How it Works
Planet
Loading...
XRT-101A
User Manual
72 pgs1.15 Mb0

Planet XRT-101A User Manual

Download
Networking & Communicatio
n
Internet Broadband Router
User’s Guide
ii
Copyright
Copyright (C) 2001 PLANET Technology Corp. All rights reserved. The products and programs described in this User’s Manual are licensed products of PLANET
Technology, This User’s Manual contains proprietary information protected by copyright, and this User’s Manual and all accompanying hardware, software, and documentation are copyrighted.
No part of this User’s Manual may be copied, photocopied, reproduced, translated, or reduced to any electronic medium or machine-readable form by any means by electronic or mechanical. Includin g photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal use, and without the prior express written permission of PLANET Technology.
Disclaimer
PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
PLANET has made every effort to ensure that this User’s Manual is accurate; PLANET disclaims liability for any inaccuracies or omissions that may have occurred.
Information in this User’s Manual is subject to change without notice and does not represent a commitment on the part of PLANET. PLANET assumes no responsibility for any inaccuracies that may be contained in this User’s Manual. PLANET makes no commitment to update or keep current the information in this User’s Manual, and reserves the right to make improvements to this User’s Manual and/or to the products described in this User’s Manual, at any time without notice.
If you find information in this manual that is incorrect, misleading, or incomplete, we would appreciate your comments and suggestions.
CE mark Warning
The is a class B device, In a domestic environment, this product may cause radio interference, in which case the user may be required to take adequate measures.
Trademarks
The PLANET logo is a trademark of PLANET Technology. This documentation may refer to numerous hardware and software products by their trade names. In most, if not all cases, these designations are claimed as trademarks or registered trademarks by their respective companies.
Revision
User’s Manual for PLANET Internet Broadband Router: Model: XRT-101A Rev: 4.0 (Nov. 2001) Part No. EM-XRT1V4
i
TABLE OF CONTENTS
CHAPTER 1 INTRODUCTION..............................................................................................1
Internet Broadband Router Features..............................................................................1
Package Contents ..............................................................................................................3
Physical Details..................................................................................................................4
CHAPTER 2 INSTALLATION............................................................................................... 8
Requirements.....................................................................................................................8
Procedure...........................................................................................................................8
CHAPTER 3 SETUP...............................................................................................................10
Overview ..........................................................................................................................10
Configuration Program...................................................................................................11
Setup Wizard ................................................................................................................... 13
LAN Screen......................................................................................................................15
Password Screen..............................................................................................................17
CHAPTER 4 PC CONFIGURATION...................................................................................18
Overview ..........................................................................................................................18
Windows Clients..............................................................................................................18
Macintosh Clients............................................................................................................30
Linux Clients.................................................................................................................... 30
Other Unix Systems ......................................................................................................... 30
CHAPTER 5 OPERATION AND STATUS.........................................................................31
Operation ......................................................................................................................... 31
Status Screen.................................................................................................................... 31
Connection Status - PPPoE.............................................................................................33
Connection Status - PPTP...............................................................................................36
Connection Details - Fixed/Dynamic IP Address.......................................................... 38
CHAPTER 6 ADVANCED FEATURES...............................................................................40
Overview ..........................................................................................................................40
Advanced Menu Screen ..................................................................................................40
Access Control................................................................................................................. 41
Advanced Internet Screen...............................................................................................45
Conferencing & Telephony............................................................................................. 45
Special Applications ........................................................................................................ 47
DMZ..................................................................................................................................49
URL Filter........................................................................................................................49
Virtual Servers.................................................................................................................51
Dynamic DNS (Domain Name Server)...........................................................................54
Remote Management.......................................................................................................56
CHAPTER 7 ADVANCED CONFIGURATION.................................................................57
Overview ..........................................................................................................................57
PC Database Screen ........................................................................................................ 57
Options ............................................................................................................................. 59
MAC Address ..................................................................................................................61
Routing.............................................................................................................................62
APPENDIX A TROUBLESHOOTING................................................................................66
Overview ..........................................................................................................................66
General Problems............................................................................................................66
ii
Internet Access.................................................................................................................66
APPENDIX B SPECIFICATIONS........................................................................................ 68
XRT-101A........................................................................................................................68
1
Chapter 1
Introduction
This Chapter provides an overview of the Internet Broadband Router's
features and capabilities.
Congratulations on the purchase of your new Internet Broadband Router- XRT-101A. The Internet Broadband Router will allow multiple LAN users to share an Internet user account, via a DSL or Cable modem. Once the Internet Broadband Router is installed and configured, the Internet is just a click away.
10/100BaseT LAN
Internet
ADSL/Cable Modem
Broadband Router
Figure 1: Internet Broadband Router
Internet Broadband Router Features
The Internet Broadband Router incorporates many advanced features, carefully designed to provide sophisticated functions while being easy to use.
Internet Access Features
Shared Internet Access. All users on the LAN or WLAN can access the Internet
through the Interne t Broadband Router, using only a singl e external IP Address. The l ocal (invalid) IP Addresses are hidden from external sources. This process is called NAT (Network Address Translation).
DSL & Cable Modem Support. The Internet Broadband Router has a 10BaseT
Ethernet port for connecting a DSL or Cable Modem. All popular DSL and Cable Modems are supported.
PPPoE and PPTP Support. The Internet (WAN port) connection supports PPPoE
(PPP over Ethernet) and PPTP (Peer-to-Peer Tunneling Protocol), as well as "Direct Connection" type services.
Fixed or Dynamic IP Address. On the Internet (WAN port) connection, the Internet
Broadband Router supports both Dynamic IP Address (IP Address is allocated on connection) and Fixed IP Address.
1
Internet Sharing Gateway User Guide
2
Advanced Internet Functions
Conferencing & Telephony Applications. Internet Telephony and Conferencing
applications, which are often difficult to use when behind a Firewall, are supported.
Special Internet Applications. Applications which use non-stand ard connections or
port numbers are normally blocked by the Firewall. The ability to define and allow such applications is provided, to enable such applications to be used normally.
Virtual Servers. This feature allows Internet users to access Internet servers on your
LAN. The required setup is quick and easy.
DMZ. One (1) PC on your local LAN can be configured to allow unrestricted 2-way
communication with Servers or individual users on the Internet. This provides the ability to run programs which are incompatible with Firewalls.
URL Filter. Use the URL Filter to block access to undesirable Web sites by LAN users.
Internet Access Log. See which Internet connections have been made.
VPN Support. VPN (Virtual Private Networking) connections using PPTP and IPSec are
transparently supported - no configuration is required.
LAN Features
Dual Ethernet ports. The Internet Broadband Router has 2 Ethernet ports. One (the
LAN port) is used to connect to your local LAN. The other (the WAN port) is connected to your DSL or Cable modem.
DHCP Server Support. Dynamic Host Configuration Protocol provides a dynamic IP
address to PCs and other devices upon request. The Internet Broadband Router can act as a DHCP Server for devices on your local LAN and WLAN.
Multi Segment LAN Support. LANs containing one or more segments are supported,
via the Internet Broadband Router's RIP (Routing Information Protocol) support and built­in static routing table.
Configuration & Management
Easy Setup. Use your WEB browser from anywhere on the LAN for configur ation.
Remote Management. The Internet Broadband Router can be managed from any PC on
your LAN. And, if the Internet connection exists, it can also (optionally) be configured via the Internet.
UPnP Support. UPnP (Universal Plug and Play) allows automatic discovery and
configuration of the Internet Broadband Router. UPnP is by supported by Windows ME, XP, or later.
Introduction
3
Security Features
Password - protected Configuration. Optional password protection is provided to
prevent unauthorized users from modifying the configuration data and settings.
NAT Protection. An intrinsic side effect of NAT (Network Address Translation)
technology is that by allowing all LAN users to share a single IP address, the location and even the existence of each PC is hidden. From the external viewpoint, there is no network, only a single device - the Internet Broadband Router.
Stateful Inspection Firewall. All incoming data packets are monitored and all
incoming server requests are filtered, thus protecting your network from malicious attacks from external sources.
Protection against DoS attacks. DoS (Denial of Service) attacks can flood your
Internet connection with invalid packets and connection requests, using so much b andwidth and so many resources that Internet access becomes unavailable. The Internet Broadband Router incorporates protection against DoS attacks.
Package Contents
The following items should be included:
The Internet Broadband Router Unit
Power Adapter
Quick Installation Guide
CD-ROM contai ni ng the on-line manual.
If any of the above items are damaged or missing, please contact your dealer immediately.
Internet Sharing Gateway User Guide
4
Physical Details
Top - Mounted LEDs
The Data/Status LED will flash in GREEN during normal operation, as data is transmitted or received through the LAN port. YELLOW indicates an error. Possible LED states are shown below.
LAN Data/Status LED
WAN Data LED
Description
On (Orange, then Green)
On Normal start up (power ON) sequence.
On (Green) On Idle. Flashing
(Green)
Flashing Normal Operation.
