on to display detailed data for each 15 minute interval in the past 24 hours For example when you click on 1 4 data displays for the 16 intervals 15 minutes each that make up the previous 4 hours Figure 79 shows an example ...

Страница 173: ...Chapter 16 Monitoring System Status and Performing Diagnostics 173 Figure 79 DSL Interval Statistics Page ...

Страница 174: ...e displays Figure 80 Diagnostics Page 2 From the WAN Interface drop down list select the name of the WAN interface you want to test 3 Click The diagnostics utility runs a series of test to check whether the device s connections are up and working This takes only a few seconds and the results for each test are displayed on screen Pass Fail or Skipped A test may be skipped if the program determines ...

Страница 175: ... provides a utility for executing ping Follow these steps 1 Display the WAN tab click in the task bar and click at the bottom of the Diagnostics page The Diagnostics Ping page displays Figure 81 Diagnostics Ping Page 2 In the Dest IP Address text boxes type the IP address of the computer you want to ping Or in the Dest Hostname text box type the domain name of the target site such as yahoo com or ...

Страница 176: ...at the packet has been discarded The receipt of this message enables the Hurricane 9200 S to determine that the ping UDP packets reached the initial router and the packet s approximate time in transit The traceroute utility then sends out packets with a TTL of 2 The First router that receives the packet reduces the TTL to 1 and routes the packet to the next hop The second router that receives the ...

Страница 177: ...nnection or server problems Maximum hops The maximum number of hops that can be discovered in a traceroute before it terminates Traceroute Timeout secs The number of seconds after sending ping UDP packets that the traceroute will timeout if no reply is received Destination UDP port When the Probe Message Type is specified as UDP the traceroute commands includes an invalid destination UDP port addr...

Страница 178: ...u can use Configuration Manager to upload the file from the CD ROM drive or your PC s hard drive or shared network drive to system flash On remote ISP server You can use Configuration Manager download the file and load it to system flash Follow this procedure if you have obtained an updated image from your ISP and stored the file on your PC CD ROM or other media 1 Insert the media containing the f...

Страница 179: ...uired 1 Log into Configuration Manager click the Admin tab and then click in the task bar The Remote Image Upgrade page displays Figure 84 Remote Image Upgrade Page Note If the page does not display a table as shown in Figure 84 but displays only the Upload button skip to step 5 In this case the download server IP address filename and logon information has already been hard coded into your system ...

Страница 180: ... extract configuration data from the software image and save it on your PC as a text file If you later change the system configuration but then want to revert to the previous settings you can load the configuration file back to the system This feature may be especially useful when you receive an image upgrade file from your ISP containing software updates Uploading the new image may overwrite your...

Страница 181: ...back to commitedcfg cfg before restoring it To restore a saved configuration file click A Windows dialog box will display to enable you to select the file which must be named commitedcfg cfg from your PC or network Double click the file and then click The following message displays while the file is being uploaded When the system reboots your connection to the Configuration Manager will be suspend...

Страница 182: ...s you may want to assign non standard port numbers to the HTTP and Telnet servers that are embedded on the Hurricane 9200 S The following scenario is one example in which changing the HTTP port number may be necessary You have an externally visible Web server on your LAN with a NAT rule RDR flavor that redirects incoming HTTP packets to that Web server When incoming packets contain a destination I...

Страница 183: ... contact them before making any changes here Follow these steps to modify port settings 1 Log into Configuration Manager click the Admin tab and then click in the task bar The Port Settings page is shown in Figure 86 Figure 86 Port Settings Page 2 Type the new port number s in the appropriate text box es and click The default port numbers are shown in Figure 86 You can enter non standard port numb...

Страница 184: ...scovered that connection is used for the current session and the VPI VCI values are remembered for initial use the next time the modem starts up 8 Autodetect can be used to establish PPPoE PPPoA IPoA 1577 and EoA connections and can be configured in either of two modes bridging mode and routing mode These modes are specific to the Autodetect feature and are configured in addition to the system ope...

