Multitech PROXYSERVER MTPSR1-120 User Manual

Dual Ethernet ProxyServer

Model MTPSR1-120

User Guide

User Guide

88301501 Revision B

Dual Ethernet ProxyServer (Model No MTPSR1-120)

This publication may not be reproduced, in whole or in part, without prior expressed written permission from
Multi-Tech Systems, Inc. All rights reserved.

Copyright © 1999, by Multi-Tech Systems, Inc.

Multi-Tech Systems, Inc. makes no representations or warranties with respect to the contents hereof and
specifically disclaims any implied warranties of merchantability or fitness for any particular purpose.
Furthermore, Multi-Tech Systems, Inc. reserves the right to revise this publication and to make changes from
time to time in the content hereof without obligation of Multi-Tech Systems, Inc. to notify any person or
organization of such revisions or changes.

Record of Revisions

Revision Description

A Manual released. All pages at revision A.
(9/4/98)

B Manual revised for software version 2.00. All pages at revision B.
(2/19/99)

Patents

This Product is covered by one or more of the following U.S. Patent Numbers:

5.355.365; 5.355.653; 5.452.289; 5.453.986

. Other Patents Pending.

TRADEMARK

Trademark of Multi-Tech Systems, Inc. is the Multi-Tech logo.
Windows is a registered trademark of Microsoft.

5.301.274; 5.309.562

;

Multi-Tech Systems, Inc.

2205 Woodale Drive

Mounds View, Minnesota 55112

(612) 785-3500 or (800) 328-9717

Fax 612-785-9874

Tech Support (800) 972-2439

Internet Address: http://www.multitech.com

Fax-Back (612) 717-5888

Contents

Chapter 1 - Introduction and Description

Introduction ................................................................................................................................................ 6

Preview of this Guide ................................................................................................................................. 6

Front Panel Description.............................................................................................................................. 8

Back Panel Description .............................................................................................................................. 9

RS232/V .35 Connector ........................................................................................................................ 9

Ethernet 1 and 2 10Base-T Connectors .............................................................................................. 9

Command Connector........................................................................................................................... 9

Power Connector ................................................................................................................................. 9

Specifications ........................................................................................................................................... 10

Ethernet Ports.................................................................................................................................... 10

Command Port................................................................................................................................... 10

WAN Link........................................................................................................................................... 10

Electrical/Physical.............................................................................................................................. 10

Chapter 2 - Installation

Safety Warnings....................................................................................................................................... 12

Unpacking Y our Firewall........................................................................................................................... 12

V.35 Shunt Procedure .............................................................................................................................. 13

Cabling Y our Firewall................................................................................................................................ 14

Chapter 3 - Software Loading and Configuration

Loading Y our Software ............................................................................................................................. 18

Wizard Setup............................................................................................................................................ 20

IP Wizard Setup................................................................................................................................. 20

Default WAN Link Configuration ........................................................................................................ 22

Chapter 4 - Firewall Software

Introduction .............................................................................................................................................. 26

Typical Applications.................................................................................................................................. 26

Configuration 1 - Cable/DSL Modem ................................................................................................. 26

Configuration 2 - Existing Dual-LAN with Router ............................................................................... 27

Configuration 3 - New Dual-LAN with T1 DSU................................................................................... 28

Firewall Program Group ........................................................................................................................... 30

Firewall Configuration............................................................................................................................... 32

Changing IP Parameters ......................................................................................................... ................. 33

Changing WAN Port Parameters ............................................................................................................. 35

Enabling PPP/SLIP .................................................................................................................................. 36

Enabling the DHCP Server....................................................................................................................... 38

Adding Proxy Applications........................................................................................................................ 39

Filtering .............................................................................................................................................. 40

Enabling Virtual Servers....................................................................................................... .................... 41

Statistics................................................................................................................................................... 42

Applications.............................................................................................................................................. 42

iii

Chapter 5 - Remote Configuration and Management

Introduction .............................................................................................................................................. 44

Remote Configuration .............................................................................................................................. 44

Modem-Based ................................................................................................................................... 44

LAN-Based ........................................................................................................................................ 46

Remote Management............................................................................................................................... 48

T elnet ................................................................................................................................................. 48

WEB Management............................................................................................................................. 50

Chapter 6 - Warranty, Service and Tech Support

Introduction .............................................................................................................................................. 52

Limited Warranty ...................................................................................................................................... 52

On-line Warranty Registration............................................................................................................ 52

Tech Support ............................................................................................................................................ 53

