Motorola Netopia 3300 Guide de l'utilisateur

Naviguer en ligne ou télécharger Guide de l'utilisateur pour Routeurs Motorola Netopia 3300. Motorola Netopia 3300 User guide Manuel d'utilisatio

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 279
  • Table des matières
  • DEPANNAGE
  • MARQUE LIVRES
  • Noté. / 5. Basé sur avis des utilisateurs

Résumé du contenu

Page 1 - Software User Guide

Netopia® Software User GuideFirmware Version 7.4.2February 2005Netopia® 3300 Series Gatewaysfor eircom broadband

Page 2 - Copyright

Introduction 10 Introduction curly ({ }) brackets, with values separated with vertical bars (|).Alternative values for an argument are presented in c

Page 3 - Table of Contents

100Link: NATWhen you click NAT, the NAT (Games and Other Services) page appears.NAT (Games and Other Services) allows you to host internet application

Page 4

101Links BarEach time you enable a software service or game your entry will be added to the list of Service Names displayed on the NAT Configuration pa

Page 5

102F-16, Mig 29 F-22, Lightning 3 Fighter Ace IIFTP GNUtella H.323 compliant (Netmeeting, CUSeeME)Half Life Hellbender for Windows, v 1.0 Heretic IIHe

Page 6

103Links BarDefine Custom ServiceTo configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. • Port Forwarding forwards a ran

Page 7

104Port Forwarding forwards a range of WAN ports to an IP address on the LAN. Enter the fol-lowing information: • Service Name: A unique identifier for

Page 8 - A Word About Example Screens

105Links Bar• Service Name: A unique identifier for the Custom Service. • Global Port Range: Range of ports on which incoming traffic will be received.

Page 9 - Documentation Conventions

106Link: Packet FilterWhen you click Packet Filter, the Filter Sets screen appears.Security should be a high priority for anyone administering a netwo

Page 10 - Introduction

107Links BarNetopia’s packet filters are designed to provide security for the Internet connections made to and from your network. You can customize the

Page 11 - Capabilities

108A filter inspects data packets like a customs inspector scrutinizing packages.Filter priorityContinuing the customs inspectors analogy, imagine the

Page 12 - Wide Area Network Termination

109Links Barchance to forward or reject it, and so on. Because of this hierarchical structure, each filter is said to have a priority. The first filter h

Page 13

11 CHAPTER 1 Overview of Major Capabilities The Netopia Gateway offers simplified setup and management features as well as advanced broadband Gateway

Page 14

110Here is what this rule looks like when implemented as a filter in your Gate-way: To understand this particular filter, look at the parts of a filter.P

Page 15 - Management

111Links BarPort number comparisonsA filter can also use a comparison option to evaluate a packet’s source or destination port number. The comparison o

Page 16

112• Greater Than or Equal: For the filter to match, the packet’s port number must be greater than or equal to the port number specified in the filter.Ot

Page 17 - Security

113Links Bar• Protocol: The protocol to match. This can be entered as a number (see the table below) or as TCP or UDP if those protocols are used.• Sr

Page 18

114• Using the tables on page 111, find the destination port and protocol numbers (the local Telnet port):• Protocol = TCP (or 6)• Destination Port = 2

Page 19

115Links BarFiltering example #2Suppose a filter is configured to block all incoming IP packets with the source IP address of 200.233.14.0, regardless o

Page 20 - VPN IPSec Pass Through

116Design guidelinesCareful thought must go into designing a new filter set. You should consider the following guidelines: • Be sure the filter set’s ov

Page 21

117Links BarWorking with IP Filters and Filter SetsTo work with filters and filter sets, begin by accessing the filter set pages.☛ NOTE:Make sure you un

Page 22 - Stateful Inspection Firewall

118Adding a filter setYou can create up to eight different custom filter sets. Each filter set can contain up to 16 output filters and up to 16 input filte

Page 23 - Basic Mode Setup

119Links BarAdding filters to a filter setThere are two kinds of filters you can add to a filter set: input and output. Input filters check packets receive

Page 24 - ☛ CAUTION:

12and branch offices to safely and affordably connect to a remote business network, for effective communication and collaboration.Wide Area Network Ter

Page 25 - Set up the Netopia Gateway

120To add a filter, select the Filter Set Name to which you will add a filter, and click the Edit button. The Filter Set page appears.

Page 26 - Microsoft Windows:

121Links Bar☛ Note:There are two Add buttons in this page, one for input filters and one for out-put filters. In this section, you’ll learn how to add

Page 27

122This allows you to further modify the way the filter will match on the source address. Enter 0.0.0.0 to force the filter to match on all source IP ad

Page 28 - Configure the Netopia Gateway

123Links BarViewing filtersTo display the table of input or output filters, select the Filter Set Name in the Filter Set page and click the Add or Edit

Page 29 - Configure the Netopia Gateway

124Moving filtersTo reorganize the filters in a filter set, select a filter from the table and click the Move Up or Move Down button to place the filter in

Page 30 - 3347W/3357W Front View

125Links BarClick the Ethernet 100BT link.The Ethernet 100BT page appears.From the pull-down menu, select the filter set to associate with this interfa

Page 31

126Firewall TutorialGeneral firewall terms☛ Note:The basic Firewall (see “Firewall” on page 35) does not make use of the packet filter support and can

Page 32

127Links BarThis header information is what the packet filter uses to make filtering decisions. It is important to note that a packet filter does not loo

Page 33

128Example TCP/UDP PortsFirewall design rulesThere are two basic rules to firewall design:• “What is not explicitly allowed is denied.”and• “What is no

