SMC Networks Barricade SMC7004ABR V.2, 7003USB User Manual

Page 1
SMC7004ABR V.2
Page 2
Barricade
TM
Broadband Router
User Guide
Fro m SMC’s Barricade line of Broadband Routers
September 2003
Page 3
ABLE OF
T
C
ONTENTS
About the Barricade™ Router . . . . . . . . . . . . . . . . . . . . 1
LED Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
Installing the Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Package Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Hardware Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Connect the System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Basic Installation Procedure . . . . . . . . . . . . . . . . . . . . . . .9
Configuring Client TCP/IP . . . . . . . . . . . . . . . . . . . . . . 11
Installing TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Windows 95/98/Me . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
Windows 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12
Setting Up TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
Configuring Your Computer in Windows 95/98/Me . . . . .14
Configuring Your Computer in Windows NT 4.0 . . . . . . .19
Configuring Your Computer in Windows 2000 . . . . . . . .24
Configuring Your Computer in Windows XP . . . . . . . . . .26
Configuring a Macintosh Computer . . . . . . . . . . . . . . . .29
Verifying Your TCP/IP Connection . . . . . . . . . . . . . . . . .33
Configuring the Barricade™ Router . . . . . . . . . . . . . 35
Browser Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Disable Proxy Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
Internet Explorer (5 or above) . . . . . . . . . . . . . . . . . . . . . . . . . .36
Internet Explorer (For Macintosh) . . . . . . . . . . . . . . . . . . . . . . .36
Navigating the Web Browser Interface . . . . . . . . . . . . . . . . . . .38
Making Configuration Changes . . . . . . . . . . . . . . . . . . .38
Setup Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Broadband Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Advanced Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
WAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Page 4
LAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Network Address Translation (NAT) . . . . . . . . . . . . . . . 56
Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
DDNS (Dynamic DNS) Settings . . . . . . . . . . . . . . . . . . . 69
UPnP (Universal Plug and Play) Setting . . . . . . . . . . . . 70
Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Print Server Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
Installing the SMC Printer Port Monitor . . . . . . . . . . . . . . . . . . 75
Configuring the Print Server . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Configuring the Network Printer in Win 95/98/Me/2000 . 78
Configuring the Network Printer in Windows NT. . . . . . . 80
Configuring the Network Printer in Unix Systems . . . . . 82
Configuring LPR port on Windows 2000/XP . . . . . . . . . 82
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
Compliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i
Legal Information and Contacts . . . . . . . . . . . . . . . . . . iii
Page 5
BOUT THE
A
ARRICADE
B
Congratulations on your purchase of the Barricade™ Broadband Router. SMC is proud to provide you with a powerful yet simple communication device for connecting your local area network (LAN) to the Internet. For those who want to surf the Internet at the lowest possible cost, this Broadband Router provides a convenient and powerful solution.
™ R
OUTER
IMPORTANT INFORMATION!
This information is addressed to the DSL-Users without a flat rate contract**.
With your DSL-router you have received a device of high quality, which allows you fast and easy access to the Internet.
The factory default settings of this router have been done in a way to provide you with uninterrupted access and use of the Internet. With this background for cost reasons we recommend that you enter into a "flat rate" - contract with your DSL-line provider.
Why should you do that? Please consider that a router, an entirely independent working
device, does not switch off automatically when shutting off your PC!
You may trigger such an automatic shut-off by setting a so called "idle-time" (for details consult your manual at PPPoE or PPTP WAN access configuration). Depending at the se t time (1 to 5 min) the router cuts the DSL-link when idle, indeed. But this still does not provide for 100% security.
Page 6
About the Barricade™ Router
This disconnect only happens if there are no more open requests received from either the LAN or the WAN side (here this can be requests from the internet, i.e. initiated through the use of so called file sharing programs like eMule, eDonkey, etc.) th at keep the router active.
In order to counter such incalculable activity and protect yourself from higher than expected on-line costs we therefore recommend again a flat-rate contract for your DSL-connection.
The only safe alternative: Pull the plug! That is to disconnect your router from the mains. Please feel free to contact our SMC-hotline if you have further
questions. ** Flat-rate is an offer of your DSL-line provider, which gives you
timely unlimited access to the Internet at a defined (flat-) rate.
Page 7
LED Indicators
The SMC7004ABR includes comprehensive status LED indicators, as described in the following figure and table.
SMC7004ABR
Reset
LED Status Description
Power
WAN
1234
LED Indicators
LAN
Link/Act
10/100
Power (Green)
WAN (Green)
Link/Act (Green)
10/100 (Amber)
On Barricade™ Router is receiving power.
On The WAN port has established a valid network
connection. Flashing The WAN port is transmitting or receiving traffic. On The indicated LAN port has established a valid
network connection. Flashing The indicated LAN port is transmitting or receiving
traffic.
On The indicated LAN port is operating at 100 Mbps.
Off The indicated LAN port is operating at 10 Mbps.
Page 8
About the Barricade™ Router
Features and Benefits
Internet connection to DSL or cable modem via a
10/100 Mbps WAN port Internet connection to ISDN TA or PSTN modem via an
RS-232 console port Local network connection via 10/100 Mbps Ethernet ports
Built-in print server for any client attached to the LAN
DHCP for dynamic IP configuration, and DNS for domain
name mapping Firewall with client privileges, hacker prevention, and NAT
NAT also enables multi-user access with a single-user
account, and virtual server functionality (providing protected access to Internet services such as web, FTP, mail and Telnet)
Virtual Private Network support using PPTP, L2TP or IPSec
pass-through User-definable application sensing tunnel supports
applications requiring multiple connections Supports CHAP authentication protocol for dial-up
identification Supports PPP dial-out connection
Easy set up through a web browser on any operating system
that supports TCP/IP Compatible with all popular Internet applications
Page 9
NSTALLING THE
I
Before installing the Barricade™ Broadband Router, verify that you have all the items listed under “Package Contents.” If any of the items are missing or damaged, contact your local SMC distributor. Also be sure that you have all the necessary cabling before installing the Barricade™ Router. After installing the Barricade™ Router, refer to the web-based configuration program in “Configuring the Barricade™ Router” on page 35 for information on configuring the router.
Package Contents
After unpacking the Barricade™ Broadband Router, check the contents of the box to be sure you have received the following components:
R
OUTER
Barricade™ Broadband Router
Power adapter
One CAT-5 Ethernet cable
Four rubber feet
Installation CD containing this User Guide and EZ 3-Click
Installation Wizard
Immediately inform your dealer in the event of any incorrect, missing or damaged parts. If possible, please retain the carton and original packing materials in case there is a need to return the product.
Please register on SMC’s web site at www.smc.com
www.smc-europe.com
The Barricade™ Router is covered by a
or
limited lifetime warranty.
Page 10
Installing the Router
Hardware Description
The Barricade™ Router can be connected to the In ternet or to a remote site using its RJ-45 WAN port or RS-232 serial port. It can be connected directly to your PC or to a local area network using any of the Fast Ethernet LAN ports. It can also function as a print server.
Access speed to the Internet depends on your service type. Full-rate ADSL can provide up to 8 Mbps downstream and 640 Kbps upstream. G.lite (or splitterless) ADSL provides up to
1.5 Mbps downstream and 512 Kbps upstream. Cable modems can provide up to 36 Mbps downstream and 2 Mbps upstream. ISDN can provide up to 128 Kbps when using two bearer channels. PSTN analog connections can now run up to 56 Kbps. However, you should note that the actual rate provided by specific service providers may vary dramatically from these upper limits.
Although access speed to the Internet is determin ed by the modem type connected to your Barrica de™ Router, data passing between devices connected to your loca l area ne twork can run up to 100 Mbps over the Fast Ethernet ports.
