Siemens se5880 User Manual
SIEMENS Business Class
se5880
Ethernet Security Router
User’s Guide
Part No. 107-7950-001
Software License and Limited Warranty
© Copyright 2004, Siemens Subscriber Networks, Inc.
All rights reserved. Printed in the U.S.A.
Siemens Subscriber Networks, Efficient Networks, the Efficient Networks logo, and SpeedStream(tm) are trademarks of Siemens AG. All other names may be
trademarks, service marks or registered trademarks held by their respective companies. This document is for information purposes only,Siemens Subscriber
Networks is not responsible for errors or omissions herein. Siemens Subscriber Networks reserves the right to make changes to product specifications without notice.
SIemens Subscriber Networks, Inc. – End User Software License and Warranty
INSTALLATION OF THE HARDWARE AND SOFTWARE PROVIDED BY SIEMENS SUBSCRIBER NETWORKS, INC (SSN). CONSTITUTES ACCEPTANCE BY
YOU OF THE TERMS OF THE FOLLOWING SOFTWARE LICENSE AND LIMITED WARRENTY. IF YOU DO NOT ACCEPT THESE TERMS, PLEASE RETURN
THE HARDWARE AND SOFTWARE AND SOFTWARE IN ITS ORIGINAL PACKAGING TO THE VENDOR FROM WHICH YOU PURCHASED IT FOR A FULL
REFUND OF THE PURCHASE PRICE.
The following describes your license to use the software (the"Software") that has been provided with your Siemens customer premise equipment ("Hardware") and
the limited warranty that Siemens Subscriber Networks provides on its Software and Hardware. Siemens Subscriber Networks reserves any right not expressly
granted to the end user.
Software License
The Software is protected by copyright laws and international copyright treaties. The Software is licensed and not sold to you. The definition od Software includes,
but not limited to, system and operating software marketed by Siemens Subscriber Networks, including firmware, embedded software, software provided on media,
downloadable software, software for configuration or programmable logic elements, and all Siemens Subscriber Networks maintenance and diagnostic tools
associated with the above mentioned software. Accordingly, while you own the media (such as CD ROM or floppy disk) on which the software is recorded, Siemens
Subscriber Networks or its licensors retains ownership of the Software itself.
1. Grant of License
You may make backup copies of the system configuration as required. If the Hardware is being installed on a network, you may install the Software on the network
server or other server-side devise on which the Hardware is being installed and onto the client-side devices.
2. Restrictions
• sublicense, assign, or distribute copies of the Software to others;
• decompile, reverse engineer, disassemble or otherwise reduce the Software or any part thereof to a human perceivable form;
• modify, adapt, translate or create derivative works based upon the Software or any part thereof; or
• rent, lease, loan or otherwise operate for profit the Software.
2. Transfer
devices onto which you have installed it, and must ensure that the party to whom you transfer the Hardware receives this License Agreement and Limited Warranty.
3. Upgrades Covered
Siemens Subscriber Networks, whether delivered via tangible media (CD ROM or floppy disk), down loaded from Siemens Subscriber Networks, or delivered
through customer support. Any such additional software shall be considered "Software" for all purposes under this License.
4. Export Law Assurances
export or re-export the Software to any countries that are subject to export restrictions.
5. No Other Rights Granted.
to any copyright, patent, trademark, trade secret, or other proprietary rights of Siemens Subscriber Networks or its licensors.
6. Termination.
of these provisions. Upon termination, you must return the Software and all copies thereof.
Limited Warranty
The following limited warranties provided by Siemens Subscriber Networks extend to the original end user of the Hardware/licensee of the Software and are not
assignable or transferable to any subsequent purchaser/licensee.
1. Hardware. Siemens Subscriber Networks warrants that the Hardware will be free from defects in materials and workmanship and will perform substantially in
compliance with the user documentation relating to the Hardware for a period of one year from the date the original end user received the Hardware.
2. Software
Hardware and Software for a period of ninety days from the date the original end user received the Hardware and Software. The end user is responsible for the
selection of Hardware and Software used in the end user’s network. Given the wide range of third-party hardware and applications, Siemens Subscriber Networks
does not warrant the compatibility or uninterrupted or error free operation of our Software with the end user’s systems or network.
3. Exclusive Remedy
Networks’s sole option, either (a) a refund of the purchase price paid for the Hardware/Software or (b) repair or replacement of the Hardware/Software with new
or remanufactured products. Any replacement Hardware or Software will be warranted for the remainder of the original warranty period or thirty days, which ever
is longer.
4. Warranty Procedures
A.Prior to returning a product under this warranty, the end user must first call Siemens Subscriber Networks at (888) 286-9375, or send an email to Siemens
Subscriber Networks at support@efficient.com to obtain a return materials authorization (RMA) number. RMAs are issued between 8:00 a.m. and 5:00 p.m.
Central Time, excluding weekends and holidays. The end user must provide the serial number(s) of the products in order to obtain an RMA.
