Dynamix UM-S, User Manual

Page 1: ...DYNAMIX UM S SHDSL ROUTER User Manual ...

Page 2: ...cification 14 Frame Specification 14 Applications 15 Getting to know about the router 17 Front Panel 17 Rear Panel 18 SHDSL Line Connector 19 Console Cable 19 Configuration to the router 20 Step 1 Check the Ethernet Adapter in PC or NB 20 Step 2 Check the Web Browser in PC or NB 20 Step 3 Check the Terminal Access Program 20 Step 4 Determine Connection Setting 20 Step 5 Install the SHDSL Router 21...

Page 3: ... 43 NAT DMZ 45 Virtual Server 47 Firewall 48 Administration 54 Security 55 SNMP 56 Time Sync 58 Utility 59 System Info 60 Config Tool 61 Upgrade 62 Logout 63 Restart 64 Status 65 LAN to LAN connection with bridge Mode 66 CO side 66 CPE Side 67 LAN to LAN Connection with Routing Mode 68 CO side 68 CPE side 70 Configuration via Serial Console or Telnet with Manu Driven ...

Page 4: ...e Commands 74 Menu Tree 74 Configuration 76 Status 77 Show 78 Write 79 Reboot 80 Ping 81 Administration 82 User Profile 82 Security 83 SNMP 83 Supervisor Password and ID 84 SNTP 84 Utility 86 Exit 86 Setup 87 Mode 87 SHDSL 87 WAN 88 Bridge 89 VLAN 90 Route 91 LAN 93 IP share 93 Firewall 97 DHCP 99 DNS proxy 100 Host name 100 Default 100 ...

Page 5: ...e the latest in broadband technologies to meet their growing data communication needs Through the power of SHDSL products you can access superior manageability and reliability Features Easy configuration and management with password control for various application environments Efficient IP routing and transparent learning bridge to support broadband Internet services VPN pass through for safeguard...

Page 6: ... Ø Password protected management and access control list for administration Ø SNMP management with SNMPv1 SNMPv2 RFC1157 1901 1905 agent and MIB II RFC1213 1493 Ø Software upgrade via web browser TFTP server ATM Ø Up to 8 PVCs Ø OAM F5 AIS RDI and loopback Ø AAL5 ATM QoS Ø UBR Unspecified bit rate Ø CBR Constant bit rate Ø VBR rt Variable bit rate real time Ø VBR nrt Variable bit rate non real tim...

Page 7: ...cal Ø Dimensions 18 7 x 3 3 x 14 5cm WxHxD Ø Power 100 240VAC via power adapter Ø Power consumption 9 watts max Ø Temperature 0 45 C Ø Humidity 0 95 RH non condensing Memory Ø 2MB Flash Memory 8MB SDRAM Products Information G shdsl 2 wire router bridge with 1 port LAN G shdsl 2 wire router bridge with 1 port LAN VLAN and business class firewall G shdsl 2 wire router bridge with 4 port switching hu...

Page 8: ...G shdsl Router User Manual 152 7 Applications Internet SHDSL Router SHDSL Ethernet DSLAM LAN Connection with DSLAM SHDSL Router SHDSL Ethernet SHDSL Router Ethernet LAN LAN LAN to LAN Connection ...

Page 9: ...elnet Firewalls can also filter traffic by packet attribute or state An Internet firewall cannot prevent individual users with modems from dialling into or out of the network By doing so they bypass the firewall altogether Employee misconduct or carelessness cannot be controlled by firewalls Policies involving the use and misuse of passwords and user accounts must be strictly enforced These are ma...

Page 10: ...5 DP 1525 DA 172 16 3 4 Filter remember this information UDP SP 1525 SA 172 16 3 4 DP 3264 DA 192 168 0 5 Matches outgoing so allows in UDP SP 1525 SA 172 168 3 4 DP 2049 DA 192 168 0 5 Nomatches so disallows in Stateful Inspection Internet 192 168 0 10 192 168 0 11 192 120 8 5 Firewall Internal Protected Network External Unprotected Network NAT Network Address Translation 192 168 0 10 192 168 0 1...