The Barricade™ Router includes an LED display on the front panel for system power and port indications that simplifies installation and network troubles hootin g. It also pro vides 4 RJ-45 LAN ports on the front panel, as well as one RJ-45 WAN port, one RS-232 serial port and one parallel printer port on the rear panel. Full-duplex communications allow data to be sent and received simultaneously, doubling the effective throughput.
Page 11
Hardware Description
4 RJ-45 ports for connection to a 10BASE-T/100BASE-TX
Ethernet Local Area Network (LAN). These ports can auto-negotiate the operating speed to 10/100 Mbps, the mode to half/full duplex, and the pin signals to MDI/MDI-X (i.e., allowing these ports to be connected to any network device with straight-through cable). These ports can be connected directly to a PC or to a server equipped with an Ethernet network interface card, or to a networking device such as an Ethernet hub or switch.
One RJ-45 port for connection to a DSL or cable modem
(WAN). This port also auto-negotiates operating sp eed to 10/100 Mbps, the mode to half/full duplex, and the pin signals to MDI/MDI-X.
One RS-232 serial port to connect to an ISDN Terminal
Adapter (TA) or to a PSTN analog modem. One parallel printer port that can be connected to a printe r.
This printer can then be shared by any LAN users.
The following figure shows the components of the Barricade™ Router:
SMC7004ABR
Reset
Power
PRINTER
WAN
LAN
1234
Link/Act
10/100
WAN
123 4
COM
12V 1A
Figure 1. Front and Rear Panels
Page 12
Installing the Router
Item Description
Reset Button
LEDs Power, WAN and LAN port status indicators.
LAN Ports
Printer Port
WAN Port
COM Port
Power Inlet
Use this button to reset the power and restore the default factory settings.
(See “LED Indicators” on page 3.) Fast Ethernet ports (RJ-45). Connect devices (such as a
PC, hub or switch) on your local area network to these ports.
Parallel port (25-pins, D-type, female). Connect the shared printer to this port.
WAN port (RJ-45). Connect your cable modem, DSL modem, or an Ethernet router to this port.
Serial port (9-pins, D-type, male). Connect your ISDN TA or 56K analog modem to this port.
Connect the included power adapter to this inlet. Warning: Using the wrong type of power adapter may
cause damage.
System Requirements
You must have an ISP that meets the following minimum requirements:
Internet access from your local telephone company or Internet
Service Provider (ISP) using a DSL modem, cable modem, ISDN TA, or PSTN analog modem. You may also have access over the telephone system to an analog modem at another site.
A PC using a fixed IP address or dynamic IP address
assigned via DHCP, as well as a gateway server address and DNS server address from your Internet Service Provider.
A computer equipped with a 10 Mbps, 100 Mbps, or
10/100 Mbps Fast Ethernet card, or a USB-to-Ethernet converter.
Page 13
TCP/IP network protocol installed on eac h PC that ne ed s to
access the Internet. A Java-enabled web browser, such as Microsoft Internet
Explorer 5.0 or above, or Netscape Communicator 4.0 or above installed on one PC at your site for configuring the Barricade™ Router.
Connect the System
The Barricade™ Router can be positioned at any convenient location in your office or home. No special wiring or cooling requirements are needed. You should, however comply with the following guidelines:
Connect the System
Keep the Barricade™ Router away from any heating devices.
Do not place the Barricade™ Router in a dusty or wet
environment.
You should also remember to turn off the power, remov e the power cord from the outlet, and keep your hands dry when you install the Barricade™ Router.
Basic Installation Procedure
1. Connect the LAN: You can connect the Barricade™ Router to
your PC, or to a hub or switch. Run Ethernet cable from one of the LAN ports on the front of the Barricade™ Router to your computer’s network adapter or to another network device.
2. Connect the WAN: Prepare an Ethernet cable for connecting the Barricade™ Router to a cable/DSL modem or Ethernet router . Prepare a serial cable for connecting the Barricade™ Router to an ISDN TA or PSTN modem.
Page 14
Installing the Router
3. Connect your printer: Use standard parallel printer cable to connect your printer to the printer port on the Barricade™ Router.
4. P ower on: Connect the power adapter to the Barricade™ Router.
Internet
Internet Access Device
SMC7004ABR Broadband Router
t c
A
N
/ k
A
n
L
i L
1
0 /10 0 1
WAN
4
3 r e w
o
2
P
1
SMC7004ABR
t e s e
R
SOHO Office or Residence
Figure 2. Connecting the Barricade™ Router
4
3
2
10
Page 15
If you have not previously installed the TCP/IP protocols on your client PCs, refer to the following section. If you need information on how to configure a TCP/IP address on a PC, refer to “Setting Up TCP/IP” on page 14.
Installing TCP/IP
Windows 95/98/Me
1. Click Start/Settings/Control Panel.
2. Double-clic k the Network icon and select the Configuration
C
LIENT
C
ONFIGURING
TCP/IP
tab in the Network window.
3. Click the Add button.
4. Double-click Protocol.
11
Page 16
Configuring Client TCP/IP
5. Select Microsoft in the manufacturers list. Select TCP/IP in the Network Protocols list. Click the OK button to return to the Network window.
6. The TCP/IP protocol will be listed in the Network window. Click OK. The operating syste m may prompt you to restart your system. Click Yes and the computer will shut down and restart.
Windows 2000
1. Click the Start button and choose Settings, then click the
Network and Dial-up Connections icon.
2. Double-click the Local Area Connection icon, and click the Properties button on the General tab.
3. Click the install... button.
12
Page 17
Installing TCP/IP
4. Double-click Protocol.
5. Choose Internet Protocol (TCP/IP). Click the OK button to
return to the Network window.
6. The TCP/IP protocol will be listed in the Network window. Click OK to complete the installation procedure.
13
Page 18
Configuring Client TCP/IP
Setting Up TCP/IP
To access the Internet through the Barricade™ Router, you mu st configure the network settings of the computers on your LAN to use the same IP subnet as the Barricade™ Router. The default network settings for the Barricade™ Router are:
Gateway IP Address: 192.168.2.1 Subnet Mask: 255.255.255.0 Note: These settings may be changed to suit your network
requirements, but you must first configure at least one computer as described in this chapter to access the Barricade™ Router’s Web configuration interface. See “Configuring the Barricade™ Router” on page 35 for information on configuring the Barricade™ Router.)
If you have not previously configured TCP/IP for your computer, refer to “Configuring Client TCP/IP” on page 11. The IP address of the connected client PC should be 192.168.2.x (where x means 2–254). You can set the IP address for client PCs either by automatically obtaining an IP address from the Barricade™ Router’s DHCP service or by manual configuration.
Configuring Your Computer in Windows 95/98/Me
You may find that the instructions here do not exactly match your version of Windows. This is because these steps and screen shots were created in Windows 98. Windows 95 and Windows Millennium Edition are very similar, but not identical, to Windows
98.
DHCP IP Configuration
1. From the Windows desktop, click Start/Settings/Control
Panel.
14
Page 19
Setting Up TCP/IP
2. In the Control Pane l, locate and double-click the Network icon.
3. On the Network window Configuration tab, double-click the TCP/IP entry for your network card.
4. Click the IP Address tab.
5. Click the “Obtain an IP
address” option.
6. Next click on the Gateway tab and verify the Gatew a y field is blank. If there are IP addresses listed in the Gateway section, highlight each one and click Remo ve until the section is empty.
15
Page 20
Configuring Client TCP/IP
7. Click the OK but ton to close the TCP/IP Properties window.
8. On the Network Properties Window, click the OK button to
save these new settings.
Note: Windows may ask you for the original Windows
installation disk or additional files. Check for the files at c:\windows\options\cabs, or insert your Windows CD-ROM into your CDROM drive and check the correct file location, e.g., D:\win98, D:\win9x. (if D is the letter of your CD-ROM drive).
9. Windows may prompt y ou to restart the PC. If so, clic k the Yes button. If Windows does not prom pt you to restart your computer, do so to ensure your settings.