B.After receiving an RMA, the end user shall ship the product or defective component, including power supplies and cable, where applicable, freight or postage
prepaid and insured, to Siemens Subscriber Networks at 4849 Alpha Road, Dallas Texas 75244, U.S.A. Within five (5) days notice from Siemens Subscriber
Networks, the end user shall provide Siemens Subscriber Networks with any missing items or, at Siemens Subscriber Networks’s sole option, Siemens
Subscriber Networks will either (a) replace missing items and charge the end user or (b) return the product to the end user freight collect. The end user shall
include a return address, daytime phone number and/or fax. The RMA number must be clearly marked on the outside of the package.
C.Returned Products will be tested upon receipt by Siemens Subscriber Networks. Products that pass all functional tests will be returned to the end user.
D.Siemens Subscriber Networks will return the repaired or replacement Product to the end user at the address provided by the end user atSiemens Subscriber
Networks’s expense. For Products shipped within the United States of America, Siemens Subscriber Networks will use reasonable efforts to ensure delivery
within five (5) business days from the date received by Siemens Subscriber Networks. Expedited service is available at additional cost to the end user.
E.Upon request from Siemens Subscriber Networks, the end user must prove the date of the original purchase of the product by a dated bill of sale or dated
itemized receipt.
5. Limitations
• The end user shall have no coverage or benefits under this limited warranty if the product has been subject to abnormal use, abnormal conditions, improper
storage, exposure to moisture or dampness, unauthorized modifications, unauthorized repair, misuse, neglect, abuse, accident, alteration, improper installation,
or other acts which are not the fault of Siemens Subscriber Networks, including acts of nature and damage caused by shipping.
• Siemens Subscriber Networks will not honor, and will not consider the warranty voided, if: (1) the seal or serial number on the Product have been tampered
with or (2) there has been any attempted or actual repair or modification of the Product by anyone other than an Siemens Subscriber Networks authorized
service provider.
• The limited warranty does not cover defects in appearance, cosmetic, decorative or structural items, including framing, and any non-operative parts.
. You may install and use one (and only one) copy of the Software in conjunction with the Siemens Subscriber Networks provided Hardware.
. The license granted is a limited license. You may NOT:
. You may transfer the Software only where you are also transferring the Hardware. In such cases, you must remove all copies of the Software from any
. This License covers the Software originally provided to you with the Hardware, and any additional software that you may receive from
. You acknowledge that the Software may be subject to export control laws and regulations of the U.S.A. You confirm that you will not
Other than the limited license expressly granted herein, no license, whether express or implied, by estoppel or otherwise, is granted
Without limiting Siemens Subscriber Networks’s other rights, Siemens Subscriber Networks may terminate this license if you fail to comply with any
. Siemens Subscriber Networks warrants that the Software will perform substantially in compliance with the end user documentation provided with the
. Your exclusive remedy and Siemens Subscriber Networks’s exclusive obligation for breach of this limited warranty is, in Siemens Subscriber
. If a problem develops during the limited warranty period, the end user shall follow the procedure outlined below:
.
• Siemens Subscriber Networks’s limit of liability under the limited warranty shall be the actual cash value of the product at the time the end user returns the
product for repair, determined by the price paid by the end user for the product less a reasonable amount for usage.Siemens Subscriber Networks shall not be
liable for any other losses or damages.
• The end user will be billed for any parts or labor charges not covered by this limited warranty. The end user will be responsible for any expenses related to
reinstallation of the product.
• THIS LIMITED WARRENTY IS THE ONLY WARRENTY SSN MAKES FOR THE PRODUCT AND SOFTWARE. TO THE EXTENT ALLOWED BY LAW, NO
OTHER WARRENTY APPLIES, WETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING ANY WARRENTY OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
6. Out of Warranty Repair. Out of warranty repair is available for a fixed fee. Please contact Siemens Subscriber Networks at the numbers provided above to
determine out of warranty repair rate. End users seeking out of warranty repair should contact Siemens Subscriber Networks as described above to obtain an RMA
and to arrange for payment of the repair charge. All shipping charges will be billed to the end-user.
General Provisions
The following general provisions apply to the foregoing Software License and Limited Warranty.
1. No Modification. The foregoing Limited Warranty is the end user’s sole and exclusive remedy and is in lieu of all other warranties, express or implied. No oral or
written information or advice given by Siemens Subscriber Networks or tis dealers, distributors, employees or agents shall in any way extend, modify or add to
the foregoing Software License and Limited Warranty. This Software License and Limited Warranty constitutes the entire agreement between Siemens Subscriber
Networks and the end user, and supersedes all prior and contemporaneous representation, agreements or understandings, oral or written. This Software License
and Limited Warranty may not be changed or amended except by a written instrument executed by a duly authorized officer of Siemens Subscriber Networks.