The Data/Status LED will flash when data is transmitted or received through the LAN port. The Data LED will flash when data is transmitted or received through the WAN port.
Flashing Orange, Green, Orange, Green, …
Hardware error. Contact your dealer for technical
support.
Introduction
5
Components
Figure 2: Components
n
LED Link Indicator (WAN Port)
Flashes when data is transmitted or received.
o
WAN port (10BaseT)
Connect the 10BaseT cabling (RJ45 connector) for the External LAN, WAN, or DSL/Cable Modem here.
p
LAN port (Auto-sensing 10/100BaseT)
Connect the LAN cable (RJ45 connectors) from this port to a 10BaseT or 100BaseT hub.
q
LED Link Indicator (LAN Port)
Flashes when data is transmitted or received.
Internet Sharing Gateway User Guide
6
r
Reset Button
This button has 2 functions:
When pressed and released, the Internet Broadband
Router will reboot (restart).
This button can also be used to clear ALL data and
restore ALL settings to the factory default values.
To restore the factory default values:
1. Power Off
2. Hold the Reset Button down while you Power On.
3. Keep holding the Reset Button for a few seconds, until
the RED LED has flashed TWICE.
4. Release the Reset Button. The Internet Broadband
Router is now using the fac tory default values.
s
Power port (12V)
Connect the power adapter here.
t
WAN Data LED
This will flash during normal operation, when data is transmitted or received through the WAN port.
u
LAN Data/Status LED
During normal operation, this will flash in Green. Orange indicates an error. See the following LED Table for more information.
v
DIP switches
Refer to the DIP Switches on page 7.
Introduction
7
DIP Switches
DIP Switch Setting Description
1=off 2=off
Normal Operation.
1=off 2=on
DHCP Server functi on disabled.
1=on 2=off
Used to restore Default IP Address and clear Password (See below).
1=on 2=on
Normal Operation.
Restore Default IP Address and Clear Password
If the Internet Broadband Router's IP Address or password is lost, the following procedure can be used to recover from this situation.
1. Turn the power to the Internet Broadband Router OFF.
2. Set DIP switch 1 ON.
3. Turn the power to the Internet Broadband Router ON.
4. Operate DIP switch 1 in the following sequence (you have 15 seconds to complete the
sequence):
OFF
ON
OFF
5. The Internet Broadband Router will now reset, and the Orange Status LED flash. The
following changes will have been made. (Other configuration data is unchanged.)
IP Address set to its default value of 192.168.0.1
Network Mask set to 255.255.255.0
DHCP Server is enabled, and will allocate IP Addresses in the range 192.168.0.2 to
192.168.0.51.
The password cleared (no password).
6. You can now connect to the Internet Broadband Router and make any configuration
changes required.
8
Chapter 2
Installation
This Chapter covers the physical installation of the Internet Broadband Router.
Requirements
Ethernet Network employing 10BaseT and the TCP/IP protocol.
For Internet Access, a DSL or Cable modem, and an Internet Access account with a local
ISP (Internet Service Provider).
Procedure
Figure 3: Installation Diagram
1. Choose an Installation Site
Select a suitable place on the network to install the Internet Broadband Router. Ensure the Internet Broadband Router and the DSL/Cable modem are powered OFF.
2. Connect LAN Cables
Connect a 10BaseT cable from a Hub on your LAN to the LAN port on the Internet Broadband Router.
3. Connect WAN Cable
Connect the DSL or Cable modem to the WAN port on the Internet Broadband Router. Use the cable supplied with your DSL/Cable modem. If no cable was supplied, use a standard cable.
2
Installation
9
4. Power Up
Power on the Cable or DSL modem.
Connect the supplied power adapter to the Internet Broadband Router and power up.
Use only the power adapter provided. Using a different one may cause hardware damage
5. Check the LEDs
When the Internet Broadband Router is powered On, the Data/Status LED should flash Orange, then turn Green. If it stays Orange, there is a hardware problem.
For more information, refer to Top - Mounted LEDs in Chapter 1.
10
Chapter 3
Setup
This Chapter provides details of the Setup process.
Overview
This chapter describes the setup procedure for:
Internet Access
LAN configuration
Assigning a Password to protect the configuration dat a.
PCs on your local LAN may also require configuration. For details, see Chapter 4 - PC Configuration.
Other configura tion may also be required, de pending on which features and functions o f t he Internet Broadband Router you wish to use. Use the table below to locate detailed instructions for the required functions.
To Do this: Refer to:
Configure PCs on your LAN . Chapter 4:
PC Configuratio n
Check Internet Broadband Router operation and Status. Chapter 5:
Operation and Status
Use any of the following Internet features:
Special Applications
DMZ
Virtual Servers
Dynamic DNS
Remote Management
Chapter 6: Advanced Features
Use any of the following Advanced Configuration settings:
PC Database
Options (Backup DNS, TFTP, UPnP, Firewall)
Routing (RIP and static Routing)
Chapter 7 Advanced Configuration
Where use of a certain feature requires that PCs or other LAN devices be configured, this is also explained in the relevant chapter.
3
Setup
11
Configuration Program
The Internet Broadband Router contains an HTTP server. This enables you to connect to it, and configure it, using your Web Browser. Your Browser must support JavaScript. The configuration program has been tested on the following browsers:
Netscape V4.08 or later
Internet Explorer V4 or later
Preparation
Before attempting to configure the Internet Broadband Router, please ensure that:
Your PC can establish a physical connection to the Internet Broadband Router. The PC and
the Internet Broadband Router must be directly connected (using the switch ports on the Internet Broadband Router) or on the same LAN segment.
The Internet Broadband Router must be installed and powered ON.
If the Internet Broadband Router's default IP Address (192.168.0.1) is already used by
another device, the other device must be turned OFF until the Internet Broadband Router is allocated a new IP Address during configuration.
Connecting to the Internet Broadband Router
Using UPnP
If your Windows system supports UPnP, an icon for the Internet Broadband Router will appear in the system tray, notifying you that a new network device has been found, and offe ring to create a new desktop shortcut to the newly-discovered device.
Unless you intend to change the IP Address of the Internet Broadband Router, you can
accept the desktop shortcut.
Whether you accept the desktop shortcut or not, you can always find UPnP devices in My
Network Places (previously called Network Neighborhood).
Double - click the icon for the Internet Broadband Router (either on the Desktop, or in My
Network Places) to start the configuration. Refer to the following section Setup Wizard for
details of the initial configuration process.
Using your Web Browser
To establish a connection from your PC to the Internet Broadband Router:
1. After installing the Internet Broadband Router in your LAN, start your PC. If your PC is
already running, restart it.
2. Start your WEB browser.
3. In the Address box, enter "HTTP://" and the IP Address of the Internet Broadband Router,
as in this example, which uses the Internet Broadband Router's default IP Address:
HTTP://192.168.0.1
Internet Sharing Gateway User Guide
12
If you can't connect
If the Internet Broadband Router does not respond, check the following:
The Internet Broadband Router is properly installed, LAN connection is OK,
and it is powered ON. You can test the connection by using the "Ping" command:
Open the MS-DOS window or command prompt window.
Enter the command:
ping 192.168.0.1 If no response is received, either the connection is not working, or your PC's IP address is not compatible with the Internet Broadband Router's IP Address. (See next item.)
If your PC is using a fixed IP Address, its IP Address must be within the range
192.168.0.2 to 192.168.0.254 to be compatible with the Internet Broadband Router's default IP Address of 192.168.0.1. Also, the Network Mask must be set to 255.255.255.0. See Chapter 4 - PC Configuration for details on checking your PC's TCP/IP settings.
Ensure that your PC and the Internet Broadband Router are on the same
network segment. (If you don't have a router, this must be the case.)
Setup
13
Setup Wizard
The first time you connect to the Internet Broadband Router, the Setup Wizard will run automatically. (The Setup Wizard will also run if the Internet Broadband Router's default setting are restored.)
1. Step through the Wizar d until finished.
You need to know the type of Internet connection service used by your ISP. Check the
data supplied by your ISP.
The common connection types are explained in the tables below.
2. On the final screen of the Wizard, run the test and check that an Internet connection can be
established.
If the connection fails, check your data, the Cable/DSL modem, and all connections.
If your ISP has recorded your MAC (hardware) address, exit the Wizard and select
MAC Address on the Advanced menu. Change the MAC address to match the value expected by your ISP.
Cable Modems
Type Details ISP Data required
Dynamic IP Address
Your IP Address is allocated automatically, while connecting to you ISP.
None.
Static (Fixed) IP Address
Your ISP allocates a permanent IP Address to you.
IP Address allocated to you.
@Home type service.
The IP Address is allocated automatically, but a "Host Name" and "Domain Name" are allocated to you. Sometimes, the ISP will record the MAC (Hardware) address of your PC.
Host Name and Domain Name; sometimes the MAC (hardware) address.
DSL Modems
Type Details ISP Data required
Dynamic IP Address
Your IP Address is allocated automatically, while connecting to your ISP.
None.
Static (Fixed) IP Address
Your ISP allocates a permanent IP Address to you.