Страница 185: ...odem is rebooted 5 Click A warning message will display to inform you that the current configuration will be lost 6 Click The modem will reboot and the Web interface will be temporarily unavailable Upon reboot Autodetect will begin searching for a valid VC and will create a PPP an EoA or an IPoA interface on your modem corresponding to the type of interface detected on the access server You can mo...

Страница 186: ...example a 7 digit telephone number starts with a 3 digit prefix that identifies a group of thousands of telephone lines and ends with four digits that identify one specific line in that group Similarly IP addresses contain two kinds of information Network ID Identifies a particular network within the Internet or intranet Host ID Identifies a particular computer or device on the network The first p...

Страница 187: ...ined easily from field1 field1 1 126 Class A field1 128 191 Class B field1 192 223 Class C field1 values not shown are reserved for special uses A host ID can have any value except all fields set to 0 or all fields set to 255 as those values are reserved for special uses Definition mask A mask looks like a regular IP address but contains a pattern of bits that tells what parts of an IP address are...

Страница 188: ...The two extra bits in field4 can have four values 00 01 10 11 so there are four subnets Each subnet uses the remaining six bits in field4 for its host IDs ranging from 0 to 63 Note Sometimes a subnet mask does not specify any additional network ID bits and thus no subnets Such a mask is called a default subnet mask These masks are Class A 255 0 0 0 Class B 255 255 0 0 Class C 255 255 255 0 These a...

Страница 189: ... the device to an ordinary hub port not Uplink you must use a straight through cable To check hold the connectors at each end of the cable side by side with the plastic spring facing down Looking at the wires from left to right if the first second third and sixth wires are the same color on the two connectors then it is a straight through type On a cross over type wire 1 on one connector should be...

Страница 190: ...Manager Program I forgot lost my Configuration Manager user ID or password If you have not changed the password from the default try using root as both the user ID and password Otherwise you can reset the device to the default configuration by pressing hold onto the Reset button on the back panel of the device for 5 secs using a pointed object such as a pen tip Then type the default User ID and pa...

Страница 191: ...ater bandwidth for supporting simultaneous users and a higher maximum speed 802 1x An IEEE protocol that specifies a sequence of messages and responses for authentication exchanges occur among ends user stations attempting to log on to a network the network node that handles such requests and an authentication server that stores user authentication data See also authentication server and RADIUS ac...

Страница 192: ...nd A telecommunications technology that can send different types of data over the same medium DSL is a broadband technology broadcast To send data to all computers on a network DHCP Dynamic Host Configuration Protocol DHCP automates address assignment and management When a computer connects to the LAN DHCP assigns it an IP address from a shared pool of IP addresses after a specified time limit DHC...

Страница 193: ...twork Address Translation services FTP File Transfer Protocol A program used to transfer files between computers connected to the Internet Common uses include uploading new or updated files to a web server and downloading files from a web server hop When you send data through the Internet it is sent first from your computer to a router and then from one router to another until it finally reaches a...

Страница 194: ... for a fee LAN Local Area Network A network limited to a small geographic area such as a home office or small building LED Light Emitting Diode An electronic light emitting device The indicator lights on the front of the Hurricane 9200 S are LEDs MAC address Media Access Control address The permanent hardware address of a device assigned by its manufacturer MAC addresses are expressed as six pairs...

Страница 195: ...nline It can also be used to reveal the IP address for a given domain name port A physical access point to a device such as a computer or router through which data flows into and out of the device PPP Point to Point Protocol A protocol for serial data transmission that is used to carry IP and other protocol data between your ISP and your computer The WAN interface on the Hurricane 9200 S uses two ...

Страница 196: ...ysically connected to the rest of the parent network but they are treated as though they were on a separate network See also network mask subnet mask A mask that defines a subnet See also network mask supplicant In the 802 1x protocol a device that attempts to log on to a network by providing authentication information which is compared to information stored on an authentication server TCP IP Tran...