Siemens Subscriber Networks neither assumes nor authorizes any authorized service center or any other person or entity to assume for it any other obligation or
liability beyond that which is expressly provided for in this Limited Warranty including the provider or seller of any extended warranty or service agreement.
The Limited Warranty period for Siemens Subscriber Networks supplied attachments and accessories is specifically defined within their own warranty cards and
packaging.
2. EXCLUSION OF INCIDENTAL, CONSEQUENTIAL AND OTHER DAMAGES
ITS LICENSORS BE LIABLE, WHETHER UNDER CONTRACT, WARRENTY, TORT OR ANY OTHER THEORY OF LAW FOR ANY SPECIAL, INCIDENTAL
OR CONSEQUENTIAL DAMAGES WHATSOEVER, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, BUSINESS INTERRPUTION,
PERSONAL INJURY, LOSS OR IMPAIRMENT OF DATA OR BUSINESS INFORMATION, EVEN IF SSN HAS BEEN NOTIFIED OF THE POSSIBILITY OF
SUCH DAMAGES. SSN’S OR IT’S LICENSOR’S LIABILITY TO YOU (IF ANY) FOR ACTUAL DIRECT DAMAGES FOR ANY CAUSE WHATSOEVER, AND
REGARDLESS OF THE FORM OF THE ACTION, WILL BE LIMITED TO, AND SHALL NOT EXCEED, THE AMOUNT PAID FOR THE HARDWARE/
SOFTWARE.
3. General
. This Software License and Limited Warranty will be covered by and construed in accordance with the laws of the State of Texas, United States (excluding
conflicts of laws rules), and shall insure to the benefit of Siemens Subscriber Networks and its successor, assignees and legal representatives. If any provision of
this Software License and Limited Warranty is held by a court of competent jurisdiction to be a invalid or unenforceable to any extent under applicable law, that
provision will be enforced to the maximum extent permissible, and the remaining provisions of this Software License and Limited Warranty will remain in full force
and effect. Any notices or other communications to be sent to Siemens Subscriber Networks must be mailed by certified mail to the following address:
Siemens Subscriber Networks, Inc.
4849 Alpha Road
Dallas, TX 75244
U.S.A.
Attn: Customer Service
. TO THE FULL EXTENT PERMITTED BY LAW, IN NO EVENT SHALL SSN OR
SIEMENS se5880 Ethernet Security Router
User’s Guide
Chapter 1 Product Specifications
Front Panel................................................................................................................................................... 1
Back Panel ................................................................................................................................................... 1
Hardware Specifications............................................................................................................................... 2
Physical Specifications.................................................................................................................... 2
Operational Environment ................................................................................................................ 2
Power Requirements....................................................................................................................... 2
Processor ........................................................................................................................................ 2
Ethernet Interfaces.......................................................................................................................... 2
Serial Interface ................................................................................................................................ 2
Software Specifications................................................................................................................................ 3
Bridging ........................................................................................................................................... 3
Configuration Management............................................................................................................. 3
Dial Backup ..................................................................................................................................... 3
Routing............................................................................................................................................ 3
Differentiated Services - Quality of Service provisioning ................................................................ 3
IP Address Translation.................................................................................................................... 3
PPP (RFC 1661) ............................................................................................................................. 3
Security ........................................................................................................................................... 4
Table of Contents
Chapter 2 Installation
Installation Requirements............................................................................................................................. 5
Package Contents........................................................................................................................... 5
PC Requirements............................................................................................................................ 5
Network Service Provider Requirements ........................................................................................ 5
Hardware Installation ................................................................................................................................... 6
PC Configuration.......................................................................................................................................... 7
Windows 98/ME .............................................................................................................................. 7
Windows NT 4................................................................................................................................. 8
Windows 2000................................................................................................................................. 9
Windows XP.................................................................................................................................. 10
Mac OS 9.x ....................................................................................................................................11
Mac OSX....................................................................................................................................... 12
Linux.............................................................................................................................................. 13
Configuring the Router ............................................................................................................................... 14
Establish Connection .................................................................................................................... 14
Router Information Page ............................................................................................................... 15
Chapter 3 Easy Setup
Access Easy Setup Wizard ........................................................................................................................ 16
Untrusted Interface Configuration .............................................................................................................. 16
Using PPPoE ................................................................................................................................ 17
Not Using PPPoE.......................................................................................................................... 17
SIEMENS i
SIEMENS se5880 Ethernet Security Router
User’s Guide
Dynamic Host Configuration Protocol ........................................................................................... 18
Chapter 4 User Setup
User Management...................................................................................................................................... 20
Adding/Modifying A User Account.................................................................................................21
Deleting A User Account ............................................................................................................... 22
User Lookup.................................................................................................................................. 23
Secure Mode Configuration .......................................................................................................... 24
Configure the Radius Server......................................................................................................... 25
Configure the TacPlus Server ....................................................................................................... 26
Management Classes ................................................................................................................... 27