IP Address allocated to you.
PPPoE You connect to the ISP only
when required. The IP address is allocated automatically.
User name and password.
PPTP Mainly used in Europe.
You connect to the ISP only when required. The IP address is usually allocated automatically, but may be Static (Fixed).
PPTP Server IP Address.
User name and password.
IP Address allocated to
you, if Static (Fixed).
Internet Sharing Gateway User Guide
14
Other Modems (e.g. Broadband Wireless)
Type Details ISP Data required
Dynamic IP Address
Your IP Address is allocated automatically, while connecting to your ISP.
None.
Static (Fixed) IP Address
Your ISP allocates a permanent IP Address to you.
IP Address allocated to you.
Home Screen
After finishing the Setup Wizard, you will see the Home screen. When you connect in the future, you will see this screen when you connect. An example screen is shown below.
Figure 4: Home Screen
Navigation & Data Input
Use the menu bar on the top of the screen, and the "Back" button on your Browser, for
navigation.
Changing to another sc reen without clicking "Save" doe s NOT save any changes you may
have made. You must "Save" before changing screens or your data will be ignored.
On each screen, clicking the "Help" button will display help for that screen.
From any help screen, you can access the list of all help files (help index).
Setup
15
LAN Screen
Use the LAN link on the main menu to reach the LAN screen An example screen is shown below.
Figure 5: LAN Screen
Data - LAN Screen
TCP/IP
IP Address
IP address for the Internet Broadband Router, as seen from the local LAN. Use the default value unless the address is already in use or your LAN is using a different IP address range. In the latter case, enter an unused IP Addr ess from within the range used by your LAN.
Subnet Mask
The default value 255.255.255.0 is standard for small (class "C") networks. For other networks, use the Subnet Mask for the LAN segment to which the Internet Broadband Router is attached (the same value as the PCs on that LAN segment).
DHCP Server
If Enabled, the Internet Broadband Router will allocate IP
Addresses to PCs (DHCP c lie nts) on your LAN when they start up. The default (and recommended) value is Enabled.
If you are already using a DHCP Server, this setting must be
Disabled, and the existing DHCP server must be re-configured to treat the Internet Broadband Router as the Gateway. See the following section for further details.
The Start IP Address and Finish IP Address fields set the values
used by the DHCP server when allocating IP Addresses to DHCP clients. This range also determines the number of DHCP clients supported.
See the following section for further details on using DHCP.
Buttons
Save
Save the data on screen.
Cancel
The "Cancel" button will discard any data you have entered and reload the file from the Internet Broadband Router.
Internet Sharing Gateway User Guide
16
DHCP
What DHCP Does
A DHCP (Dynamic Host Configuration Protocol) server allocates a valid IP address to a DHCP client (PC or device) upon request.
The client request is made when the client device starts up (boots).
The DHCP Server provides the Gateway and DNS addresses to the client, as well as
allocating an IP Address.
The Internet Broadband Router can act as a DHCP server.
• Windows 95/98/ME and other non-Server versions of Windows will act as a DHCP client.
This is the default Windows setting for the TCP/IP network protocol. However, Windows uses the term Obtain an IP Address automatically instead of "DHCP Client".
You must NOT have two (2) or more DHCP Servers on the same LAN segment. (If your
LAN does not have other Routers, this means there must only be one (1) DHCP Server on your LAN.)
Using the Internet Broadband Router's DHCP Ser ver
This is the default setting. The DHCP Server settings are on the LAN screen. On this screen, you can:
Enable or Disable the Internet Broadband Router's DHCP Server function.
Set the range of IP Addresses allocated to PCs by the DHCP Server function.
You can assign Fixed IP Addresses to some devices while using DHCP, provided that the Fixed IP Addresses are NOT within the range used by the DHCP Server.
Using another DHCP Server
You can only use one (1) DHCP Server per LAN segment. If you wish to use another DHCP Server, rather than the Internet Broadband Router's, the following procedure is required.
1. Disable the DHCP Server feature in the Internet Broadband Router. This setting is on the
LAN screen.
2. Configure the DHCP Server to provide the Internet Broadband Router's IP Address as the
Default Gateway.
To Configure your PCs to use DHCP
This is the default setting for TCP/IP under Windows 95/98/ME. See Chapter 4 - Client Configuration for the procedure to check these settings.
Setup
17
Password Screen
The password screen allows you to assign a password to the Internet Broadband Router.
Figure 6: Password Screen
Once you have assigned a password to the Int ernet Broadband Router (on the Password screen above) you will be prompted for the password when you connect, as shown below. (If no password has been set, this dialog will not appear.)
Figure 7: Password Dialog
Leave the "User Name" blank.
Enter the password for the Internet Broadband Router, as set on the Password screen
above.
18
Chapter 4
PC Configuration
This Chapter details the PC Configuration required on the local ("Internal") LAN.
Overview
For each PC, the following may to be configured:
TCP/IP ne twork settings
Internet Access configuration
Windows Clie nts
This section describes how to configure Windows clients for Internet access via the Internet Broadband Router.
The first step is to check the PC's TCP/IP settings. The Internet Broadband Router uses the TCP/IP network protocol for all functions, so it is
essential that the TCP/IP protocol be installed and configured on each PC.
TCP/IP Settings - Overview
If using the default Internet Broadband Rout er set t ings, and the default Windows TCP/IP settings, no changes need to be made.
By default, the Internet Broadband Router will act as a DHCP Server, automatically
providing a suitable IP Address (and related information) to each PC when the PC boots.
For all non-Server versions of Windows, the default TCP/IP setting is to act as a DHCP
client.
If using a Fixed (specified) IP address, t he f ol lowing changes are required:
The Gateway must be set to the IP address of the Internet Broadband Router
The DNS should be set to the address provided by your ISP.
If your LAN has a Router, the LAN Administrator must re­configure the Router itself. Refer to Chapter 7 - Routing for details.
4
PC Configuration
19
Checking TCP/IP Settings - Windows 9x/ME:
1. Select Control Panel - Network. You should see a screen like the following:
Figure 8: Network Configuration
2. Select the TCP/IP protocol for your network card.
3. Click on the Properties button. You should then see a screen like the following.
Figure 9: IP Address (Win 95)
Ensure your TCP/IP settings are correct, as follows:
Using DHCP
To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows settings.
Restart your PC to ensure it obtains an IP Address from the Internet Broadband Router.
Using "Specify an IP Address"
If your PC is already configured, do NOT change the settings on the IP Address tab shown
in Figure 9 above.
Internet Sharing Gateway User Guide
20
On the Gateway tab, enter the Internet Broadband Router's IP address in the New Gateway
field and click Add, as shown below. Your LAN administrator can advise you of the IP Address they assigned to the Internet Broadband Router.
Figure 10: Gateway Tab (Win 95/98)
On the DNS Configuration tab, ensure Enable DNS is selected. If the DNS Server Search
Order list is empty, enter the DNS address provided by your ISP in the fields beside the Add button, then click Add.
Figure 11: DNS Tab (Win 95/98)
PC Configuration
21
Checking TCP/IP Settings - Windows NT4.0
1. Select Control Panel - Network, and, on the Protocols tab, select the TCP/IP protocol, as
shown below.
Figure 12: Windows NT4.0 - TCP/IP
2. Click the Properties button to see a screen like the one below.
Internet Sharing Gateway User Guide
22
Figure 13: Windows NT4.0 - IP Address
3. Select the network card for your LAN.
4. Select the appropriate radio button - Obtain an IP address from a DHCP Server or Specify
an IP Address, as explained below.
Obtain an IP address from a DHCP Server
This is the default Windows setting. Using this is recommended. By default, the Internet Broadband Router will act as a DHCP Server.
Restart your PC to ensure it obtains an IP Address from the Internet Broadband Router.
Specify an IP Address
If your PC is already configured, check with your network ad minist rator before making the following changes.
1. The Default Gateway must be set to the IP address of the Internet Broadband Router. To
set this:
Click the Advanced button on the screen above.
On the following screen, click the Add button in the Gateways panel, and enter the
Internet Broadband Router's IP address, as shown in Figure 14 below.
If necessary, use the Up button to make the Internet Broadband Router the first entry
in the Gateways list.
PC Configuration
23
Figure 14 - Windows NT4.0 - Add Gateway
2. The DNS should be set to the address provided by your ISP, as follows:
Click the DNS tab.
On the DNS screen, shown below, click the Add button (under DNS Service Search
Order), and enter the DNS provided by your ISP.
Internet Sharing Gateway User Guide
24
Figure 15: Windows NT4.0 - DNS
PC Configuration
25
Checking TCP/IP Settings - Windows 2000:
1. Select Control Panel - Network and Dial-up Connection.
2. Right click the Local Area Connection icon and select Properties. You should see a screen
like the following:
Figure 16: Network Configuration (Win 2000)
3. Select the TCP/IP protocol for your network card.
4. Click on the Properties button. You should then see a screen like the following.
Internet Sharing Gateway User Guide
26
Figure 17: TCP/IP Properties (Win 2000)
5. Ensure your TCP/IP settings are correct:
Using DHCP
To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows settings.
