ADSL Barricade™
2-Port ADSL Router with Built-in
Annex A ADSL Modem
User Guide
February 2004
T
ABLE OF
C
ONTENTS
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Using this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Notational conventions . . . . . . . . . . . . . . . . . . . . . . . . . . .2
Typographical conventions . . . . . . . . . . . . . . . . . . . . . . . .3
Special messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Getting to Know the ADSL Barricade . . . . . . . . . . 5
Package Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Hardware Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Rear Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Quick Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Connecting the Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Step 1. Connect the ADSL cable . . . . . . . . . . . . . . . . . . .8
Step 2. Connect the Ethernet cable . . . . . . . . . . . . . . . . .9
Step 3. Attach the power connector . . . . . . . . . . . . . . . . .9
Step 4. Power up your systems . . . . . . . . . . . . . . . . . . . .9
Configuring Your Computers . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Windows® XP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10
Windows 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Windows Me . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
Windows 95, 98 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Windows NT 4.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Assigning static Internet Information to your PCs . . . . . .16
Configuring the ADSL Barricade . . . . . . . . . . . . . . . . . . . . . . .17
Logging into the ADSL Barricade -
Quick Configuration Page . . . . . . . . . . . . . . . . . . . . . . . .17
Default Router Settings . . . . . . . . . . . . . . . . . . . . . . . . . .20
i
Table of Contents
Getting Started with the Configuration Manager 23
Accessing the Configuration Manager . . . . . . . . . . . . . . . . . . . 23
Functional Layout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Commonly used buttons . . . . . . . . . . . . . . . . . . . . . . . . 25
The Home Page and System View Table . . . . . . . . . . . . . . . . 26
Modifying Basic System Information . . . . . . . . . . . . . . . . . . . . 29
Committing Changes and Rebooting . . . . . . . . . . . . . . . . . . . . 31
Committing your changes . . . . . . . . . . . . . . . . . . . . . . . 31
Rebooting the device using Configuration Manager . . . 32
Configuring the LAN Ports . . . . . . . . . . . . . . . . . .33
Connecting via Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Configuring the LAN Port IP Address . . . . . . . . . . . . . . . . . . . 33
Viewing System IP Addresses
and IP Performance Statistics . . . . . . . . . . . . . . .39
Viewing the ADSL Barricade's IP Addresses . . . . . . . . . . . . . . 39
Viewing IP Performance Statistics . . . . . . . . . . . . . . . . . . . . . . 41
Configuring Dynamic
Host Configuration Protocol . . . . . . . . . . . . . . . .43
Overview of DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
What is DHCP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Why use DHCP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
ADSL Barricade DHCP modes . . . . . . . . . . . . . . . . . . . 44
Configuring DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Guidelines for creating DHCP server address pools . . . 45
Adding DHCP Server Address Pools . . . . . . . . . . . . . . . 47
Viewing, modifying, and deleting address pools . . . . . . 50
Excluding IP addresses from a pool . . . . . . . . . . . . . . . . 51
Viewing current DHCP address assignments . . . . . . . . 51
Configuring DHCP Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Setting the DHCP Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
ii
Table of Contents
Configuring Network Address Translation . . . . . 55
Overview of NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Viewing NAT Global Settings
and Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Viewing NAT Rules and Rule Statistics . . . . . . . . . . . . . . . . . .60
Viewing Current NAT Translations . . . . . . . . . . . . . . . . . . . . . . 61
Adding NAT Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
The NAPT rule: Translating between private
and public IP addresses . . . . . . . . . . . . . . . . . . . . . . . . .64
The RDR rule: Allowing external access
to a LAN computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
The Basic rule: Performing 1:1 translations . . . . . . . . . .71
The Filter rule: Configuring a BASIC rule
with additional criteria . . . . . . . . . . . . . . . . . . . . . . . . . . .73
The Bimap rule: Performing two-way translations . . . . .75
The Pass rule: Allowing specific addresses to pass through
untranslated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
Configuring DNS Server Addresses . . . . . . . . . . 79
About DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Assigning DNS Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Configuring DNS Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Configuring IP Routes . . . . . . . . . . . . . . . . . . . . . 83
Overview of IP Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
IP routing versus telephone switching . . . . . . . . . . . . . .83
Hops and gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Using IP routes to define default gateways . . . . . . . . . .85
Do I need to define IP routes? . . . . . . . . . . . . . . . . . . . .85
Viewing the IP Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Adding IP Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Configuring the Routing Information Protocol . 91
RIP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
When should you configure RIP? . . . . . . . . . . . . . . . . . .92
Configuring the ADSL Barricade's Interfaces with RIP . . . . . . .92
Viewing RIP Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96
iii
Table of Contents
Configuring the ATM Virtual Circuit . . . . . . . . . .97
Viewing Your ATM VC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Adding ATM VCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Modifying ATM VCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Configuring PPP Interfaces . . . . . . . . . . . . . . . .103
Viewing Your Current PPP Configuration . . . . . . . . . . . . . . . 104
Viewing PPP Interface Details . . . . . . . . . . . . . . . . . . . . . . . . 107
Adding a PPP Interface Definition . . . . . . . . . . . . . . . . . . . . . 109
Modifying and Deleting PPP Interfaces . . . . . . . . . . . . . . . . . 111
Configuring EOA Interfaces . . . . . . . . . . . . . . . .113
Overview of EOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Viewing Your EOA Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
Adding EOA Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Configuring IPoA Interfaces . . . . . . . . . . . . . . . .119
Viewing Your IPoA Interface Setup . . . . . . . . . . . . . . . . . . . . 119
Adding IPoA Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Configuring Bridging . . . . . . . . . . . . . . . . . . . . .123
Overview of Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
When to Use the Bridging Feature . . . . . . . . . . . . . . . . . . . . 125
Defining Bridge Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Deleting a Bridge Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Configuring Firewall Settings . . . . . . . . . . . . . . .129
Configuring Global Firewall Settings . . . . . . . . . . . . . . . . . . . 129
Managing the Black List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Configuring IP Filters and Blocked Protocols .133
Configuring IP Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Viewing Your IP Filter Configuration . . . . . . . . . . . . . . 134
Configuring IP Filter Global Settings . . . . . . . . . . . . . . 135
Creating IP Filter Rules . . . . . . . . . . . . . . . . . . . . . . . . 137
IP filter rule examples . . . . . . . . . . . . . . . . . . . . . . . . . . 143
iv
Table of Contents
Viewing IP Filter Statistics . . . . . . . . . . . . . . . . . . . . . .145
Managing Current IP Filter Sessions . . . . . . . . . . . . . .146
Blocked Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148
Viewing DSL Line Information . . . . . . . . . . . . . . 151
Administrative Tasks . . . . . . . . . . . . . . . . . . . . . 155
Configuring User Names and Passwords . . . . . . . . . . . . . . . .155
Creating and Deleting Logins . . . . . . . . . . . . . . . . . . . .156
Changing Login Passwords . . . . . . . . . . . . . . . . . . . . .158
Viewing System Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Viewing the Alarm Table . . . . . . . . . . . . . . . . . . . . . . . .159
Upgrading the Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160
Using Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Modifying Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164
Overview of IP port numbers . . . . . . . . . . . . . . . . . . . .164
Modifying the ADSL Barricade’s port numbers . . . . . . .165
Appendix A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
IP Addresses, Network Masks and Subnets . . . . . . . . . . . . .167
IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
Structure of an IP address . . . . . . . . . . . . . . . . . . . . . .167
Network classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169
Subnet masks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
Appendix B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Binary Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Bits and bytes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . 175
Technical Specifications . . . . . . . . . . . . . . . . . . 181
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Compliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i
Legal Information and Contacts . . . . . . . . . . . . . vii
v
I
NTRODUCTION
Congratulations on becoming the owner of the ADSL Barricade,
a 2-port ADSL Router with built-in Annex A ADSL Modem. Your
LAN (Local Area Network) will now be able to access the Internet
using your high-speed ADSL connection. This User Guide will show
you how to set up the ADSL Barricade, and how to customize its
configuration to get the most out of your
new product.
Features
•
External ADSL modem for high-speed Internet access.
•
10/100Base-T Ethernet router to provide Internet connectivity
to all computers on your LAN.
•
Optional USB port for connecting a USB-enabled PC.
•
Network address translation (NAT), Firewall, and IP filtering
functions to provide security for your LAN.
•
Network configuration through DHCP Server and DHCP Relay.
•
Services including IP route and DNS configuration, RIP,
and IP and DSL performance monitoring.
•
Configuration program you access via an HTML browser.
1
Introduction
System Requirements
In order to use the ADSL Barricade, you must have the following:
•
ADSL service up and running on your telephone line,
with at least one public Internet address for your LAN.
•
One or more computers each containing an Ethernet
10/100 Base-T network interface card (NIC) and/or a single
computer with a USB port.
•
An Ethernet hub/switch, if you are connecting the device
to more than one computer on an Ethernet network.
•
For system configuration using the supplied web-based
program: a web browser such as Internet Explorer V5.0
or later, or Netscape V6.1 or later.
Using this Document
Notational conventions
•
Acronyms are defined the first time they appear in the text
and in the Terminology.
•
For brevity, the ADSL Barricade is referred to as the device.
•
The terms LAN and network are used interchangeably to refer
to a group of Ethernet-connected computers at one site.
2
Using this Document
Typographical conventions
•
Italics are used to identify terms that are defined
in the Terminology.
•
Square brackets are used for items you select
from menus and drop-down lists.
Special messages
This document uses the following statement to call your attention
to specific instructions or explanations.
Note:
Provides clarifying or non-essential information on the
current topic.
Definition:
to many readers. These terms are also included in the
Terminology.
Warning:
messages relating to personal safety or system integrity.
Explains terms or acronyms that may be unfamiliar
Provides messages of high importance, including
3
G
ETTING TO
K
NOW
THE
ADSL B
ARRICADE
Package Contents
•
One ADSL Barricade.
•
One Power adapter.
•
One RJ-45 Ethernet cable (straight-through type).
•
One RJ-11 Standard phone/DSL line cable.
•
One USB Cable (Optional).
•
Installation utility and Documentation CD.
•
Quick Installation Guide.
Hardware Description
Front Panel
The front panel contains lights called LEDs that indicate
the status of the unit.
LED COLOR FUNCTION
PW
(Power)
LK
(Link)
Green On: Unit is powered on.
Off: Unit is powered off.
Green Flashing when ADSL data activity occurs.
May be steady when data traffic is heavy.
Table 1. Front Panel and LEDs
5
Getting to Know the ADSL Barricade
Rear Panel
The rear panel contains the ports for the unit's data and power
connections.
LABEL FUNCTION
DSL Connects the device to a telephone jack for DSL communication.
Ethernet Connects the device to your PC's Ethernet port, or to the uplink port
USB (optional) For connection to the USB port on your PC.
Reset Resets the device to the factory default configuration.
Power For connection to the supplied power adapter.
on your LAN's hub, using the cable provided.
Yellow LED:
Green LED:
On: 10M LAN link established and active.
Off: No 10M LAN link.
100M LAN link established and active.
On:
Off:
No 100M LAN link.
Table 2. Rear Panel Connections
6
Q
UICK
This Quick Start provides basic instructions for connecting
the ADSL Barricade to a computer or LAN and to the Internet.
•
Connecting the Hardware describes how to set up the
hardware.
•
Configuring Your Computers describes how to configure
Internet properties on your computer(s).
•
Configuring the ADSL Barricade shows you how to configure
basic settings on the ADSL Barricade to get your LAN
connected to the Internet.
After having set up and configured the device, please follow the
instructions on page 21 to check whether it is working properly.
This Quick Start assumes that you have already established
an ADSL service with your Internet service provider (ISP).
These instructions provide a basic configuration that should
be compatible with your home or small office network setup.
Refer to the subsequent chapters for additional configuration
instructions.
S
TART
Connecting the Hardware
You connect the device to the wall phone jack, the power outlet,
and your computer or network.
Warning:
Before you begin, turn the power off for all devices.
These include your computer(s), your LAN hub/
switch (if applicable), and the ADSL Barricade.
7
Quick Start
Stand-alone computer
(See section on installing USB
driver before connecting cable)
ADSL Barricade
Wall Jack
To a hub: use crossover cable to uplink
port or straight cable
to standard port
Hub/switch (for local
area network)
or
Networked Computers
AC adapter
To a PC: use a
cross-over cable
Stand-alone computer
Figure 1. Overview of Hardware Connections
Step 1. Connect the ADSL cable
Connect one end of the provided phone cable (RJ-11) to the port
labeled DSL on the Rear Panel of the device. Connect the other
end to your wall phone jack.