Page 34 - Home Page Links

129Links Barand a packet goes through these rules destined for FTP, the packet would forward through the first rule (WWW), go through the second rule (

Page 35 - Firewall

13Wide Area Network TerminationWhile an Always On connection is convenient, it does leave your network permanently con-nected to the Internet, and the

Page 36 - Firewall Background

130Example networkItem What it meansNo Compare Does not compare TCP or UDP portNot Equal To Matches any port other than what is definedLess Than Anythi

Page 37

131 Links Bar Example filtersExample 1 Incoming packet has the source address of 200.1.1.28This incoming IP packet has a source IP address that match

Page 38 - ☛ NOTES:

132 Example 4 Incoming packet has the source address of 200.1.1.104.This rule does match and this packet will not be forwarded. Example 5 Incomin

Page 39

133 Links Bar Policy-based Routing using Filtersets The Netopia Gateway offers the ability to route IP packets using criteria other than the destinat

Page 40 - On - Manual

134 Example: You want packets with the TOS low latency bit to go through VC 2 (via gate-way 127.0.0.3) instead of your normal gate-way. You would se

Page 41 - Enable Multiple Wireless IDs

135 Links Bar Link: QoS When you click QoS , the QoS screen appears.Your Gateway offers Differentiated Services (Diffserv). This feature allows y

Page 42

136You can then define Custom Flows. If your applications do not provide Quality of Service (QoS) control, Custom Flows allows you to define streams for

Page 43 - Block Wireless Bridging

137Links BarQoS Setting TOS Bit Value BehaviorOff TOS=000 This custom flow is disabled. You can activate it by selecting one of the two settings below.

Page 44

138Link: Router PasswordWhen you click Router Password, the Router Password page appears.By default, your Gateway requires no password to access the a

Page 45 - RADIUS Server authentication

139Links BarLink: Time ZoneWhen you click the Time Zone link, the Time Zone page appears.You can set your local time zone by selecting the number of h

Page 46 - Save Changes

14Simplified Local Area Network SetupDHCP (Dynamic Host Configuration Protocol) ServerDHCP Server functionality enables the Gateway to assign to your LA

Page 47

140Link: VLANWhen you click VLAN, the VLANs page appears.A Virtual Local Area Network (VLAN) is a network of computers that behave as if they are conn

Page 48 - Access by MAC Address

141Links BarAn example of multiple VLANs, using a Netopia Gateway with VGx managed switch technol-ogy, is shown below:To create a VLAN, click the Add

Page 49

142You can create up to 32 VLANs, and you can also restrict any VLAN, and the computers on it, from administering the Gateway.• VLAN ID – This must be

Page 50

143Links BarFor Netopia VGx technology models, separate Ethernet switch ports are displayed and may be configured.To enable any of them on this VLAN, s

Page 51

144You can Add, Edit, or Delete your VLAN entries by returning to the VLANs page, and selecting the appropriate entry from the displayed list.

Page 52

145Links BarLink: StatisticsDSLWhen you click DSL, the DSL Statistics page appears.The DSL Statistics page displays information about the Router'

Page 53

146IPWhen you click IP, the IP Statistics page appears. The IP Statistics page displays the IP interfaces and routing table information about your net

Page 54

147Links BarDevices on LANDisplays the IP Address, MAC (hardware) Address, and network Name for each device on your LAN connected to the Router. Wirel

Page 55

148Select a log from the pull-down menu (the pull-down menu is available from every Log page):• All: Displays the entire system log. • Connection: Dis

Page 56

149Links BarYour Netopia Gateway reports the following eight event types: Event DetailsDetails on the eight specific event types and the information lo

Page 57 - Expert Mode

15ManagementManagementEmbedded Web ServerThere is no specialized software to install on your PC to configure, manage, or maintain your Netopia Gateway.

Page 58 - Troubleshoot

150would otherwise be transmitted to a subnet broadcast address. The Security Monitoring logs the event.Logged information includes:Illegal Packet Siz

Page 59

151Links BarExcessive Pings. The PING (Packet InterNet Groper) Utility is used by hackers to iden-tify prospective targets that can be attacked. The S

Page 60 - Ethernet

152Link: DiagnosticsWhen you click Diagnostics, the Diagnostics page appears.This automated multi-layer test examines the functionality of the Router

Page 61 - USB (supported models only)

153Links Bar* PENDING: The test timed out without producing a result. Try running Diagnostics again.* WARNING: The test was unsuccessful. The Service

Page 62 - Clear All Logs

154Link: Remote AccessWhen you click Remote Access, the Enable Remote Access page appears.This link allows you to authorize a remotely-located person,

Page 63 - Access Control Login

155Links BarLink: Update Router☛ This link is not available on the 3342/3352 models, since firmware updates must be upgraded via the USB host driver.W

Page 64

156You can update your software in either of two ways:From a Server• If an updated version exists, click the Update Software from Server button, and a

Page 65

157Links BarLink: Reset RouterYou might need to reset your Router to its factory default state, and clear all of your previ-ous settings. The Reset Ro

Page 66

158Link: Restart RouterWhen the Gateway is restarted, it will disconnect all users, initialize all its interfaces, and copy the Operating System Softw

Page 67 - Home Page - Expert Mode

159Basic ModeBasic ModeWhen you click Basic Mode, you will be returned to the Basic Mode Home Page.

