Netopia 3300-ENT User Manual
NNNNeeeettttooooppppiiiiaa
aa
®®
®®
FFFFiiiirrrrmmmmwwwwaaaarrrreeee UUUUsssseeeerrrr GGGGuuuuiiiiddddee
ee
3333333300000000----EEEENNNNTTTT EEEEnnnntttteeeerrrrpppprrrriiiisssseeee SSSSeeeerrrriiiieeeess
NNNNeeeettttooooppppiiiiaaaa FFFFiiiirrrrmmmmwwwwaaaarrrreeee VVVVeeeerrrrssssiiiioooonnnn 8888....44
ss
44
Copyright
Copyright© 2004, Netopia, Inc. Netopia and the Netopia logo are registered trademarks
belonging to Netopia, Inc., registered U.S. Patent and Trademark Office. Broadband Without
Boundaries and 3-D Reach are trademarks belonging to Netopia, Inc. All other trademarks
are the proper ty of their respective owners. All rights reser ved.
Netopia, Inc.
6001 Shellmound Street
Emeryville, CA 94608
U.S.A.
Part Number
Netopia part number 6161196-00-01
CCCCoooonnnntttteeeennnnttttss
ss
Contents iii
Chapter 1 — Introduction.......................................................... 1-1
What’s New in 8.4 ......................................................... 1-1
Telnet-based Management.............................................. 1-2
Netopia Telnet Menus .................................................... 1-2
Netopia Models ............................................................. 1-3
Screen differences .............................................. 1-3
Connecting through a Telnet Session............................... 1-3
Configuring Telnet software................................... 1-4
Navigating through the Telnet Screens............................. 1-4
G
Chapter 2 — WAN and System Configuration .............................2-1
WAN Configuration ......................................................... 2-1
WAN Ethernet Configuration screen ....................... 2-2
ADSL Line Configuration screen ............................ 2-4
Creating a New Connection Profile................................... 2-9
Advanced Connection Options....................................... 2-14
Configuration Changes Reset WAN Connection..... 2-14
Scheduled Connections...................................... 2-15
Backup Configuration ......................................... 2-20
Priority Queuing (TOS bit).................................... 2-20
System Configuration Screens ...................................... 2-22
System configuration features............................. 2-22
IP Setup............................................................ 2-23
Filter Sets ......................................................... 2-23
IP Address Serving............................................. 2-23
Network Address Translation (NAT)...................... 2-23
Stateful Inspection............................................. 2-23
Date and time ................................................... 2-29
Wireless configuration ........................................ 2-30
SNMP (Simple Network Management Protocol)..... 2-36
Security............................................................. 2-36
Upgrade Feature Set .......................................... 2-36
Change Device to a Bridge.................................. 2-37
iv
Firmware User Guide
Logging ............................................................. 2-38
Chapter 3 — Multiple Network Address Translation ...................3-1
Overview ....................................................................... 3-1
Features ............................................................. 3-2
Supported traffic ................................................. 3-5
Support for AOL Instant Messenger (AIM) File
Transfer .............................................................. 3-5
Support for Yahoo Messenger............................... 3-6
MultiNAT Configuration ................................................... 3-6
Easy Setup Profile configuration ............................ 3-6
Server Lists and Dynamic NAT configuration........... 3-7
IP setup .............................................................. 3-7
Modifying map lists............................................ 3-12
Adding Server Lists...................................................... 3-15
Modifying server lists ......................................... 3-17
Deleting a server ............................................... 3-19
Binding Map Lists and Server Lists ............................... 3-21
IP profile parameters.......................................... 3-21
IP Parameters (WAN Default Profile) .................... 3-23
NAT Associations......................................................... 3-25
IP Passthrough ............................................................ 3-27
MultiNAT Configuration Example.................................... 3-31
Chapter 4 — Virtual Private Networks (VPNs)............................4-1
Overview ....................................................................... 4-1
About PPTP Tunnels ....................................................... 4-4
PPTP configuration ............................................... 4-4
About IPsec Tunnels....................................................... 4-7
About L2TP Tunnels ....................................................... 4-8
L2TP configuration ............................................... 4-8
About GRE Tunnels ...................................................... 4-11
VPN force-all...................................................... 4-14
About ATMP Tunnels..................................................... 4-15
Contents v
ATMP configuration ............................................ 4-15
Encryption Support ...................................................... 4-17
MS-CHAP V2 and 128-bit strong encryption ......... 4-18
ATMP/PPTP Default Profile............................................ 4-18
VPN QuickView ............................................................ 4-20
Dial-Up Networking for VPN ........................................... 4-21
Installing Dial-Up Networking............................... 4-21
Creating a new Dial-Up Networking profile ............ 4-22
Configuring a Dial-Up Networking profile............... 4-23
Connecting using Dial-Up Networking................... 4-24
Allowing VPNs through a Firewall ................................... 4-24
PPTP example.................................................... 4-26
ATMP example................................................... 4-28
Windows Networking Broadcasts................................... 4-31
Chapter 5 — Internet Key Exchange (IKE) IPsec
Key Management for VPNs ...................................5-1
Overview ....................................................................... 5-1
Internet Key Exchange (IKE) Configuration........................ 5-2
Adding an IKE Phase 1 Profile ............................... 5-4
Changing an IKE Phase 1 Profile ........................... 5-7