You can attach a telephone line to the device. This is helpful
when the ADSL line uses the only convenient wall phone jack.
If desired, connect the telephone cable to the port labeled Phone.
Warning:
Although you use the same type of cable, the ADSL
and Phone ports are not interchangeable. Do not
route the ADSL connection through the Phone port.
Note:
ADSL splitters/microfilters are included with some
models.
8
Configuring Your Computers
Step 2. Connect the Ethernet cable
If you are connecting a LAN to the ADSL Barricade, attach one
end of a provided Ethernet cable to a regular hub port and the
other to the Ethernet port on the ADSL Barricade. If you are
using the ADSL Barricade with a single computer and no hub,
you must use an Ethernet cable to attach the PC directly to the
device. The cable is wired differently than the cable you would
use to connect to a hub.
Step 3. Attach the power connector
Connect the AC power adapter to the Power connector on
the back of the device and plug in the adapter to a wall outlet
or power strip.
Step 4. Power up your systems
Turn on and boot up your computer(s) and any LAN device
such as hubs or switches.
Configuring Your Computers
This section provides instructions for configuring
settings on your computers to work with the ADSL Barricade
Before you begin
By default, the ADSL Barricade automatically assigns all required
Internet settings to your PCs. You need only to configure the PCs
to accept the information when it is assigned.
the Internet
.
9
Quick Start
Note:
If you have connected your PC of LAN via Ethernet to the
Barricade
system installed on your PC.
In some cases, you may want to assign Internet
information manually to some or all of your computers
rather than allow the ADSL Barricade to do so. See
Assigning static Internet Information to your PCs on
page 16 for instructions.
, follow the instructions that correspond to the operating
Windows® XP
1.
In the Windows task bar, click the [Start] button, and then
click [Control Panel].
2.
Double-click the [Network Connections] icon.
3.
In the [LAN or High-Speed Internet] window, right-click on
the icon corresponding to your network interface card (NIC)
and select [Properties]. (Often, this icon is labeled [Local
Area Connection].) The [Local Area Connection] dialog box
displays a list of currently installed network items.
4.
Ensure that the check box to the left of the item labeled
[Internet Protocol (TCP/IP)] is checked, and click [Properties].
ADSL
10
5.
In the [Internet Protocol (TCP/IP) Properties] dialog box, click
the radio button labeled [Obtain an IP address automatically].
Also click the radio button labeled [Obtain DNS server
address automatically].
6.
Click [OK] twice to confirm your changes, and close the
Control Panel.
Configuring Your Computers
Windows 2000
First, check for the IP protocol and, if necessary, install it.
1.
In the Windows task bar, click the [Start] button, point to
[Settings], and then click [Control Panel].
2.
Double-click the [Network and Dial-up Connections] icon.
3.
In the [Network and Dial-up Connections] window, right-click
the [Local Area Connection] icon, and then select [Properties].
The [Local Area Connection Properties] dialog box displays
a list of currently installed network components. If the list
includes [Internet Protocol (TCP/IP)], then the protocol has
already been enabled. Skip to Step 10.
4.
If [Internet Protocol (TCP/IP)] does not appear as an installed
component, click [Install...].
5.
In the [Select Network Component Type] dialog box, select
[Protocol], and then click [Add…].
6.
Select [Internet Protocol (TCP/IP)] in the [Network Protocols]
list, and then click [OK]. You may be prompted to install files
from your Windows 2000 installation CD or other media.
Follow the instructions to install the files.
7.
If prompted, click [OK] to restart your computer with the new
settings. Next, configure the PCs to accept IP information
assigned by the ADSL Barricade.
8.
In the [Control Panel], double-click the [Network and Dial-up
Connections] icon.
9.
In the [Network and Dial-up Connections] window, right-click
the [Local Area Connection] icon, and then select
[Properties].
11
Quick Start
10.
In the [Local Area Connection Properties] dialog box, select
[Internet Protocol (TCP/IP)], and then click [Properties].
11.
In the [Internet Protocol (TCP/IP) Properties] dialog box, click
the radio button labeled [Obtain an IP address automatically].
Also click the radio button labeled [Obtain DNS server
address automatically].
12.
Click [OK] twice to confirm and save your changes, and then
close the Control Panel.
Windows Me
1.
In the Windows task bar, click the [Start] button, point to
[Settings], and then click [Control Panel].
2.
Double-click the [Network and Dial-up Connections] icon.
3.
In the [Network and Dial-up Connections] window,
right-click the [Network] icon, and then select [Properties].
The [Network Properties] dialog box displays a list of currently
installed network components. If the list includes Internet
Protocol (TCP/IP), then the protocol has already been
enabled. Skip to Step 11.
12
4.
If [Internet Protocol (TCP/IP)] does not appear as an installed
component, click [Add…].
5.
In the [Select Network Component Type] dialog box, select
[Protocol], and then click [Add…].
6.
Select [Microsoft] in the [Manufacturers] box.
7.
Select [Internet Protocol (TCP/IP)] in the [Network Protocols]
list, and then click [OK]. You may be prompted to install files
from your Windows Me installation CD or other media. Follow
the instructions to install the files.
Configuring Your Computers
8.
If prompted, click [OK] to restart your computer with the new
settings. Next, configure the PCs to accept IP information
assigned by the ADSL Barricade.
9.
In the Control Panel, double-click the [Network and Dial-up
Connections] icon.
10.
In the [Network and Dial-up Connections] window, right-click
the [Network] icon, and then select [Properties].
11.
In the [Network Properties] dialog box, select [TCP/IP],
and then click [Properties].
12.
In the [TCP/IP Settings] dialog box, click the radio button
labeled [Server assigned IP address]. Also click the radio
button labeled [Server assigned name server address].
13.
Click [OK] twice to confirm and save your changes,
and then close the Control Panel.
Windows 95, 98
First, check for the IP protocol and, if necessary, install it.
1.
In the Windows task bar, click the [Start] button, point
to [Settings], and then click [Control Panel].
2.
Double-click the [Network] icon.
displays a list of currently installed
If the list includes [TCP/IP], then the protocol has already
been enabled. Skip to Step 9.
3.
If [TCP/IP] does not appear as an installed component,
click [Add…]. The [Select Network Component Type]
dialog box appears.
The [Network] dialog box
network components.
13
Quick Start
4.
Select [Protocol], and then click [Add...]. The [Select Network
Protocol] dialog box appears.
5.
Click on [Microsoft] in the [Manufacturers] list box, and then
click [TCP/IP] in the [Network Protocols] list box.
6.
Click [OK] to return to the [Network] dialog box, and then
click [OK] again. You may be prompted to install files from
your Windows 95/98 installation CD. Follow the instructions
to install the files.
7.
Click [OK] to restart the PC and complete the TCP/IP
installation. Next, configure the PCs to accept IP information
assigned by the ADSL Barricade.
8.
Open the [Control Panel] window, and then click the [Network]
icon.
9.
Select the network component labeled [TCP/IP], and then
click [Properties]. If you have multiple TCP/IP listings, select
the listing associated with your network card or adapter.
14
10.
In the [TCP/IP Properties] dialog box, click the [IP Address]
tab.
11.
Click the radio button labeled [Obtain an IP address
automatically].
12.
Click the [DNS Configuration] tab, and then click the radio
button labeled [Obtain an IP address automatically].
13.
Click [OK] twice to confirm and save your changes.
You will be prompted to restart Windows.
14.
Click [Yes].
Configuring Your Computers
Windows NT 4.0
First, check for the IP protocol and, if necessary, install it.
1.
In the Windows NT task bar, click the [Start] button, point to
[Settings], then click [Control Panel].
2.
In the [Control Panel] window, double-click the [Network] icon.
3.
In the [Network] dialog box, click the [Protocols] tab. The
[Protocols] tab displays a list of currently installed network
protocols. If the list includes [TCP/IP], then the protocol
has already been enabled. Skip to Step 9.
4.
If [TCP/IP] does not display as an installed component,
click [Add...].
5.
In the [Select Network Protocol] dialog box, select [TCP/IP],
and then click [OK].
your Windows NT 4.0
the instructions to install
a window appears to inform you that a TCP/IP service called
DHCP can be set up to dynamically assign IP information.
You may be prompted to install files from
installation CD or other media. Follow
the files. After all files are installed,
6.
Click [Yes] to continue, and then click [OK] if prompted to
restart your computer. Next, configure the PCs to accept
IP information assigned by the ADSL Barricade.
7.
Open the [Control Panel] window, and then double-click the
[Network] icon.
8.
In the [Network] dialog box, click the [Protocols] tab.
9.
In the [Protocols] tab, select [TCP/IP], then click [Properties].
10.
In the [Microsoft TCP/IP Properties] dialog box, click the radio
button labeled [Obtain an IP address from a DHCP server].
11.
Click [OK] twice to confirm and save your changes, and then
close the [Control Panel].
15
Quick Start
Assigning static Internet Information to your PCs
In some cases, you may want to assign Internet information to
some or all of your PCs directly (often called statically), rather
than allowing the ADSL Barricade to assign it. This option may
be desirable (but not required) if:
•
You have obtained one or more public IP addresses that
you want to associate with specific computers (for example,
if you are using a computer as a public web server).
•
You maintain different subnets on your LAN (subnets are
described in IP Addresses, Network Masks, and Subnets).
Before you begin, be sure to have the following information
on hand (or contact your ISP if you do not know it):
•
The IP address and subnet mask you will assign to each
PC which will be assigned static IP information.
•
The IP address of the default gateway for your LAN.
In most
on the ADSL Barricade
this IP address: [
or another number
Configuring the LAN Ports on page 33 for more information.
cases, this is the address assigned to the LAN port
. By default, the LAN port is assigned
192.168.1.1.] (You can change this number,
can be assigned by your ISP.) See
•
The IP address of your ISP's Domain Name System
(DNS) server.
On each PC you will assign static information, follow the
instructions on pages 9 through 15 specific to the IP protocol.
Once it is installed, continue to follow the instructions for displaying
each of the Internet Protocol
enabling dynamic assignment of the IP addresses for the computer,
the DNS server, and the default gateway, click the radio buttons
that enable you to enter the information manually.
(TCP/IP) properties. Instead of
16
Configuring the ADSL Barricade
Note:
Your PCs must have IP addresses that place them
in the same subnet as the ADSL Barricade's LAN port.
If you manually assign IP information to all your LAN
PCs, you can follow the instructions in Configuring the
LAN Ports to change the LAN port IP address
accordingly.
Configuring the ADSL Barricade
This section provides you instructions on how to log into the
program of the ADSL Barricade and how to configure basic
settings for your Internet connection. Your ISP should provide
you with the necessary information to complete this step.
Logging into the ADSL Barricade Quick Configuration Page
The ADSL Barricade provides a preinstalled software program
called Configuration Manager which enables you to configure
the operation of the device via your Web browser. The settings
that you most likely need to change before using the device
are grouped onto one single [Quick Configuration] page.
Follow these instructions to configure the device settings.
1.
At any PC connected to the ADSL Barricade via Ethernet or
USB, open
in the address/location box: 192.168.1.1/setup. Username/
Password: smc/smcadmin.
2.
When you press [Enter], the page shown in Figure 2 should
appear (see section Troubleshooting on page 175, if you
receive an error message or if the page does not appear).
your Web browser, and type the following URL
17
Quick Start
Figure 2. Quick Configuration Page in Configuration Manager
The fields are described in the following table. Work with your ISP
to determine which settings you need to change.
Field Description
General Settings
ATM Interface: This setting allows you to select the ATM interface you want to
Operation Mode: This setting enables or disables the ADSL Barricade.
Encapsulation: This setting determines the type of data link your ISP uses
use (usually [atm-0]). Your system may be configured with more
than one ATM interface if you are using different types of services
with your ISP.
When set to [Disabled], the device cannot be used to provide
Internet
connectivity for your network. Set it to [Enabled ], if
necessary.
to communicate with your ADSL Barricade. Contact them to
determine the appropriate setting.
18
Configuring the ADSL Barricade
VPI:
VCI:
Bridge: You may select [Enabled] or [Disabled] to set the bridging
IGMP: You may select [Enabled] or [Disabled] to set the Internet Group
IP Address:
Subnet Mask:
Use DHCP: To [Enable] or [Disable] DHCP server function.
Default Route: When [Enabled] is selected, the IP address specified above will
Gateway
IP Address:
These values are provided by your ISP and determine the unique
path that your connection uses to communicate with your ISP.
between the ADSL Barricade and your ISP. Your ISP may also
refer to this as RFC 1483 or Ethernet over ATM.