Obtain IP Settings from Your Barricade™ Router
Now that you have configured your computer to connect to your Barricade™ Router, it needs to obtain new network settings. By releasing old IP settings and renewing them with settings from your Barricade™ Router, you will also verify that you have configured your computer correctly.
1. Click Start/Run.
2. Type WINIPCFG and click
OK.
16
Page 21
Setting Up TCP/IP
3. From the drop-down menu, select your network card. Click Release and then Renew. Ver i fy that your IP address is now
192.168.2.xxx, your Subnet Mask is 255.255.255.0 and your Default Gateway is
192.168. 2.1. These values confirm that your Barricade™ Router is functioning. Click OK to close the IP Configuration window.
Manual IP Configuration
1. Follow steps 1-3 in “DHCP IP Configuration” on page 14
2. Check “Specify an IP
address” on the IP Address tab. Enter an IP address based on the def ault network 192.168.2.x (where
between 2 and 254), and
x is use 255.255.255.0 for the subnet mask.
17
Page 22
Configuring Client TCP/IP
3. In the Gateway tab, add the IP address of the Barricade™ Router (default:
192.168.2.1) in the New gateway field and click Add.
On the DNS Configuration
4.
tab, add the IP address for the Barricade™ Router and click Add. This automatically relays DNS requests to the DNS server(s) provided by your ISP. Otherwise, add specific
DNS servers into the DNS Server Search Order field and click Add
.
5. Record the configured information in the following table.
TCP/IP Configuration Setting
IP Address ____.____.____.____ Subnet Mask ____.____.____.____ Primary DNS Server ____.____.____.____ Secondary DNS Server ____.____.____.____ Default Gateway ____.____.____.____ Host Name ____.____.____.____
18
Page 23
Setting Up TCP/IP
6. Windows may need your Windows 95/98/Me CD to copy some files. After it finishes copying, it will prompt you to restart your system. Click Yes and your computer will shut down and restart. After that, set up other PCs on the LAN according to the procedures described above.
Configuring Your Computer in Windows NT 4.0
DHCP IP Configuration
1. From the Windows desktop click Start/Settings/Control Panel.
2. Double-click the
Network icon.
19
Page 24
Configuring Client TCP/IP
3. Click on the Protocols tab.
4. Double-click TCP/ IP Protocol.
5. Click on the IP Address tab.
6. In the Adapter drop-down list, be sure your Ethernet adapter
is selected.
7. Click on “Obtain an IP address from a DHCP server”.
8. Click OK to close the window.
9. Windows may copy files and will then prompt you to restart
your system. Click Yes and your computer will shut down and restart.
20
Page 25
Setting Up TCP/IP
Obtain IP Settings From Your Barricade™ Router
Now that you have configured your computer to connect to the Barricade™ Router, it needs to obtain new network settings. By releasing old IP settings and renewing them with settings from the Barricade™ Router, you will also verify that you have configured your computer correctly.
1. On the Windows desktop, click Start/Programs/Command Prompt.
2. In the Command Prompt window, type IPCONFIG /RELEASE and press the <ENTER> key.
3. Type IPCONFIG /RENEW and press the <ENTER> k ey. V e rify that your IP Address is no w 192.168.2.xxx, y our Subnet Mask is 255.255.255.0 and your Default Gateway is 192.168.2.1. These values confirm that the Barricade™ Router is functioning.
21
Page 26
Configuring Client TCP/IP
4. Type EXIT and press <ENTER> to clo se the Command Prompt window.
Manual IP Configuration
1. Follow steps 1-5 in “DHCP IP Configuration” on page 19.
2. Check “Spec ify an IP
address” on the IP Address tab. Enter an IP address based on the def ault network 192.168.2.x (where x is
254), use 255.255.255.0 f or the subnet mask. Gateway field, add the IP address of the Barricade™ Router (default:
192.168.2.1) and click Apply.
between 2 and
In the
22
Page 27
On the DNS Configuration
3.
in the DNS Server
tab,
Setting Up TCP/IP
Search Order field
add the IP address for the Barricade™ Router
and click Add. This automatically relays DNS requests to th e DNS server(s) provided by your ISP. Otherwise, add specific
DNS servers into
the DNS Server Search Order field and click Add
4. Record the configured information in the following
table.
TCP/IP Configuration Setting
IP Address ____.____.____.____ Subnet Mask ____.____.____.____ Primary DNS Server ____.____.____.____ Secondary DNS Server ____.____.____.____ Default Gateway ____.____.____.____ Host Name ____.____.____.____
5. Click OK to save these new changes.
23
Page 28
Configuring Client TCP/IP
Configuring Your Computer in Windows 2000
DHCP IP Configuration
1. Access your Network settings by clicking Start, then choose
Settings and then select Control Panel.
2. In the Control Panel, locate a nd double-click the Network and Dial-up Connections icon.
3. Locate and double-click the Local Area Connection icon for the Ethernet adapter that is connected to the Barricade™ Router. When the Status dialog box window opens, click the Properties button.
4. In the Local Area Connection Properties box, verify that the box next to Internet Protocol (TCP/IP) is checked. Then highlight the Internet Protocol (TCP/IP), and click the Properties button.
5. Select “Obtain an IP address automatically” to configure your computer for DHCP. Clic k the OK button to save this change and close the Properties window .
6. Click the OK button aga i n to save these new changes.
7. Reboot your PC.
Obtain IP Settings From Your Barricade™ Router
See “Obtain IP Settings From Your Barricade™ Router” on page
21.
24
Page 29
Setting Up TCP/IP
Manual IP Configuration
1. Follow steps 1-4 in “DHCP IP Configuration” on page 24.
2. Select “Use the following IP
Address.”
3. Enter an IP address based on the default network
192.168.2.x (where x is between 2 and 254), use
255.255.255.0 for the subnet mask. and the IP address of the Barricade™ Router (default:
192.168.2.1) for the De fault gateway field.
4. Select “Use the following DNS server addresses.” Enter the IP address for the Barricade™ Router in the Preferred
5.
DNS server field
. This automatically relays DNS requests to the DNS server(s) provided by your ISP. Otherwise, add a specific
DNS server into the Alternate DNS Server field.
6. Record the configured information in the following table.
TCP/IP Configuration Setting
IP Address ____.____.____.____ Subnet Mask ____.____.____.____ Preferred DNS Server ____.____.____.____ Alternate DNS Server ____.___ _.____.____ Default Gateway ____.____.____.____
Click OK to close the dialog boxes
7.
.
25
Page 30
Configuring Client TCP/IP
Configuring Your Computer in Windows XP
DHCP IP Configuration
The following instructions assume you are running Windows XP with the default interface. If you are using the Classic interface (where the icons and menus look like previous Windows versions), please follow the instructions for Windows 2000 outlined above.
1. On the Windows desktop, click Start/Control Panel.
2. In the Control Pane l window, click Network and Internet
Connections.
3. Locate and double-click the Local Area Connection icon for the Ethernet adapter that is connected to the Barricade™ Router. Next, click the Properties button.
26
Page 31
4. Double-click Internet Protocol (TCP/IP).
5. If “Obtain an IP address automatically” and “Obtain DNS server address automatically” are already selected, your computer is already configured for DHCP. Click Cancel to close
Setting Up TCP/IP
each window.
6. Click the OK b utton again to save these new changes.
7. Reboot your PC.
Obtain IP Settings from Your Barricade
See “Obtain IP Settings From Your Barricade™ Router” on page 21.
27
Page 32
Configuring Client TCP/IP
Manual IP Configuration
1. Follow steps 1-5 in “DHCP IP Configuration” on page 26.
2. Select “Use the following
IP Address.”
3. Enter an IP address based on the default network
192.168.2.x (where x is between 2 and 254), use
255.255.255.0 f or the subnet mask. and
the IP address of the Barricade™ Router (default: 192.168.2.1) for the Default gateway field.
