Netopiaメーカー4753の使用説明書/サービス説明書
ページ先へ移動 of 282
Net opia ™ 4753 G.SH DSL Integra ted Access Device Administration Guide.
C o p yright ©2001 Netopia, Inc., v .051601 All rights reser ved. Printed in the U.S.A. This manual and any associated ar twork, software, and product designs ar e copyrighted with all rights reser ved. Under the copyright laws such materials may not be copied, in whole or par t, without the prior written consent of Netopia, Inc.
Contents iii G Part I: Getting Started Chapter 1 — Intr oduction.......................................................... 1-1 Over view ....................................................................... 1-1 Features and Capabilities ..........
iv Administration Guide Chapter 5 — Connecting to Y our Local Network ......................... 5-1 Readying Computers on Y our Local Network ..................... 5-2 Connecting to an IP and T elephone Network ..................... 5-3 Chapter 6 — Console-Based Management .
Contents v G Creating a New Connection Pr ofile................................. 9-10 The W AN Default Profile ................................................ 9-13 IP Parameters (Default Profile) scr een ................. 9-14 The A TMP/PPTP Default Pr ofile .
vi Administration Guide Suppor ted traf fic ............................................... 11-5 MultiNA T Configuration ................................................. 11-6 Easy Setup Profile configuration .......................... 11-6 Ser ver Lists and Dynamic NA T configuration .
Contents vii G Allowing VPNs through a Fir ewall ................................. 12-21 PPTP example .................................................. 12-23 A TMP example ................................................. 12-26 Chapter 13 — Security .
viii Administration Guide Cur rent status ................................................... 14-3 Status lights ...................................................... 14-3 Statistics & Logs ........................................................
Contents ix G Part III: Appendixes Appendix A — Troubleshooting .................................................. A-1 Configuration Problems .................................................. A-1 Console connection problems .......................
x Administration Guide Agency Approvals ........................................................... E-2 Regulator y notices ............................................... E-2 Impor tant Safety instr uctions ............................... E-4 Netopia 4753 Specifications .
P P P P a a a a r r r r t t t t II I I : : : : G G G G e e e e t t t t t t t t ii i i n n n n g g g g S S S S t t t t a a a a r r r r t t t t e e e e d d d d.
Administration Guide.
Introduction 1-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 II I I n n n n t t t t r r r r o o o o d d d d u u u u c c c c t t t t ii i i o o o o n n n n O O O O v v v v e e e e r.
1-2 Administration Guide An IAD combines the voice telephony features of a telephone PBX system with the data r outing features of an IP data router . The device uses a single outside line connection to car r y all voice and data transmissions.
Setting Up Internet Services 2-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 2 2 2 2 S S S S e e e e t t t t t t t t ii i i n n n n g g g g U U U U p p p p II I I n n n n t t t t e e e e r.
2-2 Administration Guide Finding an Internet Service Provider The Netopia 4753 G.SHDSL Integrated Access Device provides its high speed symmetric (two-way) digital connection to the Internet thr ough a Competitive Local Exchange Car rier (CLEC) -- a type of mini phone company .
Setting Up Internet Services 2-3 Setting up a Netopia 4753 account Check whether your ISP has the Netopia 4753 on its list of suppor ted pr oducts that have been tested with a par ticular configuration.
2-4 Administration Guide not define the IP address infor mation on your local LAN. Y ou can define this infor mation based on an IP configuration that may already be in place for the existing network. Alter natively , you can use the default IP address range used by the r outer .
Making the Physical Connections 3-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 3 3 3 3 M M M M a a a a k k k k ii i i n n n n g g g g t t t t h h h h e e e e P P P P h h h h y y y y s s s.
3-2 Administration Guide What Y ou Need Locate all items that you need for the installation. Included in your package are: ■ The Netopia 4753 G.SHDSL Integrated Access Device ■ A power adapter and cord with a mini-DIN8 connector ■ One 6 ft. RJ45 10/100 Ethernet cable ■ One 6 ft.
Making the Physical Connections 3-3 Important Safety instructions CAUTION: Depending on the power supply provided with the pr oduct, either the direct plug-in power supply blades, power supply cord plug or the appliance coupler ser ves as the main power disconnect.