Recording ProxyServer Information................................................................................................... 53

Service ..................................................................................................................................................... 54

The Multi-Tech BBS ................................................................................................................................. 55

To Log on to the Multi-Tech BBS........................................................................................................ 55

To Download a File ............................................................................................................................ 55

About the Internet..................................................................................................................................... 56

About the Multi-Tech Fax-Back Service ................................................................................................... 56

Appendixes

Appendix A - TCP/IP (Transmission Control Protocol/Internet Protocol) Description............................... 58

Appendix B - Cabling Diagrams ............................................................................................................... 61

Appendix C - Regulatory Information ....................................................................................................... 63

Glossary
Index

iv

Chapter 1 - Introduction and Description

Firewall User Guide

Introduction

Welcome to Multi-Tech's Dual Ethernet ProxyServer , model number MTPSR1-120 (hereafter,
Firewall) a high speed Internet access device that provides firewall protection to your corporate
secured (private) LAN and allows Internet access to the Internet Services Network (public LAN)
that resides outside the firewall. Internet access can be provided through new technologies, such
as cable or DSL modems, connecting to an existing high speed public LAN, or connecting the
RS232 WAN port on the back of the unit that allows Internet access up to T1/E1 access speeds.
The Firewall provides two Ethernet connections that implement firewall protection and gateway
security for your LAN resources and provides megabit data transfer rates (up to 20 times faster
than a 56K modem) for your Internet access.

The Firewall provides two Ethernet 10Base-T ports which connect your private secured LAN to
the LAN 1 connection and the Internet Services Network resources to the LAN 2 connection, and
a Command port for configuration. An additional RS232/V.35 port is provided for an alternate
connection to an external WAN for connecting your secure corporate LAN directly to an ISP.
System management is provided through the command port using bundled Windows® software
which provides easy-to-use configuration menus.

Figure 1-1. Firewall (MTPSR1-120)

Preview of this Guide

This guide describes the Firewall and tells you how to install and configure the unit. The
information contained in each chapter is as follows:

Chapter 1 - Introduction and Description

Chapter 1 describes the Firewall’s front panel indicators, and back panel connectors. In addition,
a list of relevant specifications is provided at the end of the chapter.

Chapter 2 - Installation

Chapter 2 provides information on unpacking and cabling your Firewall. The installation

procedure describes each cable connection. This chapter mirrors the procedures provided in
your printed Firewall Quick Start Guide (PN 8207810x).

Chapter 3 - Software Loading and Configuration

Chapter 3 provides instructions for software loading and initial configuration. The Firewall

software diskettes are Windows® based. Later chapters, as well as the included online Help, will
describe the Firewall software in more detail.

6

Chapter 1 - Introduction and Description

Chapter 4 - Firewall Software

Chapter 4 describes the Firewall software package designed for the Windows ® environment.

This chapter describes the Firewall software from an applications standpoint, and in so doing, not
every screen is shown, nor is each field within a screen defined. For explanations and
parameters of each field within a dialog box please refer to the online Help provided within the
software.

Chapter 5 - Remote Configuration and Management

Chapter 5 provides procedures for changing the configuration of a remote Firewall. Remote

configuration allows you to change the configuration of a unit by simply connecting two modems
between the two Firewalls and remotely controlling the unit. In addition, remote management
utilities such as Telnet and Web-based management of the Firewall.

Chapter 6 - Warranty, Service and Tech Support

Chapter 6 provides instructions on getting service for your Firewall at the factory , a statement of

the limited warranty , information about our Internet presence, and space for recording information
about your Firewall prior to calling Multi-Tech’s Technical Support.

Appendixes

Appendix A - TCP/IP (Transmission Control Protocol/Internet Protocol) Description
Appendix B - Cabling Diagrams
Appendix C - Regulatory Information

7

Firewall User Guide

Front Panel Description

The front panel, shown in Figure 1-2, contains four groups of LEDs that provide the status of the
LAN connection, link activity , and general status of the Firewall. The Ethernet 1 and Ethernet 2
LEDs display the activity of the public and private LANs, in whether the Firewall is connected to
the LAN, transmitting or receiving packets, and if a collision is in progress. The WAN Link LEDs
display the status of the RS232/V.35 WAN link, that can optionally be connected to an external
Data Communications Equipment (DCE) device, in whether the link is ready to transmit or
receive serial data, and if an external communications device with a V.35 interface is connected
to the Firewall. The last group of LEDs indicate whether the self test passed or failed and if the
power On/Off switch on the back of the Firewall is turned On.