Restart your PC to ensure it obtains an IP Address from the Internet Broadband Router.
Using a fixed IP Address ("Use the following I P Address")
If your PC is already configured, check with your network ad minist rator before making the following changes.
Enter the Internet Broadband Router's IP address in the Default gateway field and click OK.
(Your LAN administrator can advise you of the IP Address they assigned to the Internet Broadband Router.)
If the DNS Server fields are empty, select Use the following DNS server addresses, and
enter the DNS address or addresses provided by your ISP, then click OK.
PC Configuration
27
Checking TCP/IP Settings - Windows XP:
1. Select Control Panel - Network Connection.
2. Right click the Local Area Connection and choose Properties. You should see a screen
like the following:
Figure 18: Network Configuration (Windows XP)
3. Select the TCP/IP protocol for your network card.
4. Click on the Properties button. You should then see a screen like the following.
Internet Sharing Gateway User Guide
28
Figure 19: TCP/IP Properties (Windows XP)
5. Ensure your TCP/IP settings are correct, as described below.
Using DHCP
To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows settings.
Restart your PC to ensure it obtains an IP Address from the Internet Broadband Router.
Using a fixed IP Address ("Use the following I P Address")
If your PC is already configured, do NOT change the settings on the screen shown in
Figure 19 above, unless advised to do so by your network administrator.
You can enter the Internet Broadband Router's IP address in the Default gateway field and
click OK. Your LAN administrator can advise you of the IP Address they assigned to the Internet Broadband Router.
If the DNS Server fields are empty, select Use the following DNS server addresses, and
enter the DNS address or addresses provided by your ISP, then click OK.
PC Configuration
29
Internet Access
To configure your PCs to use the Internet Broadband Router for Internet access:
Ensure that the DSL modem, Cable modem, or other permanent connection is functional.
Use the following procedure to configure your Browser to access the Internet via the LAN,
rather than by a Dial-up connection.
For Windows 9x/2000
1. Select Start Menu - Settings - Control Panel - Internet Options.
2. Select the Connection tab, and click the Setup button.
3. Select "I want to set up my Internet connection manually, or I want to connect through a
local area network (LAN)" and click Next.
4. Select "I connect through a local area network (LAN)" and click Next.
5. Ensure all of the boxes on the following Local area network Internet Configuration screen
are unchecked.
6. Check the "No" option when prompted "Do you want to set up an Internet mail account
now?".
7. Click Finish to close the Internet Connection Wizard.
Setup is now completed.
For Windows XP
1. Select Start Menu - Control Panel - Network and Internet Connections.
2. Select Set up or change your Internet Connection.
3. Select the Connection tab, and click the Setup button.
4. Cancel the pop-up "Location Information" screen.
5. Click Next on the "New Connection Wizard" screen.
6. Select "Connect to the Internet" and click Next.
7. Select "Set up my connection manually" and click Next.
8. Check "Connect using a broadband connection that is always on" and click Next.
9. Click Finish to close the New Connection Wizard.
Setup is now completed.
Accessing AOL
To access AOL (America On Line) through the Internet Broadband Router, the AOL for Windows software must be configured to use TCP/IP network access, rather than a dial-up
connection. The configuration process is as follows:
Start the AOL for Windows communication software. Ensure that it is Version 2.5, 3.0 or
later. This procedure will not work with earlier versions.
Click the Setup button.
Select Create Location, and change the location name from "New Locality" to "Internet
Broadband Router".
Click Edit Location. Select TCP/IP for the Network field. (Leave the Phone Number blank.)
Click Save, then OK.
Configuration is now complete.
Before clicking "Sign On", always ensure that you ar e using the "Internet Broad band
Router" location.
Internet Sharing Gateway User Guide
30
Macintosh Clients
From your Macintosh, you can access the Internet via the Internet Broadband Router. The procedure is as follows.
1. Open the TCP/IP Control Panel.
2. Select Ethernet from the Connect via pop-up menu.
3. Select Using DHCP Server from the Configure pop-up menu. The DHCP Client ID field
can be left blank.
4. Close the TCP / IP panel, saving your settings.
Note:
If using manually assigned IP addresses instead of DHCP, the required changes are:
Set the Router Address field to the Internet Broadband Router's IP Address.
Ensure your DNS settings are correct.
Linux Clients
To access the Internet via the Internet Broadband Router, it is only necessary to set the Internet Broadband Router as the "Gateway".
Ensure you are logged in as "root" before attempting any changes.
Fixed IP Address
By default, most Unix installations use a fixed IP Address. If you wish to continue using a fi xed IP Address, make t he following changes to your configuration.
Set your "Default Gateway" to the IP Address of the Internet Broadband Router.
Ensure your DNS (Name server) settings are correct.
To act as a DHCP Client (recommended)
The procedure below may vary according to your version of Linux and X -windows shell.
1. Start your X Windows client.
2. Select Control Panel - Network
3. Select the "Interface" entry for your Network card. Normally, this will be called "eth0".
4. Click the Edit button, set the "protocol" to "DHCP", and save this data.
5. To apply your changes
Use the "Deactivate" and "Activate" buttons, if available.
OR, restart your system.
Other Unix Systems
To access the Internet via the Internet Broadband Router:
Ensure the "Gateway" field for your network card is set to the IP Address of the Internet
Broadband Router.
Ensure your DNS (Name Server) settings are correct.
31
Chapter 5
Operation and Status
This Chapter details the operation of the Internet Broadband Router and the status screens.
Operation
Once both the Internet Broadband Router and the PCs are configured, operation is automatic.
However, there are some situations where additional Internet configuration may be required:
If using Internet-based Conferencing & Telephony applications, it may be necessary to
specify which PC receives an incoming connection. Refer to Chapter 6 - Advanced Features for further details.
Applications which use non-standard connections or port numbers may be blocked by the
Internet Broadband Router's built-in firewall. You can define such applications as Special Applications to allow them to function normally. Refer to Chapter 6 - Advanced Features for further details.
Some non-standard applications may require use of the DMZ feature. Refer to Chapter 6 -
Advanced Features for further details.
Status Screen
Use the Status link on the main menu to view this screen.
Figure 20: Status Screen
5
Internet Sharing Gateway User Guide
32
Data - Status Screen
Internet
Connection Method
This indicates the current connection method, as set in the Setup Wizard.
Internet IP Address
This IP Address is allocated by the ISP (Internet Service Provider).
Connection Status
Current connecti on status:
OK
No connection
Error
If there is an error, you can click the "Connection Details" button to find out more information.
"Connection Details" Button
Click this button to open a sub-window and view a detailed description of the current connection. Depending on the type of connection, a "log" may also be available.
"Access Log" Button
Click this button to open a sub-window and view details of outgoing connections to the Internet. The log contains the following data:
Source IP Address - The IP Address of the local PC
requesting the Internet connection.
Destination - The Internet address which was requested. If
the URL Filter is enabled, this address will be shown as a URL. Otherwise, the IP address will be displayed.
Blocked - If the request was blocked by the URL Filter
function, this will display "Yes". Otherwise, it will be blank.
LAN
IP Address
The IP Address of the Internet Broadband Router.
Network Mask
The Network Mask (Subnet Mask) for the IP Address above.
DHCP Server
This shows the status of the DHCP Server function - either "Enabled" or "Disabled".
For additional information about the PCs on your LAN, and the IP addresses allocated to them, use the PC Database option on the Advanced menu.
System
Device Name
This displays the current name of the Internet Broadband Router.
Firmware Version
The current version of the firmware installed in the Internet Broadband Router.
"System Data" Button
Clicking this button will open a Window which lists all system details and settings.
Buttons
Connection Details
View the details of the current Internet connection. The sub­screen displayed will depend on the connection method used. See the following sections for details of each sub-screen.
Operation and Status
33
Access Log
View details of outgoing connections to the internet.
System Data
Display all system information in a sub-window.
Refresh Screen
Update the data displayed on screen.
Connection Status - PPPoE
If using PPPoE (PPP over Ethernet), a screen like the following example will be displayed when the "Connection Details" button is clicked.
Figure 21: PPPoE Status Screen
Data - PPPoE Status Screen
Connection
Physical Address
The hardware address of this device, as seen by remote devices on the Internet. (This is different to the hardware address seen by devices on the local LAN.)
IP Address
The IP Address of this device, as seen by Internet users. This address is allocated by your ISP (Internet Service Provider).
Network Mask
The Network Mask associated with the IP Address above.
PPPoE Link Status
This indicates whether or not the connection is currently established.
If the connection does not exist, the "Connect" button can be
used to establish a connection.
If the connection currently exists, the "Disconnect" button
Internet Sharing Gateway User Guide
34
can be used to break the connection.
Connection Log
Connection Log
The Connectio n Log shows status messages relating to the
existing connection.
The most common messages are listed in the table below.
The "Clear Log" button will restart the Log, while the
Refresh button will update the messages shown on screen.