Key Management........................................................... 5-8
Advanced IPsec Options ..................................... 5-11
IPsec WAN Configuration Screens ................................. 5-18
IPsec Manual Key Entry................................................ 5-19
VPN Quickview................................................... 5-20
WAN Event History Error Reporting ...................... 5-21
G
Chapter 6 — IP Setup ............................................................... 6-1
IP Setup........................................................................ 6-2
IP subnets........................................................... 6-4
Static routes ....................................................... 6-6
RIP-2 MD5 Authentication............................................. 6-10
Overview ........................................................... 6-10
vi
Firmware User Guide
Authentication configuration................................ 6-10
Connection Profiles and Default Profile ................ 6-15
IP Address Serving ...................................................... 6-17
IP Address Pools................................................ 6-20
DHCP NetBIOS Options ...................................... 6-21
More Address Ser ving Options...................................... 6-23
Configuring the IP Address Server options ........... 6-24
DHCP Relay Agent........................................................ 6-28
Connection Profiles ...................................................... 6-30
Multicast Forwarding.................................................... 6-33
Chapter 7 — Line Backup .........................................................7-1
Configuring Backup ........................................................ 7-1
Connection Profiles ........................................................ 7-2
IP Setup.............................................................. 7-7
WAN Configuration ......................................................... 7-8
Backup Configuration screen .............................. 7-10
Using Scheduled Connections with Backup .................... 7-12
Backup Default Gateway............................................... 7-14
Backup Configuration screen .............................. 7-14
IP Setup screen ................................................. 7-16
Backup Management/Statistics.................................... 7-17
QuickView ................................................................... 7-18
Chapter 8 — Monitoring Tools ................................................... 8-1
Quick View Status Overview............................................ 8-1
General status..................................................... 8-2
Current status ..................................................... 8-3
Status lights........................................................ 8-3
Statistics & Logs ........................................................... 8-4
Event Histories .............................................................. 8-4
IP Routing Table............................................................. 8-7
General Statistics .......................................................... 8-7
System Information........................................................ 8-9
Contents vii
Simple Network Management Protocol (SNMP)............... 8-10
The SNMP Setup screen..................................... 8-11
SNMP traps....................................................... 8-12
Chapter 9 — Security ...............................................................9-1
Suggested Security Measures......................................... 9-1
Telnet Tiered Access – Two Password Levels ................... 9-2
UPnP Support...................................................... 9-2
Superuser configuration ....................................... 9-3
Limited user configuration .................................... 9-4
Advanced Security Options ................................... 9-6
User access password ......................................... 9-8
User menu differences......................................... 9-9
Telnet Access .............................................................. 9-16
About Filters and Filter Sets.......................................... 9-17
What’s a filter and what’s a filter set? ................. 9-17
How filter sets work ........................................... 9-17
How individual filters work .................................. 9-18
Design guidelines .............................................. 9-23
Working with IP Filters and Filter Sets............................ 9-24
Adding a filter set............................................... 9-25
Deleting a filter set ............................................ 9-29
A sample filter set.............................................. 9-29
Policy-based Routing using Filtersets............................. 9-32
TOS field matching............................................. 9-33
Firewall Tutorial ........................................................... 9-35
General firewall terms ........................................ 9-35
Basic IP packet components............................... 9-35
Basic protocol types........................................... 9-35
Firewall design rules .......................................... 9-36
Filter basics....................................................... 9-38
Example filters................................................... 9-39
Configuration Management ........................................... 9-42
G
viii
Firmware User Guide
TFTP ................................................................. 9-44
Chapter 10 — Utilities and Diagnostics ...................................10-1
Ping ............................................................................ 10-2
Trace Route................................................................. 10-4
Telnet Client ................................................................ 10-5
Factory Defaults .......................................................... 10-6
Transferring Configuration and Firmware Files with TFTP.. 10-6
Updating firmware .............................................. 10-7
Downloading configuration files ........................... 10-7
Uploading configuration files ............................... 10-8
Restarting the System ................................................. 10-8
Appendix A — Troubleshooting.................................................. A-1
Configuration Problems .................................................. A-1
Network problems................................................ A-2
How to Reset the Router to Factory Defaults.................... A-3
Power Outages .............................................................. A-3