Management Protocol, which some ISPs use to perform remote
configuration of your device.
If your ISP has assigned a public IP address to your LAN, enter
the address and the associated subnet mask in the provided
boxes. (Note: In some configurations, the public IP address
should be entered on your PC rather than on the ADSL
Barricade; please check with your ISP.)
be used as the default route for your LAN. Whenever one of your
LAN computers attempts to access the Internet, the data will be
sent via the WAN interface.
Specify the IP address that identifies the ISP server through
which your Internet connection will be routed.
DNS
Primary
DNS Server:
Secondary
DNS Server:
Enter the Primary and Secondary DNS server addresses
provided by your ISP.
PPP
Username:
Password:
Use DNS:
Enter the Username and the Password you use to log in to your
ISP.
(Note: This is not the same as the user name and password
you have used to log in to Configuration Manager.)
Enter the Username and the Password you use to log in to your
ISP.
(Note: This is not the same as the user name and password
you have used to log in to Configuration Manager.)
3.
When you have finished customizing these settings, click
[Submit]. The settings are now effective. However, if you
reboot or if the
lost. In Step 4, you
power is disconnected, your settings will be
save the changes to the permanent
memory.
19
Quick Start
4.
Click the [Admin] tab that appears in the upper right corner of
the page,
5.
Click [Commit]. A page will appear briefly to confirm your
changes, and then you will be returned to the [Commit &
Reboot] page.
You can click [Delete] to remove all existing [Quick Configuration]
settings and return to the default values.
You have now finished customizing the basic settings. Read the
following
change additional settings.
and then click [Commit & Reboot] in the task bar.
section in order to determine whether you need to
Default Router Settings
In addition to handling the DSL connection to your ISP, the ADSL
Barricade can provide a variety of services to your network. The
device is preconfigured with default settings for use with a typical
home or small office network.
The table of Figure 5 lists some of the most important default
settings; these
subsequent sections. If you are familiar with network configuration,
review the settings
needs of your network. Follow
necessary. If you are unfamiliar with these settings, try to use the
device without modification, or contact your ISP for assistance.
and other features are fully described in the
in Figure 5 and check whether they meet the
the instructions and change them if
Before modifying any settings, review the Getting Started section
with the Configuration Manager. We strongly recommend that
you contact your ISP prior to changing the default configuration.
20
Configuring the ADSL Barricade
Option Default Setting Explanation/Instructions
DHCP DHCP server enabled
NAT
(Network Address
Translation)
USB Port
IP Address
(optional)
LAN Port IP Address Assigned static
with the following pool
of addresses: 192.168.1.3
through 192.168.1.34
NAT rule enabled Your computers’ private IP
Assigned static
IP address:
192.168.1.2
Subnet mask:
255.255.255.0
IP address:
192.168.1.1
Subnet mask:
255.255.255.0
The ADSL Barricade maintains
a pool of private IP addresses for
dynamic assignment to your LAN
computers. To use this service,
you must have set up your
computers to accept IP
information dynamically, as
described in the Quick Start.
See Configuring Dynamic Host
Configuration Protocol on page
43 for an explanation of the
DHCP service.
addresses (see DHCP above)
will be translated to your public
IP address whenever they
access the Internet. See
Configuring the LAN Ports on
page 33 for a description of the
NAT service.
This is the IP address assigned
to the USB port on the device
(if used). Typically, you will not
need to change this address.
See USB Functionality for
instructions.
This is the IP address of the
LAN port on the device. The
LAN port connects the device
to your Ethernet network.
Typically, you will not need
to change this address. See
Configuring the LAN Ports on
page 33 for instructions.
Table 3. Default Settings Summary
21
G
ETTING
S
TARTED WITH THE
C
ONFIGURATION
The ADSL Barricade includes a preinstalled program called
Configuration Manager, which provides an interface to the software
installed on the device. It enables you to configure the device
settings to meet the needs of your network. You access it through
your web browser from any PC connected to the ADSL Barricade
via the LAN ports. This section describes how to use the
Configuration Manager.
M
ANAGER
Accessing the Configuration Manager
The Configuration Manager program is preinstalled in the
Barricade memory. To access the program, you need the
following:
•
A PC or laptop connected to the LAN port on the device
as described in the Quick Start section.
•
A web browser installed on the PC. The program is designed
to work best with Microsoft Internet Explorer
Netscape Navigator
®
version 6.1, or later versions.
®
version 5.0,
ADSL
You can access the program from any computer connected
to the ADSL Barricade via the LAN or USB ports.
1.
From a LAN computer, open your web browser, type the
following URL in the web address (or location) box, and
press [Enter: http://192.168.1.1]. Or, from the USB computer,
type http://192.168.1.2.
These are the predefined IP addresses for the LAN and
USB ports on the
as shown in Figure 3.
ADSL Barricade. A login screen appears,
23
Getting Started with the Configuration Manager
Figure 3. Login Screen
2.
Enter your [User Name] and [Password], and then click [OK].
The first time you log into the program, use these default
values:
Default User Name : smc
Default Password : smcadmin
Note:
The [System View] page on the [Home] tab appears each time
you log into the program (shown in Figure 4).
You can change the password at any time
(See Configuring User Names and Passwords
on page 155 for instructions).
24
Functional Layout
Functional Layout
Configuration Manager tasks are grouped into categories,
can be accessed by clicking the tabs at the top of each
Each tab displays the available tasks in a horizontal menu at the
top of the page. You can click on these menu items and display
the specific configuration options.
A separate page appears for each task in the task bar.
The left-most task appears by default when you click on a new
tab. The same task may appear in more than one tab, when
appropriate. For example, the [Lan Config] task appears in both
the [LAN] tab and the [Routing] tab.
Commonly used buttons
The following buttons are used throughout the application.
which
page.
Button Function
Submit This button stores in the temporary system memory any changes
Refresh This button displays the current page with updated statistics or
Clear On pages that display accumulated statistics, this button resets
Help This button launches the online help for the current topic in
you have made on the current page. See Committing your changes
on page 31 for instructions on how to store changes permanently.
settings.
the statistics to their initial values.
a separate browser window. Help is available from any main
topic page.
25
Getting Started with the Configuration Manager
The Home Page and System View Table
The [Home] page appears when you first access the program.
This
page is one of the two options available in the [Home] tab ;
(the other is the [Quick Configuration] page, as described in
Quick Start, Logging into the ADSL Barricade).
Figure 4. System View Table
The [System View] table provides a snapshot of your system
configuration. Note that some of the settings are links to the
software pages that enable you to configure those settings.
The following table describes each section of the [System View]
table.
26
The Home Page and System View Table
Table
Description
Heading
Device This table displays basic information about the ADSL Barricade
DSL This table displays the operational status, version, and
WAN
Interfaces
LAN
Interface
hardware and
reboot), and the
performance statistics for the DSL line. You can check DSL in the
table or display the [WAN] tab to view additional DSL settings,
which are described in Configuring EOA Interfaces.
This table displays the software name(s) and various settings for
the device interface(s) that communicates with your ISP via DSL.
Even if you only have one physical DSL port, multiple
software-defined interfaces can be configured to use it. See the
ATM VC, PPP, EOA, and IPoA chapters for more information about
the WAN interfaces defined on your system. For each interface, a
[Lower Interface] name, such as [aal5-0], should appear. You can
click on the [Lower Interface] name to view or change the ATM VC
settings that this interface uses.
This table displays the software names and various settings for
the device interfaces that communicate directly with your network.
These typically include an [Ethernet Interface] named [eth-0], and
may include a [USB Interface] named [usb-0]. For information on
how to modify properties of these interfaces, see Configuring the
LAN Ports on page 33 and USB Functionality.
software versions, the system uptime (since the last
preconfigured operating mode.
27
Getting Started with the Configuration Manager
Services
Summary
This table displays the status of various services that the ADSL
Barricade performs to help you manage your network. A green
check mark
that it is inactive.
[NAT] : to translate private IP addresses to your public IP address
(Configuring Network Address Translation).
[IP Filter] : to set up the filtering rules that accept or deny incoming
or outgoing data (Configuring IP Filters and Blocking Protocols).
[RIP] : to enable router-to-router communication (Configuring the
Routing Information Protocol).
[DHCP Relay] : to enable dynamic assignment of IP information
from your ISP to your computers (Configuring Dynamic Host
Configuration Protocol).
[DHCP Client] : to enable dynamic assignment of IP information
from your ISP or another computer on your network to the device’s
LAN port (Configuring the LAN Ports).
[DHCP Server]: to enable dynamic assignment of IP information
from the device’s built-in DHCP server to your LAN computers
(Configuring Dynamic Host Configuration).
[IGMP] : to enable message forwarding from external sources such
as your ISP, based on Internet Group Management Protocol
(not configurable).
indicates that the service is active and a red X indicates
28
Modifying Basic System Information
Modifying Basic System Information
You can modify the basic system information, which includes
the system date and time, the names assigned to the ADSL
Barricade and the network domain in which it exists.
Note:
Follow these instructions to change the basic system information.
1.
Changing the ADSL Barricade date and time
does not affect the date and time on your PCs.
At the bottom of the [Home] page, click [Modify].
The [System – Modify] page appears in a separate browser
window.
Figure 5. System - Modify Page
29
Getting Started with the Configuration Manager
2.
Modify the fields on this page as required. The following table
describes each field:
Option Description
Date:
Time:
Time Zone:
DST:
(Daylight
Savings
Time)
Name:
Domain
Name:
These fields initially appear dimmed. To modify the date and time,
click the respective check boxes and select the appropriate values
from the drop-down lists. The time appears in military format.
You can select your time zone from the drop-down list, and then
click the appropriate radio button to indicate whether Daylight
Savings Time is currently in effect. After you initially set the time,
turning DST On or Off will adjust the current displayed time by one
hour in the appropriate direction. You must remember to change
the DST option each spring and fall as it will not change
automatically.
You can use this field to specify an easy-to-remember name for the
ADSL Barricade. The next time you want to access the
Configuration Manager, you can type this name in the location box
in your Web browser, instead of typing the digital IP address. For
example, if you have entered myrouter in this field (and have left
the Domain Name field blank), then you can type the following in
your Web browser to access the Configuration Manager: http://
myrouter.
Note: This will only work if you are using the ADSL Barricade’s
DNS relay feature. This feature is automatically enabled when the
DNS
server address configured on your PCs is also the address
assigned
DNS Server Addresses on page 79 for more information.
You can use this field to specify an Internet domain name
for the ADSL Barricade. The next time you access Configuration
Manager, you can type the domain name and the device name
(see the Name field above) in your Web browser. For example, if
you have entered myrouter in the [Name] field and mydomain.com
in the [Domain Name] field, then you can type the following in your
Web browser to access the Configuration Manager:
http://myrouter.mydomain.com
to the LAN port on the ADSL Barricade. See Configuring
30
3.
When you have finished modifying the settings , click [Submit].
Then click [Close] to return to the [System View] page.
4.
To save your changes to the permanent memory, click the
[Admin] tab, and then click [Commit & Reboot] in the task bar.
5.
Click [Commit].
Committing Changes and Rebooting
Committing Changes and Rebooting
Committing your changes
Whenever you use Configuration Manager to change system
settings, the changes are initially placed in a temporary storage
called random access memory or RAM. Your changes become
effective when you submit them, but will be lost if the device is
reset or turned off.
You can commit changes to save them permanently to a flash
memory.
Note:
Follow these steps to commit changes.
1.
2.
Submitting changes activates them immediately, but
saves them only until the device is reset or powered
down. Committing changes saves them permanently.
Click the [Admin] tab, and then click [Commit & Reboot]
in the task bar. The [Commit & Reboot] page appears.
Figure 6. Commit & Reboot Page
Click [Commit]. Disregard the selection in the [Reboot Mode:]
drop-down list; it does not affect the commit process. These
changes are saved to a permanent storage. The previous
settings
recalled
below rebooting
are copied to a backup storage so that they can be
if your new settings do not work properly (see the
instructions).
31
Getting Started with the Configuration Manager
Rebooting the device using Configuration Manager
To reboot the device, display the [Commit & Reboot] page,
select the appropriate [Reboot Mode:] from the drop-down list,
and then click [Reboot].
You have three options when rebooting.
Option Description
Reboot from Last
Configuration
Reboot from Backup
Configuration
Reboot from Default
Configuration
This option is to reboot the device using the current
settings in the permanent memory, including any changes
you have just committed.
This option
in the backup memory.
effective before you committed new settings in the current
session.