Buttons
Connect
If not connected, establish a connection to your ISP.
Disconnect
If connected to your ISP, hang up the connection.
Clear Log
Delete all data currently in the Log. This will make it easier to read new messages.
Refresh
Update the data on screen.
Connection Log Messages
Message Description
Connect on Demand Connection attempt has been triggered by the "Connec t
automatically, as required" setting. Manual connection Connection attempt started by the "Connect" button. Reset physical connection Preparing line for connection attempt. Connecting to remote
server
Attempting to connect to the ISP's server.
Remote Server located ISP's Server has responded to connection attempt. Start PPP Attempting to login to ISP's Server and establish a PPP
connection. PPP up successfully Able to login to ISP's Server and establish a PPP connection. Idle time-out reached The connection has been idle for the time period specified in
the "Idle Time-out" field. The connection will now be
terminated. Disconnecting The current connection is being terminated, due to either the
"Idle Time-out" above, or "Disconnect" button being clicked. Error: Remote Server not
found
ISP's Server did not respond. This could be a Server problem,
or a problem with the link to the Server. Error: PPP Connection
failed
Unable to establish a PPP connection with the ISP's Server.
This could be a login problem (name or password) or a Server
problem. Error: Connection to
Server lost
The existing connection has been lost. This could be caused by
a power failure, a link failure, or Server failure. Error: Invalid or unknown
packet type
The data received from the ISP's Server could not be
processed. This could be caused by data corruption (from a
bad link), or the Server using a protocol which is not
supported by this device.
Operation and Status
35
Internet Sharing Gateway User Guide
36
Connection Status - PPTP
If using PPTP (Peer-to-Peer Tunneling Protocol), a screen like the following example will be displayed when the "Connection Details" button is clicked.
Figure 22: PPTP Status Screen
Data - PPTP Status Screen
Connection
Physical Address
The hardware address of this device, as seen by remote devices on the Internet. (This is different to the hardware address seen by devices on the local LAN.)
IP Address
The IP Address of this device, as seen by Internet users. This address is allocated by your ISP (Internet Service Provider).
PPTP Status
This indicates whether or not the connection is currently established.
If the connection does not exist, the "Connect" button can be
used to establish a connection.
If the connection currently exists, the "Disconnect" button can be
used to break the connection.
Connection Log
Connection Log
The Connectio n Log shows status messages relating to the
existing connection.
The "Clear Log" button will restart the Log, while the Refresh
button will update the messages shown on screen.
Operation and Status
37
Buttons
Connect
If not connected, establish a connection to your ISP.
Disconnect
If connected to your ISP, hang up the connection.
Clear Log
Delete all data currently in the Log. This will make it easier to read new messages.
Refresh
Update the data on screen.
Internet Sharing Gateway User Guide
38
Connection Details - Fixed/Dynamic IP Address
If your access method is neither PPPoE nor PPTP, a screen like the following example will be displayed when the "Connection Details" button is clicked.
Figure 23: Connection Details Screen
Data - Connection Details Screen
Internet
Physical Address
The hardware address of this device, as seen by remote devices on the Internet. (This is different to the hardware address seen by devices on the local LAN.)
IP Address
The IP Address of this device, as seen by Internet users. This address is allocated by your ISP (Internet Service Provider).
Network Mask
The Network Mask associated with the IP Address above.
Default Gateway
The IP Address of the remote Gateway or Router associated with the IP Address above.
DNS IP Address
The IP Address of the Domain Name Server which is currently used.
DHCP Client
This will show "Enabled" or "Disabled", depending on whether or not this device is functioning as a DHCP client.
If "Enabled" and currently connected, the "Remaining lease time" field indicates when the IP Address allocated by the DHCP Server will expire. The lease is automatically renewed on expiry; use the "Renew" button if you wish to manually renew the lease immediately.
Operation and Status
39
Buttons
Release/Renew Button will display
EITHER "Release" OR "Renew"
This button is only useful if the IP address shown above is allocated automatically on connection. (Dynamic IP address). Otherwise, it has no effect.
If the ISP's DHCP Server has NOT allocated an IP Address for
the Internet Broadband Router, this button will say "Renew". Clicking the "Renew" button will attempt to re-establish the connection and obtain an IP Address from the ISP's DHCP Server.
If an IP Address has been allocated to the Internet Broadband
Router (by the ISP's DHCP Server), this button will say "Release". Clicking the "Release" button will break the connection and release the IP Address.
Refresh
Update the data shown on screen.
40
Chapter 6
Advanced Features
This Chapter explains when and how to use the Internet Broadband Router's "Advanced" Features.
Overview
The following advanced features are provided
Access Control
Special Applications
DMZ
Virtual Servers
Dynamic DNS
Remote Management
This chapter contains details of the configuration and use of each of these features.
Advanced Menu Screen
This screen provides access to the advanced features. An example screen is shown below.
Figure 24: Advanced Menu
6
Advanced Features
41
Access Control
Overview
The Access Control feature allows administrators to restrict Internet Access by individual PCs. The process uses "Packet Filtering" to block or discard data packets. By default, no packets are blocked or discarded.
The system works as follows:
Access restrictions are imposed on "Groups" (of PCs), not on individual users.
Groups are pre-named "Default", "Group 1", "Group 2", "Group 3", and "Group 4". These
names can not be change d.
All PCs are in the "Default" Group, unless explicitly moved to another group.
Access restrictions may be imposed on any Group, including the "Default" group.
Access Control Screen
The screen is reached by the Access Control link on the Advanced menu. An example screen is shown below.
Figure 25: Access Control Screen
To Assign restrictions to a Group
1. Select the desired Group. The screen will update with the data for the selected Group.
2. Select the appropriate radio button for "Access Rights". See below for further details.
3. If the selected Radio button is "Use Packet Filter Table Below":
Internet Sharing Gateway User Guide
42
Check the desired items in the "Packet Filter Table". Checked items will be blocked
for this Group.
If you have defined some filters, the "TCP Packets to Discard" or "UDP Packets to
Discard" will not be empty, and you can select the desired filters. Connections using the selected filters will be blocked.
To Assign PCs (users) to a Group
Click the "Members" button to view the "Members" screen. See the following section for details.
To Create your own Filters
Click the button "Define TCP Filters" or "Define UDP Filters" to view the required filter screen. See the following section for details.
Data - Access Control Screen
Group
Select Group
Select the desired group. The screen will update will data for the selected group
Access Rights
No restrictions
No packets are blocked. Use this to create an "Unlimited Access" group, or to temporarily remove restrictions.
Block all Access
Group members cannot access the Internet at all. Use this to create the most restrictive group.
Use Packet Filter Table below
Use this to define intermediate levels of access. Using the Packet Filter table gives you fine control over Internet access.
Packet Filter Table
Applications to Block
Any items checked will be blocked. Users will not be able to use the application.
TCP Packets to Discard
This lists any TCP filters you have defined. If no filters have
been defined, this list will be empty.
Selected items can NOT be accessed by members of this group
Multiple items can be selected (or deselected) by holding down
the Ctrl key while selecting items..
UDP Packets to Discard
This lists any UDP filters you have defined. If no filters have
been defined, this list will be empty.
Selected items can NOT be accessed by members of this group
Multiple items can be selected (or deselected) by holding down
the Ctrl key while selecting items..
Buttons
Members
Click this to add or remove members from the selected group. (You can not add or remove members from the "Default" Group, since it contains all PCs not assigned to another Group.)
Advanced Features
43
Define TCP Filters
Use this if you wish to define you own TCP filers. It does not mater which Group is selected; any filters you define can be applied to any Group.
Define UDP Filters
Use this if you wish to define you own UDP filers. It does not mater which Group is selected; any filters you define can be applied to any Group.
Members
The Members screen is reached by clicking the Members button on the Access Control screen. An example screen is shown below.
Figure 26: Members Screen
The name of the current Groups is displayed, with members of that Group listed on the left,
and other PCs listed on the right.
To Add a PC to the current Group, select the desired PC or PCs in the "Other PCs" list, the
click the " << Add " button.
To Remove a PC from the current Group, select the desired PC or PCs in the "Members
(PCs)" list, the click the " Del >> " button. These PCs will then become members of the "Default" Group.
If the desired PC is not listed, you can use the PC Database link on the Advanced menu to
add PCs to the PC list.
Filters
The Filters screens are reached by clicking the Define TCP Filters button or Define UDP Filters on the Access Control screen.
It does not matter which Group is selected.
Both the TCP and UDP screens work the same way.
An example TCP screen is shown below.
Internet Sharing Gateway User Guide
44
Figure 27: Filters Screen
These screens allow you to define packet filters, to determine which ports can be blocked. (You can not define ports which are allowed. Ports not blocked are allowed.)
Once defined, a filter may be used with any Group.
Data - Filters
Name
Enter a descriptive name for this filter.
Port No.
Enter an integer representing the Port Number for this type of packet. This information can normally be provided by the service provider. Otherwise, a Network Analyzer or Packet Sniffer can be used to determine the correct port number.