Technical Support .......................................................... A-3
How to reach us .................................................. A-4
Appendix B — Understanding IP Addressing ..............................B-1
What is IP?.................................................................... B-1
About IP Addressing ....................................................... B-1
Subnets and subnet masks .................................. B-2
Example: Using subnets on a Class C IP internet ... B-3
Example: Working with a Class C subnet................ B-5
Distributing IP Addresses ............................................... B-5
Technical note on subnet masking ........................ B-6
Configuration ....................................................... B-7
Manually distributing IP addresses ........................ B-8
Using address serving.......................................... B-8
Tips and rules for distributing IP addresses ........... B-9
Nested IP Subnets....................................................... B-11
Contents ix
Broadcasts.................................................................. B-14
Packet header types .......................................... B-14
Appendix C — Binary Conversion Table......................................C-1
Appendix D — Technical Specifications and Safety Information ..D-1
Description.................................................................... D-1
Power requirements ............................................. D-1
Environment ........................................................ D-1
Software and protocols ........................................ D-1
Agency approvals........................................................... D-2
North America ..................................................... D-2
International........................................................ D-2
Manufacturer’s Declaration of Conformance .................... D-3
Important Safety Instructions ......................................... D-4
FCC Part 68 Information................................................. D-5
FCC Requirements ............................................... D-5
FCC Statements .................................................. D-5
Electrical Safety Advisory ............................................... D-7
G
Index
x
Firmware User Guide
Introduction 1-1
CCCChhhhaaaapppptttteeeerrrr 11
IIIInnnnttttrrrroooodddduuuuccccttttiiiioooonn
This
Firmware User Guide
Your Netopia equipment offers advanced configuration features accessed through the Main Menu of the Telnet
configuration screen. This
security, monitoring, and configuration. This
Quickstart Guide
Guide
before reading this
11
and the
nn
covers the advanced features of the Netopia 3300-Series Router family.
Firmware User Guide
Getting Started Guide
Firmware User Guide
documents the advanced features, including advanced testing,
Firmware User Guide
. You should read the
.
should be used as a companion to the
Quickstart Guide
and the
Getting Started
What’s New in 8.4
New in Netopia Firmware Version 8.4 are the following features:
•
IPSec MTU Support
See “Advanced IPsec Options” on page 5-11.
•
TACACS+ Support
See “TACACS+ server authentication” on page 9-8.
•
GRE Tunneling Support
See “About GRE Tunnels” on page 4-11.
•
Session Initiation Protocol ALG support setting in the CLI.
(The SIP ALG supports only SIP over UDP, not TCP.)
See the
Command Line Interface Commands Reference
available on the Netopia website.
1-2 Firmware User Guide
Telnet-based Management
Telnet-based management is a fast menu-driven interface for the capabilities built into the Netopia Firmware
Version 8.4. Telnet-based management provides access to a wide variety of features that the Router supports.
You can customize these features for your individual setup. This chapter describes how to access the
Telnet-based management screens. This section covers the following topics:
•
“Netopia Telnet Menus” on page 1-2
•
“Netopia Models” on page 1-3
•
“Connecting through a Telnet Session” on page 1-3
•
“
Navigating through the Telnet Screens” on page 1-4
Netopia Telnet Menus
Telnet-based management screens contain the main entry points to the Netopia Firmware Version 8.4
configuration and monitoring features. The entry points are displayed in the Main Menu shown below:
Netopia 3366 V 8.4
Easy Setup...
WAN Configuration...
System Configuration...
Utilities & Diagnostics...
Statistics & Logs...
Quick Menus...
Quick View...
•
The
Easy Setup
You can use Easy Setup to initially configure the Router directly through a Telnet session.
Easy Setup menus contain up to five descendant screens for viewing or altering these values. The number
of screens depends on whether you have optional features installed.
The
Quickstart Guide
•
The
WAN Configuration
Networks (VPNs) and default profile, creating or deleting additional connection profiles, and configuring or
reconfiguring the manner in which you may be using the Router to connect to more than one ser vice
menus display and permit changing the values contained in the default connection profile.
describes the Easy Setup menus to get you up and running quickly.
menu displays and permits changing your connection profile(s), Vir tual Private
Introduction 1-3
provider or remote site. See “WAN Configuration,” beginning on page 2-1. See also Chapter 4, “Virtual
Private Networks (VPNs).”
•
The
System Configuration
• IP Setup • Filter Sets
• IP Address Serving • Network Address Translation (NAT)
• Date and Time • SNMP (Simple Network Management Protocol)
• Security • Upgrade Feature Set
• Change Device to a Bridge • Logging
and more. See “System Configuration Screens,” beginning on page 2-22.
•
The
Utilities & Diagnostics
the Router's behavior, as well as for updating the firmware and rebooting the system. See Chapter 10,
“Utilities and Diagnostics.”
•
The
Statistics & Logs
your Router, your network, and their history. See “Statistics & Logs,” beginning on page 8-4.
•
The
Quick Menus
menus that are accessed through the other menu entr y points.
•
The
Quick View
“Quick View Status Overview” on page 8-1.
screen is a shortcut entry point to a variety of the most commonly used configuration
menu displays at a glance current real-time operating information about your Router. See
menus display and permit changing:
menus provide a selection of the various tools for monitoring and diagnosing
menus display several sets of tables and device logs that show information about
Netopia Models
This
Firmware User Guide
this guide will only apply to a specific model.
covers all of the Netopia 3300-Series Router models. However some information in
Screen differences
Because different Netopia 3300-Series models offer many different features and interfaces, the options shown
on some screens in this
These differences are noted throughout the manual.