3-4 Administration Guide Identify the Connectors and Attach the Cables Identify the connectors on the back panel and attach the necessar y Netopia cables. The figure below displays the back of the Netopia 4753 G.SHDSL Integrated Access Device. Netopia 4753 back panel The following table describes all the Netopia 4753 G.
Making the Physical Connections 3-5 Netopia 4753 Status Lights The figure below r epresents the Netopia 4753 status light (LED) panel. Netopia 4753 LED front panel The following table summarizes the meaning of the various LED states and colors: When this happens.
3-6 Administration Guide.
Sharing the Connection 4-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 4 4 4 4 S S S S h h h h a a a a r r r r ii i i n n n n g g g g t t t t h h h h e e e e C C C C o o o o n n n n n n n .
4-2 Administration Guide Configuring TCP/IP on Windows-based Computers Configuring TCP/IP on a Windows computer requir es the following: ■ An Ethernet car d (also known as a network adapter) ■ T.
Sharing the Connection 4-3 Static configuration (optional) If you are manually configuring for a fixed or static IP addr ess, per for m the following: 1. Go to Star t Menu/Settings/Contr ol Panels and double click the Network icon. From the Network components list, select the Configuration tab.
4-4 Administration Guide 4. Click OK in this window and the next window . When prompted, r eboot the computer . Note: Y ou can also use these instr uctions to configure other computers on your network with manual or static IP addresses. Be sur e each computer on your network has its own IP address.
Sharing the Connection 4-5 Configuring TCP/IP on Macintosh Computers The following is a quick guide to configuring TCP/IP for MacOS computers. Configuring TCP/IP in a Macintosh computer requir es the following: ■ Y ou must have either Open T ranspor t or Classic Networking (MacTCP) installed.
4-6 Administration Guide Static configuration (optional) 3. In the TCP/IP window or in the MacTCP/More window , select or type infor mation into the fields as shown in the following table. 4. Close the TCP/IP or MacTCP control panel and save the settings.
Sharing the Connection 4-7 Note: Y ou can also use these instr uctions to configure other computers on your network with manual or static IP addresses.
4-8 Administration Guide.
Connecting to Y our Local Network 5-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 5 5 5 5 C C C C o o o o n n n n n n n n e e e e c c c c t t t t ii i i n n n n g g g g t t t t o o o o Y Y.
5-2 Administration Guide Readying Computers on Y our Local Network PC and Macintosh computers must have cer tain components installed befor e they can communicate through the Netopia 4753. The following illustration shows the minimal requir ements for a typical PC or Macintosh computer .
Connecting to Y our Local Network 5-3 Connecting to an IP and T elephone Network The Netopia 4753 suppor ts Ether net connections through its Ether net por t. Y ou can connect a standar d 10 or 100Base-T Ethernet network to the Netopia 4753 using its Ether net por t.
5-4 Administration Guide.
Console-Based Management 6-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 6 6 6 6 C C C C o o o o n n n n s s s s o o o o ll l l e e e e - - - - B B B B a a a a s s s s e e e e d d d d M M .
6-2 Administration Guide may be using the router to connect to mor e than one ser vice provider or r emote site. ■ The System Configuration menus display and per mit changing: ■ Internet pr otocol setup. See “IP Setup” on page 10-1 . ■ Filter sets (firewalls).
Console-Based Management 6-3 from the Star t menu. ■ If you connect a Macintosh computer , you can use the NCSA T elnet program supplied on the Netopia 4753 CD. Y ou install NCSA T elnet by simply dragging the application fr om the CD to your hard disk.
6-4 Administration Guide Launch your ter minal emulation software and configure the communications softwar e for the values shown in the table below .
Console-Based Management 6-5 Navigating thr ough the Console Screens Use your keyboard to navigate the Netopia 4753’s configuration scr eens, enter and edit information, and make choices. The following table lists the keys to use to navigate through the console scr eens.
6-6 Administration Guide.
Easy Setup 7-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 7 7 7 7 E E E E a a a a s s s s y y y y S S S S e e e e t t t t u u u u p p p p This chapter describes how to use the Easy Setup console screens on your Netopia 4753 G.SHDSL Integrated Access Device.