Page 11: ...l 4 TCP Level 3 IP Level 2 Data Link Level 1 Physical destination IP address and or port source IP address and or port time of day protocol user password Application Gateway The Application Level Gateway acts as a proxy for applications performing all data exchanges with the remote system in their behalf This can render a computer behind the firewall all but invisible to the remote system It can a...

Page 12: ...een a malicious denial of service and simple system overload is the requirement of an individual with malicious intent attacker using or attempting to use resources specifically to deny those resources to other users Ping of death On the Internet ping of death is a kind of denial of service DoS attack caused by an attacker deliberately sending an IP packet larger than the 65 536 bytes allowed by t...

Page 13: ...about the connection It can then recreate the forgotten information about the connection where the next packets come in from a legitimate connection Hacker s System Target System Internet TCP SYN requests Backing quene TCP SYN ACK Packets ICMP Flood The attacker transmits a volume of ICMP request packets to cause all CPU resources to be consumed serving the phony requests UDP Flood The attacker tr...

Page 14: ...oadcast addresses all of it having a spoofed source address of a victim IP Spoofing IP Spoofing is a method of masking the identity of an intrusion by making it appeared that the traffic came from a different computer This is used by intruders to keep their anonymity and can be used in a Denial of Service attack ...

Page 15: ... 3 A port must not be a tagged member of its default VLAN 4 If a non tagged or null VID tagged packet is received it will be assigned with the default PVID of the ingress port 5 If the packet is tagged with non null VID the VID in the tag will be used 6 The look up process starts with VLAN look up to determine whether the VID is valid If the VID is not valid the packet will be dropped and its addr...

Page 16: ...y be unable to signal priority information e g 802 3 Ethernet segments 2 The Canonical Format Indicator CFI is used to signal the presence or absence of a Routing Information Field RIF field and in combination with the Non canonical Format Indicator NCFI carried in the RIF to signal the bit order of address information carried in the encapsulated frame 3 The VID uniquely identifies the VLAN to whi...

Page 17: ...G shdsl Router User Manual 152 16 POW E RFA ULT DATA AL A RM LAN1 LAN2 LAN3 LAN4 WAN1 WAN2 WAN3 WAN4 WAN5 WAN6 WAN7 WAN8 Backbone ATM Switch VID30 VID10 SHDSL Router VID20 VID20 VID10 VID30 ...

Page 18: ...AN 1 1 Blink Transmit or received data over LAN 1 On Ethernet cable is connected to LAN 2 2 Blink Transmit or received data over LAN 2 On Ethernet cable is connected to LAN 3 3 Blink Transmit or received data over LAN 3 On Ethernet cable is connected to LAN 4 LAN 4 Blink Transmit or received data over LAN 4 On SHDSL line connection is dropped ALM Blink SHDSL self test LED status of 2 wire 1 port r...

Page 19: ... DC IN Power adaptor inlet Input voltage 9VDC LAN 1 2 3 4 10 100BaseT auto sensing and auto MDIX for LAN port RJ 45 CONSOLE RS 232C DB9 for system configuration and maintenance LINE SHDSL interface for WAN port RJ 11 RST Reset button for reboot or load factory default The reset button can be used only in one of two ways 1 Press the Reset Button for one second will cause system reboot 2 Pressing th...

Page 20: ... wire Top View Front View Loop A Loop B Loop B Loop A 1 4 1 4 Top View Front View Loop Loop 1 4 1 4 Console Cable Pin Number Description Fuigure 1 No connection 2 RxD O 3 TxD I 4 No connection 5 GND 6 No connection 7 CTS O 8 RTS I 9 No connection 1 2 3 4 5 6 7 8 9 ...

Page 21: ...NB used for configuration of the router TCP IP protocol is necessary for web configuration so please check the TCP IP protocol whether it has been installed Step 2 Check the Web Browser in PC or NB According to the Web Configuration the PC or NB need to install Web Browser IE or Netscape Note Suggest to use IE5 0 Netscape 6 0 or above and 800x600 resolutions or above Step 3 Check the Terminal Acce...