Figure 1-2. Front Panel

ETHERNET 1 and 2

RCV Receive Data indicator blinks when packets are being received from the private (Ethernet

1) or public (Ethernet 2) LANs.

XMT Transmit Data indicator blinks when packets are being transmitted to the private

(Ethernet 1) or public (Ethernet 2) LANs.

LNK Link indicator lights when the Ethernet link senses voltage from a concentrator or

external device.

WAN Link

RCV Receive Data indicator blinks when packets are being sent to the local area network.
XMT Transmit Data indicator blinks when packets are being transmitted from the local area

network.

CD Carrier Detect indicator lights when a carrier signal is detected on the WAN link.
V35 V.35 indicator lights when internal shunt is set for V.35 operation.

Fail

ERR Error indicator lights when the Firewall is booting or downloading setup.

Power

PWR Power indicator lights when power is applied to the Firewall.

8

Back Panel Description

The cable connections for the Firewall are made at the back panel. In addition to the Power
connector, Three groups of connectors are used on the Firewall: the Command Port, Ethernet 1
& 2 (10BASET) and RS232/V.35. The cable connections are shown in Figure 1-3 and defined in
the following groups.

Chapter 1 - Introduction and Description

RS232/V.35

ETHERNET

2

10BASET

1

10BASET

COMMAND

POWER

ON

OFF

Figure 1-3. Back Panel

RS232/V.35 Connector

The RS232/V.35 (DB-25) connector is used to connect the Firewall to an external modem, DSU,
or other Data Communications Equipment (DCE). This connection can be either RS232C
(default) or V.35. If the connection is V.35, then the shunt must be moved from the default RS232
position to the V.35 position (for details on this procedure, refer to Chapter 2 - V.35 Shunt

Procedure).

Ethernet 1 and 2 10Base-T Connectors

The Ethernet 10Base-T connectors are used to connect the Firewall to a LAN using unshielded
twisted cable. Ethernet 1 connects the Secured (private) LAN, and Ethernet 2 connects the
Internet (public) LAN. These connectors are RJ-45 jacks.

Command Connector

The Command connector is used to configure the Firewall using a PC with a serial port and
running Windows® software. The Command connector is an RJ-45 jack and a short adapter
cable is provided to convert to a standard serial port DB-25 female connector.

Power Connector

The Power connector is used to connect the external power supply to the Firewall. The Power
connector is a 6-pin circular DIN connector. A separate power cord is connected to the power
supply and the live AC grounded outlet.

9

Firewall User Guide

Specifications

• Protocols - Point-To-Point Protocol (PPP), and Serial Line Internet Protocol (SLIP)

Ethernet Ports

• T wo Ethernet Interface - 10Base-T (twisted pair) RJ-45 connectors.

Command Port

• Single 19.2K bps asynchronous Command Port using a short RJ-45 to DB-25 cable with a
DB-25 female connector

WAN Link

• One RS232/V.35 port connector.

Electrical/Physical

• Voltage - 115 VAC (Standard), 240 Volts AC (Optional)

• Frequency - 47 to 63 Hz

• Power Consumption - 10 Watts

• Dimensions - 1.625" high x 6" wide x 9" deep

5.63cm high x 22.34cm wide x 33.51cm deep

• Weight - 2 pounds (.92 kg)

10

Chapter 2 - Installation

Firewall User Guide

Safety Warnings

1. Never install telephone wiring during a lightning storm.

2. Never install telephone jacks in wet locations unless the jack is specifically designed for

wet locations.

3. Never touch uninsulated telephone wires or terminals unless the telephone line has been

disconnected at the network interface.

4. Use caution when installing or modifying telephone lines.

5. Avoid using a telephone (other than a cordless type) during an electrical storm. There

may be a remote risk of electrical shock from lightning.

6. Do not use the telephone to report a gas leak in the vicinity of the leak.

Unpacking Your Firewall

The shipping box contains the Firewall, external power supply , power cord, Command Port (DB­25 to RJ-45) cable, your Quick Start Guide, and three diskettes (i.e., this Firewall User Guide,
and the Firewall Software). Inspect the contents for signs of any shipping damage. If damage is
observed, do not power up the unit, contact Multi-Tech’s Technical Support for advice (refer to

Chapter 6). If no damage is observed, place the Firewall in its final location and continue with the

next section.

MADE IN U.S.A

Figure 2-1. Unpacking

12

MADE IN U.S.A

V.35 Shunt Procedure

If you are using an external DCE device on the WAN RS232/V.35 port, and the connection will be
a V.35 connection, the internal shunt must be moved from the RS232C (default) position prior to
cabling and power-up. The following steps detail the procedures for switching the shunt.