Change Password...................................................................................................................................... 28
Access Control ........................................................................................................................................... 29
Chapter 5 Advanced Setup
DMZ ........................................................................................................................................................... 31
Router Clock .............................................................................................................................................. 33
DHCP ......................................................................................................................................................... 34
QoS............................................................................................................................................................ 35
Configure QoS Policy.................................................................................................................... 36
Reorder QoS Policies.................................................................................................................... 38
Routing Table Configuration....................................................................................................................... 39
Dial Backup ................................................................................................................................................ 40
Internal Modem ............................................................................................................................. 41
External Modem ............................................................................................................................ 42
Switch Management................................................................................................................................... 43
Switch Mirror Configuration........................................................................................................... 44
Switch Age Time ........................................................................................................................... 45
Command Line Interface............................................................................................................................ 46
File Editor ................................................................................................................................................... 47
Table of Contents
Chapter 6 Security Setup
NAT ............................................................................................................................................................ 49
SNMP......................................................................................................................................................... 50
SNMP IP Filter .............................................................................................................................. 51
SNMP Password ........................................................................................................................... 51
Secure Shell............................................................................................................................................... 52
Configure SSH .............................................................................................................................. 53
Load Keys ..................................................................................................................................... 54
Key Generator............................................................................................................................... 55
Firewall Scripts........................................................................................................................................... 56
Stateful Firewall.......................................................................................................................................... 57
Configure Stateful Firewall ............................................................................................................ 58
SIEMENS ii
SIEMENS se5880 Ethernet Security Router
User’s Guide
View Dropped Packets.................................................................................................................. 59
Configure Firewall Rules ............................................................................................................... 60
Delete Firewall Rules .................................................................................................................... 62
IKE/IPSec Configuration ............................................................................................................................ 63
Easy IKE/IPSec Setup .................................................................................................................. 64
Advanced IKE/IPSec Setup .......................................................................................................... 65
VPN Log On ............................................................................................................................................... 72
Chapter 7 Monitoring Router
System Summary....................................................................................................................................... 73
Ethernet Interface Information....................................................................................................... 74
Remote Connection Information ...................................................................................................74
IP Routing Information .................................................................................................................. 75
System Information ....................................................................................................................... 75
Diagnostics................................................................................................................................................. 76
PPPoE Session............................................................................................................................. 76
Interface Information ..................................................................................................................... 77
ATM Statistics................................................................................................................................ 77
Routing Table Information ............................................................................................................. 78
Files Information............................................................................................................................ 78
Memory Usage.............................................................................................................................. 79
List All Configuration Data............................................................................................................. 79
TCP/IP Statistics ........................................................................................................................... 80
SIEMENS iii
Chapter 1 Product Specifications
Front Panel
The following table explains the LEDs that appear on the Front Panel
of the Siemens se5880 router.
Light Color Indications
Power Green
Off
Test Yellow (steady)
Yellow (blinking)
Green: (2 sec. blink)
Off
U-TX Green
Green (blinking)
Yellow (blinking)
Off
U-RX Green
Green (blinking)
Yellow (blinking)
Off
T-TX Green
Green (blinking)
Off
T-RX Green
Green (blinking)
Off
Power is ON
Power is OFF
Running Power On Self Test
Self Test failure
Normal operation (heartbeat)
Router is shut down
Ethernet link detected
Traffic on Untrusted interface
Traffic on DMZ port
No current transmit traffic on Untrusted interface
Ethernet link detected
Receiving data on Untrusted interface
Receiving data on DMZ port
No current recieve traffic on Untrusted interface
Ethernet link detected
Transmitting data on Trusted interface
No current transmit traffic on Trusted interface
Ethernet link detected
Receiving data on Trusted interface
No current recieve traffic on Trusted interface
Back Panel
The following table descrcibes the various connections
on the back panel of the Siemens se5880 router.
Connection Function
Power Switch Enables and disables power to the system.
Power Connector Power cord connection for internal power supply.
Trusted Four port, full-duplex, 10/100-BaseT Ethernet Switch (RJ-45).
Untrusted Single full-duplex 10/100-BaseT, switched Ethernet port (RJ-45).
MGMT This 8-pin, RJ-45 port provides RS232 connectivity for console
connections or a dial backup analog modem connection.
SIEMENS 1
SIEMENS se5880 Ethernet Security Router
User’s Guide
Hardware Specifications
Chapter 1 Product Specifications
Hardware Specifications
Physical Specifications
• Unit Dimensions:
– 8.4W x 7D x 1.7H inches
– 21.3W x 17.8D x 4.3H cm
• Weight:
–1.5 lbs.
–.68 Kg.