Firmware User Guide
may not appear on your own particular model’s Telnet screen.
Connecting through a Telnet Session
Features of the Netopia Firmware Version 8.4 can be configured through the Telnet screens.
Before you can access the console screens through Telnet, you must have:
•
A network connection locally to the Router or IP access to the Router.
•
Telnet software installed on the computer you will use to configure the Router
1-4 Firmware User Guide
Configuring Telnet software
If you are configuring your device using a Telnet session, your computer must be running a Telnet software
program.
•
If you connect a PC with Microsoft Windows, you can use a Windows Telnet application or run Telnet from
the Start menu.
•
If you connect a Macintosh computer running Classic Mac OS, you can use the NCSA Telnet program
supplied on the Netopia CD. You install NCSA Telnet by dragging the application from the CD to your hard
disk.
Mac OS X users can use the Terminal application that comes with Mac OS X in the Utilities folder.
Navigating through the Telnet Screens
Use your keyboard to navigate the Netopia Firmware Version 8.4’s configuration screens, enter and edit
information, and make choices. The following table lists the keys to use to navigate through the Telnet screens.
To... Use These Keys...
Move through selectable items in a screen or pop-up menu Up, Down, Left, and Right Arrow
Set a change to a selected item or open a pop-up menu of
options for a selected item like entering an upgrade key
Change a toggle value (Yes/No, On/Off) Tab
Restore an entry or toggle value to its previous value Esc
Move one item up Up arrow or Control + K
Move one item down Down arrow or Control + O
Display a dump of the device event log Control + E
Display a dump of the WAN event log Control + F
Refresh the screen Control + L
Return or Enter
Introduction 1-5
To help you find your way to particular screens, some sections in this guide begin with a graphical path guide
similar to the following example:
Main
Menu
This particular path guide shows how to get to the Network Protocols Setup screens. The path guide represents
these steps:
1. Beginning in the Main Menu, select
screen appears.
2. Select
To go back in this sequence of screens, use the Escape key.
IP Setup
and press Return. The IP Setup screen appears.
System Configuration
System
Configuration
IP Setup
and press Return. The System Configuration
1-6 Firmware User Guide
WAN and System Configuration 2-1
CCCChhhhaaaapppptttteeeerrrr 22
WWWWAAAANNNN aaaannnndddd SSSSyyyysssstttteeeemmmm CCCCoooonnnnffffiiiigggguuuurrrraaaattttiiiioooonn
This chapter describes how to use the Telnet-based management screens to access and configure advanced
features of your equipment. You can customize these features for your individual setup. These menus provide a
powerful method for experienced users to set up their Router’s connection profiles and system configuration.
This section covers the following topics:
•
“WAN Configuration” on page 2-1
•
“WAN Ethernet Configuration screen” on page 2-2
•
“ADSL Line Configuration screen” on page 2-4
•
“Creating a New Connection Profile” on page 2-9
•
“
Advanced Connection Options” on page 2-14
•
“Configuration Changes Reset WAN Connection” on page 2-14
• “Scheduled Connections” on page 2-15
• “Backup Configuration” on page 2-20
• “System Configuration Screens” on page 2-22
22
nn
• “System configuration features” on page 2-22
WAN Configuration
To configure your Wide Area Network (WAN) connection, navigate to the WAN Configuration screen from the Main
Menu and select WAN (Wide Area Network) Setup.
Main
Menu
The Line Configuration screen appears. The Line Configuration screen will be appropriate to the type of WAN
interface supported by your particular Router model.
WAN
Configuration
WAN
Setup
2-2 Firmware User Guide
WAN Ethernet Configuration screen
The WAN Ethernet Configuration screen appears as follows:
WAN Ethernet Configuration
Address Translation Enabled: Yes
Local WAN IP Address: 0.0.0.0
NAT Map List... Easy-PAT List
NAT Server List... Easy-Servers
NAT Options...
Stateful Inspection Enabled: No
Filter Set...
Remove Filter Set
Enable PPP over Ethernet: Off
WAN Ethernet Speed Setting... Auto-Negotiation
Wan Ethernet MAC Address: 00:fc:de:fa:dd:02
DHCP Client Mode: Standards-Based
RIP Options...
Set up the basic IP attributes of your Ethernet Module in this screen.
• Address Translation Enabled allows you to specify whether or not the router performs Network Address
Translation (NAT) on the Ethernet WAN port. NAT is enabled by default.
• Local WAN IP Address allows you to manually configure an IP address for use on the Ethernet WAN port.
The value 0.0.0.0 indicates that the device will act as a DHCP client on the Ethernet WAN port and attempt
to acquire an address from a DHCP ser ver. By default, the router acts as a DHCP client on the Ethernet
WAN port.