Page 68 - Home Page - Information

16☛ NOTE:Your Service Provider may request information that you acquire from these var-ious diagnostic tools. Individual tests may be performed at th

Page 69

160HelpWhen you click the Help link in the left-hand column of links a page of explanatory infor-mation displays. Help (in English only) is available

Page 70 - Configure

161CHAPTER 4 Basic TroubleshootingThis section gives some simple suggestions for troubleshooting problems with your Gate-way’s initial configuration.Be

Page 71 - Connection

162Status Indicator LightsThe first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined in the following secti

Page 72

163Status Indicator LightsNetopia Gateway 3341/3351 series status indicator lightsEthernet LinkEthernet TrafficDSL TrafficDSL SyncUSB ActivePowerPower

Page 73

164Netopia Gateway 3346/3356 series status indicator lightsPower - Flashes green when trainingSolid green when connectedSolid green when trainedto eac

Page 74

165Status Indicator LightsNetopia Gateway 3342/3352 status indicator lights☛ Special patterns:• Both LEDs are off during boot (power on boot or warm

Page 75

166LED Function Summary MatrixIf a status indicator light does not look correct, look for these possible problems:PowerUSB ActiveDSL SyncDSL TrafficEth

Page 76

167Status Indicator Lights EN Link UnlitNote: EN Link light is inactive if only using USB.• Make sure the you are using the Ethernet cable, not the DS

Page 77

168Wireless LinkUnlit• Make sure your client PC(s) have their wireless cards correctly installed and configured.• Check your client PC(s) TCP/IP settin

Page 78

169Factory Reset SwitchFactory Reset Switch(optional on some models; 3342/3352 models do not have a reset switch)Lose your password? This section show

Page 79

17SecuritySecurityRemote Access ControlYou can determine whether or not an administrator or other authorized person has access to configuring your Gate

Page 80

1702. Carefully insert the point of a pen or an unwound paperclip into the opening.3. Hold the button in until the “Power” LED turns RED and then hold

Page 81

171CHAPTER 5 Command Line InterfaceThe Netopia Gateway operating software includes a command line interface (CLI) that lets you access your Netopia Ga

Page 82

172OverviewThe CLI has two major command modes: SHELL and CONFIG. Summary tables that list the commands are provided below. Details of the entire comm

Page 83

173OverviewCONFIG CommandsCommand Verbs Status and/or Descriptiondelete Delete configuration list datahelp Help command optionsave Save configuration da

Page 84

174Starting and Ending a CLI SessionOpen a telnet connection from a workstation on your network.You initiate a telnet connection by issuing the follow

Page 85

175Using the CLI Help FacilitySaving SettingsIn CONFIG mode, the save command saves the working copy of the settings to the Gate-way. The Gateway auto

Page 86

176The only commands you cannot truncate are restart and clear. To prevent accidental interruption of communications, you must enter the restart and c

Page 87 - Add User

177SHELL CommandsEach test generates one of the following result codes:download [server_address ] [filename] [confirm]This command installs a file of con

Page 88 - Edit Profile

178license [key]This command installs a software upgrade key. An upgrade key is a purchased item, based on the serial number of the gateway.Software F

Page 89

179SHELL CommandsExample:Netopia-3000/11171732> license Xf94J84bXThe Gateway will respond with:Feature Key Successfully stored, ready to restart.3.

Page 90 - Web Filter Profile

18• When NAT is OFF, a Netopia Gateway acts as a traditional TCP/IP router, all LAN com-puters/devices are exposed to the Internet.A diagram of a typi

Page 91 - Chat Filter Profile

180☛ NOTE:The new Enterprise Class operating system software changes the IP address of your Gateway. It also removes the Web-based user interface and

Page 92

181SHELL Commands•4 or warning – Warnings or greater; includes recoverable error conditions and useful operator information.•5 or failure – Failures;

Page 93 - Email Filter Profile

182quit Exits the Netopia Gateway command line interface.reset arp Clears the Address Resolution Protocol (ARP) cache on your unit.reset crash Clears

Page 94 - Add Address

183SHELL Commandsreset wan-users [all | ip-address]This function disconnects the specified WAN User to allow for other users to access the WAN. This fu

Page 95 - Delete User Profile

184show ip interfacesDisplays the IP interfaces for your Netopia Gateway.show ip ipsecDisplays IPSec Tunnel statistics.show ip firewallDisplays firewall

Page 96 - DHCP Server

185SHELL Commandsshow statusDisplays the current status of a Netopia Gateway, the device's hardware and software revi-sion levels, a summary of e

Page 97

186WAN Commandsatmping vccn [ segment | end-to-end ]Lets you check the ATM connection reachability and network connectivity. This command sends five Op

Page 98 - IP Passthrough

187About CONFIG Commandsshow dslDisplays DSL port statistics, such as upstream and downstream connection rates and noise levels. show ppp [{ stats | l

Page 99

188Netopia-3000/9437188 (top)>> quitNetopia-3000/9437188 >• Moving from top to a subnode — You can navigate from the top node to a subnode by

Page 100

189About CONFIG CommandsEntering Commands in CONFIG ModeCONFIG commands consist of keywords and arguments. Keywords in a CONFIG command specify the ac

Page 101 - Links Bar

19SecurityNetopia Gateways provide special gaming and other service configuration tools that enable you to establish NAT-protected LAN layouts that sti

Page 102

190If a command is ambiguous or miskeyed, the CLI prompts you to enter additional informa-tion. For example, you must specify which virtual circuit yo

Page 103 - Define Custom Service

191CONFIG CommandsNetopia-3000/9437188 (top)>> set system...system name (“Netopia-3000/9437188”): Mycroft Diagnostic Level (High): mediumSte