Page 22: ...ng auto sensing If yes both cross over and none cross over Ethernet cable are suitable If not only pass through Ethernet cable could be used The 4 port router supports auto MDIX switching hub so both through and cross over Ethernet cable can be used ü Connect the phone cable to the product and the other side of phone cable to wall jack ü Connect the power adapter to power source ü Turn on the PC o...

Page 23: ...ess Access Point Laser Printer PC PC Wireless Note Book Mobile Device Wall Jack Power Adapter G shdsl RJ 11 DB 9 Cable 4 port router with complex network topology PC NB Wall Jack Power Adapter Cross Over Ethernet Cable DB 9 Cable PC NB Wall Jack Power Adpater Pass Through Ethernet Cable DB 9 Cable HUB Switch Server File Server Workstation Mobile Device Wireless LAN G shdsl G shdsl ...

Page 24: ...Web Browser For Win85 98 and Me click the start button Select setting and control panel Double click the network icon In the Configuration window select the TCP IP protocol line that has been associated with your network card and then click property icon ...

Page 25: ...is 192 168 0 1 and 255 255 255 0 Because the router acts as DHCP server in your network the router will automatically assign IP address for PC or NB in the network Type User Name root and Password root and then click OK The default user name and password are both root For the system security suggest to change them after configuration Note After changing the User Name and Password strongly recommen...

Page 26: ...the router After successfully completing it you can access Internet This is the easiest and possible way to setup the router Note The advanced functions are only for advanced users to setup advanced functions The uncorrect setting of advanced function will affect the performance or system error even disconnection Click Basic for basic installation ...

Page 27: ...etup two SHDSL mode CO Central Office and CPE Customer Premises Equipment For connection with DSLAM the SHDSL mode is CPE For LAN to LAN connection one side must be Co and the other side must be CPE LAN Parameters Enter IP 192 168 0 1 Enter Subnet Mask 255 255 255 0 Enter Gateway 192 168 0 254 The Gateway IP is provided by ISP Enter Host Name SOHO Some of the ISP requires the host name as identifi...

Page 28: ...l Router User Manual 152 27 The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting or Continue to configure another parameters ...

Page 29: ...P over ATM and Ethernet over ATM You have to clarify which Internet protocol is provided by ISP Click ROUTE and CPE Side then press Next This product can be setup two SHDSL mode CO Central Office and CPE Customer Premises Equipment For connection with DSLAM the SHDSL mode is CPE For LAN to LAN connection one side must be Co and the other side must be CPE ...

Page 30: ...cessing the Internet in the same time IP type Fixed IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Host Name SOHO Some of the ISP requires the host name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored Trigger DHCP Service Server The default setup is Enable DHCP server If you want to turn off the...

Page 31: ...2 30 DHCP Client Some of the ISP provides DHCP server service by which the PC in LAN can access IP information automatically To setup the DHCP client mode follow the procedure LAN IP Type Dynamic Click Next to setup WAN1 parameters ...

Page 32: ... Fixed IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Host Name SOHO Some of the ISP requires the host name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored Trigger DHCP Service Relay Press Next to setup DHCP server parameter Enter DHCP server IP address in IP address field Press Next ...

Page 33: ...t PPPoE and PPPoA combine the Point to Point Protocol PPP commonly used in dialup connections with the Ethernet protocol or ATM protocol which supports multiple users in a local area network The PPP protocol information is encapsulated within an Ethernet frame or ATM frame PC IP 192 168 0 2 Netmask 255 255 255 0 Gateway 192 168 0 254 VPI 0 VCI 32 Encapsulation LLC DSLAM ISP Bridge BAS IP 192 168 0...

Page 34: ...PPP server will provide IP information including dynamic IP address when SHDSL connection is established On the other hand you do not need to type the IP address of WAN1 Some of the ISP will provide fixed IP address over PPP For fixed IP address IP Type Fixed IP Address 192 168 1 1 Click Next Note For safety the password will be prompt as star symbol The screen will prompt the parameters that will...