Step Procedure

1 Ensure that the external power supply is disconnected from the Firewall.
2 Turn the Firewall over and remove the cabinet mounting screw from the chassis.

Chapter 2 - Installation

Front Panel

Back Panel

Cabinet Mounting Screw

Figure 2-2. Cabinet Mounting Screw

3 Being sure to support the back panel, turn the Firewall right-side-up, tilt the back panel

down, and slide the circuit board out of the chassis.
4 Place the unit on a flat, grounded surface with the LED’s facing you.
5 Gently pry the shunt out of the RS232 position, and insert it in the V .35 position.

LEDs

Back Panel Connectors

RAM Sockets

Figure 2-3. Shunt Positions

6 Align the board with the guide slots on the inside of the chassis and carefully slide the

board back into the chassis.
7 Being sure to support the back panel, turn the Firewall over again, and replace the

cabinet mounting screw.
8 Turn the Firewall right-side-up again and proceed to the next section to connect the

cables.

V.35 Shunt Position

RS232C Shunt Position

13

Firewall User Guide

Cabling Your Firewall

Cabling your Firewall involves making the proper Power, Command Port, and Ethernet
connections. An optional WAN connection is provided to connect to an external WAN device.
Figure 2-4 shows the back panel connectors and the associated cable connections, and the table
that follows details the procedures for connecting the cables to your Firewall.

RS232/V.35

WAN
Connection

Internet
LAN

Secured
LAN

Figure 2-4. Cable Connections

Step Procedure

2

10BASET

ETHERNET

COMMAND

1

10BASET

18” RJ-45 to DB-25 Cable

(supplied by Multi-Tech)

Cabling Procedure

POWER

ON

OFF

DB-25 Connector

(25-pin, female)

Connection

PC

Power
Connection

DB-25 Connector

(25-pin, male)

Serial Port Cable

(You supply)

1. Connect one end of the power supply to a live AC outlet and connect the other end to the
Firewall as shown in Figure 2-4. The power connector is a 6-pin circular DIN connector .

2. Connect the Firewall to a PC by using the short RJ-45 to DB-25 (female) cable provided
in your unit. Plug the RJ-45 end of the cable into the Command port of the Firewall and
the other end into the RS-232 cable (you supply) from the PC serial port. See Figure 2-4.

3. To connect your secure (private) LAN, connect one end of an RJ-45 (UTP) cable to the
LAN 1 connector on the back of the Firewall. Connect the other end of the cable to your
private LAN.

4. To connect a cable modem, DSL modem, or your Internet (public) LAN, connect one end
of an RJ-45 (UTP) cable to the LAN 2 connector on the back of the Firewall. Proceed to
step 6.

5. If a cable modem, DSL modem, or your Internet LAN is being used, no cable connection
will be made to the RS232/V.35 connector on the back of the Firewall.

If the RS232/V.35 connector on the Firewall is going to be connected to a WAN device
(i.e., connecting your secure (private) LAN to an ISP, connect one end of an RS232 or
V.35 interface cable to the RS232/V .35 connector on the back of the Firewall. Connect
the other end of this cable to the WAN device.

14

Chapter 2 - Installation

6. Turn on power to the Firewall by placing the ON/OFF switch on the back panel to the ON
position. Wait for the Fail LED on the Firewall to go OFF before proceeding. This may
take a couple of minutes to go OFF.

At this time your Firewall is completely cabled. Proceed to Chapter 3 to load the Firewall
software.

15

Firewall User Guide

16

Chapter 3 - Software Loading and Configuration

Firewall User Guide

Loading Your Software

The following loading procedure does not provide every screen or option in the process of
installing the Firewall software. The assumption is that the installation is being performed by a
technical person with a thorough knowledge of Windows and the software loading process.
Additional information on the Firewall software is provided in the Chapter 4, and in the on-line
help provided with your Firewall software.

1. Run Windows on the PC connected to the Command Port.

2. Insert the Firewall disk labeled
Command port.

3. Win3.1 users - In Program Manager click File | Run. In the Run dialog box, type
a:\setup.exe or b:\setup.exe (depending on the letter of your floppy disk drive) in the
Command Line field and then click OK.

Win95/NT users - click Start | Run. In the Run dialog box click on the down arrow and
choose a:\setup or b:\setup (depending on the letter of your floppy disk drive) in the
Command Line field and then click OK.