Page 104

192set atm [vcc n] option {on | off } Selects the virtual circuit for which further parameters are set. Up to eight VCCs are sup-ported; the maximum n

Page 105 - Static NAT

193CONFIG Commandsthe Peak Cell Rate after which the ATM VC transmission rate must drop to the Sustained Cell Rate.set atm [vcc n] vpi { 0 ... 255 }

Page 106 - ☛ WARNING:

194set atm [vccn] pppoe-sessions { 1 ... 8 }Select the number of PPPoE sessions to be configured for VCC 1, up to a total of eight. The total number o

Page 107 - How filter sets work

195CONFIG Commandsset bridge ethernet option { on | off } Enables or disables bridging services for the specified virtual circuit using Ethernet fram-i

Page 108 - APPROVED

196set dhcp lease-time lease-time If you selected server, specifies the default length for DHCP leases issued by the Netopia Gateway. Enter lease time

Page 109 - How individual filters work

197CONFIG CommandsDomain Name System SettingsDomain Name System (DNS) is an information service for TCP/IP networks that uses a hierarchical naming sy

Page 110

198set dynamic-dns ddns-user-password myuserpasswordEnables or disables dynamic DNS services. The default is off. If you specify dyndns.org, you must

Page 111

199CONFIG Commandsset ip dsl vccn broadcast broadcast_addressSpecifies the broadcast address for the TCP/IP network connected to the virtual circuit. I

Page 112

2 Copyright Copyright © 2005 Netopia, Inc. V 7.4.2-EIRAll rights reserved. Netopia, Inc. Netopia and the Netopia logo are registered trademarks belon

Page 113

20IP-PassthroughThe Netopia Gateway now offers an IP passthrough feature. The IP passthrough feature allows a single PC on the LAN to have the Gateway

Page 114

200an extension of RIP-2 that increases security by requiring an authentication key when routes are advertised.Depending on your network needs, you ca

Page 115 - ☛ Note:

201CONFIG CommandsThe broadcast address for most networks is the network number followed by 255. For example, the broadcast address for the 192.168.1.

Page 116 - An approach to using filters

202set ip ethernet A rip-send { off | v1 | v2 | v1-compat | v2-MD5 }Specifies whether the Netopia Gateway should use Routing Information Protocol

Page 117 - ☛ NOTE:

203CONFIG Commandsset ip gateway interface { ip-address | ppp-vccn }Specifies how the Netopia Gateway should route information to the default Gateway.

Page 118 - Adding a filter set

204set ip ip-ppp [vccn] peer-address ip_addressSpecifies the IP address of the peer on the other end of the PPP link. If you specify an IP address othe

Page 119 - Adding filters to a filter set

205CONFIG CommandsIf you specify v2-MD5, you must also specify a rip-send-key. Keys are ASCII strings with a maximum of 31 characters, and must match

Page 120 - The Filter Set page appears

206IGMP Forwardingset ip igmp-forwarding [ off | on ]Turns IP IGMP forwarding off or on. The default is off.IPsec Passthroughset ip ipsec-passthrough

Page 121

207CONFIG Commandsset diffserv lohi-assymetry [ 60 - 100 percent ]Sets a percentage between 60 and 100 used to regulate the level of packets allowed t

Page 122

208set diffserv custom-flows name name protocol [ TCP | UDP | ICMP | other ] direction [ outbound | inbound | both ] start-port

Page 123 - Deleting filters

209CONFIG CommandsSIP Passthroughset ip sip-passthrough [ on | off ]Turns Session Initiation Protocol application layer gateway client passthrough on

Page 124 - Deleting a filter set

21SecurityA typical VPN IPSec Tunnel pass through is diagrammed below:☛ NOTE:Typically, no special configuration is necessary to use the IPSec pass th

Page 125 - Ethernet 100BT

210set ip static-routes destination-network net_address gateway-address gate_addressSpecifies the IP address of the Gateway for the static route.

Page 126

211CONFIG Commandsset ip static-routes destination-network net_address rip-advertise [ SplitHorizon | Always | Never ]Specifies whether the gatew

Page 127 - Basic protocol types

212Network Address Translation (NAT) Default SettingsNAT default settings let you specify whether you want your Netopia Gateway to forward NAT traffic

Page 128 - Firewall design rules

213CONFIG CommandsNetwork Address Translation (NAT) Pinhole SettingsNAT pinholes let you pass specific types of network traffic through the NAT interfac

Page 129 - Filter basics

214set pinhole name name internal-ip internal-ipSpecifies the IP address of the internal host to which traffic of the specified type should be transferre

Page 130 - Input Packet

215CONFIG Commandsset PPP module [vccn] magic-number { on | off }Enables or disables LCP magic number negotiation.set PPP module [vccn] protocol-compr

Page 131

216set PPP module [vccn] connection-type { instant-on | always-on }Specifies whether a PPP connection is maintained by the Netopia Gateway when i

Page 132

217CONFIG CommandsThe username argument is 1- 255 alphanumeric characters. The information you enter must match the username configured in the PPP peer

Page 133

218Port Renumbering SettingsIf you use NAT pinholes to forward HTTP or telnet traffic through your Netopia Gateway to an internal host, you must change

Page 134

219CONFIG CommandsSecurity SettingsSecurity settings include the Firewall, Stateful Inspection, and IPSec parameters. IPSec security functionality is

Page 135

22Dynamic DNSDynamic DNS support allows you to use the free services of www.dyndns.org. Dynamic DNS automatically directs any public Internet request

Page 136

220Stateful InspectionStateful inspection options are accessed by the security state-insp tag.Stateful inspection is a security feature that prevents