Advanced Features
45
Advanced Internet Screen
This screen allows configuration of all advanced features relating to Internet access.
Conferencing and Telephony
Special Applications
DMZ
URL filter
An example screen is shown below.
Figure 28: Internet Screen
Conferencing & Telephony
Most applications are supported transparently by the Internet Broadband Router. But sometimes it is not clear which PC should receive an incoming connection. This problem could arise with the following Conferencing & Telephony applications:
CUseeME
ICQ
ICU II (ICU 2)
Internet Phone
mIRC
MS NetMeeting
Yahoo Messenger
If this problem arises, you can use this screen to set which PC should receive an incoming connection, as described below.
Internet Sharing Gateway User Guide
46
Conferencing & Telephony
Select an Application
This lists applications which may generate incoming connections, where the destinati on (on your local LAN) is unknown.
Send incoming calls to
This lists the PCs on your LAN.
If necessary, you can add PCs manually, using the PC
Database option on the adva nced menu.
For each application listed above, you can choose a
destination PC.
There is no need to "Save" after each change; you can set the
destination PC for each application, then click "Save".
Advanced Features
47
Special Applications
If you use Internet applications which use non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the Internet Broadband Router's firewall. In this case, you can define the application as a "Special Application".
Special Applications Screen
This screen can be reached by clicking the Special Applications button on the Internet screen. You can then define your Special Applications. You will need detailed information about the
application; this is normally available from the supplier of the application. Also, note that the terms "Incoming" and "Outgoing" on this screen refer to traffic from the
client (PC) viewpoint
Figure 29: Special Applications Screen
Data - Special Applications Screen
Checkbox
Use this to Enable or Disable this Special Application as required.
Name
Enter a descriptive name to identify this Special Application.
Incoming Ports
Type - Select the protocol (TCP or UDP) used when you receive data
from the special application or service. (Note: Some applications use different protocols for outgoing and incoming data).
Start - Enter the beginning of the range of port numbers used by the
application server, for data you receive. If the application uses a single port number, enter it in both the "Start" and "Finish" fields.
Finish - Enter the end of the range of port numbers used by the
application server, for data you receive.
Outgoing Ports
Type - Select the protocol (TCP or UDP) used when you send data to
the remote system or service.
Start - Enter the beginning of the range of port numbers used by the
application server, for data you send to it. If the application uses a single
Internet Sharing Gateway User Guide
48
port number, enter it in both the "Start" and "Finish" fields.
Finish - Enter the end of the range of port numbers used by the
application server, for data you send to it. If the application uses a single port number, enter it in both the "Start" and "Finish" fields.
Using a Special Application
Configure the Special Applications screen as required.
On your PC, use the application normally. Remember that only one (1) PC can use each
Special application at any time. Also, when 1 PC is finished using a particular Special Application, there may need to be a "Time-out" before another PC can use the same Special Application. The "Time-out" period may be up to 3 minutes.
If an application still cannot function correctly, try using the "DMZ" feature.
Advanced Features
49
DMZ
This feature, if enabled, allows one (1) computer on your LAN to be exposed to all users on the Internet, allowing unrestricted 2-way communication between the "DMZ PC" and other Internet users or Servers.
This allows almost any application to be used on the "DMZ PC".
The "DMZ PC" will receive all "Unknown" connections and data.
If the DMZ feature is enabled, you must select the PC to be used as the "DMZ PC".
The DMZ feature can be Enabled and Disabled on the Advanced Internet screen.
The "DMZ PC" is effectively outside the Firewall, making it more vulnerable to attacks. For this reason, you should only enable the DMZ feature when required.
URL Filter
The URL Filter allows you to block access to undesirable Web site
To use this feature, you must define "filter strings". If the "filter string" appears in a
requested URL, the request is blocked.
Enabling the URL Filter also affects the Internet Access Log. If Enabled, the "Destination"
field in the log will display the URL. Otherwise, it will display the IP Address.
The URL Filter can be Enabled or Disabled on the Advanced Internet screen.
URL Filter Screen
Click the "Configure URL Filter" button on the Internet screen to access the URL Filter screen. An example screen is shown below.
Figure 30: URL Filter Screen
Internet Sharing Gateway User Guide
50
Data - URL Filter Screen
Filter Strings
Current Entries
This lists any existing entries. If you have not entered any values, this list will be empty.
Add Filter String
To add an entry to the list, enter it here, and click the "Add" button. An entry may be a Domain name (e.g. www.trash.com) or simply a string. (e.g. ads/ ) Any URL which contains ANY entry ANYWHERE in the URL will be blocked.
Buttons
Delete/Delete All
Use these buttons to delete the selected entry or all entries, as required. Multiple entries can be selected by holding down the CTRL key while selecting.(On the Macintosh, hold the SHIFT key while selec ting.)
Add
Use this to add the current Filter String to the site list.
Advanced Features
51
Virtual Servers
This feature allows you to make Servers on your LAN accessible to Internet users. Normally, Internet users would not be able to access a server on your LAN because:
Your Server does not have a valid external IP Address.
Attempts to connect to devices on your LAN are blocked by the firewall in this device.
The "Virtual Server" feature solves these problems and allows Internet users to connect to your servers, as illustrated below.
Broadband Router
Web Server FTP Server
Internet
Remote PC
Remote PC
Using Web Server
Using FTP Server
(
http://203.70.212.52
)
(ftp://203.70.212.52)
203.70.212.52
192.168.0.1
(192.168.0.10)
(192.168.0.20)
(LAN IP Address)
(WAN IP Address)
Figure 31: Virtual Servers
IP Address seen by Internet Users
Note that, in this illustration, both Internet users are connecting to the same IP Address, but using different protocols.
To Internet users, all virtual Servers on your LAN have the same IP Address. This IP Address is allocated by your ISP.
This address should be static, rather than dynamic, to make it easier for Internet users to connect to your Servers.
However, you can use the DDNS (Dynamic DNS) feature to allow users to connect to your Virtual Servers using a URL, instead of an IP Address.
Internet Sharing Gateway User Guide
52
Virtual Servers Screen
The Virtual Servers screen is reached by the Virtual Servers link on the Advanced screen. An example screen is shown below.
Figure 32: Virtual Servers Screen
This screen lists a number of pre-defined Servers, and allows you to define your own Servers. Details of the selected Server are shown in the "Properties" area.
Data - Virtual Servers Screen
Servers
Servers
This lists a number of pre-defined Servers, plus any Servers you have defined. Details of the selected Server are shown in the "Properties" area.
Properties
Enable
Use this to Enable or Disable support for this Server, as required.
If Enabled, any incoming connections will be forwarded to the
selected PC.
If Disabled, any incoming connection attempts will be blocked.
PC (Server)
Select the PC for this Server. The PC must be running the appropriate Server software.
Protocol
Select the protocol (TCP or UDP) used by the Server.
Internal Port No.
Enter the port number which the Server software is configured to use.
External Port No.
The port number used by Internet users when connecting to the Server. This is normally the same as the Internal Port Number. If it is different, this device will perform a "mapping" or "translation" function, allowing the server to use one port address, while clients use a different port address.
Advanced Features
53
Buttons
Defaults
This will delete any Servers you have defined, and set the pre­defined Servers to use their default port numbers.
Disable All
This will cause the "Enable" setting of all Virtual Servers to be set OFF.
Add
Add a new entry to the Virtual Server list, using the data shown in the "Properties" area on screen. The entry selected in the list is ignored, and has no effect.
Update
Update the current Virtual Server entry, using the data shown in the "Properties" area on screen.
Delete
Delete the current Virtual Server entry. Note that the pre-defined Servers can not be deleted. Only Servers you have defined yourself can be deleted.
Clear Form
Clear all data from the "Properties" area, ready for input of a new Virtual Server entry.
For each entry, the PC must be running the appropriate Server software.
Defining your own Virtual Servers
If the type of Server you wish to use is not listed on the Virtual Servers screen, you can define and manage your own Servers:
Create a new Server:
1. Click "Clear Form"
2. Enter the required data, as described above.
3. Click "Add".
4. The new Server will now appear in the list.
Modify (Edit) a Server:
1. Select the desired Server from the list
2. Make any desired changes (for example, change the
Enable/Disable setting).
3. Click "Update" to save changes to the selected Server.
Delete a Server:
1. Select the entry from the list.
2. Click "Delete".
Note: You can only delete Servers you have defined. Pre-
defined Server cannot be deleted.
From the Internet, ALL Virtual Servers have the IP Address allocated by your ISP.
Internet Sharing Gateway User Guide
54
Connecting to the Virtual Servers
Once configured, anyone on the Internet can connect to your Virtual Servers. They must use the Internet IP Address (the IP Address allocated to you by your ISP). e.g.
http://203.70.212.52 ftp://203.70.212.52
It is more convenie nt if you are using a Fixed IP Address from your ISP, rather than Dynamic. However, you can use the Dynamic DNS feature, described in the following section, to allow users to connect to your Virtual Servers using a URL, rather than an IP Address.