This option is to reboot the device to the default settings
provided by your ISP or the manufacturer. Choosing this
option erases any custom settings.
is to reboot
the device using settings stored
These are the settings that were
32
Warning:
Do not reboot the device using the [Reset] button
on
the Rear Panel of the ADSL Barricade to activate
new
changes. This button resets the device settings
to
the factory default values. Any custom settings will
be lost.
C
ONFIGURING THE
LAN P
This section describes how to configure IP properties for the
interfaces on the ADSL Barricade that communicate with your
LAN computers.
ORTS
Connecting via Ethernet
If you are using the ADSL Barricade with multiple PCs on your
you must connect the LAN via an Ethernet hub to the
LAN,
device's LAN
If you are using a single PC with the ADSL Barricade,
connect the PC directly to the LAN port using an Ethernet cable.
You must assign a unique IP address to each device port that
you use.
port, called [eth-0].
you can
Configuring the LAN Port IP Address
The LAN IP address identifies the LAN port ([eth-0]) as a node on
your network; that is, its IP address must be in the same subnet
as the PCs on your LAN.
Definition:
You can change the default to reflect the set of IP addresses
that you want to use with your network.
A network node can be thought of as any interface
where a device connects to the network, such as
the ADSL Barricade's LAN port and the network
interface cards on your PCs. See IP Addresses,
Network Masks and Subnets on page 167 for an
explanation of subnets.
33
Configuring the LAN Ports
If your network uses a DHCP server (other than the ADSL
Barricade)
to accept and use a LAN IP address assigned by that server.
Similarly, if your ISP
can configure
the ISP's server.
as a DHCP client of your DHCP (or ISP's) server.
to assign IP addresses, you can configure the device
performs DHCP serving for your network, you
the device to accept an IP address assigned from
In this mode, the ADSL Barricade is considered
Note:
Follow the following steps to change the default LAN IP address
or to configure the LAN port as a DHCP client:
1.
The ADSL Barricade itself can function as a DHCP
server for your LAN computers, as described in
Configuring Dynamic Host Configuration Protocol,
but not for its own LAN port.
Log into Configuration Manager and then click the [LAN] tab.
The [LAN Configuration] page appears.
34
Figure 7. LAN Configuration Page
Configuring the LAN Port IP Address
The LAN Configuration table displays the following settings:
Setting Description
System Mode: This setting is preconfigured for your device, such as [Routing
mode], [Bridging mode], or both modes simultaneously.
This setting is not user-configurable.
Get
LAN Address:
LAN
IP Address:
LAN
Network Mask:
Speed Ethernet speed
Duplex Duplex method
IGMP To Enable or Disable IGMP
This setting provides options for how the device’s LAN port
is assigned an IP address:
[Manual] indicates that you will be assigning a static IP address,
which you can enter in the fields below.
[External DHCP Server] indicates that your ISP will be assigning
an IP address from their own DHCP server to the port,
dynamically each time you log on.
[Internal DHCP Server] indicates that you have a DHCP server
device on your network that will assign an address to the port.
If you choose either the internal or external server option, the
LAN port is called a DHCP client of the server.
Note: The public IP address assigned to you by your ISP is not
your LAN IP address. The public IP address identifies the WAN
(ADSL) port on your ADSL Barricade to the Internet.
The IP address and Network Mask for the port.
See
IP Addresses, Network Masks and Subnets on page 167
for an overview of IP addresses and masks.
2.
Enter an IP address and mask in the fields provided and
choose [Disabled] in the [Use DHCP] field, or enable either a
remote or local DHCP server. Keep these points in mind:
•
Manually specifying an address:
If you are using routing services on your LAN such as
DHCP and NAT, you will want to assign a fixed LAN IP
address and mask. This ensures that your LAN computers
have a fixed address that they use to communicate with
the device.
35
Configuring the LAN Ports
The IP address you assign must be in the same subnet
as your LAN computers that connect to this port (that is,
the network ID portion of their IP addresses and their
subnet masks must be the same). See IP Addresses,
Network Masks and Subnets on page 167 for an
explanation of IP addresses and network masks.
If you change the LAN IP address, you may need to
update the DHCP configuration so that the addresses that
the DHCP server dynamically assigns to your computers
are on the same subnet as the new LAN IP address.
See Configuring Dynamic Host Configuration Protocol
on page 43 for instructions on changing the pool of
dynamically assigned addresses.
•
Enabling DHCP:
If you choose to have the LAN port be a DHCP client
of an internal or external server, the [LAN Network Mask]
field will be dimmed and made unavailable for entry. The
[LAN IP Address] field will remain editable, however. The
address that you specify here will be used as a request to
the DHCP server. This is referred to as a Configured IP
Address in the program. If the configured IP address is not
available from the DHCP server, then the system will
accept another assigned address. Even after another
number is assigned, the same configured IP address
will continue to display in this field.
36
3.
Click [Submit].
•
If you changed the LAN IP address while working from a
PC that is connected to the device via Ethernet, then your
connection will be terminated.
Configuring the LAN Port IP Address
•
If you enabled the DHCP service, the ADSL Barricade will
initiate a request for an IP address from your LAN's DHCP
server. If a different IP address is assigned than the one
that was previously configured, your current connection
will be terminated.
4.
Reconfigure your PCs, if necessary, so that their IP addresses
place them in the same subnet as the new IP address of the
LAN port. See Quick Start, Configuring Your Computers on
page 9 for instructions.
5.
Log into [Configuration Manager] by typing the new IP
address in your Web browser's address/location box.
6.
If the new settings work properly, click the [Admin] tab,
and then click [Commit & Reboot] in the task bar.
7.
Click [Commit] to save your changes to the permanent
memory.
37
V
IEWING
S
YSTEM
IP A
P
ERFORMANCE
The interface on the ADSL Barricade that communicates with
other network and Internet devices are identified by unique
Internet
Manager
and to view other system and network performance data.
See IP Addresses, Network Masks and Subnets on page 167
for a description
Viewing the ADSL Barricade's IP Addresses
To view the ADSL Barricade's IP addresses, click the [Routing]
tab, and then click [IP Address] in the task bar. The [IP Address
Table] page appears:
protocol (IP) addresses. You can use the Configuration
to view the list of IP addresses that your device uses,
DDRESSES AND
S
TATISTICS
of IP addresses and masks.
IP
Figure 8. IP Address Table Page
The table lists the [IP address], the network masks ([Netmask]),
and the interface names ([IF Name]) for each of its IP-enabled
interfaces.
39
Viewing System IP Addresses and IP Performance Statistics
The listed IP addresses may include:
•
The IP address of the device's LAN (Ethernet) port, called
[eth-0]. See Configuring the LAN Ports on page 33 for
instructions on configuring this address.
•
The IP address of the WAN (ADSL line) interface, which your
ISP and other external devices use to identify your network.
It may be identified in the [Configuration Manager] by the
names [ppp-0], [eoa-0], or [ipoa-0], depending on the protocol
your device uses to communicate with your ISP. Your ISP
may assign the same address each time, or it may change
each time you reconnect.
•
The loopback IP address, named [lo-0], of [127.0.0.1].
This special address enables the device to keep any data
addressed directly to it, rather than route the data through
the WAN or LAN ports.
If your device has additional IP-enabled interfaces,
the IP addresses of these will also display.
40
Viewing IP Performance Statistics
Viewing IP Performance Statistics
You can view statistics on the processing of Internet protocol
packets (a packet is a collection of data that has been bundled
for transmission). You will not typically need to view thi s data,
but you may find it helpful when working with your ISP to
diagnose network and Internet data transmission problems.
To view global IP statistics, click [Global Stats] on the [IP Address
Table] page. Below shows the [IP Global Statistics] page:
Figure 9. IP Global Statistics Page
To display updated statistics showing any new data since you
opened the page, click [Refresh].
41
C
ONFIGURING
D
YNAMIC
H
OST
You can configure your network and ADSL Barricade to use
the Dynamic Host Configuration Protocol (DHCP). This section
provides an overview of DHCP and instructions for implementing
it on your network.
C
ONFIGURATION
P
ROTOCOL
Overview of DHCP
What is DHCP?
DHCP is a protocol that enables network administrators
to centrally manage the assignment and distribution of
IP information to computers on a network.
When you enable DHCP on a network, you allow a device –
such as the ADSL Barricade or a router located with your ISP –
to assign temporary IP addresses to your computers whenever
they connect to your network. The assigning device is called a
DHCP server, and the receiving device is a DHCP client.
Note:
If you used the Quick Start instructions, you
configured each LAN PC with an IP address,
or you specified that it will receive IP information
dynamically (automatically). If you chose to have
the information assigned dynamically, then you
configured your PCs as DHCP clients that will
accept IP addresses assigned from a DCHP
server such as the ADSL Barricade.
43
Configuring Dynamic Host Configuration Protocol
The DHCP server draws from a defined pool of IP addresses
and leases them for a specified amount of time to your computers
when they request an Internet session. It monitors, collects, and
redistributes the addresses as needed.
On a DHCP-enabled network, the IP information is assigned
dynamically rather than statically. A DHCP client can be assigned
a different address from the pool each time it reconnects to the
network.
Why use DHCP?
DHCP allows you to manage and distribute IP addresses
throughout your network from a central computer. Without DHCP,
you would have to configure each computer separately with IP
addresses and related information. DHCP is commonly used with
large networks and those that are frequently expanded or
otherwise updated.
ADSL Barricade DHCP modes
The device can be configured as a DHCP server, relay agent
or client.
44
•
If you configure the device as a DHCP server, it will maintain
the pool of addresses and distribute them to your LAN
computers. If the pool of addresses includes private IP
addresses, you must also configure the Network Address
Translation service, so that the private addresses can be
translated to your public IP address on the Internet.
•
If your ISP performs the DCHP server function for your network,
then you can configure the device as a DHCP relay agent. When
the ADSL Barricade receives a request for Internet access from
a computer on your network, it contacts your ISP for the
necessary IP information, and then relays the assigned
information back to the computer.
Configuring DHCP Server
•
If you have another PC or device on your network that is
already performing the DHCP server function, then you can
configure the device's LAN port to be a DHCP client of that
server (as are your PCs). This configuration is described in
Configuring the LAN Ports.
Note:
You can input settings for both DHCP server and
DHCP relay mode, and then activate either mode
at any time. Deactivated settings are retained for
your future use.
Configuring DHCP Server
Note:
To set up DHCP server, you first define the ranges of IP addresses
that you want to be distributed to your PCs, called DHCP server
address pools.
Guidelines for creating DHCP server address pools
IP address pools can contain multiple public addresses that
you have purchased from your ISP, but are typically private
addresses that you create. LAN administrators often create
private IP addresses for use only on their networks. See
Overview of NAT on page 55 for an explanation of private
IP addresses.
Before you begin, be sure to configure your PCs to
accept DHCP information assigned by a DHCP server.
For detailed instructions, see Quick Start, Configuring
Your Computers on page 9.
45
Configuring Dynamic Host Configuration Protocol
You can create up to two pools. The pools can maintain a
combined total of 254 IP addresses. For example, you can
configure only one pool with addresses in the range 192.168.1.2
through 192.168.1.255, or two pools with the following address
ranges:
Pool 0: 192.168.1.2 through 192.168.1.128
Pool 1: 192.168.1.129 through 192.168.1.255
The same pool can be used for distributing IP addresses to your
LAN PCs (connected via the Ethernet port), as long as these
ports are in the same subnet. You may want to create a second
pool if any of these circumstances apply:
•
If a USB port is provided in the device, its Ethernet (eth-0) and
USB (usb-0) ports are in different subnets (note that different
subnets are not required). See IP Addresses, Network Masks
and Subnets on page 167 for an explanation of subnets.
•
Your LAN configuration includes two subnets.
•
You have only one subnet, but the addresses you want to
distribute are not in a continuous range. (Alternatively, you
can exclude particular addresses from distribution from a
single pool; see page 50.)
The DHCP server will distribute addresses to the computers
connected
in the same subnet as the pool addresses. For example, assume
that the Ethernet and USB interfaces are assigned IP addresses
that place them in two different subnets, as shown:
Ethernet interface (eth-0): IP address 192.168.1.1
USB interface (usb-0): IP address 192.168.2.1
to a given device interface only when that interface is
mask 255.255.255.0
mask 255.255.255.0
46
Configuring DHCP Server
With this configuration, you could create the following two pools:
Pool 0: 192.168.1.2 through 192.168.1.11
Pool 1: 192.168.2.2 through 192.168.2.2
The DHCP server would automatically distribute the Pool 0
addresses only to computers connected to the interface in
the same subnet as these addresses-the LAN interface, eth-0.