• The Local WAN IP Mask field becomes visible if you specify a Local WAN IP Address. This allows you to
manually configure an IP subnet mask for use on the Ethernet WAN port. This item is visible only if you
have configured a non-zero Ethernet IP Address; other wise, the router obtains a subnet mask via DHCP.
• The NAT Map List and NAT Server List options are set to the defaults, Easy-PAT List and Easy-Servers.
These provide standard NAT mappings. For more advanced NAT configurations, see “Multiple Network
Address Translation” on page 3-1.
• NAT Options allows you to specify IP Passthrough, allowing a single PC on the LAN to have the router’s
public address assigned to it. See “IP Passthrough” on page 3-27.
• If you set Stateful Inspection Enabled to Yes , you can enable a security feature for computers on your LAN
when NAT is disabled. See “Stateful Inspection” on page 2-23.
• The Filter Set pop-up allows you to associate an IP filter set with the Ethernet WAN port. See “About Filters
and Filter Sets” on page 9-17.
• Remove Filter Set allows you to remove a previously associated filter set.
• Enable PPP over Ethernet is Off by default. If your ser vice provider uses PPPoE authentication toggle this
to On.
WAN and System Configuration 2-3
• The WAN Ethernet Speed Setting is now configurable via a pop-up menu. Options are: Auto-Negotiation
(the default), 100 Mbps Full Duplex, 100 Mbps Half Duplex, 10 Mbps Full Duplex, and 10 Mbps Half
Duplex. This may be useful in mixed networks, where multiple routers have different ethernet speed
capability. If you want to maintain a single speed setting for compatibility with multiple routers on your LAN,
you can select a speed/duplex combination that all of your routers can match.
• The Wan Ethernet MAC Address is the hardware address of the Netopia device. Some service providers
require a specific MAC address as par t of their authentication process. In such a case, you can enter the
MAC address that your service provider requires. If your ser vice provider doesn’t use this method, you
don’t need to change this field.
• The DHCP Client Mode setting depends on the type of access concentrator equipment your service
provider uses. Most use Standards-Based. Alternatively, your provider may instruct you to select Copper
Mountain Specific.
• The RIP Options selection displays the WAN Ethernet RIP Parameters screen.
WAN Ethernet RIP Parameters
+----------------+
+----------------+
Receive RIP: | Off |
| v1 |
Transmit RIP: | v2 |
| Both |
+----------------+
• The Receive RIP pop-up menu controls the reception and transmission of Routing Information Protocol
(RIP) packets on the Ethernet WAN port. The default is Both.
The Transmit RIP pop-up menu is hidden if NAT is enabled.
Routing Information Protocol (RIP) is needed if there are IP routers on other segments of your Ethernet
network that the Netopia Firmware Version 8.4 needs to recognize. Set to “Both” (the default) the Netopia
Firmware Version 8.4 will accept information from either RIP v1 or v2 routers. Alternatively, select Receive
RIP and select v1 or v2 from the popup menu. With Receive RIP set to “v1,” the Netopia Router’s Ethernet
port will accept routing information provided by RIP packets from other routers that use the same subnet
mask. Set to “v2,” the Netopia Firmware Version 8.4 will accept routing information provided by RIP
packets from other routers that use different subnet masks.
2-4 Firmware User Guide
If you want the Netopia Router to advertise its routing table to other routers via RIP, select Transmit RIP
and select v1, v2 (broadcast), or v2 (multicast) from the popup menu. With Transmit RIP v1 selected, the
Netopia Firmware Version 8.4 will generate RIP packets only to other RIP v1 routers. With Transmit RIP v2
(broadcast) selected, the Netopia Firmware Version 8.4 will generate RIP packets to all other hosts on the
network. With Transmit RIP v2 (multicast) selected, the Netopia Firmware Version 8.4 will generate RIP
packets only to other routers capable of recognizing RIP v2 packets.
ADSL Line Configuration screen
The ADSL Line Configuration screen is shown below:
ADSL Line Configuration
Circuit Type... Multimode
Trellis Coding Enabled: On
Signaling Mode... FDM
Fast Retrain Enabled: On
Wiring Type... AutoSense
Data Link Encapsulation... RFC1483
1. Select Circuit Type and from the pop-up menu choose the type of circuit to which you will be connecting:
Multimode, T1.413, G.dmt, or G.lite.
2. Select Trellis Coding Enabled. Toggle it to On (the default) or Off.
3. Select Signaling Mode and choose Echo Cancellation or FDM (the default).
4. If you selected Multimode Circuit Type, the Fast Retrain Enabled field appears. Toggle it to On (the default)
or Off.
5. The Wiring Type pop-up menu allows you to choose the type of copper pair wiring in use at your location.
Usually, the default AutoSense will detect the type and adjust itself accordingly. If you want to set it
yourself, and you know the type of wiring you have, choose either Tip/Ring (Inner Pair) or A/A1 (Outer Pair)
from the pop-up menu.