Dynamic DNS (Domain Name Server)
This free service is very useful when combined with the Virtual Server feature. It allows Internet users to connect to your Virtual Servers using a URL, rather than an IP Address.
This also solves the problem of having a dynamic IP address. With a dynamic IP address, your IP address may change whenever you connect, which makes it difficult to connect to you.
The Service works as follows:
You must register for the ser vice at h ttp://www.dyndns.org (Registration is free).
Your password will be E-mailed to you.
After registration, enter and save your DDNS username and password on this screen, and
also your preferred Domain name.
If your preferred Domain name is unavailable, a message will be displayed. Enter another
name, keep trying until you find some variation which is available.
The Internet Broadband Router will then automatically ensure that your current IP Address
is recorded at http://www. dyndns. org
From the Internet, users will now be able to connect to your Virtual Servers (or DMZ PC)
using your Domain name, as shown on this screen.
Dynamic DNS Screen
Select Advanced on the main menu, then Dynamic DNS, to see a screen like the following:
Figure 33: DDNS Screen
Advanced Features
55
Data - Dynamic DNS Screen
DDNS Service
DDNS Service
You must sign up first to create a new account before using the
service. The service is free.
Click this link to connect to the www.dyndns.org Web site.
Your initial password will be E-mailed to you; you can change
this later if you wish.
DDNS Data
User Name
Enter the "User name" specified at the www.dyn dns.org Web site when you registered.
Password
Enter your current password for www.dyndns.org
Desired Domain
Enter your the preferred domain name.
The name should consist only of letters and the hyphen (dash).
Using any other characters may cause problems.
The "DDNS Status" area will indicate whether or not your
request was successful.
Once allocated to you, the Domain name can NOT be changed,
nor can you obtain another. If you need to change your Domain name, you must terminate your account at www.dyndns.org (The domain name will be released.) You can then open a new account.
DDNS Status
This message is returned by the DDNS Server at www.dyndns.org After you "Save", check here to see if your desired Domain name was
successfully allocated to you.
Internet Sharing Gateway User Guide
56
Remote Management
This feature allows you to manage the Internet Broadband Router via the Internet.
Figure 34: Remote Screen
Data - Remote Management Screen
Remote Management
Enable Remote Management
Enable to allow management via the Internet. If Disabled, this device will ignore management connection attempts from the Internet.
Port Number
Enter a port number between 1024 and 65535 (8080 is recommended). This port number must be specified when you connect (see below).
Note: The default port number for HTTP (Web) connections is port 80, but using port 80 here will prevent the use of a Web "Virtual Server" on your LAN. (See Advanced Internet - Virtual Servers)
Current IP Address
You must use this IP Address to connect (see below). This IP Address is allocated by your ISP. But if using a Dynamic IP
Address, this value can change each time you connect to your ISP. So it is better if your ISP allocates you a Fixed IP Address.
To connect from a remote PC via the Internet
1. Ensure your Internet connection is established, and start your Web Browser.
2. In the "Address" bar, enter "HTTP://" followed by the Internet IP Address of the Internet
Broadband Router. If the port number is not 80, the port number is also required. (After the IP Address, enter ":" followed by the port number.) e.g.
HTTP://123.123.123.123:8080
This example assumes the WAN IP Address is 123.123.123.123, and the port number is 8080.
57
Chapter 7
Advanced Configuration
This Chapter explains the settings available via the Advanced configuration section of the "Advanced" menu.
Overview
Normally, it is not necessary to use these screens, or change any settings. These screens and settings are provided to deal with non-standard situations, or to provide additional options for advanced users.
The settings available are:
PC Database
This is the list of PCs shown when you select the "DMZ PC" or a "Virtual Server". This database is maintained automatically, but you can add and delete entries for PCs which use a Fixed (Static) IP Address.
Options
Enable or Disable various options.
MAC Address
Set the MAC (hardware) address used on the Internet (WAN port) interface. This is required only if your ISP has recorded the MAC (hardware) address you should use.
Routing
Only required if your LAN has other Routers or Gateways.
PC Database Screen
The PC Database is used whenever you need to select a PC (e.g. for the "DMZ" PC). It eliminates the need to enter IP addresses. An example PC Database screen is shown below.
Figure 35: PC Database Screen
PCs which are "DHCP Clients" are automatically added to the database, and updated as
required.
7
Internet Sharing Gateway User Guide
58
By default, non-Ser ver versions of Windows act as "DHCP Clients"; this setting is called
"Obtain an IP Address automatically".
The Internet Broadband Router uses the "Hardware Address" to identify each PC, not the
name or IP address. The "Hardware Address" can only change if you change the PC's network card or adapter.
This system means you do NOT need to use Fixed (static) IP addresses on your LAN.
However, you can add PCs using Fixed (static) IP Addresses to the PC database if required.
Data - PC Database Screen
PC Database
PCs
This lists all current entries. Data displayed is name (IP Address) type. For this model, the "type" will always be "LAN"
Name
If adding a new PC to the list, enter its name here. It is best if this matches the PC's "hostname".
IP Address
Enter the IP Address of the PC. The PC will be sent a "ping" to determine its hardware address. If the PC is not available (not connected, or not powered On) you will not be able to add it.
Buttons
Add
This will add the new PC to the list. The PC will be sent a "ping" to determine its hardware address. If the PC is not available (not connected, or not powered On) you will not be able to add it.
Delete
Delete the selected PC from the list. This should be done in 2 situations:
The PC has been removed from your LAN.
The entry is incorrect.
Refresh
Update the data on screen.
Generate Report
Display a read-only list showing full details of all entries in the PC database.
Advanced Configuration
59
Options
This screen allows advanced users to enter or change a number of set t ings. For normal operation, there is no need to use this screen or change any settings.
An example Options screen is shown below.
Figure 36: Options Screen
Data - Options Screen
Backup DNS
IP Address
Enter the IP Address of the DNS (Domain Name Servers) here. These DNS will be used only if the primary DNS is unavailable.
TFTP
Enable Firmware Upgrade using TFTP
If enabled, TFTP (Trivial FTP) can be used to upgrade the
firmware in this device. This is normally not required; a Windows utility is available for this purpose.
You must obtain the firmware upgrade file first; instructions for
using TFTP will be available with the upgrade.
UPnP
Enable UPnP Services
UPnP (Universal Plug and Play) allows automatic discovery and
configuration of equipment attached to your LAN. UPnP is by supported by Windows ME, XP, or later.
If Enabled, this device will be visible via UPnP.
If Disabled, this device will not be visible via UPnP.
Internet Sharing Gateway User Guide
60
Allow Configuration...
If checked, then UPnP users can change the configuration.
If Disabled, UPnP users can only view the configuration. But
currently, this restr iction only applies to users running Windows XP, who access the Properties via UPnP. (e .g. Right - click the Internet Broadband Router in My Network Places, and select Properties).
Allow Internet access to be disabled
If checked, then UPnP users can disable Internet access via this
device.
If Disabled, UPnP users can NOT disable Internet access via this
device. But currently, this restriction only applies to users running Windows XP, who access the Properties via UPnP. (e.g. Right ­click the Internet Broadband Router in My Network Places, and select Properties).
Firewall
Enable DoS Firewall
If enabled, DoS (Denial of Service) attacks will be detected and blocked. The default is enabled. It is strongly recommended that this setting be left enabled.
Note:
A DoS attack does not attempt to steal data or damage your PCs,
but overloads your Internet connection so you can not use it - the service is unavailable.
The Internet Broadband Router uses "Stateful Inspection"
technology. This system can detect situations where individual TCP/IP packets are valid, but collectively they become a DoS attack.
Threshold
This setting affects the number of "half-open" connections allowed.
A "half-open" connection arises when a remote client contacts the
Server with a connection request, but then does not reply to the Server's response.
While the optimum number of "half-open" connections allowed
(the "Threshold") depends on many factor s, the most important factor is the available bandwidth of your Internet connection.
Select the setting to match the bandwidth of your Internet
connection.
Advanced Configuration
61
MAC Address
The MAC (hardware) address is a low-level network identifier. It may be called "MAC Address", "Hardware Address", or "Physical Address". On a PC, this address is associated with the Network card or adapter. The address on the MAC Address screen is the address on the Internet (WAN port) interface, and has no effect on the LAN interface.
If your ISP asks for the "Network Adapter Address", "Physical Address", "Hardware
Address", or "MAC Address" for the PC the DSL/Cable modem is connected to, provide this value.
If your ISP has already recorded a MAC address, you can change the address used by the
Internet Broadband Router to match the address recorded by your ISP.
MAC Address Screen
Select MAC Address from the Advanced menu to reach a screen like the example below.
Figure 37: MAC address screen
Data - MAC address Screen
MAC (hardware) Address
The current MAC (hardware) address is displayed. If your ISP has recorded a Hardware Address, you can "spoof" that
address by entering it in the address field. The hardware address consists of 12 characters, where each character is a digit (0..9) or a character between A and F.
Buttons
Default
Inserts the default MAC address into the MAC address field. You must click "Save" to actually change the address used.