Likewise, the address in Pool 1 would be distributed to the
USB-connected computer.
Adding DHCP Server Address Pools
Follow these instructions to create an IP address pool:
1.
Log into Configuration Manager, click the [LAN] tab,
and then click [DHCP Server] in the task bar.
The [Dynamic Host Configuration Protocol (DHCP)
Server Configuration] page appears:
Figure 10. DHCP Server Configuration Page
Depending on your preconfigured settings, the table may
display one or more address pools, each in a row, or may
be empty.
47
Configuring Dynamic Host Configuration Protocol
2.
Click [Add]. The [DHCP Server Pool – Add] page appears,
as shown in Figure 11:
Figure 11. DHCP Server Pool – Add Page
3.
Enter values for the [Start IP Address:], [End IP Address:],
and [Netmask:] fields, which are required, and any others
as needed:
48
Field Description
Start IP Address:
End IP Address:
Mac Address: A MAC address is a manufacturer-assigned hardware ID that
This field specifies the lowest and highest addresses in the
pool, up to a maximum range of 254 addresses. For example,
if the LAN port is assigned IP address 192.168.1.1, then you
could create a pool with address range 192.168.1.2 –
192.168.1.254 for distribution to your LAN computers.
is unique for each device on a network. Use this field only if
you want to assign a specific IP address to the computer that
uses this MAC address. If you type a MAC address here, you
must have specified the same IP address in both the [Start IP
Address:] and [End IP Address:] fields.
Configuring DHCP Server
Netmask: This field specifies which portion of each IP address in this
range refers to the network and which portion refers to the
host (computer). For a description of network masks and
LAN network masks, see IP Addresses, Network Masks
and Subnets on page 167. You can use the network mask
to distinguish which pool of addresses should be distributed
to a particular subnet (as explained on page 45).
Domain Name: This is auser-friendly name that refers to the subnet that
Gateway
Address:
DNS Address:
SDNS Address:
SMTP Address:
POP3 Address:
NNTP Address:
WWW Address:
IRC Address:
WINS Address:
SWINS Address:
(optional)
includes the addresses in this pool. This is used for reference
only.
This is the address of the default gateway for computers that
receive IP addresses from this pool. If no value is specified,
then the appropriate LAN (eth-0) or USB (usb-0) port
address on the device will be distributed to each PC as its
gateway address, depending on how each is connected.
See Hops and gateways on page 84 for an explanation of
gateway addresses.
These fields indicate the IP address of the Domain Name
System server and Secondary Domain Name System server
to be used by computers that receive IP addresses from this
pool. These DNS servers translate common Internet names
that you type into your web browser into their equivalent
numeric IP addresses. Typically, these servers are located
with your ISP.
These fields indicate the IP addresses of devices that perform
various services for computers that receive IP addresses from
this pool (such as the SMTP, or Simple Mail Transfer Protocol,
server which handles e-mail traffic). Contact your ISP for
these addresses.
49
Configuring Dynamic Host Configuration Protocol
4.
When you are done defining the pool, click [Submit]. A
[Confirmation] page displays briefly to indicate that the pool
has been added successfully . After a f e w seconds, the [DHCP
Server Pool – Add] page appears with the newly added pool.
5.
Follow the instructions in Setting the [DHCP Mode] to enable
the DHCP Server.
Viewing, modifying, and deleting address pools
To view, modify, or delete an existing address pool, display
the DHCP Server Configuration page, and click the icons
in the corresponding row in the address pool table.
•
To delete an IP address pool, click , then [Submit]
and [Commit] your changes.
•
To view details on an IP address pool, click . A page
appears with the same information that you entered when
you added the pool.
•
To modify the pool, click . The [DHCP Server Pool –
Modify] page appears, as shown in Figure 12:
50
Figure 12. DHCP Server Pool - Modify Page
Configuring DHCP Server
You can change the [Domain Name] associated with an
IP address pool or enable/disable the pool. By default,
a pool is enabled when you create it.
When you are done making modifications, click [Submit].
Use the [Commit] function to save your changes to the
permanent memory (see page 31).
Excluding IP addresses from a pool
If you have IP addresses that are designated for fixed use
with specific devices, or if for some other reason you do not want
to make them available to your network, you can exclude them
from the pool. Display the [DHCP Server Pool – Modify] page,
as shown in Figure 15. Type each address to be excluded
in the [Excluded IP] field, and click [Add]. When you are done
specifying excluded addresses, click [Submit], and then use
the [Commit] function to save your changes to the permanent
memory (see page 31).
Viewing current DHCP address assignments
When the ADSL Barricade functions as a DHCP server for your
LAN, it keeps a record of any addresses currently leased to your
computers. To view a table of all current IP address assignments,
display the [DHCP Server Address Table] page, and then click
[Address Table].
Figure 13. DHCP Server Address Table Page
51
Configuring Dynamic Host Configuration Protocol
The DHCP Server Address Table lists any IP addresses that
are currently leased to LAN devices. For each leased address,
the table lists the following information:
Field Description
IP Address This field indicates the address that has been leased from the pool.
Netmask This is the network mask associated with the leased address.
This identifies the network ID and host ID portions of the address
(see IP Addresses, Network Masks and Subnets on page 167
for an explanation of these terms).
Mac
Address
Pool Start This is the lower boundary of the address pool (shown here to
Address
Type
Time
Remaining
This field indicates the unique hardware ID of the computer
to which the IP address has been assigned.
identify the pool from which the leased address was assigned).
The adress type can be [Static] or [Dynamic].
[Static] indicates that the IP number has been assigned
permanently to the specific hardware device.
[Dynamic] indicates that the number has been leased
emporarily for a specified length of time.
This field indicates the amount of time left for the device to use
the assigned address. The default lease time is 30 days
(31536000 seconds).
Configuring DHCP Relay
Some ISPs perform the DHCP server function for their customers'
home/small office networks. In this case, you can configure the
device as a DHCP relay agent. When a computer on your network
requests Internet access, the ADSL Barricade contacts your ISP
to obtain an IP address (and other information), and then forwards
that information to the computer. Follow the following instructions
to configure DHCP relay.
52
Configuring DHCP Relay
First, you must configure your PCs to accept DHCP information
assigned by a DHCP server:
1.
Open the Windows [Control Panel] and display the computer's
[Networking properties]. Configure the TCP/IP properties
to [Obtain an IP address automatically] (the actual text may
vary depending on your operating system). For detailed
instructions, see Quick Start, Configuring Your Computers
on page 9. Next, specify the IP address of the DHCP server
and select the interfaces on your network that will be using
the relay service.
2.
Log into the Configuration Manager, click the [LAN] tab.
Then click [DHCP Relay] in the task bar. The [Dynamic
Host Configuration Protocol (DHCP) Relay Configuration]
page appears:
Figure 14. DHCP Relay Configuration Page
3.
In the [DHCP Server Address] fields, type the IP address
of your ISP's DHCP server. If you do not have this number,
it is not essential to enter it here. Requests for IP information
from your LAN will be passed to the default gateway, which
should route the request appropriately.
4.
Select your WAN interface from the drop-down list and
click [Add]. Your WAN interface may be named [ppp-0],
[eoa-0], or [ipoa-0]. Contact your ISP if you are unsure
which type of WAN interface you use.
53
Configuring Dynamic Host Configuration Protocol
Note:
5.
Click [Submit]. A page appears to confirm your changes, and
then the program returns to the [Dynamic Host Configuration
Protocol (DHCP) Relay Configuration] page.
6.
Follow the instructions in Setting the DHCP Mode to set
the DHCP mode to DHCP Relay.
You can also delete an interface from the table
by clicking in the right column.
Setting the DHCP Mode
You must enable the appropriate DHCP mode to activate
your DHCP relay or DHCP server settings.
Follow these instructions to set the DHCP mode:
1.
Click the [LAN] tab, and then click [DHCP Mode] in the
task bar. The [Dynamic Host Configuration Protocol (DHCP)
Configuration] page appears.
54
Figure 15. DHCP Configuration Page
2.
From the [DHCP Mode:] drop-down list, choose [DHCP Server],
[DHCP Relay], or [None]. If you choose [None], your LAN
computers must be configured with static IP addresses.
3.
Click [Submit].
4.
Click the [Admin] tab, and then click [Commit & Reboot]
in the task bar.
5.
Click [Commit] to save your changes to the permanent
memory.
C
ONFIGURING
N
ETWORK
A
DDRESS
This section provides an overview of Network Address Translation
(NAT) and instructions for modifying the default configuration on
your device.
T
RANSLATION
Overview of NAT
Network Address Translation is a method for disguising the
private IP addresses you use on your LAN as the public IP
address you use on the Internet. You can define NAT rules
that specify exactly how and when to translate between
public and private IP addresses.
Definition:
A private IP address is created by a network
administrator for use only on a LAN, whereas a
public IP address is purchased from the Internet
Corporation for Assigned Names and Numbers
(ICANN) for use on the Internet. Typically, your
ISP provides a public IP address for your entire
LAN, and you define the private addresses for
computers on your LAN.
In a typical NAT setup, your ISP provides you with a single public
IP address to use for your entire network. Then, you assign each
computer on your LAN a unique private IP address. (Or, you define
a pool of private IP addresses for dynamic assignment to your
computers, as described in Configuring Dynamic Host Configuration
Protocol.) On the ADSL Barricade, you set up a NAT rule to
specify
the Internet, (that is, it sends and receives IP data packets) its
private IP address - which is referenced in each packet - will be
replaced by the LAN's public IP address.
that whenever one of your computers communicates with
55
Configuring Network Address Translation
Definition:
When this type of NAT rule is applied, because the source IP
address is swapped out, it appears to other Internet computers
as if the data packets are actually originating from the computer
assigned your public IP address (in this case, the ADSL Barricade).
The NAT rule could further be defined to disguise the source port in
the data packet (i.e., change it to another number), so that outside
computers will not be able to determine the actual port from which
the packet originated. Data packets that arrive in response contain
the public IP address as the destination IP address and the
disguised source port number. The ADSL Barricade changes the
IP address and source port number back to the original values
(having kept track of the changes it made earlier), and then
routes the packet to the originating computer.
An IP data packet contains bits of data bundled
together in a specific format for efficient
transmission over the Internet. Such packets are
the building blocks of all Internet communication.
Each packet contains header information that
identifies the IP address of the computer that
initiates the communication (the source IP address),
the port number that the router associates with that
computer (the source port number), the IP address
of the targeted Internet computer (the destination
IP address), and other information.
NAT rules such as these provide several benefits:
•
They eliminate the need for purchasing multiple public IP
addresses for computers on your LAN. You can make up your
own private IP addresses at no cost, and then have them
translated to the public IP address when your computers
access the Internet.
56
Viewing NAT Global Settings and Statistics
•
They provide a measure of security for you LAN by enabling
you to assign private IP addresses and then have these and
the source port numbers swapped out before your computers
access the Internet.
The type of NAT function described above is called [Network
Address Port Translation (NAPT)]. You can use other types,
called flavors, of NAT for other purposes; for example,
providing outside access to your LAN or translating multiple
private addresses to multiple public addresses.
Viewing NAT Global Settings
and Statistics
To view your NAT settings, log into the Configuration Manager,
click the [Services] tab. The [NAT Configuration] page appears
by default.
Figure 16. NAT Configuration Page
57
Configuring Network Address Translation
The [NAT Configuration] page contains the following elements:
•
The [NAT Options] drop-down list will provide access to the
[NAT Configuration] page and [NAT Global Information] table
(shown by default and in Figure 16), the [Network Address
Translation (NAT) Rule
and the [NAT Translations]
•
The [Enable] and [Disable] radio buttons will allow you to turn
on or off the NAT feature.
•
The [NAT Global Information] table will display the following
settings that apply to all NAT rule translations:
Field Description
TCP Idle
Timeout (sec):
TCP Close Wait
(sec):
TCP Def
Timeout (sec):
UDP Timeout
(sec):
ICMP Timeout
(sec):
When two computers communicate via the Internet, a
TCP-based communication session is created between
them to control the exchange of data packets. The TCP
session can be viewed as being in one of three states,
depending on the types of packets being transferred.
- The establishing state, where the connection is being set
up.
- The active state, where the connection is being used to
transfer data.
- The closing state, in which the connection is being shut
down.
When a NAT rule is effective on a TCP session in the active
state, the session will timeout if no packets are received for
the time specified in [TCP Idle Timeout].
When in the closing state, the session will timeout if no
packets are received for the time specified in [TCP Close
Wait].