Page 35: ... LLC Protocol IPoA EoA IPoA NAT or EoA NAT Click Next to setup the IP parameters For more understanding about NAT review NAT DMZ IP Address 10 1 2 1 It is router IP address seem from Internet Your ISP will provide it and you need to specify here Subnet mask 255 255 255 0 This is the router subnet mask seen by external users on Internet Your ISP will provide it to you Gateway 10 1 2 2 Your ISP will...

Page 36: ...152 35 The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to setup another parameter ...

Page 37: ...G shdsl Router User Manual 152 36 Advanced Setup Advanced setup contains SHDSL WAN Bridge Route NAT DMZ Virtual server and firewall parameters ...

Page 38: ...r will adapt the data rate according to the line status SHDSL SNR margin the margin range is from 0 to 10 SNR margin is an index of line connection You can see the actual SNR margin in STATUS SHDSL The larger SNR margin the better line connection If you set SNR margin in the field as 2 the SHDSL connection will drop and reconnect when the SNR margin is lower than 2 On the other hand the device wil...

Page 39: ...th the traffic transmitted by users onto a network as well as the Quailty of Service that the network need to provide for that traffic UBR Unspecified Bit Rate is the simplest service provided by ATM networks There is no guarantee of anything It is a primary service used for transferring Internet traffic over the ATM network CBR Constant Bit Rate is used by connections that requires a static amoun...

Page 40: ...age traffic rate The range of SCR is 64kbps to 2400kbps MBS Maximum Burst Size The amount of time or the duration at which the router sends at PCR The range of MBS is 1 cell to 255 cells Press Finish to finish setting The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or pr...

Page 41: ...ish the filtering table Key the MAC address in MAC address field and select Filter in LAN field If you want to filter the definate MAC address of WAN PC to access LAN press Add to establish the filtering table Key the MAC address in MAC address field and select Filter in WAN field For example if your VC is setup at WAN 1 select WAN 1 Filter The screen will prompt the parameters that will be writte...

Page 42: ...ons it is extremely flexible Click VLAN to configure VLAN The product support two types of VLAN 802 1Q and Port Based User can configure one of them to the router For setting 802 1Q VLAN click the 802 1Q Tag Based VLAN The screem will prompt as follow VID Virtual LAN ID It is an definite number of ID which number is from 1 to 4094 PVID Port VID which is an untagged member of default VLAN Link Type...

Page 43: ...hdsl Router User Manual 152 42 Port Based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port Click Port Based VLAN to configure the router ...

Page 44: ...g you can enable the Router to automatically adjust to physical changes in the network s layout The Router using the RIP protocol determines the network packets route based on the fewest number of hops between the source and the destination The RIP protocol regularly broadcasts routing information to other routers on the network Click Route to modify the routing information To modify the RIP Routi...

Page 45: ...he gateway RIP v1 it only sends RIP v1 messages only RIP v2 it send RIP v2 messages in multicast and broadcast format Authentication required None for RIP there is no need of authentication code Password the RIP is protected by password authentication code MD5 The RIP will be decoded by MD5 than protected by password authentication code Poison Reserve is for the purpose of promptly broadcast or mu...

Page 46: ...s to a server that has company private data In a typical DMZ configuration for an enterprise a separate computer or host receives requests from users within the private network to access via Web sites or other companies accessible on the public network The DMZ host then initiates sessions for these requests to the public network However the DMZ host is not able to initiate a session back into the ...

Page 47: ...0 1 10 The Multi NAT table will be setup as Virtual Start IP Address 192 168 0 10 Count 40 Global Start IP Address 69 210 1 9 Count 2 Press Finish to continue The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or Continue to configure another parameter ...

Page 48: ...o Friday 8 AM to 6PM other requests with UDP made to 69 210 1 8 25 are remapped to server 2 on 192 168 0 3 25 and always on You can setup the router as Index 1 protocol TCP interface WAN1 service name test1 private IP 192 168 0 2 private port 80 public port 80 schedule from Day Monday to Friday and time 8 0 to 16 0 and index 2 protocol UDP interface WAN1 service name test2 private IP 192 168 0 3 p...