Page 137

221CONFIG Commandsset security state-insp [ ip-ppp | dsl ] vccn tcp-seq-diff [ 0 - 65535 ]set security state-insp ethernet [ A | B ] tcp-seq-diff

Page 138 - Router Password

222set security state-insp [ ip-ppp | dsl ] vccn deny-fragments [ off | on ]set security state-insp ethernet [ A | B ] deny-fragments [ off

Page 139 - Time Zone

223CONFIG Commands32 exposed addresses can be created. The range for exposed address numbers are from 1 through 32.set security state-insp xposed-addr

Page 140

224 router-accessdefault-mapping (onoff) [ off | on ]: tcp-seq-diff (0) [ 0 - 65535 ]: deny-fragments (off) [ off | on ]:For RFC1483

Page 141 - The VLAN Entry page appears

225CONFIG CommandsNetopia-3000/10114104 (xposed-addr)>> set xposed-addr (xposed-addr) node list ... "1" "3" Sele

Page 142

226IPSec SettingsIPSec VPN is a tunnel between the local network and another geographically dispersed net-work that is interconnected over the Interne

Page 143

227CONFIG Commandsset security ipsec tunnels name "123" dest-int-network ip-addressSpecifies the IP address of the destination computer or in

Page 144

228Peer Internal IP NetmaskThe Peer Internal IP Netmask is the subnet mask of the Peer Internal IP Network.PFS Enable Perfect Forward Secrecy (PFS) is

Page 145 - Statistics

229CONFIG Commandsset security ipsec tunnels name "123" encrypt-protocol (ESP) { ESP | none }Sets the encryption protocol for the spe

Page 146

23CHAPTER 2 Basic Mode SetupMost users will find that the basic Quickstart configuration is all that they ever need to use. This section may be all that

Page 147 - Wireless

230set security ipsec tunnels name "123" IKE-mode pre-shared-key-type (hex) {ascii | hex}Sets the IKE mode pre-shared key type for the

Page 148 - Security Monitor

231CONFIG Commandsset security ipsec tunnels name "123" IKE-mode isakmp-SA-hash (MD5) {MD5 | SHA1}Sets the IKE mode ISAKMP Security As

Page 149 - Event Details

232set security ipsec tunnels name "123" local-id id_valueSpecifies the NAT local ID value as specified in the local-id-type for the specified

Page 150

233CONFIG Commands ipsec-soft-seconds (82800) {60-1000000}set security ipsec tunnels name "123" IKE-mode ipsec-hard-mbytes (1200)

Page 151

234SNMP SettingsThe Simple Network Management Protocol (SNMP) lets a network administrator monitor problems on a network by retrieving settings on rem

Page 152 - Diagnostics

235CONFIG CommandsSNMP Notify Type SettingsSNMP Notify Type is supported beginning with Firmware Version 7.4.2.set snmp notify type [ v1-trap | v2-tra

Page 153 - Result Meaning

236 { off | low | medium | high | alerts | failures }Specifies the types of log messages you want the Netopia Gateway to record. All messages with

Page 154 - Remote Access

237CONFIG Commands url-server ("server_name") interval (00:00:00:20) contact-email ("string@domain_name") loca

Page 155 - Update Router

238set system syslog log-violations [ off | on ]Specifies whether violations are logged or ignored.set system syslog log-accepted [ off | on ]Specifies

Page 156 - From your PC

239CONFIG Commands set system syslog log-violations on set system syslog log-accepted on set system syslog log-attempts on4. Set NTP parameters• Ty

Page 157 - Reset Router

24Important Safety InstructionsPOWER SUPPLY INSTALLATIONConnect the power supply cord to the power jack on the Netopia Gateway. Plug the power supply

Page 158 - Restart Router

240Wireless Settings (supported models)set wireless option ( on | off )Administratively enables or disables the wireless interface.set wireless ssid {

Page 159 - Basic Mode

241CONFIG Commandsset wireless no-bridging [ off | on ]When set to on, this will block wireless clients from communicating with other wireless cli-ent

Page 160 - When you click the

242cessfully decode. Note that a client allows you to choose which of its keys it will use to transmit. Therefore, you must have an identical key in t

Page 161 - Basic Troubleshooting

243CONFIG CommandsWireless MAC Address Authorization Settingsset wireless mac-auth option { on | off }Enabling this feature limits the MAC addresses t

Page 162 - Status Indicator Lights

244☛ Note:To make a set of VLANs non-routable, the lan-uplink port must be included in at least one VLAN and must be excluded from any VLANs that are

Page 163

245CONFIG CommandsDSL Forum settingsTR-064 is a LAN-side DSL CPE configuration specification and TR-069 is a WAN-side DSL CPE Management specification.se

Page 165 - ☛ Special patterns:

247CHAPTER 6 Glossary10Base-T. IEEE 802.3 specification for Ethernet that uses unshielded twisted pair (UTP) wiring with RJ-45 eight-conductor plugs at

Page 166 - LED Function Summary Matrix

248adapter. Board installed in a computer system to provide net-work communication capability to and from that computer sys-tem.address mask. See subn

Page 167

249-----B-----backbone. The segment of the network used as the primary path for transporting traffic between network segments.baud rate. Unit of signal

Page 168

25Set up the Netopia GatewaySet up the Netopia GatewayRefer to your Quickstart Guide for instructions on how to connect your Netopia Gateway to your p

Page 169 - Factory Reset Switch

250graph and Telephone. An international organization responsible for developing telecommunication standards.CD. Carrier Detect.CHAP. Challenge-Handsh