When in the establishing state, the session will timeout if no
packets are received for the time specified in [TCP Def
Timeout].
Same as TCP Idle Timeout, but for UDP-based
communication sessions.
Same as TCP Idle Timeout, but for ICMP-based
communication sessions.
Configuration] page (see Figure 18)
page (see Figure 20).
58
Viewing NAT Global Settings and Statistics
GRE Timeout
(sec):
ESP Timeout
(sec)
Default Nat Age
(sec):
NAPT Port Start:
NAPT Port End:
Same as TCP Idle Timeout, but for GRE-based
communication sessions.
Same as TCP Idle Timeout, but for ESP-based
communication sessions.
For all other NAT translation sessions, the number of
seconds after which a translation session will no longer
be valid if no packets are received.
When an NAPT rule is defined, the source ports will be
translated to sequential numbers in this range.
If you change any values, click [Submit], and click the [Admin] tab
and [Commit] your changes to permanent system memory (see
page 31).
You can click [Global Stats] to view accumulated data on how
many NAT rules have been invoked and how much data has
been translated.
Figure 17. NAT Rule Global Statistics Page
The table provides basic information for each NAT rule you
have set up. You can click [Clear] to restart the accumulation
of the statistics at their initial values.
59
Configuring Network Address Translation
Viewing NAT Rules and Rule Statistics
To view the NAT rules currently defined on your system,
select [NAT Rule Entry] in the [NAT Options] drop-down list.
The [Network Address Translation (NAT) Rule Configuration]
page appears, as shown in Figure 18:
Figure 18. NAT Rule Configuration Page
The [Network Address Translation (NAT) Rule Configuration]
table displays a row containing basic information for each rule.
For a description of these fields, refer to the instructions for
adding rules (pages 66 through 79).
From the [Network Address Translation (NAT) Rule Configuration]
page, you can click [Add] to add a new rule, or use the icons in
the right column to delete ( ) or view details on ( ) a rule. To
view
data on how often a specific NAT rule has been used, click
[Stats]
in the [Action] column. A page appears similar to the one
shown in Figure 19.
60
Viewing Current NAT Translations
Figure 19. NAT Rule Statistics Page
The statistics show how many times this rule has been invoked
and how many currently active sessions are using this rule. You
can click [Clear] to reset the statistics to zeros and [Refresh] to
display newly accumulated data.
Viewing Current NAT Translations
To view a list of [NAT Translations] that have recently been
performed and which remain effective (for any of the defined
rules), select [NAT Translations] from the [NAT Options] dropdown list.
Figure 20. NAT Translations Page
61
Configuring Network Address Translation
For each current NAT Translations session, the table contains
the following fields:
Field Description
Trans Index This is the sequential number assigned to the IP session used
Rule ID This field indicates the ID of the invoked NAT rule.
Interface This field indicates the device interface on which the NAT rule
Protocol This field indicates the IP protocol used by the data packets that
Alg Type This is the Application Level Gateway (ALG), if any, that was
NAT Direction This field indicates the direction ([Inside] or [Outside]) of the
Entry Age This field indicates the elapsed time, in seconds, of the NAT
by this NAT translation session.
was invoked (from the rule definition).
are undergoing translations (from the rule definition) Example:
[TCP], [UDP], [ICMP].
used to enable this NAT translation (ALGs are special settings
that certain applications require in order to work while NAT
is enabled).
translation. A NAT direction is assigned to each port; the
Ethernet and USB ports are defined as [Inside] ports, and the
WAN ports are defined as [Outside] ports. The NAT direction is
determined by the interface on which the rule is invoked.
translation session.
You can click in the [Action] column to view additional details
about a NAT translation session.
62
Viewing Current NAT Translations
Figure 21. NAT TRANSLATION – Details Page
In addition to the information displayed in the [NAT
TRANSLATION - Details] table, this table displays the
following for the selected current translation sessions:
Field Description
Translated
In Address:
In Address: This field indicates the private IP address that was translated.
Out Address: This field indicates the IP address of the outside destination
In Packets:
Out Packets:
In Ports: This is the actual port number corresponding to the LAN
Out Ports: This is the port number associated with the destination address.
Translated In
Ports:
This field indicates the public IP address to which the private
IP address was translated.
(web, ftp site, etc.)
These fields indicate the number of incoming and outgoing IP
packets that have been translated in this translation session.
computer.
This is the port number to which the LAN computer’s actual port
number was translated.
63
Configuring Network Address Translation
Adding NAT Rules
This section explains how to create rules for each NAT flavor.
Note:
You cannot edit existing NAT rules. To change a rule
setup, delete it and add a new rule with the modified
settings.
The NAPT rule: Translating between private and public IP addresses
Follow these instructions to create a rule for translating the
private IP addresses on your LAN to your public IP addresses.
This type of rule uses the NAT flavor NAPT, which was used
in your default configuration. The NAPT flavor translates private
source IP addresses to a single public IP address. The NAPT
rule also translates the source port numbers to port numbers
that are defined on the [NAT Global Configuration] page.
1.
Click the [NAT] tab, then select [NAT Rule Entry] from the
[NAT Options] drop-down list. The [NAT Rule Entry] page
displays a row for each currently configured NAT rule.
2.
Click [Add] to display the [NAT Rule – Add] page.
3.
From the [Rule Flavor:] drop-down list, select [NAPT]. The
page reappears with only those fields that are appropriate
for the NAPT rule flavor, as shown in Figure 22.
64
Adding NAT Rules
Figure 22. NAT Rule - Add Page (NAPT Flavor)
4.
Enter a [Rule ID]. The Rule ID determines the order in which
rules are invoked (the lowest numbered rule is invoked first,
and so on). If you define two or more rules that act on the
same set of IP addresses, be sure to assign the Rule ID
so that the higher priority rules are invoked first.
It is recommended that you specify Rule IDs as multiples of 5
or 10 so that, in the future, you can insert a rule between two
existing rules.
Once a data packet matches a rule, the data is acted upon
according to that rule and is not subjected to
higher-numbered rules.
5.
From the [IF Name:] drop-down list, select the interf ace on the
device to which this rule applies. Typically, NA T rules are used
for communication between your LAN and the Internet.
Because the device uses the WAN interface (which may be
named [ppp-0], [eoa-0], or [ipoa-0]) to connect your LAN to
your ISP, it is the usual IF Name selection.
65
Configuring Network Address Translation
6.
In the [Local Address From:] field and [Local Address To:]
fields, type the starting and ending IP addresses, respectively ,
of the range of private addresses you use on your network
that you want to have translated.
You can specify that data from all LAN addresses should
be translated by typing [0] (zero) in each [F rom] field and [255]
in each [To] field. Or, type the same address in both fields if
the rule only applies to one LAN computer.
7.
In the [Global Address] field, type the public IP address
assigned to you by your ISP.
8.
Click [Submit].
9.
When a page appears to confirm your change, click [Close]
to return to the [NAT Configuration] page. The new rule should
display in the [NAT Rule Configuration] table.
10.
Ensure that the [Enable] radio button is selected, and then
click [Submit]. A page appears to confirm your changes.
66
11.
Click the [Admin] tab, and then click [Commit and Reboot]
in the task bar.
12.
Click [Commit] to save your changes to the permanent
memory.
Adding NAT Rules
The RDR rule: Allowing external access to a LAN computer
You can create an RDR rule to make a computer on your LAN,
such as a Web or FTP server, available to Internet users without
requiring you to obtain a public IP address for that computer.
The computer's private IP address is translated to your public
IP address in all incoming and outgoing data packets.
Note:
The following example illustrates using the RDR rule to provide
external access to your web server:
Your ADSL Barricade receives a packet containing a request
for access to your Web server. The packet header contains the
public
a destination port number 80. Because you have set up an RDR
rule for incoming packets with destination port 80, the device
recognizes the data as a request for Web server access. The
device
address of your Web server and forwards the data packet to it.
Your Web server sends data packets in response. Before the
ADSL Barricade forwards them on to the Internet, it changes
the source IP address in the data packets from the Web
server's private address to your LAN's public address.
Without an RDR rule (or Bimap rule described on
page 75) the ADSL Barricade blocks attempts by
external computers to access your LAN computers.
address for your LAN as the destination IP address, and
changes the packet's destination address to the private IP
67
Configuring Network Address Translation
To an external Internet user then, it appears as if your Web
server uses your public IP address.
Figure 23. NAT Rule - Add Page (RDR Flavor)
Follow the following instructions to add an RDR rule (see steps
1-4 under The NAPT Rule for specific instructions corresponding
to steps 1 and 2 below):
68
1.
Display the [NAT Rule – Add] Page, select [RDR] as the
[Rule Flavor], if necessary, and enter a [Rule ID].
2.
Select the interface on which this rule will be effective.
3.
Select a [Protocol] to which this rule applies, or choose [ANY].
This selection specifies which type of Internet communication
will be subject to this translation rule. You can select [ANY] if
the rule applies to all data. Or, select [TCP], [UDP], [ICMP], or
a number from [1-255] that represents the Internet Assigned
Numbers Authority (IANA)-specified protocol number.
Adding NAT Rules
4.
In the [Local Address From:] and [Local Address To:] fields,
type the same private IP address, or the lowest and highest
addresses in a range:
•
If you type the same IP address in both fields, incoming
traffic that matches the criteria you specify in steps 5 and
6 will be redirected to that IP address.
•
If you type a range of addresses, incoming traffic will be
redirected to any available computer in that range. This
option would typically be used for load balancing, whereby
traffic is distributed among several redundant servers to
help ensure efficient network performance.
These addresses should correspond to private addresses
already in use on your network (either assigned statically to
your PCs or assigned dynamically using DHCP, as discussed
in the Quick Start, Configuring Your Computers).
5.
In the [Global Address From:] and [Global Address To:] fields,
type the public IP address assigned to you by your ISP.
If you have multiple WAN (PPP) interfaces, this rule will not
be enforced for data that arrives on other PPP interfaces.
This rule will not be enforced for data that arrives on WAN
interfaces not specified here.
If you have multiple WAN interfaces and want the rule to be
enforced on more than one of them (or all), type the starting
and ending IP addresses of the range.
6.
In the [Destination Port From:] and [Destination Port To:]
fields, type the port ID numbers of the computer you are
making publicly available.
69
Configuring Network Address Translation
You can specify a range using the [From/To] fields if you want
the rule to apply to a range of port types, or enter the same
port number in both fields.
A port ID identifies the specific function of the computer
connected to it, and therefore can limit the types of data
that pass to and from the computer.
For example, Web (HTTP) servers are usually identified
by port number 80; packets containing traffic destined for
a Web server will contain this port ID. The Internet Assigned
Numbers Authority (IANA) assigns port numbers for common
types of servers and functions.
7.
If the LAN computer that you are making publicly available
is configured to use a non-standard port number for the type
of traffic it receives, type the non-standard port number in the
[Local Port:] field.
This option translates the standard port number in packets
destined for your LAN computer to the non-standard number
you specify. For example, if your Web server uses (nonstandard) port 2000, but you expect incoming data packets
to refer to (standard) port 80, you should enter 2000 here
(and select HTTP or type 80 in the Destination Port fields).
The headers of incoming packets destined for port 80 will
be modified to refer to port 2000. The packet will then be
routed appropriately to the web server.
70
8.
Follow steps 8-12 under The NAPT Rule on page 64
to submit your changes.
Adding NAT Rules
The Basic rule: Performing 1:1 translations
The Basic flavor translates the private (LAN-side) IP address
to a public (WAN-side) address, like NAPT rules. However,
unlike NAPT rules, Basic rules do not translate the port numbers
in the packet header; they are passed through untranslated.
Therefore, the Basic rule does not provide the same level of
security as the NAPT rule.
Figure 24. NAT Rule - Add Page (Basic Flavor)
Follow the folowing instructions to add a BASIC rule (see steps
1-4 under The NAPT Rule for specific instructions corresponding
to steps 1 and 2 below):
1.
Display the [NAT Rule – Add] Page, select [BASIC] as the
[Rule Flavor:], and enter a [Rule ID:].
2.
Select the interface on which this rule will be effective.
3.
Select a [Protocol:] to which this rule applies, or choose
[ANY].
71
Configuring Network Address Translation
This selection specifies which type of Internet communication
will be subject to this translation rule. You can select [ANY] if
the rule applies to all data. Or, select [TCP], [UDP], [ICMP], or
a number from [1-255] that represents the Internet Assigned
Numbers Authority (IANA)-specified protocol number.
4.