4. Select “Use the following DNS server addresses.”
Enter the IP address for the Barricade™ Router in the Preferred
5.
DNS server field
. This automatically relays DNS requests to the DNS server(s) provided by your ISP. Otherwise, add a specific click OK to close the dialog boxes
DNS server into the Alternate DNS Server field and
.
6. Record the configured information in the following table.
TCP/IP Configuration Setting
IP Address ____.____.____.____ Subnet Mask ____.____.____.____ Preferred DNS Server ____.____.____.____ Alternate DNS Server ____.___ _.____.____ Default Gateway ____.____.____.____
7. Click OK to close the dialog bo x.
28
Page 33
Configuring a Macintosh Computer
DHCP IP Configuration
You may find that the instructions here do not exactly match your screen. This is because these steps and screen shots were created using Mac OS 10.2. Mac OS 7.x and above are similar, but may not be identical to Mac OS 10.2
Follow these instructions:
1. Pull down the Apple Menu . Click System Preferences.
Setting Up TCP/IP
29
Page 34
Configuring Client TCP/IP
2. Double-click the Network icon in the Systems Preferences window.
30
3. If Using DHCP is already selected in the Configure field, your computer is already configured for DHCP.
4. Close the Network dialog box.
Page 35
Setting Up TCP/IP
Obtain IP Settings from Your Barricade
Now that you have configured your computer to connect to your Barricade, it needs to obtain new network settings. By releasing old DHCP IP settings and renewing them with settings from your Barricade, you can verify that you have configured your computer correctly.
1. Select Systems Preferences in the pull down Apple Menu .
2. Double-click the Network icon in the Systems Preferences
window.
3. Your new settings are shown in the TCP/IP tab. Verify that your IP Address is now
192.168.2.xxx, your Subnet Mask is
255.255.255.0 and your Default Gateway is
192.168.2.1. These values confirm that your Barricade is functioning.
4. Close the TCP/IP window.
31
Page 36
Configuring Client TCP/IP
Manual IP Configuration
1. Follow steps 1-2 in “DHCP IP Configuration” on page 29
2. Select Manually in the
Configure field.
3. Enter an IP address based on the def ault network 192.168.2.x (where x is
between 2
and 254), use
255.255.255.0 f or the subnet mask. In the Router field, add
the IP address of the Barricade™ Router (default: 192.168.2.1) and click Apply Now.
Enter the IP address for the Barricade™ Router in the DNS
4.
servers field
. This automatically relays DNS requests to the DNS server(s) provided by your ISP. Otherwise, add a specific DNS server into the DNS Server sfield and click Apply now to close the dialog box
.
5. Record the configured information in the following table.
TCP/IP Configuration Setting
IP Address ____.____.____.____ Subnet Mask ____.____.____.____ DNS Server ____.____.____.____ Default Gateway ____.____.____.____
6. Click Apply now to apply the new settings then close the dialog box.
32
Page 37
Verifying Your TCP/IP Connection
After installing the TCP/IP communication protocols and configuring an IP address in the same network as the Barricade™ Router, use the Ping command to check if your computer has successfully connected to the Barricade™ Router. The following example shows how the Ping procedure can be executed in an MS-DOS window. First, execute the Ping command:
ping 192.168.2.1
If a message similar to the following appears:
Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=2ms TTL=64
a communication link between your computer and the Barricade™ Router has been successfully established.
Setting Up TCP/IP
If you get the following message,
Pinging 192.168.2.1 with 32 bytes of data: Request timed out.
there may be something wrong in your installation procedure. Check the following items in sequence:
1. Is the Ethernet cable correctly conn ected between the Barricade™ Router and the computer?
2. The LAN LED on the Barricade™ Router and the Link LED of the network card on your computer must be on.
3. Is TCP/IP properly configured on your computer?
If the IP address of the Barricade™ Router is 192.168.2.1, the IP address of your PC must be from 192.168.2.2 -
192.168.2.254 and the default gateway must be 192.168.2.1.
If you can successfully Ping the Barricade™ Router you are now ready to connect to the Internet.
33
Page 38
ONFIGURING THE
C
ARRICADE
B
The Barricade™ Router can be configured by any Java­supported browser including Internet Explorer 5.0 or above. Using the Web management interface, you can configure the Barricade™ Router and view statistics to monitor network activity.
Note: Before you attempt to configure your router, if you have
access to the Internet please visit www.smc.com
www.smc-europe.com
firmware update to ensure your router is running the latest firmware.
Before you attempt to log into the Barricade™ Router’s Web-based Administration, please verify the following.
1. Your browser is configured properly (see below).
™ R
and download the latest
OUTER
or
2. Disable any firewall or security software that may be running.
3. Confirm that you have a good link LED where your computer
is plugged into the Barricade™ Router . If you do n’t hav e a link light – then try another cable until you get a good link.
Browser Configuration
Confirm that your browser is configured for a direct conn ection to the Internet using the Ethernet cable that is installed in the computer. This is configured through the options/preference section of your browser.
35
Page 39
Configuring the Barricade™ Router
Disable Proxy Connection
You will also need to verify that the HTTP Proxy feature of your web browser is disabled. This is so that your web browser will be able to view the Barricade™ Router configuration pages. The following steps are for Internet Explorer and for Netscape. Determine which browser you use and follow the appropriate steps.
Internet Explorer (5 or above)
1. Open Internet Explorer. Click Tool s, and then select Internet
Options.
2. In the Internet Options window, clic k the Connections tab.
3. Click the LAN Settings button.
4. Clear all the check boxes and click OK to save these LAN
settings.
5. Click OK again to close the Internet Options wi nd ow.
Internet Explorer (For Macintosh)
1. Open Internet Explorer. Click Edit/Preferences.
2. In the Internet Explorer Preferences window, under Network,
select Proxies.
3. Uncheck all checkboxes and click OK.
36
Page 40
Internet Explorer (For Macintosh)
To access the Barricade™ Router’s management interface, enter the Barricade™ Router IP address in your Web browser http://192.168.2.1. Then click LOGIN. (By default, there is no password.)
The home page displays the Setup Wizard and Advan ce d Setup options.
37
Page 41
Configuring the Barricade™ Router
Navigating the Web Browser Interface
The Barricade™ Router’s management interface features a Setup Wizard and an Advanced Setup section. Use the Setup Wizard if you want to quickly set up the Barricade™ Router for use with a cable modem or DSL modem.
Advanced Setup supports more advanced functions like hacker attack detection, IP and MAC address filtering, intrusion detection, virtual server setup, virtual DMZ hosts, and other advanced functions.
Making Configuration Changes
Configurable parameters have a dialog box or a drop-down list. Once a configuration change has been made on a page, be sure to click the APPLY or NEXT button at the bottom of the page to enable the new setting.
Note: To ensure proper screen refresh after a command
entry, ensure th at Intern et Explorer 5.0 is configured as follows: Under the menu Tools/Internet Options/ General/Temporary Internet Files/Settings, the setting for “Check for newer versions of stored pages” should be “Every visit to the page.”
38
Page 42
Setup Wizard
Time Zone
Click on the Setup Wizard picture. The first item in the Setup Wizard is Time Zone setup.
.
Setup Wizard
For accurate timing of client filtering and log events, you need to set the time zone. Select your time zone from the drop-down list, and click NEXT.
Check Enable Automatic Time Server Maintenance to automatically maintain the Barricade™ Router system time by synchronizing with a public time server over the Internet. Then configure two different time servers by selecting the options in the Primary Server and Secondary Server fields.
39
Page 43
Configuring the Barricade™ Router
Broadband Type
Select the type of broadband connection you have.
For a cable modem connection see the following page. For a Fixed-IP xDSL connection see “Fixed-IP xDSL” on page 41, and for a PPPoE xDSL connection, see “PPPoE” on page 41.