Page 170

251DCE. Digital Communication Equipment. Device that connects the communication circuit to the network end node (DTE). A modem and a CSU/DSU are examp

Page 171

252organization (.GOV, .COM, .EDU) or geographical location (.US, .SE).domain name server. Network computer that matches host names to IP addresses in

Page 172 - Overview

253Parameter values supported include NONE or ESP.encryption. The application of a specific algorithm to a data set so that anyone without the encrypti

Page 173 - Keywords

254frame. Logical grouping of information sent as a link-layer unit. Compare datagram, packet.FTP. File Transfer Protocol. Application protocol that l

Page 174 - Ending a CLI Session

255HMAC. Hash-based Message Authentication Codehop. A unit for measuring the number of routers a packet has passed through when traveling from one net

Page 175 - About SHELL Commands

256internet address. IP address. A 32-bit address used to route packets on a TCP/IP network. In dotted decimal notation, each eight bits of the 32-bit

Page 176 - SHELL Commands

257LQM Link Quality Monitoring. Optional facility that lets PPP make policy decisions based on the observed quality of the link between peers. Documen

Page 177 - CODE Description

258MTU. Maximum Transmission Unit. The maximum packet size, in bytes, that can be sent over a network interface. MULTI-LAYER. The Open System Intercon

Page 178 - Software Feature Keys

259-----P-----packet. Logical grouping of information that includes a header and data. Compare frame, datagram.PAP. Password Authentication Protocol.

Page 179 - 3. Restart the Gateway

26Microsoft Windows: Step 1. Navigate to the TCP/IP Properties Control Panel.a. Windows 98, ME. and 2000 versions follow a path like this:Start menu -

Page 180

260PING. Packet INternet Groper. Utility program that uses an ICMP echo message and its reply to verify that one network node can reach another. Often

Page 181

261RJ-45. Eight-pin connector used for 10BaseT (twisted pair Ethernet) networks.route. Path through a network from one node to another. A large intern

Page 182

262An arbitrary 32-bit number called a Security Parameters Index (SPI), as well as the destination host’s address and the IPSEC protocol identifier, id

Page 183

263STATEFUL. The Netopia Gateway monitors and maintains the state of any network transaction. In terms of network request-and-reply, state consists of

Page 184

264-----U-----UTP. Unshielded twisted pair cable. -----V-----VJ. Van Jacobson. Abbreviation for a compression standard documented in RFC 1144. -----W-

Page 185

265DescriptionCHAPTER 7 Technical Specifications and Safety InformationDescriptionDimensions: Smart Modems: 13.5 cm (w) x 13.5 cm (d) x 3.5 cm (h); 5.

Page 186 - [ segment

266Relative storage humidity: 20 to 80% noncondensingSoftware and protocolsSoftware media: Software preloaded on internal flash memory; field upgrades d

Page 187 - About CONFIG Commands

267Agency approvalsAgency approvalsNorth AmericaSafety Approvals: United States – UL 60950, Third Edition Canada – CSA: CAN/CSA-C22.2 No. 60950-00EM

Page 188

268The Netopia 3300 Series complies with the following EU directives: Low Voltage, 73/23/EEC EMC Compatibility, 89/336/EEC, conforming to EN 55 022M

Page 189 - Command

269Manufacturer’s Declaration of Conformance☛ ImportantThis product was tested for FCC compliance under conditions that included the use of shielded

Page 190

27Set up the Netopia GatewayMacintosh MacOS 9 or higher or Mac OS X: Step 1. Access the TCP/IP or Network control panel. a. Mac OS 9 follows a path li

Page 191

270Important Safety InstructionsAustralian Safety InformationThe following safety information is provided in conformance with Australian safety requir

Page 192

27147 CFR Part 68 Information47 CFR Part 68 InformationFCC Requirements1. The Federal Communications Commission (FCC) has established Rules which perm

Page 193

272d) The REN is used to determine the number of devices that may be connected to a telephone line. Excessive RENs on a telephone line may result in t

Page 194

273IndexSymbols!! command 176Numerics3-D Reach WirelessConfiguration 39, 73AAccess Control Login 63Access Controls 85Access the GUI 65Address resoluti

Page 195

274Level 235Diagnostics 15DNS 197DNS Proxy 14Documentationconventions 9Domain Name System(DNS) 197DSL 59, 145DSL Forum settings 245Dynamic Addressing

Page 196

275IP 60, 146IP address 198, 200Default 65IP interfaces 184IP Passthrough 98IP routes 184IP Source AddressSpoofing 149IPSec Tunnel 184IPSec VPN 226KKe

Page 197 - Dynamic DNS Settings

276PPPoE 12Primary nameserver 197Prompt, CLI 175, 187Protocol compression 215QQoS 135qos max-burst-size 192qos peak-cell-rate 192qos service-class 192

Page 198

277SHELL level 187SHELL mode 175Show ppp 187Simple Network ManagementProtocol (SNMP) 234SIP Passthrough 209SMTP 212SNMP 212, 234SNMP Notify Typesettin

Page 200

Netopia 3300 seriesNetopia, Inc.6001 Shellmound StreetEmeryville, CA 94608www.netopia.comNetopia Europe2 rue du Docteur Lombard 92130 Issy Les Mouline

Page 201

28Configure the Netopia Gateway1. Run your Web browser application, such as Firefox or Microsoft Internet Explorer, from the computer connected to the

Page 202

29Configure the Netopia Gateway3. Congratulations! Your installation is complete. You can now surf to your favorite Web sites by typing an URL in your