Power Requirements
• AC Voltage:100 to 120V AC or 220 to 240V AC
• Frequency:50/60 Hz
• Consumption:10W maximum
• Built-in power supply with on/off switch
Ethernet Interfaces
• Trusted Ethernet Interface - Four port, full-
duplex 10/100-BaseT Ethernet switch (8-pin,
RJ-45)
• Untrusted (WAN) Ethernet Interface - Single
full-duplex 10/100-BaseT, switched Ethernet
port (8-pin, RJ-45)
• Green/Amber LEDs
Operational Environment
• Temperature:
– 40°F to 105°F
– 5°C to 40°C
• Humidity: 20% to 80% non-condensing
Processor
• Motorola
• 8 MB DRAM, 4 MB Flash Memory
• 3DES, DES, MD5, SHA hardware assist
®
64 MHz MPC857DSL
Serial Interface
• One RS-232 asynchronous console or modem
port (RJ-45)
SIEMENS 2
SIEMENS se5880 Ethernet Security Router
User’s Guide
Software Specifications
Chapter 1 Product Specifications
Software Specifications
Bridging
• Transparent bridging including Spanning Tree
protocol (IEEE 802.1D)
• Bridge filters
Configuration Management
• Easy Setup Web Management Interface
• Microsoft
via SNMP
®
Windows configuration management
• TFTP download/upload of new software and
configuration files
• Performance monitor
• Dynamic event and history logging
• Administration through HTTP, SNMP, Telnet or
VT100 terminal
• Network boot uses the BootP server (RFC
2131, RFC 2132)
Dial Backup
• Failover to modem on console port
• Web Management Interface
• User selectable fail/restore criteria
• Supports L2TP and IPSec tunnel failover
• Optional modem connector (DB9 or DB25)
Routing
• TCP/IP with RIP1 (RFC 1058), RIP1 compatible
and RIP2 (RFC 1389) or static routing on the
LAN or WAN
• Novell
®
IPX with RIP/SAP (RFC 1552)
• DHCP client (RFC 2132)
• DHCP server - Automatic assignment of IP
address, mask, default gateway and DNS
server addresses to workstations (RFC 2131,
2132)
• DHCP relay agent (RFC 1542)
• DNS relay
• Multiple subnets on LAN
• Virtual routing
• Virtual Router Redundancy Protocol (RFC
2338)
Differentiated Services - Quality of Service provisioning
• Weighted Fair Queuing (WFQ)
• Differentiated Services (DiffServ)
IP Address Translation
• Network renumbering (RFC 1631)
PPP (RFC 1661)
• PPP over Ethernet (RFC 2516)
• Network Address Translation (NAT/PAT)
• LAN servers supported with NAT
• Support for NAT inside an IPSec tunnel
SIEMENS 3
SIEMENS se5880 Ethernet Security Router
User’s Guide
Security
• Role-based management
• User authentication (PAP/CHAP) with PPP (RFC 1334, RFC 1994)
• Password control for Configuration Manager
• SNMP password and community name reassignment
• HTTP/Syslog/SNMP/Telnet port reassignment, access control list
• VPN support (L2TP, IPSec, IKE, DES, 3DES)
• Firewall (IP filtering)
• Stateful Firewall (ICSA Compliant)
• Secure Management Communications – IPsec and SSH
• Radius Server support
• TACACS+ Server support
• VPN Hardware Acceleration support
Chapter 1 Product Specifications
Software Specifications
SIEMENS 4
Chapter 2 Installation
This chapter describes the steps you must take to install and configure the various components in your
network to utilize the Siemens Ethernet Security Router. This includes setting up the hardware connections
the Internet router, configuring the PC
router configuration. Before beginning installation, make sure you meet all installation requirements
to use the Internet router for Internet access, and setting up the Internet
.
Installation Requirements
Before beginning the installation and configuration of the various components on the network, make sure you
received all the package contents
your network Service Provider
Package Contents
Your package should contain the items listed below. If you determine anything to be damaged or missing,
please contact the dealer from whom the equipment was purchased.
• One Siemens se5880 Ethernet-to-Ethernet Router
• One Siemens Documentation CD-ROM
• One AC power supply module w/ cord
• Two RJ-45 Ethernet cables
• One RJ-45 to DB-9 serial port adapter (console)
• One Siemens se5880 Quick Start Guide
, meet the basic PC requirements, and have the necessary information from
.
to
PC Requirements
At a minimum, your computer must be equipped with the following to successfully install the broadband
Internet router.
• CD-ROM Drive
• Ethernet network interface card
• TCP/IP network protocol installed on your PC
• Web browser
• Terminal emulation software, if you want to configure your router via your computer’s serial port before
placing it into service on a network.
Network Service Provider Requirements
Your Network Service Provider will provide you with information to configure your router’s WAN connection.
Depending upon the type of service that you ordered, you will need some of the items from the following list.
Contact your Network Service Provider for specific details on the items you should receive.
• DNS address
• One or more IP addresses and a subnet mask
• PPP Username and Password if required
SIEMENS 5
SIEMENS se5880 Ethernet Security Router
User’s Guide
Chapter 2 Installation
Hardware Installation
Hardware Installation
You may position the Siemens broadband router at any convenient location where it will be well ventilated. Do
not stack it with other devices or place it on the carpet. You can connect the router to an existing Ethernet port
on your computer.