Cable Modem
After selecting Cable Modem as the Broadband Type, a message will appear stating that your data has been successfully saved.
Note: Select Home to return to the home page, then select
Advanced Settings/WAN to configure the required parameters. (See “WAN” on page 47.)
40
Page 44
Setup Wizard
Fixed-IP xDSL
Some xDSL Internet Service Providers may assign a fixed (static) IP address. If you have been provided with this information, choose this option and enter th e assigned IP address, gateway IP address, DNS IP addresses, and subnet mask. Click FINISH to complete the setup.
PPPoE
Enter the PPPoE User Name and Password assigned by your Service Provider. The Service Name is normally optional, but may be required by some service providers.
Leave the Maximum Transmission Unit (MTU) at the default value (1454) unless you have a particular reason to change it.
Enter a Maximum Idle Time (in minutes) to define a maximum period of time for which the Internet connection is maintained during inactivity. If the connection is inactive for longer than the Maximum Idle Time, it will be dropped. (Default: 10)
41
Page 45
Configuring the Barricade™ Router
Enable the Auto-reconnect option to automatically re-establish the connection as soon as you attempt to access the Internet again. Click FINISH to com plete the setup.
Advanced Setup
Use the Web management interface to define system parameters, manage and control the Barricade™ Router an d its ports, or monitor network conditions. The following table outlines the selections available from this program.
Menu Description
System Sets the local time zone, the password for administrator
access, and the IP address of a PC that will be allowed to manage the Barricade™ Router remotely.
WAN Specifies the Internet connection type:
• Dynamic IP host configuration and the physical MAC address of each media interface
• PPPoE configuration
• PPTP
• Static IP and ISP gateway address
• Specifies DNS servers to use for domain name resolution.
LAN Sets the TCP/IP configuration of the Barricade™
Router’s LAN interface and all DHCP clients.
NAT Shares a single ISP account with multiple users, sets up
virtual servers.
Firewall Configures a variety of security and specialized
functions, including: Access Control, Hacker Prevention, and DMZ.
DDNS Dynamic DNS provides users on the Internet with a
method to tie their domain name(s) to comp uters or servers.
42
Page 46
Advanced Setup
Menu Description
UPnP With Universal Plug and Play, a device can automatically
dynamically join a network, obtain an IP address, communicate its capabilities, and learn about the presence and capabilities of other devices. Devices can then directly communicate with each other. This further enables peer to peer networking.
Tools Contains options to backup and restore the current
configuration, restore all configu ra tion settings to the factory defaults, update system firmware, or reset the system.
Status Provides WAN connection type and status, firmware and
hardware version numbers, system IP settings, as well as DHCP, NAT, and Firewall information.
Displays the number of attached clients, the firmware versions, the physical MAC address for each media interface, and the hardware version and serial number.
Shows the security and DHCP client log.
43
Page 47
Configuring the Barricade™ Router
System
Time Zone
For accurate timing of client filtering and log events, you need to set the time zone. Select your time zone from the drop-down list, and click NEXT.
Check Enable Automatic Time Server Maintenance to automatically maintain the Barricade™ Router system time by synchronizing with a public time server over the Internet. Then configure two different time servers by selecting the options in the Primary Server and Secondary Server fields.
44
Page 48
Password Settings
Advanced Setup
Use this menu to restrict access based on a password. By default, there is no password. For security you should a ssign one before exposing the Barricade™ Router to the Internet.
Passwords can contain from 3–12 alphan umeric characters and are not case sensitive.
Note: If your password is lost, or you cannot gain access to
the user interface, press the Reset button on the front panel (holding it down for at least five seconds) to restore the factory defaults. (The default is no password.)
Enter a maximum Idle Time Out (in minutes) to define a maximum period of time for which the login session is m aintained during inactivity. If the connection is inactive for longer than the maximum idle time, it will perform system logout, and you have to login to the Web management system again. (Default: 10 minutes)
45
Page 49
Configuring the Barricade™ Router
Remote Management
Remote Management allows a remote PC to configure, manage, and monitor the Barricade™ Router using a standard Web browser. Check Enable and enter the IP address of the remote host. Click APPLY.
Note: If you specify 0.0.0.0 as this IP address, any host can
manage the Barricade™ Router.
46
Page 50
WAN
Advanced Setup
Specify the WAN connection type provided by your Internet Service Provider, then click More Configuration to enter detailed configuration parameters for the selected connection type.
47
Page 51
Configuring the Barricade™ Router
Dynamic IP
The Host Name is optional, but may be required by some ISPs. The default MAC address is set to the WAN’s physical interface on the Barricade™ Router. Use this address when registering for Internet service, and do not change it unless required by your ISP. If your ISP used the MAC address of an Ethernet card as an identifier when first setting up your broadband account, only connect the PC with the registered MAC address to the Barricade™ Router and click the Clone MAC Address button. This will replace the current Barricade™ Router MAC address with the already registered Ethernet card MAC address.
If you are unsure of which PC was originally set up by the broadband technician, call your ISP and request that they register a new MAC address for your account. Register the default MAC address of the Barricade™ Rou ter.
48
Page 52
Point-to-Point Over Ethernet (PPPoE)
Advanced Setup
Enter the PPPoE User Name and Password assigned by your Service Provider. The Service Name is normally optional, but may be required by some service providers.
The MTU (Maximum Transmission Unit) governs the maximum size of the data packets. Leave this on the de fa ult value (1454) unless you have a particular reason to change it.
Enter a Maximum Idle Time (in minutes) to define a maximum period of time for which the Internet connection is maintained during inactivity. If the connection is inactive for longer than the Maximum Idle Time, it will be dropped. (Default: 10 minutes)
Note: Note: Please be aware that the setting "Maximium Idle
Time" to "0" and/or "Auto-Reconnect" enabled can cause increased telephone bills. For further information please visit www.smc-europe.com or contact SMC's technical support team.
49
Page 53
Configuring the Barricade™ Router
You can enable the auto-reconnect option to automatically re-establish the connection as soon as y o u attempt to access the Internet again.
Point-to-Point Tunneling Protocol (PPTP)
50
Point-to-Point Tunneling Protocol (PPTP) can be used to join different physical networks using the Internet as an intermediary. Using the above screen allows client PCs to establish a normal PPTP session and provides hassle-free configuration of the PPTP client on each client PC.
Enter the assigned IP address, subnet mask and default gateway IP address (usually supplied by your ISP), and then the PPTP User ID, Password and PPPTP Gateway IP address.
Page 54
Advanced Setup
Enter a maximum Idle Time Out (in minutes) to define a maximum period of time for which the PPTP connection is maintained during inactivity. If the connection is inactive for longer than the Maximum Idle Time, it will be dropped. (Default: 10 minutes)
Note: Please be aware that the setting "Maximium Idle Time"
to "0" and/or "Auto-Reconnect" enabled can cause increased telephone bills. For further information please visit www.smc-europe.com or contact SMC's technical support team.
Static IP Address
If your Internet Service Provider has assigne d a fixed IP address, enter the assigned address and su bnet mask for th e Ba rricade™ Router, then enter the gateway address of your ISP.
You may need a fixed address if you want to provide Internet services, such as a Web server or FTP server.
51
Page 55
Configuring the Barricade™ Router
DNS
Domain Name Servers map numerical IP addresses to the equivalent domain name (e.g., www.smc.com). Your ISP should provide the IP address of one or more domain name servers. Enter those addresses in this screen.
52
Page 56
Dial-up
Advanced Setup
If you are accessing the Internet via an I SDN TA or PSTN modem attached to the serial port on the Barricade™ Router, then you must specify your account information on this screen as described below.
Note: If not checked, then this connection will only be used
for backup access if the primary WAN link fails
Dial-Up Service Phone Number – Enter the phone number
your service provider has given to you for Internet access. Dial-Up Account Information – Enter your ISP account user
name and password Modem Initialization String – This is normally optional, but
may be required by some service providers.