Page 49: ...e remote management security The NAT firewall will take effect if NAT function is enabled The remote management security is default to block any WAN side connection to the device Non empty legal IP pool in ADMIN will block all remote management connection except those IPs specified in the pool Press Finish to finish setting of firewall The screen will prompt the parameters which will be written in...

Page 50: ...M Check the parameters Press restart to restart the router or press Continue to setup another function User can determine the security level for special purpose environment and applications by configuring the DoS protection and defining an extra packet filter with higher priority than the default SPI filter Note that an improper filter policy may degrade the capability of the firewall and or even ...

Page 51: ... to the network address of one system This system is known as the amplifier The return address of the ping has been faked spoofed to appear to come from a machine on another network the victim The victim is then flooded with responses to the ping As many responses are generated for only one attack the attacker is able use many amplifiers on the same victim IP Spoofing Falsify the IP header informa...

Page 52: ...Src IP Address 200 1 1 1 Dest IP Address 192 168 0 2 192 168 0 50 Press OK to finish The screen will prompt the configured parameters Check the parameters Click Restart to restart the gateway or Continue to configure another parameters Filtering Rule for SMTP connection Filtering rule will be configured as follow Index Protocol Direction Action Source Destination Dest Port Schedule 1 TCP Inbound P...

Page 53: ...bound 171 16 3 4 10 1 2 3 TCP 5150 Deny E Internet 5 6 Attacker 171 16 3 4 6000 10 1 2 3 5150 Firewall X11 Server Update Filtering Rule Index Protocol Direction Action Source Destination Source Port Dest Port 1 TCP Inbound Permit External Internal 1023 25 2 TCP Outbound Permit Internal External 25 1023 3 TCP Outbound Permit Internal External 1023 25 4 TCP Inbound Permit External Internal 25 1023 5...

Page 54: ...4 On the other hand 0 and all 0 successive with 0 represents any When the rule is ordered as ABC Index Source Address Destination Address Action 1 10 1 99 1 172 16 1 1 Deny B 2 10 1 99 1 172 16 6 1 Permit A 3 10 1 1 1 172 16 6 1 Permit A 4 10 1 1 1 172 16 1 1 Deny C 5 192 168 3 4 172 16 6 1 Deny C The rule order will permit 10 1 99 1 to access 172 16 6 1 When the rule is ordered as BAC Index Sourc...

Page 55: ...G shdsl Router User Manual 152 54 Administration This session introduces security and simple network management protocol SNMP and time synchronous ...

Page 56: ... UI modes menu driven mode and command mode to configure the router Legal address pool will setup the legal IP addresses from which authorized person can configure the gateway This is the more secure function for network administrator to setup the legal address of configuration Configured 0 0 0 0 will allow all hosts on Internet or LAN to access the router Leaving blank of trust host list will cau...

Page 57: ...istics set configuration parameters and monitor network events SNMP communications can occur over the LAN or WAN connection The router can generate SNMP traps to indicate alarm conditions and it relies on SNMP community strings to implement SNMP security This router support MIB I and MIB II Click SNMP to configure the parameters In the table of current community pool you can setup the access autho...

Page 58: ...l message sent from an SNMP agent to a manager Click Modify to modify the trap host pool Version select version for trap host SNMP v1 or SNMP v2 IP type the trap host IP Community type the community password The community is setup in community pool Press OK to finish the setup The browser will prompt the configured parameters and check it before writing into EPROM Press Restart to restart the gate...

Page 59: ...n modes Sample Network Time Protocol SNTP and synchronization with PC For synchronization with PC select Sync with PC The gateway will synchronize the time with the connecting PC SNTP is the acronym for Simple Network Time Protocol which is an adaptation of the Network Time Protocol NTP used to synchronize computer clocks in the Internet SNTP can be used when the ultimate performance of the full N...

Page 60: ... Router User Manual 152 59 Utility This section will describe the utility of the product including system information load the factory default configuration upgrade the firmware logout and restart the gateway ...

Page 61: ...G shdsl Router User Manual 152 60 System Info Click System Info for review the information The browser will prompt the system information ...