To connect the SpeedStream device via the Ethernet interface, your
computer must have an Ethernet adapter (also called a network
interface card, or NIC) installed. If your computer does not have this
adapter, install it before proceeding further. Refer to your Ethernet
adapter documentation for complete installation instructions. Once you
verify installation of an Ethernet adapter, perform the following
procedure to connect the router to your computer.
1. With the PC powered off, connect your PC directly to any of the router’s Ethernet ports of the back-panel
labeled TRUSTED, using one of the RJ-45 cables provided. You may also connect additional Ethernet
devices to the router’s Ethernet ports using additional RJ-45 cables (not provided).
2. Connect the other end of the Ethernet cable to the Ethernet port on the PC.
3. Connect your Ethernet Interface WAN device (broadband modem or similar) to the Ethernet port labeled
UNTRUSTED, using another RJ-45 cable.
4. Optionally connect the MGMT port to one of the following:
• Your PC serial port using another RJ-45 cable and the supplied adapter for router access via the
command line interface.
• An external using an RJ-11 cable to provide for dial backup.
5. Connect the power adapter to the rear of the router.
6. Plug the power adapter into the electrical wall outlet.
7. Flip the power switch on the router.
8. Power on all connected computers.
You can now configure the TCP/IP settings as detailed in the PC Configuration
section.
SIEMENS 6
SIEMENS se5880 Ethernet Security Router
User’s Guide
Chapter 2 Installation
PC Configuration
PC Configuration
Your PC must be configured to use the TCP/IP protocol suite over the Internet, and to accept Dynamic Host
Configuration Protocol address assignments from the router. Although this is the default settings for the PC, it
is a good idea to verify that they have not been changed.
Each supported PC Operating System varies slightly in how the configuration windows are presented. Select
the Operating System installed on the PC connected to the router from the list below and follow the associated
procedure.
• Windows 98/ME • Windows NT 4 • Windows 2000
• Windows XP • Mac OS 9.x • Mac OS X
• Linux OS
Windows 98/ME
1. Click Start >Control Panel > Network. This displays the
Configuration tab on the Network window.
2. Select TCP/IP protocol for your network card.
3. Click Properties. This displays the TCP/IP Properties
window.
4. Click the IP Address tab.
5. Ensure that the Obtain an IP address automatically option is selected. This is the default Windows
setting.
6. Click OK to close each dialog.
7. Restart the PC to ensure it obtains an IP address from the router.
8. Configure the router
SIEMENS 7
.
SIEMENS se5880 Ethernet Security Router
User’s Guide
Windows NT 4
1. On your desktop, right click on the Network Neighborhood
icon. This displays the Network window.
2. Click the Protocols tab.
3. Select TCP/IP Protocol from the Network Protocols list.
4. Click Properties. This displays the Microsoft TCP/IP
Properties window.
Chapter 2 Installation
PC Configuration
5. Click the IP Address tab.
6. On the IP Address tab, select Obtain an IP address from a DHCP server.
7. Click OK to close each dialog.
8. Restart the PC to ensure it obtains an IP address from the router.
9. Configure the router
.
SIEMENS 8
SIEMENS se5880 Ethernet Security Router
User’s Guide
Windows 2000
1. Select Start >Settings >Control Panel. This displays the Control Panel window.
2. Double-click the Network and Dial-up Connection icon. This
displays the Network and Dialup Connection window.
3. Right-click Local Area Connections and select Properties.
This displays the Local Area Connections Properties window.
4. Select Internet Protocol (TCP/IP) from the list of components.
5. Click Properties. This displays the Internet Protocol (TCP/IP)
Properties window.
Chapter 2 Installation
PC Configuration
6. Ensure that the Obtain an IP address automatically and Obtain DNS server address automatically
options are selected.
7. Click OK to close each dialog.
8. Restart the PC to ensure it obtains an IP address from the router.
9. Configure the router
SIEMENS 9
.
SIEMENS se5880 Ethernet Security Router
User’s Guide
Windows XP
1. Click Start >Control Panel. This displays the Control Panel window.
2. Double-click the Network Connections icon. This displays the Network Connection window.
Chapter 2 Installation
PC Configuration
3. Right-click Local Area Connection, then click Properties. This
displays the Local Area Connection Properties window.
4. Select Internet Protocol TCP/IP.
5. Click Properties. This displays the Internet Protocol (TCP/IP)
Properties window.
6. Ensure the Obtain an IP address automatically and Obtain DNS server address automatically options
are selected.
7. Restart the PC to ensure it obtains an IP address from the router.
8. Configure the router
SIEMENS 10
.
SIEMENS se5880 Ethernet Security Router
User’s Guide
Mac OS 9.x
1. Click Apple -> Control Panels -> TCP/IP. This displays the TCP/IP Control Panel window.
2. Select Ethernet from the Connect via drop-down menu.
3. Select Using DHCP Server from the Configure drop-down menu.
Chapter 2 Installation
PC Configuration
4. Complete the fields shown with any information supplied by your service provider.
5. Close window and save changes.
6. Configure the router
.