53
Page 57
Configuring the Barricade™ Router
MTU – Leave the Maximum Transmission Unit (MTU) at the
default value (1454) unless you have a particular reason to change it.
Maximum Idle Time – Enter a maximum idle time (in minutes)
to define a maximum period of time for which the Inte rnet connection is maintained during inactivity (Default: 10). If the connection is inactive for longer than the Maximu m Idle Time, it will be dropped. Enable the Auto-reconnect option to automatically re-establish the conn ection as soon as you attempt to access the Internet again.
Has your Internet Service Provider given you an IP addre ss?
– If you are assigned a dynamic IP a ddress every time you dial up, select No for this item. However, if your ISP has assigned a fixed IP address for you to use, select Yes for this item and enter the IP address and subnet mask.
Note: If your ISP has given you a secondary phone number,
or if you have a secondary Internet service account, then fill in the relevant fields under Secondary Dial-up.
54
Page 58
LAN
Advanced Setup
LAN IP – Use the LAN menu to configure the LAN IP a ddress
for the Barricade™ Router and to enable the DHCP server for dynamic client address allocation.
Set a period for the lease time if required. For home networks
this may be set to Forever, which means there is no time limit on the IP address lease.
IP Address Pool – A dynamic IP start address may be
specified by the user, e.g. 192.168.2.100 (default value). Once this start IP address has been assigned, IP addresses running from 192.168.2.100-99 will be part of the dynamic IP address pool. IP addresses from 192.168.2.2-99, and
192.168.2.200-254 will be available as static IP addresses.
Remember not to include the address of the Barricade™ Router in the client address pool. Also rem ember to config ure your client PCs for dynamic IP address allocation.
55
Page 59
Configuring the Barricade™ Router
Network Address Translation (NAT)
From this section you can configure the Address Mapping, Virtual Server, and Special Application features that provide control over the port openings in the router’s firewall. This section can be used to support several Internet based applications such as email, FTP, and Telnet.
Address Mapping
Allows one or more public IP addresses to be shared by multiple internal users. Enter the Public IP address you wish to share into the Global IP field. Enter a range of internal IPs that will share the global IP.
56
Page 60
Virtual Server
Advanced Setup
If you configure the Barricade™ Router as a virtual server, remote users accessing services such as Web or FTP at your local site via public IP addresses can be automatically redirected to local servers configured with private IP addresses. In other words, depending on the requested se rvice (TCP/UDP port number), the Barricade™ Router redirects the external service request to the appropriate server (located at another internal IP address).
For example, if you set Type/Public Port to TCP/80 (HTTP or Web) and the Private IP/Port to 192.168.2.2/80, then all HTTP requests from outside users will be transferred to 192.168.2.2 on port 80. Therefore, by just entering the IP Address provided by the ISP, Internet users can access the service they need at the local address to which you redirect them.
The more common TCP service ports include: HTTP: 80, FTP: 21, Telnet: 23, and POP3: 110.
57
Page 61
Configuring the Barricade™ Router
Special Applications
Some applications, such as Internet gaming, videoconferencing, Internet telephony and others, require multiple connections. These applications cannot work with Network Address Translation (NAT) enabled. If you need to run applications that require multiple connections, use the following screen to specify the additional public ports to be opened for each application.
Specify the public port number normally associated with an application in the Trigger Port field. Set the protocol type to TCP or UDP, then enter the ports that the application requires. The ports may be in the format 7, 11, 57, or in a range, e.g., 72-96, or a combination of both, e.g., 7, 11, 57, 72-96.
Popular applications requiring multiple ports are listed in the Popular Applications field. From the drop-down list, choose the application and then choose a row number to copy this da ta into.
Note: Choosing a row that already contains data will
overwrite the current setting s.
58
Page 62
For a full list of ports and the services that run on them, see www.iana.org/assignments/port-numbers.
Firewall
The Barricade™ Router firewall can provide access control of connected client PCs, block common hacker attacks, including IP Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan, and TCP SYN flooding. The firewall does not significantly affect system performance, so we advise leaving it enabled to protect your network users.
Access Control
Advanced Setup
Using this option allows you to specify different privileges based on IP address for the client PCs.
59
Page 63
Configuring the Barricade™ Router
Note: Click on Add PC and define the appropria te settings for
client PC services (as shown in the following screen).
Access Control Add PC
MAC Filtering Table
60
Page 64
Advanced Setup
The MAC Filtering feature of the Barricade™ Router allows you to limit access to your network to up to 32 clients based on the MAC (Media Access Control) address of the client machine. This ID is unique to each network adapter. If the MAC address is listed in the table, that client machine will have access to the network.
URL Blocking
To configure the URL Blocking feature, use the table below to specify the web sites (www.somesite.com) and/or keywords you want to filter on your network.
To complete this configuration, you will need to create or modify an access rule in “Access Control” on page 59. To modify an existing rule, click the Edit option next to the rule you want to modify. To create a new rule, click on the Add PC option.
From “Access Control Add PC” on page 60, check the option for WWW with URL Blocking in the Client PC Service table to filter out the websites and keywords spec ified be l ow.
Use the above screen to block access to Web sites or to Web URLs containing the keyword specified in the keyword table.
61
Page 65
Configuring the Barricade™ Router
Schedule Rule
The Schedule Rule feature allows you to configure specific rules based on Time and Date. These rules can then be used to configure more specific Access Control.
62
Enables Schedule-based Internet access control.
1. Click Add Schedule Rule.
2. Define the settings for th e schedule rule (as shown on the
following screen).
Page 66
Advanced Setup
3. Click OK and then click the APPLY button to save your settings.
63
Page 67
Configuring the Barricade™ Router
Intrusion Detection
The Barricade™ Router Intrusion Detection feature limits access for incoming traffic at the WAN port.
64
Page 68
Advanced Setup
SPI and Anti-DoS firewall protection (Default: Enabled)
When the Stateful Packet Inspection (SPI) feature is turned on, all incoming packets will be blocked except for those types marked with a check in the Stateful Packet Inspectio n section.
RIP Defect (Default: Enabled) – If a Router Information
Protocol (RIP) request packet is not acknowledged by the router, it will stay in the input queue and not be released. Accumulated packets could cause the input queue to fill, causing severe problems for all protocols. Enabling this feature prevents the packets from accumulating.
Discard Ping from WAN (Default: Disabled) – Prevents a
PING on the Gateway’s WAN port from being routed to the network.
Stateful Packet Inspection – This is called a “stateful” packet
inspection because it examines the co nte n ts of the packet to determine the state of the communications; i.e., it ensures that the stated destination computer has previously requested the current communication. This is a way of ensuring that all communications are initiated by the recipient computer and are taking place only with sources that are known and trusted from previous interactions. In addition to being more rigorous in their inspection of packets, stateful inspection firewalls also close off ports until connection to the specific port is requested.
When particular types of traffic are checke d, only the particular type of traffic initiated from the internal LAN will be allowed. For example, if the user only checks FTP Service in the Stateful Packet Inspection section, all incoming traffic will be blocked except for FTP connections initiated from the local LAN.
65
Page 69
Configuring the Barricade™ Router
Stateful Packet Inspection allows you to select different application types that are using dynamic port numb ers. If you wish to use the Stateful Packet Inspection (SPI) to block packets, click on the Yes radio button in the “Enable SPI and Anti-DoS firewall protection” field and then check the inspection type that you need, such as Packet Fragmentation, TCP Connection, UDP Session, FTP Service, H.323 Service, and TFTP Service.
When hackers attempt to enter your networ k, we can alert
you by e-mail – Enter your E-mail address. Specify your SMTP and POP3 servers, user name, and password.
Connection Policy – Enter the appropriate values for TCP/
UDP sessions as described in the following table.