Page 62: ...ed parameters Ø Restore Configuration Sometime the configuration will be crushed unintentionally Restore configuration will help you to recover the backup configuration easily Click Finish after selecting Restore Configuration Browse the route of backup file then press finish The router will automatically restore the saved configuration Ø Backup Configuration After configuration suggest using the ...

Page 63: ...dsl Router User Manual 152 62 Upgrade You can upgrade the gateway using the upgrade function Press Upgrade Browse the file and press OK button to upgrade The system will reboot automatically after finishing ...

Page 64: ...G shdsl Router User Manual 152 63 Logout To logout the router press logout ...

Page 65: ...G shdsl Router User Manual 152 64 Restart For restarting the router click the Restart in UTILITY Press Restart to reboot the router ...

Page 66: ...atteunation and CRC error count LAN status will prompt the MAC address IP address Subnet mask and DHCP client table WAN status will display the WAN interface information You can view the routing table in the status of route Interface status inculdes LAN and WAN statistics information Firewall status display DoS protection status and dropped packets statistics ...

Page 67: ...t Name SOHO WAN1 Parameters Enter VPI 0 Enter VCI 32 Click LLC Click Next The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting PC IP 192 168 0 1 Netmask 255 255 255 0 STU C CO STU R CPE Bridge IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 1 Bridge IP 192 168 0 2 Netmask 255 255 255 0 VPI 0 VCI 32 Encapsul...

Page 68: ...k Next LAN Parameters Enter IP 192 168 0 2 Enter Subnet Mask 255 255 255 0 Enter Gateway 192 168 0 2 Enter Host Name SOHO WAN1 Parameters Enter VPI 0 Enter VCI 32 Click LLC Click Next The screen will prompt the new configured parameters Check the parameters and Click Restart The router will reboot with the new setting ...

Page 69: ...IP 192 168 30 1 Netmask 255 255 255 0 Gateway 192 168 30 2 IP 192 168 30 2 Netmask 255 255 255 0 Gateway 192 168 30 1 CO side Click ROUTE and CO Side then press Next Type LAN parameters IP Address 192 168 20 1 Subnet Mask 255 255 255 0 Host Name SOHO DHCP Service For more DHCP service review DHCP Service Type the Wan Parameters VPI 0 VCI 32 AAL5 Encap LLC Protocol IPoA EoA IPoA NAT or EoA NAT Note...

Page 70: ...k 255 255 255 0 Gateway 192 169 30 2 Click Next The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to setup another parameter ...

Page 71: ...IPoA EoA IPoA NAT or EoA NAT Note The Protocol used in CO and CPE have to be the same Click Next to setup the IP parameters For more understanding about NAT review NAT DMZ in page 19 IP Address 192 168 30 2 Subnet mask 255 255 255 0 Gateway 192 169 30 1 Click Next The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to resta...

Page 72: ...reen appears When you see the login screen you can logon to Router Note You have to use SPACE key Pressing other keys does not work User admin Password Note The factory default user and passwords are both admin Telnet Make sure the correct Ethernet cable is used for connecting the LAN port of your computer to ROUTER The LAN LNK indicator on the front panel shall light if a correct cable is used St...

Page 73: ...ference is that the menu driven interface shows you all of available commands for you to select You don t need to remember the command syntax and save your time on typing the whole command line The following figure gives you an example of the menu driven interface In the menu you scroll up down by pressing key I K select one command by key L and go back to a higher level of menu by key J For examp...

Page 74: ... the brackets Command Description ip An item enclosed in brackets is required If the item is shown in lower case bold it represents an object with special format For example ip may be 192 168 0 3 Route Bridge Two or more items enclosed in brackets and separated by vertical bars means that you must choose exactly one of the items If the item is shown in lower case bold with leading capital letter i...

Page 75: ...in the same level menu LEFT or J Move back to previous menu RIGHT or L Move forward to submenu ENTER Move forward to submenu TAB To choose another parameters Ctrl C To quit the configuring item Ctrl Q For help Menu Tree The menu three are as following figures All of the configuration commands are placed in the subdirectories of Enable protected by supervisor password On the other hand unauthorized...