SIEMENS 11
SIEMENS se5880 Ethernet Security Router
User’s Guide
Chapter 2 Installation
PC Configuration
Mac OSX
1. Click Apple -> System Preferences. This displays the System Preferences window.
2. Double-click the Network icon under the Internet & Network section. This displays the Network window.
3. Select Ethernet from the Connect via drop-down menu.
4. Select Using DHCP Server from the Configure drop-down menu.
5. Enter any information supplied by your service provider.
6. Click Apply Now to save and exit the Network window.
7. Configure the router
SIEMENS 12
.
SIEMENS se5880 Ethernet Security Router
User’s Guide
Linux
1. From a terminal window, run linuxconfig. This displays the Config window.
Chapter 2 Installation
PC Configuration
2. Click the Adaptor tab.
3. Enter any information specified by your service provider in the fields under the appropriate Adapter tab.
4. When settings are completed, click Accept. This displays the Status of the system tab.
5. To update the system status, ensure that the Activate the changes button is highlighted, then click Act/
Changes.
6. Configure the router
SIEMENS 13
.
SIEMENS se5880 Ethernet Security Router
User’s Guide
Chapter 2 Installation
Configuring the Router
Configuring the Router
The Siemens Business Class Router family of products provides two user interfaces: a Web Management
Interface and a console-based Command Line Interface (CLI). The Web Management Interface uses an HTTP
server housed in the router. Using this server, you can connect to and manage the router using your Web
browser. The Web Management Interface is accessible through most HTML browsers, though Internet
Explorer 4.0 or Netscape 4.0 and higher are recommended. Refer to the Technical Reference Guide for details
on managing the router through the CLI.
Establish Connection
To establish a connection from your computer to the router through your Web browser:
1. Open your Internet Explorer or Netscape Navigator Web browser.
2. In the Address bar, enter the default router IP address: 192.168.254.254. This displays the Login Dialog
page.
3. Enter the administrative User name and Password. The default settings are User name: superuser and
Password: admin. This displays the Router Information page.
SIEMENS 14
SIEMENS se5880 Ethernet Security Router
User’s Guide
Router Information Page
The Router Information Page is the first page you encounter after logging into the router.
Chapter 2 Installation
Configuring the Router
The Router Information page displays basic router information and configuration settings. On the Router
Information page, the following information is presented:
• Router Information: Including the model number, software version number, and hardware description.
• Router Configuration: Displays router configuration details such as LAN IP address, trusted and untrusted
interface information, protocol, and other network settings.
In the left navigation pane of this page, there are configuration, diagnostic, and status and statistic options for
the router. In this document, these features are grouped according to User Access Control, Advanced Router
Functions, Security, and Monitoring Health and Status.
Use the table below to locate detailed instructions for the desired function.
To do this: Refer to:
Perform Easy Setup Chapter titled "Easy Setup"
Configure users on the router. Chapter titled "User Setup"
Configure advanced features. Chapter titled "Advanced Setup"
Configure security features. Chapter titled "Security Setup"
Monitor the health of the router. Chapter titled "Monitoring Router"
Manage router using Command Line Interface Technical Reference Manual
SIEMENS 15
Chapter 3 Easy Setup
This chapter describes how to define router configuration settings using the Easy Setup Wizard. These
settings control access to the Wide Area Network (WAN) and Local Area Network (LAN). During the Easy
Setup procedure, you will be prompted to specify configuration parameters that may require information from
your service provider.
Access Easy Setup Wizard
To access the Easy Setup Wizard, click Easy Setup in the left navigation pane of the Router Information
window. This wizard will walk you through the configuration screens necessary to setup the router. You can
exit the Easy Setup Wizard at anytime by clicking Cancel on the bottom of the configuration page. If the wizard
is cancelled, no changes will be made and you will need to begin again.
Untrusted Interface Configuration
When you click Easy Setup in the
left navigation pane of the Router
Information page, the Untrusted
Interface Configuration page is
displayed. This page is used to
enter information for the
Untrusted (WAN-side) Ethernet
Interface that will communicate
with the Internet access device
(for example, broadband modem
or similar). Note that PPPoE IP
Address and PPPoE IP Gateway
are displayed only when Dial
backup is enabled.
1. Select one of the following
connection methods.
• Using PPPoE:
Uses the Point-to-Point
Protocol (PPP) to establish
the connection. Refer to
Using PPPoE
instructions on providing
information on this page for this method.
for
• Not Using PPPoE
Establishes the connection based on IP addressing. This option routes all IP packets for remote hosts to
the WAN. Refer to Not Using PPPoE
method.