In the [Local Address From:] and [Local Address To:] fields,
type the starting and ending IP addresses that identify the
range of private address you want to be translated.
Or, type the same address in both fields.
If you specify a range, each address will be translated
in sequence to a corresponding address in a range of
Global Addresses (which you specify in step 5).
You can create a BASIC rule for each specific address
translation to occur. The r ange of addresses should correspond
to private addresses already in use on your network, whether
assigned statically to your PCs, or assigned dynamically
using DHCP.
72
5.
In the [Global Address From:] and [Global Address To:] fields,
type the starting and ending address that identify the pool
of public IP addresses that the private addresses should
be translated to. Or, type the same address in both fields
(if you also specified a single address in step 4).
6.
Follow steps 8-12 under The NAPT Rule on page 64
to submit your changes.
Adding NAT Rules
The Filter rule: Configuring a BASIC rule with additional criteria
Like the BASIC flavor, the Filter flavor translates public and
private IP addresses on a one-to-one basis. The Filter flavor
extends the capability of the BASIC rule. Refer to The BASIC
Rule on page 71 for a general description.
You can use the Filter rule if you want an address translation
to occur only when your LAN computers initiate access to
specific destinations. The destinations can be identified by
their IP addresses, the port type (which identifies it as a FTP
or Web server, for example), or both.
Figure 25. NAT Rule - Add Page (Filter Flavor)
Follow these instructions to add a Filter rule (see steps 1-4
under The NAPT Rule on page 64 for specific instructions
corresponding to steps 1 and 2 below):
1.
Display the [NAT Rule – Add] Page, select [FILTER]
as the [Rule Flavor:], and enter a [Rule ID:].
73
Configuring Network Address Translation
2.
Select the interface ([IF Name:]) on which this rule will be
effective.
3.
Select a [Protocol:] to which this rule applies, or choose
[ANY]. This selection specifies which type of Internet
communication will be subject to this translation rule. You can
select [ANY] if the rule applies to all data. Or, select [TCP],
[UDP], [ICMP], or a number from [1-255] that represents the
Internet Assigned Numbers Authority (IANA)-specified
protocol number.
4.
In the [Local Address From:] and [Local Address To:] fields,
type the starting and ending IP addresses that identify the
range of private addresses you want to have translated.
Or, type the same address in both fields.
If you specify a range, each address will be translated
in sequence to a corresponding address in a range of
[Global Addresses] (which you specify in step 5).
The address (or range of addresses) should correspond
to a private address (or addresses) already in use on
your network. These may be assigned statically to your
PCs or assigned dynamically using DHCP, as discussed
in the Quick Start.
74
5.
In the [Global Address From:] and [Global Address To:] fields,
type the starting and ending address that identify the range
of public IP addresses to translate your private addresses to.
Or, type the same address in both fields (if you also specified
a single address in step 4).
6.
In the [Destination Address From:] and [Destination Address
To:] fields, specify a destination address (or range) if you want
this rule to apply only to outbound traffic to the address
(or range).
Adding NAT Rules
If you enter only the network ID portion of the destination
address, then the rule will apply to outbound traffic to all
computers on network.
7.
In the [Destination Port From:] field, type a port ID number
if you want the rule to apply only to outbound traffic to servers
of this type.
8.
You can specify a range using the From/To fields if you want
the rule to apply to a range of port types, or enter the same
port number in both fields. See step 6 for creating an RDR
Rule on page 67 for an explanation of port IDs.
9.
Follow steps 8-12 under The NAPT Rule on page 64
to submit your changes.
The Bimap rule: Performing two-way translations
Unlike the other NAT flavors, the Bimap flavor performs address
translations in both the outgoing and incoming directions.
In the incoming direction, when the specified ADSL Barricade
interface receives a packet with your public IP address as the
destination address, this address is translated to the private IP
address of a computer on your LAN. To the external computer, it
appears as if the access is being made to the public IP address,
when, in fact, it is communicating with a LAN computer.
In the outgoing direction, the private source IP address in a data
packet is translated to the LAN's public IP address. To the rest of
the Internet, it appears as if the data packet originated from the
public IP address.
75
Configuring Network Address Translation
Bimap rules can be used to provide external access to a LAN
device. They do not provide the same level of security as RDR
rules, because RDR rules also reroute incoming packets based
on the port ID. Bimap rules do not account for the port number,
and therefore allow external access regardless of the destination
port type specified in the incoming packet.
Figure 26. NAT Rule - Add Page (Bimap Flavor)
Follow these instructions to add a Bimap rule (see steps 1-4
under The NAPT Rule on page 64 for specific instructions
corresponding to steps 1 and 2 below):
76
1.
Display the [NAT Rule – Add] Page, select [BIMAP]
as the [Rule Flavor:], and enter a [Rule ID:].
2.
Select the interface on which this rule will be effective.
3.
In the [Local Address:] field, type the private IP address of
the computer to which you are granting external access.
4.
In the [Global Address:] field, type the address that you want
to serve as the publicly known address for the LAN computer.
5.
Follow steps 8-12 under The NAPT Rule on page 64
to submit your changes.
Adding NAT Rules
The Pass rule: Allowing specific addresses to pass through untranslated
You can create a Pass rule to allow a range of IP addresses to
remain untranslated when another rule would otherwise do so.
Figure 27. NAT Rule - Add Page (Pass Flavor)
The Pass rule must be assigned a rule ID that is a lower number
than the ID assigned to the rule it is intended to pass. If you want
a specific IP address or range of addresses not to be subject to
an existing rule, say rule ID #5, then you can create a Pass rule
with ID #1 through #4.
Follow these instructions to add a Pass rule (see steps 1-4
under The NAPT Rule on page 64 for detailed instructions
corresponding to steps 1 and 2 below):
1.
Display the [NAT Rule – Add Page], select [PASS] as the
[Rule Flavor:], and enter a [Rule ID:].
2.
Select the interface on which this rule will be effective.
77
Configuring Network Address Translation
3.
In the [Local Address From:] and [Local Address To:] fields,
type the lowest and highest IP addresses that define the
range of private address you want to be passed without
translation. If you want the Pass rule to act on only one
address, type that address in both fields.
4.
Follow steps 7-12 under The NAPT Rule on page 64 to
submit your changes.
78
C
ONFIGURING
DNS
S
ERVER
A
DDRESSES
About DNS
Domain Name System (DNS) servers map the user-friendly
domain names that users type into their Web browsers
(e.g. yahoo.com) to the equivalent numerical IP addresses
that are used for Internet routing.
When a PC user types a domain name into a browser, the PC
must first send a request to a DNS server to obtain the equivalent
IP addresses. The DNS server will attempt to look up the domain
name in its own database, and will communicate with higher-level
DNS servers when the name cannot be found locally. When the
address is found, it is sent back to the requesting PC and is
referenced in IP packets for the remainder of the communication.
Assigning DNS Addresses
Multiple DNS addresses are useful to provide alternatives when
one of the servers is down or is encountering heavy traffic. ISPs
typically provide primary and secondary DNS addresses, and
may provide additional addresses. Your LAN PCs learn these
DNS addresses in one of the following ways:
•
Statically:
If your ISP provides you with their DNS server addresses,
you can assign them to each PC by modifying the PCs'
IP properties.
79
Configuring DNS Server Addresses
•
Dynamically from a DHCP pool:
You can configure the DHCP Server feature on the ADSL
Barricade and create an address pool that specifies the DNS
addresses to be distributed to the PCs. Refer to Configuring
Dynamic Host Configuration Protocol for instructions on
creating DHCP address pools.
In either case, you can specify the actual addresses of the
ISP's DNS servers (on the PC or in the DHCP pool), or you can
specify the address of the LAN port on the ADSL Barricade (e.g.
192.168.1.1). When you specify the LAN port IP addresses, the
device performs DNS relay, as described in the following section.
Note:
If you specify the actual DNS addresses on the PCs or
in the DHCP pool, the DNS relay feature is not used.
Configuring DNS Relay
When you specify the ADSL Barricade's LAN port IP addresses
as the DNS addresses, then the device automatically performs
DNS relay; i.e., because the device itself is not a DNS server, it
forwards domain name lookup requests it receives from the LAN
PCs to a DNS server at the ISP. It then relays the DNS server's
response to the PC.
When performing DNS relay, the ADSL Barricade must maintain
the IP addresses of the DNS servers it contacts. It can learn
these addresses in either or both of the following ways:
•
Learned through PPP:
If the device uses a PPP connection to the ISP, the primary
and secondary DNS addresses can be learned via the PPP
protocol. To use this method, the [Use DNS] checkbox
must be selected in the [PPP Interface Properties]. (See
Configuring PPP Interfaces on page 103 for instructions on
80
Configuring DNS Relay
configuring your PPP interface. Note that you cannot change
this property by modifying an existing PPP interface; you must
delete the interface and recreate it with the new setting.)
Using this option provides the advantage that you will not
need to reconfigure the PCs or the ADSL Barricade if the ISP
changes their DNS addresses.
•
Configured on the ADSL Barricade:
You can use the device's DNS feature to specify the ISP's
DNS addresses. If the device also uses a PPP interface
with the [Use DNS] property enabled, then these configured
addresses will be used in addition to the two addresses
learned through PPP. If [Use DNS] is not enabled, or if a
protocol other than PPP is used (such as EoA), then these
configured addresses will be used as the primary and
secondary DNS addresses.
Follow these steps to configure DNS relay:
1.
Configure the LAN PCs to use the ADSL Barricade's LAN IP
addresses as their DNS server addresses by assigning the
LAN IP address statically to each PC, or by inputting the LAN
IP address or the address 0.0.0.0 as the DNS address in the
DHCP server pool used by the PCs.
2.
If you are using a PPP connection to the ISP, click the [Use
DNS] check box so that the DNS server addresses it learns
are used for DNS relay.
If you are not using a PPP connection (or if you want to
specify DNS
PPP), configure
as follows.
addresses in addition to those learned through
the DNS addresses on the ADSL Barricade
81
Configuring DNS Server Addresses
a. Click the [Services] tab, and then click [DNS] in
the task bar. The [Domain Name Service (DNS)
Configuration] page appears.
Figure 28. DNS Configuration Page
b. Type the IP address of the DNS server in an empty
row and click [Add]. You can enter only two addresses.
c. Click the [Enable] radio button, and then click [Submit].
3.
Click the [Admin] tab, and then click [Commit & Reboot]
in the task bar.
82
4.
Click [Commit] to save your changes to the permanent
memory.
Note:
DNS addresses that are assigned to LAN PCs prior to
enabling DNS relay will remain in effect until the PC is
rebooted. DNS relay will only take effect when a PC's
DNS address is the LAN IP address. Similarly, if after
enabling DNS relay, you specify a DNS address (other
than the LAN IP address) in a DHCP pool or statically
on a PC, then that address will be used instead of the
DNS relay address.
C
ONFIGURING
You can use the Configuration Manager to define specific routes
for your Internet and network data. This section describes basic
routing concepts and provides instructions for creating routes.
IP R
OUTES
Note:
Most users do not need to define IP routes.
Overview of IP Routes
The essential challenge of a router is: when it receives data
intended for a particular destination, which device should it send
that data to? When you define IP routes, you provide the rules
that a computer uses to make these decisions.
IP routing versus telephone switching
IP routing decisions are similar to those made by switchboards
that handle telephone calls.
When you dial a long distance telephone number, you are first
connected to a switchboard operated by your local phone service
carrier. All calls you initiate go first to this main switchboard.
If the phone number you dialed is outside your calling area, the
switchboard opens a connection to a higher-level switchboard for
long distance calls. That switchboard looks at the area code you
dialed and connects you with another switchboard that serves
that area. This new switchboard, in turn, may look at the prefix
in the number you dialed (the middle set of three numbers) and
connect to a more localized switchboard that handles numbers
with that prefix. This final switchboard can then look at the last
four digits of the phone number to open a connection with the
person or company you dialed.
83
Configuring IP Routes
In comparison, when your computer initiates communication
over the Internet, such as viewing a web page connecting to
a web server, the data it sends out includes the IP address of
the destination computer (the phone number). All your outgoing
requests first go to the same router at your ISP (the first
switchboard). That router looks at the network ID portion of the
destination address (the area code) and determines which next
router to send the request to. After several such passes, the
request arrives at a router for the destination network, which then
uses the host ID portion of the destination IP address (the local
phone number) to route the request to the appropriate computer.
(The network ID and host ID portions of IP addresses are
explained in IP Addresses, Network Masks, and Subnets.)