6. Select Data Link Encapsulation and press Return. The pop-up menu will offer you the choice of PPP or
RFC1483.
ATM Circuit Configuration
On ADSL WAN interfaces, the Asynchronous Transfer Mode (ATM) connection between the router and the
central office equipment (DSLAM) is divided logically into one or more virtual circuits (VCs). A virtual circuit may
be either a permanent vir tual circuit (PVC) or a switched vir tual circuit (SVC). Netopia Routers support PVCs.
WAN and System Configuration 2-5
VCs are identified by a Virtual Path Identifier (VPI) and Virtual Channel Identifier (VCI). A VPI is an 8-bit value
between 0 and 255, inclusive, while a VCI is a 16-bit value between 0 and 65535, inclusive.
• Circuits support attributes in addition to their VPI and VCI values. When configuring a circuit, you can
specify an optional circuit name of up to 14 characters. The circuit name is used only to identify the circuit
for management purposes as a convenience to aid in selecting circuits from lists. The default circuit name
is “Circuit <n>”, where <n> is some number between one and eight corresponding to the circuit’s position
in the list of up to eight circuits.
• You can also individually enable or disable a circuit without deleting it. This is useful for temporarily
removing a circuit without losing the configured attributes.
• In order to function, each circuit must be bound to a Connection Profile or to the Default Profile. Among
other attributes, the profile binding specifies the IP addressing information for use on the circuit. Each
circuit must be bound to a distinct Connection Profile.
ATM VPI/VCI Autodetection. You can bind multiple circuits to the same Connection Profile. Netopia Firmware
Version 8.4 allows you to have a standard configuration that uses, for example, four VCs (0/35, 0/38, 8/35,
8/38) pointing to the same profile.
The unit will now automatically select the active VC on networks with a VPI/VCI of any of these four values
without any custom configuration of the unit. You must, however, manually create these VCs and associate
them with the profile you desire.
You configure Virtual Circuits in the Add/Change Circuit screen.
Main
Menu
ATM Circuits Configuration
Show/Change Circuit...
Add Circuit...
Delete Circuit...
WAN
Configuration
ATM Circuits
Configuration
7. To add a circuit, select Add Circuit and press Return. The Add Circuit screen appears.
2-6 Firmware User Guide
Add Circuit
Circuit Name: Circuit 2
Circuit Enabled: Yes
Circuit VPI (0-255): 0
Circuit VCI (32-65535): +-------------+
+-------------+
QoS... | UBR |
Peak Cell Rate (0 = line rate): | CBR |
| VBR |
+-------------+
Use Connection Profile... Default Profile
Use Default Profile for Circuit
ADD Circuit NOW CANCEL
• Enter a name for the circuit in the Circuit Name field.
• Toggle Circuit Enabled to Yes.
• Enter the Virtual Path Identifier and the Virtual Channel Identifier in the Circuit VPI and Circuit VCI
fields, respectively.
• The Peak Cell Rate field is editable. Netopia Firmware Version 8.4 supports three ATM classes of ser-
vice for data connections: Unspecified Bit Rate (UBR), Constant Bit Rate (CBR), and Variable Bit Rate
(VBR). You can configure these classes of service on a per VC basis. The default ATM class of service
is UBR.
Quality of Service (QoS) settings
Note: QoS settings are not available on Ethernet-to-Ethernet WAN models.
• Select the QoS (Quality of Service) setting from the pop-up menu: UBR. CBR, or VBR.
UBR: No configuration is needed for UBR VCs. Leave the default value 0 (maximum line rate).
CBR: One parameter is required for CBR VCs. Enter the Peak Cell Rate that applies to the VC. This
value should be between 1 and the line rate. You set this value according to specifications defined by
your service provider.
WAN and System Configuration 2-7
Add Circuit
Circuit Name: Circuit 2
Circuit Enabled: Yes
Circuit VPI (0-255): 0
Circuit VCI (32-65535): 32
QoS... VBR
Peak Cell Rate (0 = line rate): 0
Sustained Cell Rate: 0
Maximum Burst Size: 0
Use Connection Profile... Default Profile
Use Default Profile for Circuit
ADD Circuit NOW CANCEL
Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes.
VBR: This class is characterized by:
• a Peak Cell Rate (PCR), which is a temporary burst, not a sustained rate, and
• a Sustained Cell Rate (SCR),
• a Burst Tolerance (BT), specified in terms of Maximum Burst Size (MBS). The MBS is the maximum
number of cells that can be transmitted at the peak cell rate and should be less than, or equal to the
Peak Cell Rate, which should be less than, or equal to the line rate.
VBR has two sub-classes:
a. VBR non-real-time (VBR-nrt): Typical applications are non-real-time traffic, such as IP data traffic.
This class yields a fair amount of Cell Delay Variation (CDV).
b. VBR real time (VBR-rt): Typical applications are real-time traffic, such as compressed voice over IP
and video conferencing. This class transmits cells with a more tightly bounded Cell Delay Variation.