Page 76: ...ystem Config Script Add Delete Modify List MAC LAN_port WAN1_port WAN2_port WAN3_port WAN4_port WAN5_port WAN6_port WAN7_port WAN8_port Static RIP Add Delete List Generic LAN WAN LIst Attrib Version Authe IP_type Address Attrib SHDSL WAN Route Interface Firewall System Config Script NAT PAT DMZ Virtual Global Fixed Range Delete List Range Interface Delete List Modify Interface Delete List Clear Mo...

Page 77: ...es utility TFTP upgrade utility exit Quit system The description of the commands are Command Description enable Modify command privilege When you login via serial console or Telnet the router defaults to a program execution read only privileges to you To change the configuration and write changes to nonvolatile RAM NVRAM you must work in enable mode setup To configure the product you have to use t...

Page 78: ...ription shdsl The SHDSL status includes line rate SNR margin TX power attenuation and CRC error of the product and SNR margin attenuation and CRC error of remote side The product access remote side information via EOC embedded operation channel wan WAN status shows the 8 PVC information which are configured route You can see the routing table via route command interface The statistic status of WAN...

Page 79: ...o show and press enter system Show general information config Show all configuration script Show all configuration in command script Command Description system The general information of the system will show in system command config Config command can display detail configuration information script Configuration information will prompt in command script ...

Page 80: ...changes of configuration you must write the new configuration to EPROM using write command and reboot the router to take affect Move cursor to to write and press enter Command write CR Message Please input the following information Are you sure y n y ...

Page 81: ...l Router User Manual 152 80 Reboot To reboot the router use reboot command Move cursor to to write and press enter Command reboot CR Message Please input the following information Do you want to reboot y n y ...

Page 82: ...ommand ping ip 1 65534 t 1 1999 Message Please input the following information IP address IP 10 0 0 1 Number of ping request packets to send TAB select t Data size 1 1999 32 There are 3 types of number of ping request packet to send default 1 65534 and t Default will send 4 packet and t continuous packet until you key in Ctrl c to stop ...

Page 83: ...net in user profile table however users who have the supervisor password can change the configuration of the router Move the cursor to user and press enter key clear Clear user profile modify Modify the user profile list List the user profile You can delete the user by number using clear command If you do not make sure the number of user you can use list command to check it Modify command is to mo...

Page 84: ...can generate SNMP traps to indicate alarm conditions and it relies on SNMP community strings to implement SNMP security This router support MIB I II Move the cursor to snmp and press enter community Configure community parameter trap Configure trap host parameter 5 SNMP community entry can be configured in this system Move the cursor to community and press enter Command admin snmp community 1 5 mo...

Page 85: ... is an essential element for any business that relies on an IT system The reason for this is that these systems all have clocks that are the source of time for files or operations they handle Without time synchronization time on these systems varies with each other or with the correct time and this can cause virtual server schedule processes to fail and system log exposures with wrong data There a...

Page 86: ... string Message Please input the following information Time server address Enter for default ntp 2 vt edu ntp 2 vt edu You can configure three time server in this system Move the cursor to update_rate and press enter Command admin sntp update_rate 10 268435455 Message Please input the following information Update period secs Enter for default 86400 Move the cursor to time_zone and configure where ...

Page 87: ...re the configuration via TFTP restore tool For upgrade TFTP server with the new firmware will be supported by supplier but for backup and restore you must have your own TFTP server to backup and restore the file Move the cursor to utility and press enter upgrade Upgrade main software backup Backup system configuration Restore Restore system configuration Exit If you want to exit the system without...

Page 88: ...ystem operation mode by using mode command Move the cursor to mode and press enter Command setup mode Route Bridge Message Please input the following information System operation mode TAB select Route Route SHDSL You can setup the SHDSL parameters by the command shdsl Move the cursor to shdsl and press enter mode Configure SHDSL mode Link Configure SHDSL link n 64 Configure SHDSL data rate type Co...

Page 89: ... protocol address IP address and subnet mask vpi_vci Configure VPI VCI value encap Configure encapsulation type qos Configure VC QoS isp Configure account name password and idle time ip_type Configure IP type in PPPoA and PPPoE list WAN interface configuration There are four types of protocols IPoA EoA PPPoA and PPPoE which you can setup For dynamic IP of PPPoA and PPPoE you do not need to setup I...