With both the telephone and the computer, all transactions are
initially sent to the same switchboard or router, which serves as a
gateway to other higher- or lower-level devices. No single device
knows at the outset the eventual path the data will take, but each
uses a specific part of the destination address/phone number to
make a decision about which device to connect to next.
Hops and gateways
Each time Internet data are passed from one Internet address
to another, it is said to take a hop. A hop can be a handoff to
a different port on the same device, to a different device on the
same network, or to a device on an entirely different network.
When a hop passes data from one type of network to another, it
uses a gateway. A gateway is an IP address that provides initial
access to a network, just as a switchboard serves as a gateway
to a specific set of phone numbers. For example, when a computer
on your LAN requests access to a company's web site, your ISP
serves as a gateway to the Internet. As your request reaches its
destination, another gateway provides access to the company's
web servers.
84
Overview of IP Routes
Using IP routes to define default gateways
IP routes are defined on computers, routers, and other IP-enabled
devices to instruct them which hop to take, or which gateway to
use, to help forward data along to its specified destination.
If no IP route is defined for a destination, then IP data is passed
to a predetermined default gateway. The default gateway serves
like a higher-level telephone switchboard; it may not be able to
connect directly to the destination, but it will know a set of other
devices that can help pass the data intelligently. If it cannot
determine which of these devices provides a good next hop
(because no such route has been defined), then that device will
forward the data to its default gateway. Eventually, a high-level
device, using a predefined IP route, will be able to forward the
data along a path to its destination.
Do I need to define IP routes?
Most users do not need to define IP routes. On a typical small
home or office LAN, the existing routes that set up the default
gateways for your LAN computers and for the ADSL Barricade
provide the most appropriate path for all your Internet traffic.
•
On your LAN computers, a default gateway directs all Internet
traffic to the LAN port on the ADSL Barricade. Your LAN
computers know their default gateway either because you
assigned it to them when you modified their TCP/IP properties,
or because you configured them to receive the information
dynamically from a server whenever they access the Internet.
(Each of these processes is described in Quick Start,
Configuring Your Computers.)
85
Configuring IP Routes
•
On the ADSL Barricade itself, a default gateway is defined
to direct all outbound Internet traffic to a router at your ISP.
This default gateway is assigned automatically by your ISP
whenever the device negotiates an Internet connection. (The
process for adding a default route is described on page 88.)
You may need to define routes if your home setup includes two
or more networks or subnets, if you connect to two or more ISP
services, or if you connect to a remote corporate LAN.
Viewing the IP Routing Table
All IP-enabled computers and routers maintain a table of IP
addresses that are commonly accessed by their users. For each
of these destination IP addresses, the table lists the IP address
of the first hop the data should take. This table is known as the
device's routing table.
To view the ADSL Barricade's routing table, click the [Routing]
tab. The [IP Route Table] page appears by default, as shown
in Figure 29:
86
Figure 29. IP Route Table Page
Viewing the IP Routing Table
The [IP Route Table] displays a row for each existing route.
These include routes that were predefined on the device, routes
you may have added, and routes that the device has identified
automatically through communication with other devices.
The following table defines the fields in the [IP Route Table].
Field Description
Destination This field specifies the IP address of the destination computer.
The destination can be specified as the IP address of a specific
computer or an entire network. It can also be specified as
all zeros to indicate that this route should be used for all
destinations for which no other route is defined (this is the
route that creates the default gateway).
NetMask This field indicates which parts of the destination address refer
to the network and which parts refer to a computer on the
network. Refer to IP Addresses, Network Masks, and Subnets,
for an explanation of network masks.
NextHop This field specifies the next IP address to send data to when its
IFName This field displays the name of the interface on the device
Route Type This field displays whether the route is [Direct] or [Indirect].
Route Origin This field displays how the route was defined.
Action
final destination is that shown in the [Destination] column.
through which data is forwarded to the specified next hop.
In a [Direct] route, the source and destination computers are
on the same network, and the router attempts to directly deliver
the data to the computer.
In an [Indirect] route, the source and destination computers are
on different networks, and the router forwards data to a device
on another network for further handling.
[Dynamic] indicates that the route was created automatically or
predefined by your ISP or the manufacturer. Routes you create
are labeled Local. Other routes can be created automatically
(using RIP, as described in Configuring the Routing Information
Protocol), or defined remotely through various network
management protocols (LCL or ICMP).
This field displays an icon ( ) you can click on to delete
a route.
87
Configuring IP Routes
Adding IP Routes
Follow these instructions to add an IP route to the routing table.
1.
From the [IP Route Table] page, click [Add]. The [IP Route Add] page appears, as shown in Figure 30.
Figure 30. IP Route - Add Page
2.
Specify the Destination, Netmask, and Gateway or NextHop
for this route. For a description of these fields, refer to the
table on page 87. To create a route that defines the default
gateway for your LAN, enter 0.0.0.0 in both the [Destination:]
and [Netmask:] fields. Enter your ISP's IP address in the
[Gateway/NextHop:] field.
88
Note:
You cannot specify the interface name, route type
or route origin. These parameters are used only
for routes that are identified automatically as the
device communicates with other routing devices.
For routes you created, the routing table displays
system default values in these fields.
Adding IP Routes
3.
Click [Submit].
4.
On the [Confirmation] page, click [Close] to return to the
[IP Route Table] page.
The [IP Routing Table] will now display the new route.
5.
Click the [Admin] tab, and then click [Commit & Reboot]
in the task bar.
6.
Click [Commit] to save your changes to the permanent
memory.
89
C
ONFIGURING THE
R
OUTING
I
NFORMATION
The ADSL Barricade can be configured to communicate with
other routing devices to determine the best path for sending
data to its intended destination. Routing devices communicate
this information using a variety of IP protocols. This section
describes how to configure the ADSL Barricade to use one
of these, called the Routing Information Protocol (RIP).
P
ROTOCOL
RIP Overview
RIP is an Internet protocol you can set up to share routing table
information with other routing devices on your LAN, at your ISP's
location, or on remote networks connected to your network via
the ADSL line. Generally, RIP is used to enable communication
on autonomous networks. An autonomous network is one in
which all of the computers are administered by the same entity.
An autonomous network may be a single network, or a grouping
of several networks under the same administration. An example
of an autonomous network is a corporate LAN, including devices
that can access it from remote locations, such as the computers
telecommuters use.
Using RIP, each device sends its routing table to its closest
neighbor every 30 seconds. The neighboring device in turn
passes the information on to its next neighbor and so on until all
devices in the autonomous network have the same set of routes.
91
Configuring the Routing Information Protocol
When should you configure RIP?
Most small home or office networks do not need to use RIP;
they have only one router, such as the ADSL Barricade, and one
path to an ISP. In these cases, there is no need to share routes,
because all Internet data from the network is sent to the same
ISP gateway.
You may want to configure RIP if any of the following
circumstances apply to your network:
•
Your home network setup includes an additional router or
RIP-enabled PC (other than the ADSL Barricade).
Barricade and the router will need to communicate via RIP
to share their routing tables.
•
Your network connects via the ADSL line to a remote network,
such as a corporate network. In order for your LAN to learn the
routes used within your corporate network, they should both
be configured with RIP.
•
Your ISP requests that you run RIP for communication with
devices on their network.
The ADSL
Configuring the ADSL Barricade's Interfaces with RIP
The following instructions describe how to enable RIP
on the ADSL Barricade.
Note:
92
In order for the ADSL Barricade to communicate with
other devices using RIP, you must also enable the
other devices to use the protocol. See the product
documentation for those devices.
Configuring the ADSL Barricade's Interfaces with RIP
1.
Log into the Configuration Manager, click the [Services] tab,
and then click [RIP] in the task bar. The [Routing Information
Protocol (RIP) Configuration] page appears, as shown in
Figure 31.
Figure 31. RIP Configuration Page
The page contains radio buttons for [Enable] or [Disable]
the RIP feature and a table listing interfaces on which the
protocol is currently running. The first time you open this
page, the table may be empty.
2.
If necessary, change the [Age (seconds):] and [Update
Time (seconds):].
These are global settings for all interfaces that use RIP.
[Age (seconds):] is the amount of time in seconds that the
device's RIP table will retain each route that it learns from
adjacent computers.
[Update Time (seconds):] specifies how frequently the ADSL
Barricade will send out its routing table to its neighbors.
93
Configuring the Routing Information Protocol
3.
In the [IF Name] column, select the name of the interface
on which you want to enable RIP. For communication with
RIP-enabled devices on your LAN, select [eth-0] or the name
of the appropriate virtual Ethernet interface. F or communication
with your ISP or a remote LAN, select the corresponding
[ppp], [eoa], or other WAN interface.
4.
Select a [Metric] value for the interf ace. RIP uses a hop count
as a way to determine the best path to a given destination in
the network. The hop count is the sum of the metric values
assigned to each port through which data is passed before
reaching the destination. Among several alternative routes,
the one with the lowest hop count is considered the fastest
path.
For example, if you assign this port a metric of 1, then RIP
will add 1 to the hop count when calculating a route that
passes through this port. If you know that communication
via this interface is slower than through other interfaces
on your network, you can assign it a higher metric value
than the others. You can select any integer from 1 to 15.
94
5.
Select a [Send Mode] and a [Receive Mode].
The [Send Mode] setting indicates the RIP version this
interface will use when it sends its route information to
other devices.
The [Receive Mode] setting indicates the RIP version(s) in
which information must be passed to the ADSL Barricade
in order for it to be accepted into its routing table.
RIP version 1 is the original RIP protocol. Select [RIP1]
if you have devices that communicate with this interface
that understand RIP version 1 only.
Configuring the ADSL Barricade's Interfaces with RIP
RIP version 2 is the preferred selection because it supports
classless IP addresses (which are used to create subnets)
and other features. Select [RIP2] if all other routing de vices on
the autonomous network support this version of the protocol.
6.
Click [Add]. The new RIP entry will display in the table.
7.
Click the [Enable] radio button to enable the RIP feature.
Note:
8.
9.
10.
Note:
If you disable the RIP feature, the interface settings
you have configured will remain available for future
activation.
When you are finished defining RIP interfaces, click [Submit].
A page appears to confirm your changes.
Click the [Admin] tab, and then click [Commit & Reboot]
in the task bar.
Click [Commit] to save your changes to the permanent
memory.
You can delete an existing RIP entry by clicking
in the [Action] column.
95
Configuring the Routing Information Protocol
Viewing RIP Statistics
From the [RIP Configuration] page, you can click [Global Stats]
to view statistics on attempts to send and receive route table
data over RIP-enabled interfaces on the ADSL Barricade.
Figure 32. RIP Global Statistics Page
You can click [Clear] to reset all statistics to zero and [Refresh]
to display any newly accumulated data.
96
C
ONFIGURING THE
ATM
V
IRTUAL
As your LAN computers access the Internet via the ADSL
Barricade, data is exchanged with your ISP through a complex
network of telephone switches, Internet routers, servers, and
other specialized hardware. These various devices communicate
using a common language, or protocol, called Asynchronous
Transfer Mode (ATM). On the Wide Area Network (WAN) that
connects you to your ISP, the ATM protocol performs functions
like those that the Ethernet protocol performs on your LAN.
This section describes how to configure the ATM virtual circuit
(VC). The VC properties define the path the ADSL Barricade
uses to communicate with your ISP over the ATM network.
C
IRCUIT
Viewing Your ATM VC
To view your current configuration, log into the Configuration
Manager, click the [WAN] tab, and click [ATM VC] in the task
bar. The [ATM VC Configuration] page appears, as shown in
Figure 33.
Figure 33. ATM VC Configuration Page
97
Configuring the ATM Virtual Circuit
The ATM VC Configuration table displays the following fields
(contact your ISP to determine these settings):
Field Description
Interface This field indicates the name of the lower-level interface on which
this VC operates. The low-level interface names are preconfigured
in the software and identify the type of traffic that can be
supported, such as data or voice. Internet data services typically
use an aal5-type interface.
Vpi
Vci
Mux Type
Max Proto
per AAL5
Action (s)
These settings identify a unique ATM data path for communication
between your ADSL Barricade and your ISP.
If you are using an AAL5-type of interface, this setting indicates
the number of higher-level interfaces that the VC can support
(the higher level interfaces can be PPP, EoA, or IPoA interfaces).
Contact your ISP to determine which connection protocol(s) they
require.
This field displays the icons you can click on to modify ( — see
page 100) and delete ( ) the associated interface. You cannot
delete an ATM interface if another protocol such as PPP, EoA, or
IPoA has been defined to operate over the ATM interface. Delete
the higher-level interface first, and then delete the ATM interface.
98
Loading...