The applications follow CBR.
• Then, select a Connection Profile for the Circuit. To use the Default Profile, select Use Default Profile
for Circuit and press Return. For other options, select a profile from the Use Connection Profile
pop-up menu.
2-8 Firmware User Guide
Note: With multiple VCs you must explicitly statically bind the second (and all subsequent) VCs to a profile.
The first VC will automatically statically bind according to pre-defined dynamic binding rules when you add the
second VC. It will revert back to dynamic binding if the number of VCs is reduced to one; for example, by
deleting previously defined VCs.
When the link comes up the router binds the VC dynamically to the first suitable Connection Profile or to the
Default Profile if there is no Connection Profile configured.
• If you factory default the router, the VC binds to the Default Profile.
• If you delete a Connection Profile that is statically bound to a VC, the VC binding is set back to the Default
Profile. If there is only one VC defined, the VC dynamically binds to the first suitable profile or to the Default
Profile. If there are multiple VCs defined, it binds to the Default Profile.
• If you add a second VC, it is initialized to the Default Profile, and the menu screens display the VC
Connection Profile-related items, allowing you to bind to a specific Connection Profile instead of the Default
Profile. In addition, the router statically binds the first VC according to the rules used to select a profile for
dynamic binding. At this point, each profile uses static binding when the link is brought up.
• If there are no VCs when you add a VC -- for example, if you deleted all your previous VCs and star ted adding
them again -- dynamic binding will occur when the link comes up. If you delete a VC, leaving only one VC, that VC
resumes dynamically binding again.
• Select ADD Circuit NOW and press Return.
8. To display or change a circuit, select Display/Change Circuit, select a circuit from the pop-up menu, and
press Return. The fields are the same as those in the Add Circuit screen.
9. To delete a circuit, select Delete Circuit, select a circuit from the pop-up menu, and press Return. In the
confirmation window, select CONTINUE and press Return.
10. Press Escape to return to the WAN Setup menu.
WAN and System Configuration 2-9
Creating a New Connection Profile
Connection profiles are useful for configuring the connection and authentication settings for negotiating a PPP
connection. If you are using the PPP data link encapsulation method, you can store your authentication
information in the connection profile so that your user name and password (or host name and secret) are
transmitted when you attempt to connect.
Connection profiles define the networking protocols necessar y for the Router to make a remote connection. A
connection profile is like an address book entr y describing how the Router is to get to a remote site, or how to
recognize and authenticate a connection. To create a new connection profile, you navigate to the WAN
Configuration screen from the Main Menu, and select Add Connection Profile.
Main
Menu
The Add Connection Profile screen appears.
Add Connection Profile
Profile Name: Profile 1
Profile Enabled: Yes
Encapsulation Type... RFC1483
RFC1483 Mode... Bridged 1483
IP Profile Parameters...
COMMIT CANCEL
Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes.
Configure a new Conn. Profile. Finished? COMMIT or CANCEL to exit.
WAN
Configuration
Add Connection
Profile
On a Netopia Router you can add up to 15 more connection profiles, for a total of 16, but you can only use one
at a time, unless you are using VPNs.
1. Select Profile Name and enter a name for this connection profile. It can be any name you wish. For
example: the name of your ISP.
2. Toggle Profile Enabled to Ye s or No. The default is Yes. You can toggle it to No, if you want to disable it
later.
3. Select Encapsulation Type and press Return. The pop-up menu offers the possible data link encapsulation
methods for connection profiles used for a variety of purposes: PPP, RFC1483, ATMP, PPTP, IPsec, or L2TP.
2-10 Firmware User Guide
Multiple Data Link Encapsulation Settings
4. Select Encapsulation Options and press Return.
• If you selected ATMP, PPTP, L2TP, or IPSec, see Chapter 4, “
Virtual Private Networks (VPNs).”
• If you selected PPP or RFC1483, the screen offers different options:
Add Connection Profile
Profile Name: Profile 1
Profile Enabled: Yes
Encapsulation Type... +--------------+
+--------------+
RFC1483 Mode... | Bridged 1483 |
| Routed 1483 |
+--------------+
IP Profile Parameters...
COMMIT CANCEL
• If you selected RFC1483, the screen allows you
to choose Bridged 1483 or Routed 1483.
Add Connection Profile
Profile Name: Profile 1
Profile Enabled: Yes
Encapsulation Type... PPP
Underlying Encapsulation... None
PPP Mode... VC Multiplexed
Encapsulation Options...
IP Profile Parameters...
Interface Group... Primary
COMMIT CANCEL
Configure a new Conn. Profile. Finished? COMMIT or CANCEL to exit.
• If you selected PPP, the screen allows you to
choose PPPoE or None as the Underlying
Encapsulation.
• If you choose None, the PPP Mode offers the
choice of VC Multiplexed or LLC SNAP.
If you are using PPP, when you select Encapsulation Options, the Datalink (PPP/MP) Options screen
appears. (RFC1483 does not require these options and does not offer the menu selection.)