Page 90: ...ateway IP via gateway command You can setup 20 sets of static bridge in static command After entering static menu the screen will prompt as below add Add static MAC entry delete Delete static MAC entry modify Modify static MAC entry list Show static bridging table After enter add menu the screen will prompt as follow mac Configure MAC address lan_port Configure LAN interface bridging type wan1_por...

Page 91: ...N rule pvid Modify port default ID link_mode Modify port link type list Show VLAN configuration To active the VLAN function move the cursor to mode and press enter The products support two types of VLAN 802 11q and Port Based The IEEE 802 1Q defines the operation of VLAN bridges that permit the definition operation and administration of VLAN topologies within a bridged LAN infrastructure Port Base...

Page 92: ...4 respectively According to the operation mode of the device link type of WAN port is automatically configured If the product operates in bridge mode the WAN link type will be trunk and in routing mode access Command setup vlan link_mode 1 12 Access Trunk Message Please input the following information Port index 1 12 1 Port link type Tab select Trunk Access To view the VLAN table move the cursor t...

Page 93: ...command to setup the parameters Move the cursor to rip and press enter generic Configure operation and auto summery mode lan Configure LAN interface RIP parameters wan Configure WAN interface RIP parameters list Show RIP configuration Generic command can setup RIP mode and auto summery mode If there are any routers in your LAN you can configure LAN interface RIP parameters via lan command The prod...

Page 94: ... IP address known within another network One network is designated the inside network and the other is the outside Typically a company maps its local inside network addresses to one or more global outside IP addresses and reverse the global IP addresses of incoming packets back into local IP addresses This ensure security since each outgoing or incoming request must go through a translation proces...

Page 95: ...IP address range via list command To setup global IP address pool move the cursor to global command and press enter range Edit global IP address pool interface Bind address pool to specific interface delete Delete global IP address pool list Show global IP address pool You can create five global IP address pool range via range command Command setup ip_share nat global range 1 5 ip 1 253 Message Pl...

Page 96: ...ress 192 168 0 250 Global address 122 22 22 2 After configuration fixed IP address entry you can bind the entry to specific interface viainterface command Command setup ip_share nat fixed interface 1 5 1 8 Message Please input the following information Fixed NAT mapping entry number 1 5 1 Active interface number Enter for default 1 8 1 You can delete fixed NAT mapping entry from 1 to 5 by using de...

Page 97: ...via interface command You can configure the global port number by using port command The local server host IP address and port number are configured via server command The authorized access protocol is setup via protocol command Name command can be used to configure the service name of the host server Begin and end command is used to setup the local server schedule to access You can view the fixed...

Page 98: ...n except those IPs specified in the pool Level two automatic enables basic firewall security all DoS protection and the SPI filter function Level three advanced is an advanced level of firewall where user can determine the security level for special purpose environment and applications by configuring the DoS protection and defining an extra packet filter with higher priority than the default SPI f...

Page 99: ...mpts to slow your network by requesting new connections but not completing the process to open the connection Once the buffer for these pending connections is full a server will not accept any more connections and will be unresponsive ICMP Flood A sender transmits a volume of ICMP request packets to cause all CPU resources to be consumed serving the phony requests UDP Flood A sender transmits a vo...

Page 100: ...computers move to another location in another part of the network a new IP address must be entered DHCP lets a network administrator to supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network To configure DHCP server move the cursor to dhcp and press enter generic Configure generic DHCP par...

Page 101: ...and press enter Command setup dns_proxy IP IP IP Message Please input the following information DNS server 1 ENTER for default 168 95 1 1 10 0 10 1 DNS server 2 10 10 10 1 DNS server 3 Host name Enter local host name via hostname command Move cursor to hostname and press enter Command setup hostname name Message Please input the following information Local hostname ENTER for default SOHO test Defa...

Page 102: ...ation Manual Copyright Ó 2004 This manual described in it is copyrighted with all rights reserved This manual may not be copied in whole or in part without written consent All product names are trademarks and or registered trademarks of their respective companies ...