Parameter Defaults Description
Fragmentation half-open wait
TCP SYN wait 30 sec Defines how long the software will
TCP FIN wait 5 sec Specifies how long a TCP session
TCP connection idle timeout
UDP session idle timeout
10 sec Configures the number of seconds
that a packet state structure remains active. When the timeout value expires, the router drops the unassembled packet, freeing th at structure for use by another packet.
wait for a TCP session to synchronize before dropping the session.
will be maintained after the firewall detects a FIN packet.
3600 seconds (1 hour)
30 sec The length of time a UD P se ssi on
The length of time a TCP session will be maintained if there is no activity.
will maintained if there is no activity.
H.323 data channel idle timeout
66
180 sec The length of time an H.323
session will be maintained if there is no activity.
Page 70
Advanced Setup
DoS Criteria and Port Scan Criteria
Set up DoS and port scan criteria in the spaces provided (as shown below).
Parameter Defaults Description
Total incomplete TCP/ UDP sessions HIGH
Total incomplete TCP/ UDP sessions LOW
Incomplete TCP/UDP sessions (per min.) HIGH
Incomplete TCP/UDP sessions (per min.) LOW
Maximum incomplete TCP/UDP sessions number from same host
300 sessions Defines the rate of newly
unestablished sessions that will cause the software to
deleting half-open
start
sessions.
250 sessions Defines the rate of newly
unestablished sessions that will cause the software to stop deleting half-open sessions.
250 sessions Maximum number of
allowed incomplete TCP/ UDP sessions per minute.
200 sessions Minimum number of
allowed incomplete TCP/ UDP sessions per minute. Set this to “0” if no minimum setting is required.
10 sessions Maximum number of
incomplete TCP/UDP sessions from the same host.
Incomplete TCP/UDP sessions detect sensitive time period
Maximum half-open fragmentation packet number from same host
300 msec Length of time before an
incomplete TCP/UDP session is detected as incomplete.
30 Maximum number of
half-open fragmentation packets from the same host.
67
Page 71
Configuring the Barricade™ Router
Parameter Defaults Description
Half-open fragmentation detect sensitive time period
Flooding cracker block time
DMZ
1sec Length of time before a
half-open fragmentation session is detected as half-open.
300 sec Length of time from
detecting a flood attack to blocking of the attack.
If you have a client PC that cannot run an Internet application properly from behind the firewall, then you can open the client up to unrestricted two-way Internet access. Enter the IP address of a DMZ host to this screen. Adding a client to the DMZ (Demilitarized Zone) may expose your local network to a variety of security risks, so only use this option as a last resor t .
68
Page 72
DDNS (Dynamic DNS) Settings
Dynamic DNS provides users on the Internet with a method to tie their domain name(s) to computers or servers. DDNS allows your domain name to follow your IP address automatically by having your DNS records changed when your IP address changes.
Advanced Setup
Domain Name – A symbolic network address for the Barricade™ Router formatted as a series of alphanumeric strings separated by periods.
E-mail – Enter your e-mail address here. Key – Enter your key here to sign in. If you do not a lready have a
key, click on the Get free 30-day trial key! link. The section also has a “Server Configuration” section that
automatically opens the port options checked in the Virtual Server section. Simply enter in the IP Address of your server, such as a web server, and then click on the port option HTTP Port 80 so users can access your server from the WAN connection (Internet).
69
Page 73
Configuring the Barricade™ Router
This DNS feature is powered by TZO.com. With a DDNS connection you can host your own web site, email server, FTP site, and more at your own location even if you have a dynamic IP address. (Default: Disable)
UPnP (Universal Plug and Play) Setting
Enable UPnP by checking ON in the screen above. UPnP allows the device to automatically:
dynamically join a local network.
obtain an IP address.
convey its capabilities and learn about the presence and
capabilities of other devices.(Default: OFF)
70
Page 74
Tools
Advanced Setup
Use the Tools menu to back up the current configuration, restore a previously saved configuration, restore facto ry settings, up date firmware, and reset the Barricade ™ Router.
Tools - Configuration Tools
Backup – saves the Barricade™ Router’s configuration to
a file. Restore – restores settings from a saved backup
configuration file. Restore to factory defaults – restores the Barricade™
Router settings back to the factory defaults.
71
Page 75
Configuring the Barricade™ Router
Tools - Firmware Upgrade
Use this screen to update the firmware or user interface to the latest versions. D ownload the upgrade file from the SMC Web site (www.smc.com) and save it to your hard drive. Click Browse to look for the downloaded file. Click APPLY. Check the Status page Information section to confirm that the upgrade process was successful.
72
Page 76
Tools - Reset
Advanced Setup
Click APPLY to reset the Barricade™ Router. The reset will be complete when the power LED stops blinking.
Note: If you use the Reset button on the front panel, the
Barricade™ Router performs a power reset. If the button is depressed for over five seconds, all the LEDs will illuminate and the factory settings will be restored.
73
Page 77
Configuring the Barricade™ Router
Status
The Status screen displays WAN/LAN connection status, firmware, and hardware version numbers, illegal attempts to access your network, as well as information on DHCP clients connected to your network.
74
The following items are included on this screen:
Section Description
INTERNET Displays WAN connection type and status. GATEWAY Displays system IP settings, as well as DHCP and
Firewall status.
INFORMATION Displays the number of attached clients, the firmware
versions, the physical MAC address for each media interface, as well as the hardware version and serial
number. Security Log Displays illega l attempts to access your network. Save Click on this button to save the security log file. Clear Click on this button to delete the access log. Refresh Click on this button to refresh the screen. DHCP Client Log Displays information on all DHCP clients on your
network.
Page 78
RINT
P
If you want to use the print server built into the Bar rica d e™ Router, then you must first install the Por t Monit or pro gr a m as described in the following section for Windows 95/98/ Me/NT/2000.
To configure the Barricade™ Print Server for Windows 95/98/Me/ NT/2000, or Unix, see “Configuring the Print Server” on page 78.
S
ERVER
S
ETUP
Installing the SMC Printer Port Monitor
Skip this section if you are using Unix.
For Windows 95/98/Me/NT/2000 clients, you need to insta ll the port monitor program as described in this section.
1. Insert the installation CD-ROM into your CD-ROM drive. Under the Print Server directory, ru n th e setup.exe program. The SMC Port Monitor installation program advises you to close all other Windows programs currently running on your computer. Click Next to continue.
2. The next screen indicates that th e print client uses TCP/IP network protocol to monitor print requests. Click Next.
75
Page 79
Print Server Setup
3. Select the destination f older and cli c k on the Next button. The setup program will then begin to install the programs into the destination folder.
4. Select the Program Folder that will contain the program icon for uninstalling the port monitor, and then click Next.
76
Page 80
Installing the SMC Printer Port Monitor
5. Enter the printer port name that will be used to identify the port monitor in your system, and press Next.
6. When the setup program finishes installing the port monitor, check the radio button to restart your computer and then click OK.
7. After rebooting your computer, add the Barricade™ Router print server to your system as described in the following section.
77
Page 81
Print Server Setup
Configuring the Print Server
The Barricade™ Router’s print server supports Microsoft Windows 95/98/Me/NT/2000, and Unix. If you a re using Windows 95/98/Me/NT/2000, first install the port monitor as described in the previous section before adding the Barricade ™ Router’s print server to your operating system.
Configuring the Network Printer in Win 95/98/Me/2000
1. On a Windows 95/98/Me/2000 platform, open the Printers
window in Printer icon.
the My Computer menu, and double-click the Add
78
Page 82
Configuring the Print Server
2. Follow the prompts to add a Local printer to your system. Specify the printer type attached to the Barr icade™ Router.