SIEMENS 16
for instructions on providing information on this page for this
SIEMENS se5880 Ethernet Security Router
User’s Guide
Untrusted Interface Configuration
Chapter 3 Easy Setup
Using PPPoE
If you selected Using PPPoE from the Untrusted Interface Configuration page, perform the following steps to
configure Point-to-Point Protocol over Ethernet:
1. Enter PPPoE User Name and Password to use for authentication when establishing a WAN connection
using PPoE protocol.
2. In Service Name, enter the domain name of your network service provider. Use * as a default (for all
services).
3. In PPPoE Timer, enter the number of seconds of inactivity that must elapse before the PPP connection
closes. This helps to limit connection charges from your service provider during times of inactivity. The
default entry of “permanent” will keep the PPP connection open constantly, with no timeout interval.
4. Optionally select NAT Enabled. THis enables Network Address Translation (NAT), which allows multiple
workstations on your LAN to share a single, public IP address. All outgoing traffic appears to originate from
the router’s IP address.
5. Click Next. This displays the Dynamic Host Configuration Protocol
page.
Not Using PPPoE
If you selected Not Using PPPoE from the Untrusted Interface Configuration page, perform the following steps
to specify how to obtain an IP address and subnet mask:
1. Select one of the following methods for obtaining an IP address:
• Obtain configuration automatically from Wan using DHCP to have an IP address assigned
automatically using DHCP.
• Configure IP Routing manually to assign IP addresses manually. If you select this option, you must
specify an IP Address, Subnet Mask, and Default Gateway in the appropriate fields.
2. Optionally select NAT Enabled. THis enables Network Address Translation (NAT), which allows multiple
workstations on your LAN to share a single, public IP address. All outgoing traffic appears to originate from
the router’s IP address.
3. Click Next. This displays the Dynamic Host Configuration Protocol
page.
SIEMENS 17
SIEMENS se5880 Ethernet Security Router
User’s Guide
Untrusted Interface Configuration
Chapter 3 Easy Setup
Dynamic Host Configuration Protocol
Dynamic Host Configuration Protocol (DHCP) provides a dynamic, “upon request,” IP address to computers
and other networked devices. The router can act as a DHCP server for devices on your local network.
The router provides the flexibility to use different ranges of IP addresses to be assigned by the DHCP server
housed in the router. DHCP configuration is done from the DHCP Configuration page.
To configure DHCP:
1. Optionally select DHCP server enabled on the LAN. If selected, the DHCP server dynamically assigns IP
addresses to all LAN-side devices.
2. Select one of the following to configure the Domain Name Service:
• Obtain DNS information automatically:
The DNS server address will be learned when DHCP client requests are placed over the WAN link.
• Configure DNS manually:
Define DNS server address manually from information you get from your service provider. If you select
this option, provide the following information.
– Domain Name
The router’s DNS domain name as assigned by your service provider.
– Primary DNS Server
IP address where DNS requests will be sent.
– Secondary DNS Server
Optional. IP address where DNS requests will be sent if the primary DNS server is unavailable.
– Primary WINS Server
IP address of the Windows Internet Naming Service where WINS requests will be sent. This maps
NetBIOS names to IP addresses similar to DNS.
– Secondary WINS Server
Optional. IP address where WINS requests will be sent if the primary WINS server is unavailable.
3. Click Next. This displays the Trusted Interface Configuration
page.
SIEMENS 18
SIEMENS se5880 Ethernet Security Router
User’s Guide
Untrusted Interface Configuration
Chapter 3 Easy Setup
Trusted Interface Configuration
Trusted Interface information is configured on the Trusted Interface Configuration page.
To configure the Trusted Interface:
1. In IP Address, enter the network address of the router. This address must be globally unique unless NAT
has been enabled.
2. In Subnet Mask, enter the subnet mask to use along with the IP address to determine if specific LAN IP
traffic should be forwarded to the WAN.
3. Click Save and Reboot. The router will reboot with the new configuration settings.
On completion of the reboot process, you will be required to login again.
SIEMENS 19
Chapter 4 User Setup
This chapter describes how to set up users on the router and control their access to router functions and to the
Internet. The features that control users and their access are listed below. To access one of these options,
click the link on the left navigation pane of the Router Information page.
User Management
Change Password
Access Control
Manage user accounts.
Change user password.
Configure remote access to the router configuration settings.
User Management
When you select User Management from the left navigation pane of the Router Information page, the User
Management page is displayed.
Use this page to add, delete, edit, and view user accounts. You can also use this page to configure secure
mode, configure the Radius Server, and configure the Tacplus Server. Click Home at anytime to return to the
Router Information page. To access one of these options, click its link on the User Management page.
Use the table below to locate detailed instructions for the desired function.
To do this: Refer to:
Add or modify a user account Add or Modify A User Account
Delete a user account Delete a User Account
Specify database for identifying users when
logging into the router.
Configure Secure Mode Secure Mode Configuration
Configure the Radius Server Configure the Radius Server
Configure the Tacplus Server Configure the Tacplus Server
SIEMENS 20
User Lookup
Loading...