Copy from PC
Inserts the MAC address from your PC into the MAC addre ss field. You must click "Save" to actually change the address used.
Save
Save your changes to the Internet Broadband Router.
Cancel
Reverse any changes made since the last "Save".
If the MAC address is changed, the Internet Broadband Router must restart.
Internet Sharing Gateway User Guide
62
Routing
Overview
If you don't have othe r Routers or Gateways on your LAN, you can ignore the "Routing"
page completely.
If the Internet Broadband Router is only acting as a Gateway for the local LAN segment,
ignore the "Routing" page even if your LAN has other Routers.
If your LAN has a standard Router (e.g. Cisco) on your LAN, and the Internet Broadband
Router is to act as a Gateway for all LAN segments, enable RIP (Routing Information Protocol) and ignore the Static Routing table.
If your LAN has other Gateways and Routers, and you wish to control which LAN
segments use each Gateway, do NOT enable RIP (Routing Information Protocol). Configure the Static Routing table instead. (You also need to configure the other Routers.)
If using Windows 2000 Data center Server as a software Router, enable RIP on the Internet
Broadband Router, and ensure the following Windows 2000 settings are correct:
Open Routing and Remote Access
In the console tree, select Routing and Remote Access , [server name], IP Routing,
RIP
In the "Details" pane, right-click the interface you want to configure for RIP version 2,
and then click "Properties".
On the "General" tab, set Outgoing packet protocol to "RIP version 2 broadcast", and
Incoming packet protocol to "RIP version 1 and 2".
Routing Screen
The routing table is accessed by the Routing link on the Advanced screen.
Using this Screen
Generally, you will use either RIP (Routing Information Protocol) OR the Static Routing Table, as explained above, it is possible to use both methods simultaneously.
Static Routing Table
If RIP is not used, an entry in the routing table is required for each LAN segment on your
Network, other than the segment to which this device is attached.
The other Routers must also be configured. See Configuring Other Routers on your LAN
later in this chapter for further details and an example.
Advanced Configuration
63
Figure 38: Routing Screen
Data - Routing Screen
RIP
Enable RIP
Check this to enable the RIP (Routing Information Protocol) feature of the Internet Broadband Router.
The Internet Broadband Router supports RIP 1 only.
Static Routing
Static Routing Table Entries
This list shows all entries in the Routing Table.
The "Properties" area shows details of the selected item in the
list.
Change any the properties as required, then click the "Update"
button to save the changes to the selected entry.
Properties
Destination Network - The network address of the remote LAN
segment. For standard class "C" LANs, the network address is the first 3 fields of the Destination IP Address. The 4th (last) field can be left at 0.
Network Mask - The Network Mask for the remote LAN
segment. For class "C" networks, the default mask is
255.255.255.0
Gateway IP Address - The IP Address of the Gateway or Router
which the Internet Broadband Router must use to communicate with the destination above. (NOT the router attached to the remote segment.)
Metric - The number of "hops" (routers) to pass through to reach
the remote LAN segment. The shortest path will be used. The default value is 1.
Internet Sharing Gateway User Guide
64
Buttons
Save
Save the RIP setting. This has no effect on the Static Routing Table.
Add
Add a new entry to the Static Routing table, using the data shown in the "Properties" area on screen. The entry selected in the list is ignored, and has no effect.
Update
Update the current Static Routing Table entry, using the data shown in the "Properties" area on screen.
Delete
Delete the current Static Routing Table entry.
Clear Form
Clear all data from the "Properties" area, ready for input of a new entry for the Static Routing table.
Generate Report
Generate a read-only list of all entries in the Static Routing table.
Configuring Other Routers on your LAN
It is essential that all IP packets for devices not on the local LAN be passed to the Internet Broadband Router, so that they can be forwarded to the external LAN, WAN, or Internet. To achieve this, the local LAN must be configured to use the Internet Broadband Router as the Default Route or Default Gateway.
Local Router
The local router is the Router installed on the same LAN segment as the Internet Broadband Router. This router requires that the Default Route is the Internet Broadband Router itself. Typically, routers have a special entry for the Default Route. It should be configured as follows.
Destination IP Address
Normally 0.0.0.0, but check your router documentation.
Network Mask
Normally 0.0.0.0, but check your router documentation.
Gateway IP Address
The IP Address of the Internet Broadband Router.
Metric
1
Other Routers on the Local LAN
Other routers on the local LAN must use the Internet Broadband Router's Local Router as the Default Route. The entries will be the same as the Internet Broadband Router's local router, with the exception of the Gateway IP Address.
For a router with a direct connection to the Internet Broadband Router's local Router, the
Gateway IP Address is the address of the Internet Broadband Router's local router.
For routers which must forward packets to another router before reaching the Internet
Broadband Router's local router, the Gateway IP Address is the address of the intermediate router.
Advanced Configuration
65
Static Routing - Example
Router B
(192.168.1.90)
(192.168.2.70)
Router A
Segment 0
Segment 2
Segment 1
Broadband Router
(192.168.0.xx)
(192.168.1.xx)
(192.168.0.100)
(192.168.0.1)
(192.168.2.xx)
(192.168.1.80)
Figure 39: Routing Example
For the Internet Broadband Router's Routing Table
For the LAN shown above, with 2 routers and 3 LAN segments, the Internet Broadband Router requires 2 entries as follows.
Entry 1 (Segment 1)
Destination IP Address 192.168.1.0 Network Mask 255.255.255.0 (Standard Class C) Gateway IP Address 192.168.0.100 (Internet Broadband Router's
local Router)
Metric 1
Entry 2 (Segment 2)
Destination IP Address 192.168.2.0 Network Mask 255.255.255.0 (Standard Class C) Gateway IP Address 192.168.0.100 Metric 2
For Router A's Default Route
Destination IP Address 0.0.0.0 Network Mask 0.0.0.0 Gateway IP Address 192.168.0.1 (Internet Broadband Router's IP
Address)
For Router B's Default Route
Destination IP Address 0.0.0.0 Network Mask 0.0.0.0 Gateway IP Address 192.168.1.80 (Internet Broadband Router's
local router)
66
Appendix A
Troubleshooting
This Appendix covers the most likely problems and their solutions.
Overview
This chapter covers some common problems that may be encountered while using the Internet Broadband Router and some possible solutions t o them. If you follow the suggested steps and the Internet Broadband Router still does not function properly, contact your dealer for further advice.
General Problems
Problem 1: Can't connect to the Internet Broadband Router to configure it. Solution 1:
Check the following:
The Internet Broadband Router is properly installed, LAN connections
are OK, and it is powered ON.
Ensure that your PC and the Internet Broadband Router are on the same
network segment. (If you don't have a router, this must be the case.)
If your PC is set to "Obtain an IP Address automatically" (DHCP
client), restart it.
If your PC uses a Fixed (Static) IP address, ensure that it is using an IP
Address within the range 192.168.0.2 to 192.168.0.254 and thus compatible with the Internet Broadband Router's default IP Address of
192.168.0.1. Also, the Network Mask should be set to 255.255.255.0 to match the Internet Broadband Router. In Windows, you can check these settings by using Control Panel- Network to check the Properties for the TCP/IP protocol.
Internet Access
Problem 1: When I enter a URL or IP address I get a time out error. Solution 1:
A number of things could be causing this. Try the following troubleshooting steps.
Check if other PCs work. If they do, ensure that your PCs IP settings are
correct. If using a Fixed (Static) IP Address, check the Network Mask, Default gateway and DNS as well as the IP Address.
If the PCs are configured correctly, but still not working, check the
Internet Broadband Router. Ensure that it is connected and ON. Connect to it and check its settings. (If you can't connect to it, check the LAN and power connections.)
If the Internet Broadband Router is configured correctly, check your
Internet connection (DSL/Cable modem etc) to see that it is working correctly.
A
Appendix A - Troubleshooting
67
Problem 2: Some applications do not run properly when using the Internet
Broadband Router.
Solution 2:
The Internet Broadband Router processes the data passing through it, so it is not transparent.
Use the Special Applications feature to allow the use of Internet applications which do not function correctly.
If this does solve the problem you can use the DMZ function. This should work with almost every application, but:
It is a security risk, since the firewall is disabled for the DMZ PC.
Only one (1) PC can use this feature.
68
Appendix B
Specifications
XRT-101A
Model XRT-101A Dimensions 120 mm(W) * 93mm( D) * 30mm(H) Operating
Temperature
0° C to 40° C
Storage Temperature
-10° C to 70° C
Network Protocol: NAT, PPPoE, HTTP, DHCP client/server, TCP/IP Network Interface: 2 Ethernet:
1 * 10/100BaseT (RJ45) for LAN interface
1 * 10BaseT (RJ45) for WAN interface LEDs 4 External Power
Adapter
12 V DC
FCC Statement:
This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions:
(1) This device may not cause harmful interference. (2) This device must accept any interference received, including interference that may
cause undesired operation.
CE Marking Warning
This is a Class B product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.
B
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use