3. Click the Use the following port button and select the monitored port (the default port name is SMC100).
79
Page 83
Print Server Setup
4. Enter the IP address of the Barricade™ Router and click OK, and then click Next in the Add Printer Wizard dialog box.
5. Continue following the prompts to finish installing the Barricade™ Router print server. The printer type you specified will now be added to your Printers menu.
Configuring the Network Printer in Windows NT
1. On a Windows NT platform, open the Printers window in
My Computer menu, and double-click the Add Printer icon.
the
80
Page 84
Configuring the Print Server
2. Follow the prompts to add a local printer to your system.
3. Select the monitored port. The default port name is SMC100.
Then click the Configure Port button.
81
Page 85
Print Server Setup
4. Enter the IP address of the Barricade™ Router and click OK, and then click Next in the Add Printer Wizard dialog box.
5. Specify the printer type attached to the Barricade™ Router.
6. Continue following the prompts to finish installing the
Barricade™ Router print server. The printer type you specified will now be added to your Printers menu.
Configuring the Network Printer in Unix Systems
Follow the traditional configuration procedure on Unix platforms to set up the Barricade™ Router print server. The printer name is lpt1.
Configuring LPR port on Windows 2000/XP
The Barricade™ Router printer function can also be used with the LPR (Remote Line Printer) port on Windows XP and Windows 2000 machines. Below is an outline on how to configure the LPR port on a Windows 2000 machine; however the same steps will apply for a Windows XP.
1. Open the Control Panel.
2. Click on the Printers and Faxes or Printers icon.
82
Page 86
Configuring the Print Server
3. Click on the Add Printer icon to launch the Add Printer Wizard.
4. Click Ne xt button to begin the printer installation process.
5. On the next dialo g box, choose the Local Printer option and
verify the “Automatically detect and install my Plug and Play printer” option is unchecked.
Note: On Windows XP check the “Local printer attached to
this computer.”
6. Click the Next button to create a new printer port.
83
Page 87
Print Server Setup
7. Select the Create a New Port option and then select the Standard TCP/IP Port option in the drop-down menu.
84
Page 88
Configuring the Print Server
8. When you click the Next button the “Add Standard TCP/IP Printer Port Wizard” will launch.
9. To start this new installation wizard click the Next button.
85
Page 89
Print Server Setup
10. Provide the appropriate IP and P ort name information for y our new Printer port. If you are using def ault settings on the router you can use the following information:
Printer Name or IP Address: 192.168.2.1 Port Name: IP_192.168.2.
Note: This is the IP that you use to administer your router
with (for example: 192.168.2.1). If you have changed this IP address then please use the new one that you have assigned to your router.
11. Click the Next button to continue.
12. On the next dialog box, under the Device type choose the
Custom option.
86
Page 90
Configuring the Print Server
13. Then click the Settings… button to input the Specific Barricade™ Printer port information.
14. In the Configure Standard TCP/IP Port Monitor dialog box yo u will need to configure some additional settings. Please confirm these settings below:
Port Name: IP_192.168.2.1*
Printer Name or IP Address: 192.168.2.1*
Note: This should be the same information that was
configured in Step 7. In the Protocol section click on the LPR option
The Raw Settings section should be grayed out
87
Page 91
Print Server Setup
The LPR Settings section should have the Queue Name
set to one of two options depending on the version of Barricade™ Router you are using.
The Queue Name is LPT1.
Verify that the LPR Byte Counting Enabled and SNMP
Status Enabled options are unchecked.
15. Once you have verified all of these settings, click the OK button to save these settings and close the “Configure Standard TCP/IP Port Monitor” window.
16. Click Next to continue and vie w a summary of the configuration that you have just completed.
17. Click the Finish button to complete the configuration process of the TCP/IP port
18. The Add Printer Wizard will now guide you through the Printer Driver installation for the LPR port you just installed.
88
Page 92
Configuring the Print Server
19. In the dialog box below, choose the manufacturer of your printer, and then choose your printer model. If your printer is not listed here, then please refer to your printer documentation to get your printer installed.
20. Once you have your printer selected in this dialog box click the Next button.
89
Page 93
Print Server Setup
21. Name your printer. In this dialog box giv e your installed printer a name. This will be the name used for this pr inter in your Printer folder.
90
22. Once you have named your printer, click Ne xt to continue.
23. Choose the “Do not share this printer” option and click the
Next button.
24. Choose No to the “Print Test Page” option, and click the Next button.
25. On the next screen, you should now see a dialog box with a summary of all the printer information that you have just configured. To complete the installation, click the Finish button.
Page 94
Configuring the Print Server
Once you have completed the printer installation, you will need to configure some properties on your printer. To do so, please follow the steps listed below:
1. If you closed out the Printers window, please re-open it from the control panel.
2. Locate the printer that you just installed, right-mouse click on it, and choose Properties.
3. Click on the Adva nced tab and verify the following settings:
Both the “Spool print documents so program finishes
printing faster” and the “Start printing after last page is spooled” options are selected.
91
Page 95
Print Server Setup
Both the “Print spooled documents first” and “Enable
advanced printing features” options are checked. All of the other options should be disabled or unchecked.
4. Click on the P o rts tab and verify that the TCP/IP port that you just created is selected, and the Enable bidirectional support and Enable printer pooling options are unchecked.
5. Click the Apply button to save the settings.
6. Next clic k on th e General tab and click on the Print Test Page
button. This will verify that you have successfully setup your LPR printing port, and now you can print through the SMC Barricade™ Router.
92
Page 96
Configuring the Print Server
Confirm printer connection
On the status page of the web-based login, you can confirm the printer connection to the Barricade™ Router.
OK
93
Page 97
ROUBLESHOOTING
T
The information outlined in this section describes some useful steps for getting your computer and Barricade™ Router online.
Verify you are connected to the Barricade™ Router
If you are unable to access the Barricade™ Route r’s web-based administration pages then you may not be properly connected or configured. The screen shots in this section we re take n on a Windows 2000 machine, but the same steps will apply to Windows 95/98/Me/XP.
To determine your TCP/IP configuration status please follow the steps below:
1. Click Start/Programs/Accessories/Command Prompt.
2. In the DOS window, type ipconfig and verify the information
that is displayed.
3. If your computer is setup for DHCP, then your TCP/IP configuration should be similar to the information displayed:
IP Address: 192.168.2.X (where x is a number between
100 and 199) Subnet Mask: 255.255.255.0
Default Gateway: 192.168.2.1
95
Page 98
Troubleshooting
If you have any other IP address informatio n liste d see below. If you have an IP address that starts with 169.254.XXX.XXX then
see the next section. If you have another IP address configured, then see the section
“I have another IP Address displayed” on page 97.
I am getting an IP Address that starts with 169.254.XXX.XXX
If you are getting this IP Address, then you need to check that you are properly connected to the Barricade™ Router.
Confirm that you have a good link light on the Barricade™ Router for the port to which this computer is connected. If n ot, please try another cable.
If you have a good link light, please open up a DOS window as described in the previous section and type ipconfig/renew.
If you are still unable to get an IP Address from the Barricade™ Router, reinstall your network adapter. Please refer to your adapter manual for information on how to do this.
96
Page 99
Troubleshooting
I have another IP Address displayed
If you have another IP address listed then the PC may not be configured for a DHCP connection. Please refer to “Configuring Client TCP/IP” on page 11 for information.
Once you have confirmed that your computer is configured for DHCP, then please follow the steps below.
1. Open a DOS window as described above.
2. Type ipconfig/release .
3. Then type ipconfig/renew.
97
Page 100
Troubleshooting
Symptom
The 10/100 LED does not light after a connection is made.
Possible Solutions
Check that the host computer and router are both powered on.
Be sure the network cable is connected to both devices.
Verify that Category 5 cable is used if you are operating at
100 Mbps, and that the length of any cable does not exceed 100 m (328 ft).
Check the network card connections.
The 10BASE-T/100BASE-TX port, network card, or cable
may be defective.
98
Loading...