Страница 197: ...nternet USB Universal Serial Bus A serial interface that lets you connect devices such as printers scanners etc to your computer by simply plugging them in The Hurricane 9200 S is equipped with a USB interface H9200 only for connecting to a stand alone PC VC Virtual Circuit A connection from your ADSL router to your ISP VCI Virtual Circuit Identifier Together with the Virtual Path Identifier VPI t...

Страница 198: ......

Страница 199: ... Bridge filters 150 Bridge forwarding table 74 Bridgeable interfaces 78 82 83 85 Bridged Internet connection configuring 82 Bridge Router AutoSense BRAS 85 Bridges overview 74 Bridging 192 special features 84 Broadband 192 Broadcast 192 Commit Reboot page 45 Computers configuring IP information 20 Configuration Manager overview 35 troubleshooting 190 Data packet 117 Date and time changing 42 Downl...

Страница 200: ...ge 173 DSL Parameters page 170 171 DSL Statistics page 172 DSL Status page 169 Dynamically assigned IP addresses 93 EOA defined 65 EOA interface 91 EOA Interface Add page 67 EOA page 65 Eth 0 interface defined 33 Ethernet defined 193 Ethernet cable 18 straight through vs crossover 189 Features 15 Filter NAT flavor 131 Filtering rule 193 Firewall 193 settings 136 Firewall Blacklisted Hosts page 138...

Страница 201: ... IP information configuring on LAN computers 20 IP Route Add page 110 IP Route Table page 108 IP routes manually configuring 108 adding 110 type 109 IP Routes defined 106 IPoA Interface Add page 72 IPoA Interface Global Map page 73 IPoA Interface Map page 73 IPoA page 70 ISP 194 LAN 194 LAN Configuration page 51 LAN interface configuring multiple 92 LAN IP address 49 51 specifying 50 viewing 91 LA...

Страница 202: ...classes 187 Network ID 186 Network interface card 15 Network mask 195 in DHCP address table 99 Network mask 187 NIC 195 Notational conventions 12 Operating mode scenarios 81 Operating modes as displayed in the System View table 76 overview 74 ZIPB 86 Packet 195 Packets filtering 140 Pages Alarm 167 ATM VC Add 57 58 ATM VC Configuration 56 Autodetect 185 Backup Restore Config 180 Blocked Protocols ...

Страница 203: ...ons 123 NAT Translations Details 124 Port Settings 183 PPP Detail 62 PPP Configuration 59 PPP Interface Add 64 Quick Configuration 30 Remote Image Upgrade 179 RIP Configuration 112 RIP Global Statistics 114 SNMP Host Add 166 System Log 168 System Mode 80 System Modify 42 User Config Add 162 User Config Modify 163 User Configuration 161 Parts checking for 16 PASS NAT flavor 134 Password default 36 ...

Страница 204: ...spection 145 Static IP addresses 25 Statically assigned IP addresses 93 Storing an image 180 Submitting vs committing 45 Subnet 196 defined 97 Subnet mask See Network mask Subnet masks 187 System Modify page 42 System Log page 168 System Mode page 80 System requirements for Configuration Manager 35 System requirements 15 TCP IP 196 Telnet port modifying address 182 Testing setup 34 Time and date c...

Страница 205: ...AN interface configuring multiple 92 IP address 91 WAN to WAN bridging configuring 84 Web browser requirements 15 Web browser requirements 35 Web browsers compatible versions 35 Windows NT configuring IP information 24 ZIPB mode configuring 86 ...

Результаты поиска

Содержание Hurricane 9200/S

Отзывы:

Похожие инструкции для Hurricane 9200/S

Бренды по названию

Популярные бренды

PROLiNK Hurricane 9200/S, Руководство пользователя

Результаты поиска

Содержание Hurricane 9200/S

Отзывы:

Похожие инструкции для Hurricane 9200/S

Бренды по названию

Популярные бренды