Page 203

3 Table of Contents Table of Contents Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Introduction

Page 204

30Netopia Gateway Status Indicator LightsColored LEDs on your Netopia Gateway indicate the status of various port activity. Different Gateway models h

Page 205 - MAC_address

31Netopia Gateway Status Indicator LightsNetopia Gateway 3342/3352 status indicator lights☛ Special patterns:• Both LEDs are off during boot (power o

Page 206

32Accessing the Web User InterfaceAfter you have performed the basic Quickstart configuration, any time you log in to your Netopia Gateway you will acc

Page 207

33Links BarLinks BarThe Links Bar is the frame at the left-hand side of the page containing the major navigation links. These links are available from

Page 208 -

34HomeHome Page InformationThe Home page displays information about the following categories:• Connection Information• Router Information• Local Netwo

Page 209

35HomeLink: FirewallWhen you click the Firewall link, the Firewall selection page appears.The Medium setting is recommended, but for special circumsta

Page 210 - metric

36Firewall BackgroundThe following table gives some tips for Firewall settings:As a device on the Internet, a Netopia Gateway requires an IP address i

Page 211

37HomeThis table shows how inbound traffic is treated. Inbound means the traffic is coming from the WAN into the WAN side of the Gateway. This table sho

Page 212 - MAC_address

38☛ NOTES:• The Gateway’s WAN DHCP client port in Medium mode is enabled. This fea-ture allows end users to continue using DHCP-served IP addresses f

Page 213 - • SNMP (TCP 161, UDP 161)

39HomeLink: Wireless(supported models only)When you click Wireless, the 3-D Reach Wireless configuration page appears.Enable WirelessThe wireless funct

Page 214

Table of Contents 4 Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 CHAPTER 3 Expert

Page 215

40PrivacyBy default, Privacy is set to On - Manual. This setting uses a preconfigured encryption key for your convenience.IT IS STRONGLY RECOMMENDED TH

Page 216

41HomeEnable Multiple Wireless IDsThis feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. To

Page 217

42These additional Wireless IDs are “Closed System Mode” Wireless IDs (see below) that will not be shown by a client scan, and therefore must be manua

Page 218

43HomeWireless ID in Closed System mode, the Router’s wireless LAN will not appear as an avail-able network when scanned for by wireless-enabled compu

Page 219

44Enabling WPA and WEP EncryptionWEP Security is a Privacy option that is based on encryption between the Router and any PCs (“clients”) you have with

Page 220

45Homesure that the client wireless PC is also using the same matching key. The default is key #1.• WPA-802.1x provides RADIUS server authentication s

Page 221

46• RADIUS Server Addr/Name: The default RADIUS server name or IP address that you want to use.• RADIUS Server Secret: The RADIUS secret key used by t

Page 222

47HomeWPA-PSKOne of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-down me

Page 223

48You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256

Page 224

49HomeSelect Enabled from the pull-down menu.The screen expands to permit you to add MAC addresses.Click the Add button.Once it is enabled, only enter

Page 225

5 Table of Contents SHELL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176About CONFIG Commands . . . . . . . . . . .

Page 226

50Click the Submit button.When you are finished adding MAC addresses click the Done button. You will be returned to the 802.11 Wireless page. You can A

Page 227

51HomeLink: GamingWhen you click Gaming, the NAT (Games and Other Services) page appears.NAT (Games and Other Services) allows you to host internet ap

Page 228 - IPSec VPN sup

52Each time you enable a software service or game your entry will be added to the list of Service Names displayed on the NAT Configuration page.To remo

Page 229 - (ESP) { ESP

53HomeF-16, Mig 29 F-22, Lightning 3 Fighter Ace IIFTP GNUtella H.323 compliant (Netmeeting, CUSeeME)Half Life Hellbender for Windows, v 1.0 Heretic I

Page 230

54Define Custom ServiceTo configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. • Port Forwarding forwards a range of WAN

Page 231

55HomePort Forwarding forwards a range of WAN ports to an IP address on the LAN. Enter the fol-lowing information: • Service Name: A unique identifier

Page 232

56• Service Name: A unique identifier for the Custom Service. • Global Port Range: Range of ports on which incoming traffic will be received. • Local Tr

Page 233

57HomeLink: Expert ModeExpert Mode allows you to configure a wide variety of specific Router and networking set-tings. Expert Mode is for advanced users

Page 234

58Link: TroubleshootWhen you click the Troubleshoot link, the Links Bar expands to offer two troubleshooting sub-headings: Diagnostics and Statistics.

Page 235

59HomeEach test generates one of the following result codes:StatisticsWhen you click the Statistics link, the Links Bar expands to display seven stati

Page 236

Table of Contents 6

Page 237

60ATMWhen you click ATM, the ATM Statistics page appears.The ATM Statistics page displays detailed statistics about the upstream and downstream data t

Page 238 - installation procedure

61HomeNetwork Routing Table and Host Routing TableThe Routing tables display all of the IP routes currently known to your Router.LANWhen you click LAN

Page 239 - 4. Set NTP parameters

62LogsWhen you click Logs, the Logs page appears.Select a log from the pull-down menu (the pull-down menu is available from every Log page):• All: Dis

Page 240

63HomeLink: Access Control LoginIf you have configured the onboard Access Control feature (see “Access Control” on page 85) your authorized users must

Page 241

64Link: HelpWhen you click the Help link in the left-hand column of links a page of explanatory infor-mation displays. Help (in English only) is avail