WAN and System Configuration 2-11
Datalink (PPP/MP) Options
Data Compression... Standard LZS
Send Authentication... PAP
Send User Name:
Send Password:
Receive User Name:
Receive Password:
• Data Compression defaults to Standard LZS. You
can select Ascend LZS, if you are connecting to
compatible equipment, or None from the
pull-down menu.
• The Send Authentication pull-down menu lets
you select PAP, CHAP, or None.
• Selecting PAP or CHAP allows you to enter your
authentication credentials for both sending and
receiving connections.
PAP requires a User Name and Password;
CHAP requires a Host Name and Secret.
The screen changes to accommodate your
selection.
Datalink (PPP/MP) Options
Data Compression... Standard LZS
Send Authentication... PAP
Send User Name:
Send Password:
Receive User Name:
Receive Password:
Dial on Demand: Yes
• If you are creating a Backup profile (suppor ted
models only), and have selected Backup as the
Interface Group in the previous screen, you can
toggle Dial on Demand to Yes (the default) or No.
See “Line Backup” on page 7-1 for more
information.
Return to the Add Connection Profile screen by pressing Escape.
5. Select IP Profile Parameters and press Return. The IP Profile Parameters screen appears.
2-12 Firmware User Guide
IP Profile Parameters
Address Translation Enabled: Yes
IP Addressing... Numbered
NAT Map List... Easy-PAT List
NAT Server List... Easy-Servers
NAT Options...
Stateful Inspection Enabled: No
Local WAN IP Address: 0.0.0.0
Local WAN IP Mask: 0.0.0.0
Filter Set...
Remove Filter Set
RIP Profile Options...
Return/Enter to select <among/between> ...
Configure IP requirements for a remote network connection here.
6. Toggle or enter your IP Parameters.
For more information, see:
• “IP Setup” on page 6-2
• “Network Address Translation (NAT)” on page 2-23
• “Stateful Inspection Options” on page 2-24
• “Filter Sets” on page 2-23
• The RIP Profile Options selection displays the RIP Profile Parameters screen.
RIP Profile Parameters
+-----------------------+
+-----------------------+
Receive RIP: | Off |
| v1 |
| v2 |
| Both v1 and v2 |
| v2 MD5 Authentication |
+-----------------------+
WAN and System Configuration 2-13
• The Receive RIP pop-up menu controls the reception and transmission of Routing Information Protocol
(RIP) packets on the WAN port. The default is Both v1 and v2.
A Transmit RIP pop-up menu is hidden if NAT is enabled.
Routing Information Protocol (RIP) is needed if there are IP routers on other segments of your Ethernet
network that the Netopia Router needs to recognize. Set to “Both” (the default) Netopia Firmware Version
8.4 will accept information from either RIP v1 or v2 routers. Alternatively, select Receive RIP and select v1,
v2, or v2 MD5 Authentication from the popup menu. With Receive RIP set to “v1,” the Netopia Router’s
Ethernet port will accept routing information provided by RIP packets from other routers that use the same
subnet mask. Set to “v2,” the Netopia Firmware Version 8.4 will accept routing information provided by RIP
packets from other routers that use different subnet masks.
For more information on v2 MD5 Authentication, see “
RIP-2 MD5 Authentication” on page 6-10.
7. Return to the Add Connection Profile screen by pressing Escape.
8. Select COMMIT and press Return. Your new Connection Profile will be added.
If you want to view the Connection Profiles in your device, return to the WAN Configuration screen, and
select Display/Change Connection Profile. The list of Connection Profiles is displayed in a scrolling pop-up
screen.
WAN Configuration
+-Profile Name---------------------IP Address------+
+--------------------------------------------------+
| Easy Setup Profile 255.225.255.255 |
| Profile 1 0.0.0.0 |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
+--------------------------------------------------+
You can also delete Connection Profiles by selecting them in the same manner using the Delete Connection
Profile option in the WAN Configuration screen.
2-14 Firmware User Guide
Advanced Connection Options
Configuration Changes Reset WAN Connection
The menu supports delaying some configuration changes until after the Netopia Router is restarted.
If your Netopia Router is preconfigured by your ser vice provider, or if you are not remotely configuring the router,
you can leave this setting unchanged.
The purpose of this feature is to defer configuration changes only when remotely configuring or reconfiguring the
Netopia Router to prevent premature Telnet disconnection. When this feature is enabled, no changes to the
WAN setup, datalink encapsulation, Connection Profiles, or Default Gateway will take effect until after the
Netopia Router is restarted. Until the Netopia Router is restarted the WAN link and the routing table remain
unaffected.
A single setting in the Advanced Connection Options screen controls this feature, as shown below.
Advanced Connection Options
Configuration Changes Reset WAN Connection: Yes
Scheduled Connections...
Backup Configuration...
Prioritize Delay-Sensitive Data: No
Return/Enter to configure SA Backup Parameters.
Loading...