4. The Welcome screen is displayed.

Disk 1

into the disk drive on the PC connected to the

Click Next > or press Enter to continue.

5. Follow the on-screen instructions to install your Firewall software.

18

Chapter 3 - Software Loading and Configuration

The Select Program Folder dialog box enables you to use the default or select a
different name for the new program group for the Firewall 2.00 software. After accepting
the default or selecting a different folder name, press Enter or click Next > to continue.

6. The next dialog box enables you to designate the COM port of your PC that is connected
to the Firewall. On the Select Port field, click the down arrow and choose the COM port
of your PC (COM1 -- COM4) that is connected to the Firewall.

Click OK to continue.

7. The Setup Complete dialog box is displayed.

Click Finish to continue. The “Do you want to run Wizard setup?” message is displayed.

19

Firewall User Guide

Wizard Setup

The Wizard Setup screen gives you a process for adding the basic information needed to
configure your Firewall. This screen will guide you through entering the IP Address, Net Mask,
and Default Route for your Secure (private) LAN. Then you can set up for static or dynamic
addressing on the Internet LAN Port, set up the Gateway Parameters, and then do the same for
the WAN port, if it is used.

9. Click Yes to run the Wizard Setup.
Clicking No takes you to the program group (icons), where you can choose a utility from

the program group.

IP Wizard Setup

The IP Wizard Setup dialog box guides you through assigning LAN and WAN IP address
information and determining if your LAN is already running a DHCP Server that will automatically
assign Client IP addresses if enabled.

10. Change the default IP Address, Mask, and Default Route to the unique parameters for
your Secure (private) LAN connected to the LAN 1 Port.

Follow the on-screen instructions.

Secured LAN (LAN 1) Setup

11. If an Internet (public) LAN is connected to the LAN 2 Port, click the Internet LAN option
in the Select Port window, then either leave the DHCP Client option enabled or disable
(uncheck) it and assign the proper IP Address, Net Mask, and DNS Server addresses for
your Internet LAN. Follow the on-screen instructions and enter a Gateway IP Address,
too, if the DHCP function is disabled.

20

Internet LAN (LAN 2) Setup

WAN Setup

Chapter 3 - Software Loading and Configuration

12. If a WAN device is connected to the WAN Port (marked RS-232/V.35), click the WAN
option in the Select Port window, then either leave the “ISP Assigned Dynamic IP
Address & Mask” option enabled or disable (uncheck) it and assign the proper IP
Address and Net Mask for your WAN port. If your connection to the Internet is through
the WAN port, follow the on-screen instructions: select W AN for the Gateway, then enter
a Gateway IP Address and a Host Name in the fields provided.

13. Click OK when you are finished configuring the IP parameters. The Default WAN Link(s)
Setup dialog box is displayed.

21

Firewall User Guide

Default WAN Link Configuration

The Default WAN Link(s) Setup dialog box is used only if a device is connected to the RS-232/
V.35 connector on the back panel of the Firewall. This connection enables your Secure (private)
LAN to be connected to a local ISP for Internet service.

However, if you are using the LAN 2 port, then you will have to
port on this dialog box.

14. If a cable modem, DSL modem, or Internet LAN is connected to LAN 2, click OK and
proceed to step 19 to download the default setup.

If a device is connected to the RS-232/V.35 connector on the back of the Firewall,
proceed to step 15.

15. Click the down arrow for Modem T ype and select from the listing the type of device that
is connected to the RS-232/V.35 connector.

16. Click the Dial Number field and enter the phone number supplied by your ISP. The
number can be a standard local number or it can include a long distance prefix.

17. Click the User Name field and enter the user name you negotiated with your ISP. The
User Name can be up to 40 alphanumeric characters and is not case sensitive.

disable

the RS-232/V.35 WAN

18. Click Password and enter the password you negotiated with your ISP. The password
can be up to 15 alphanumeric characters and also is not case sensitive.

19. Turn on power to the Firewall and the following dialog box is displayed.

Click OK to proceed.

20. The Writing Setup dialog box is displayed as the setup configuration is written to the
Firewall.

22

Chapter 3 - Software Loading and Configuration

21. Check to ensure that the Fail LED on the Firewall is Off after the download is complete
and the Firewall is rebooted.

22. Win3.1 users - you are returned to your Program Manager where the Firewall 2.00
Program Group and Program Items (Windows icons) have been created.

Win95/NT users - you are returned to the Firewall 2.00 folder which will be open and
visible on your desktop.

23

Firewall User Guide

24