Page 242

65Access the Expert Web InterfaceCHAPTER 3 Expert ModeUsing the Web-based user interface for the Netopia 3300-series Gateway you can config-ure, troubl

Page 243 - MAC-address_string

663. Click on the Expert Mode link in the left-hand column of links.You are challenged to confirm your choice.Click OK.The Home Page opens in Expert Mo

Page 244

67Access the Expert Web InterfaceHome Page - Expert ModeThe Expert Mode Home Page is the summary page for your Netopia Gateway. The links bar at the l

Page 245

68Home Page - InformationThe Home Page contains a summary of the Gateway’s configuration settings and status.Summary Information Field Status and

Page 246

69Links BarLinks BarThe Links Bar is the frame at the left-hand side of the page con-taining the major navigation links. These links are available fro

Page 247 - Glossary

Introduction 7 Intended Audience Introduction Intended Audience This guide is targeted primarily to residential service subscribers. Advanced section

Page 248

70Link: ConfigureWhen you click Configure, the Links bar expands to display the configu-ration options available.When you click the Advanced button, even

Page 249

71Links BarLink: ConnectionWhen you click Connection, the Connection Configuration page appears.Here you can set up or change the way you connect to yo

Page 250

72• User ID and Password: Provided by your ISP. • Confirm Password: Repeat your Password entry for confirmation • Static IP Address: Your service provid

Page 251

73Links BarLink: Wireless(supported models only)When you click Wireless, the 3-D Reach Wireless configuration page appears.Enable WirelessThe wireless

Page 252

74PrivacyBy default, Privacy is set to On - Manual. This setting uses a preconfigured encryption key for your convenience.IT IS STRONGLY RECOMMENDED TH

Page 253

75Links BarEnable Multiple Wireless IDsThis feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network

Page 254

76These additional Wireless IDs are “Closed System Mode” Wireless IDs (see below) that will not be shown by a client scan, and therefore must be manua

Page 255

77Links BarWireless ID in Closed System mode, the Router’s wireless LAN will not appear as an avail-able network when scanned for by wireless-enabled

Page 256 - Exchange (IKE)

78Enabling WPA and WEP EncryptionWEP Security is a Privacy option that is based on encryption between the Router and any PCs (“clients”) you have with

Page 257

79Links Barsure that the client wireless PC is also using the same matching key. The default is key #1.• WPA-802.1x provides RADIUS server authenticat

Page 258

Introduction 8 Introduction Organization This guide consists of six chapters, including a glossary, and an index. It is organized as follows: • “Intr

Page 259

80• RADIUS Server Addr/Name: The default RADIUS server name or IP address that you want to use.• RADIUS Server Secret: The RADIUS secret key used by t

Page 260

81Links BarWPA-PSKOne of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-do

Page 261 - MD5 SHA1

82You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256

Page 262 - 1 and 1,000,000 MB

83Links BarSelect Enabled from the pull-down menu.The screen expands to permit you to add MAC addresses.Click the Add button.Once it is enabled, only

Page 263

84Click the Submit button.When you are finished adding MAC addresses click the Done button. You will be returned to the 802.11 Wireless page. You can A

Page 264

85Links BarLink: Access ControlBasic Access Controls prevent designated users from accessing certain types of undesir-able Internet content. You can d

Page 265 - Safety Information

86Check the Enable Access Control checkbox and click the Submit button.Return to the Access Control configuration page. Click the Setup link in Access

Page 266

87Links BarHere you can add the names and passwords of authorized users, and set their “Maturity Level” from the pull-down menu. Available maturity le

Page 267 - Agency approvals

88After you have added your users and configured their access control settings, you can return to the Access Control pages at any time to add more user

Page 268 - ☛ Warnings:

89Links BarThe Edit User Profiles screen appears.• Manage Users – returns you to the previous screen.• User Profile – takes you to the User Profile scree

Page 269 - ☛ Important

Introduction 9 Documentation Conventions Documentation Conventions General This manual uses the following conventions to present information: Interna

Page 270 - Important Safety Instructions

90Web Filter ProfileWhen you click the Web Filter Profile link, the Block/Allow Websites screen appears.The Web Filter Profile allows you to Block or All

Page 271 - 47 CFR Part 68 Information

91Links BarChat Filter ProfileWhen you click the Chat Filter Profile link, the Chat Filtering screen appears.Chat Filtering allows you to choose whether

Page 272 - Electrical Safety Advisory

92• Messaging Privileges Selection – Choose whether or not this user may use any instant messaging (chat) service. The default privilege is May not us

Page 273

93Links BarEmail Filter ProfileWhen you click the Email Filter Profile link, the Email Filtering screen appears.Email Filtering allows you to choose whe

Page 274

94You can limit email sources to an approved list of email servers, such as those used by the family, or further, to an approved list of individuals,

Page 275

95Links BarDelete User ProfileWhen you click the Delete User Profile link, the Confirm Deletion of User screen appears.

Page 276

96Link: DHCP ServerWhen you click DHCP Server, the DHCP Server Configuration page appears.This feature simplifies network administration because the Rou

Page 277

97Links Bar• DHCP Lease: Specifies the default length for DHCP leases issued by the Router. Enter lease time in dd:hh:mm:ss (days/hours/minutes/seconds

Page 278

98Link: IP PassthroughWhen you click IP Passthrough, the IP Passthrough Configuration page appears.The IP passthrough feature allows a single PC on the

Page 279

99Links BarIf you select “User Configured PC”, you must then configure a local PC to have the pub-lic WAN IP address. 2. Click Enable.You will be remind

Commentaires sur ces manuels

Pas de commentaire