7-2 Administration Guide A screen similar to the following Main Menu appears: If you do not see the Main Menu, verify that: ■ If you are using a serial connection, that your serial por t speed is the same as the Netopia 4753’s default 9600 baud, for first use.
Easy Setup 7-3 Quick Easy Setup Connection Path This section may be all you need to do to configure your Netopia 4753 G.SHDSL Integrated Access Device to connect to the Internet. Y our ser vice provider must supply you with several parameter values for you to enter in the device.
7-4 Administration Guide (If you want to recor d these values, you can print these pages and use the spaces above.) If your provider assigns your device a Static IP addr ess, do the following: 1. Open a T elnet session to 192.168.1.1 to bring up the Main Menu.
Easy Setup 7-5 2. Select the first item on the Main Menu list, Easy Setup . Press Retur n to bring up the DSL Line Configuration menu screen. DSL Line Configuration 3. Select Regional Setting and from the pop-up menu select either Annex A or Annex B.
7-6 Administration Guide V oice Easy Setup 1. Select V oice Gateway and press Retur n. The pop-up menu will of fer you the choice of popular voice gateway devices. Y our selection depends on which type your ISP uses: CopperCom, JetStr eam, T ollBridge, TDSoft, or Zhone.
Easy Setup 7-7 Easy Setup Profile The Easy Setup Profile scr een is where you configure the parameters that contr ol the Netopia 4753’s connection to a specific remote destination, usually your ISP or a corporate site.
7-8 Administration Guide IP Easy Setup The IP Easy Setup screen is wher e you enter information about your Netopia Router’s: ■ Ethernet IP addr ess ■ Ethernet Subnet mask ■ Domain Name ■ Domain Name Ser ver IP addr ess ■ Default gateway IP address Consult with your network administrator to obtain the infor mation you will need.
Easy Setup 7-9 5. Type the Primar y Domain Name Ser ver address your ISP gave you. Pr ess Return. A new field Secondary Domain Name Ser ver will appear . If your ISP gave you a secondar y domain name ser ver addr ess, enter it here. Pr ess Return until the next field Default IP Gateway is highlighted.
7-10 Administration Guide The final step in configuring the Easy Setup console screens is to r estar t the Netopia 4753, so that the configuration settings take ef fect. 1. Select REST ART DEVICE . A prompt asks you to confir m your choice. 2. Select CONTINUE to restar t the Netopia Router and have your selections take ef fect.
V oice Configuration 8-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 8 8 8 8 V V V V o o o o ii i i c c c c e e e e C C C C o o o o n n n n f f f f ii i i g g g g u u u u r r r r a a a a t t t t ii i i o o o o n n n n This chapter describes the telephony ser vices and configuration of the Netopia 4753 G.
8-2 Administration Guide distance or local calls. T oll Restriction Operation - PBX/Local Switching Mode: When you pick up the phone, you receive local PBX dial tone. When a 9 (or outside line code) is pressed, the IAD detects the digit and r eturns busy (locally generated).
V oice Configuration 8-3 ■ Select V oice Gateway and fr om the pop-up menu, choose the type of voice gateway device to which you will be connected. The choices are: CopperCom, JetStr eam, T ollBridge, TDSoft, or Zhone. ■ Select Ring Cadence and press Retur n.
8-4 Administration Guide Echo cancellation is set to Y es by default. For or dinar y telephone handsets, echo cancellation should be set to Y es (tur ned on) to eliminate echoes on the voice line. T oggling a por t to No allows you to connect a fax machine or modem to the phone por t (since fax machines and modems automatically cancel echoes).
P P P P a a a a r r r r t t t t II I I II I I : : : : A A A A d d d d v v v v a a a a n n n n c c c c e e e e d d d d C C C C o o o o n n n n f f f f ii i i g g g g u u u u r r r r a a a a t t t t ii .
Administration Guide.
W AN and System Configuration 9-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 9 9 9 9 W W W W A A A A N N N N a a a a n n n n d d d d S S S S y y y y s s s s t t t t e e e e m m m m C C C.
9-2 Administration Guide W AN Configuration T o configure your Wide Ar ea Network (W AN) connection, navigate to the WAN Configuration screen from the Main Menu and select W AN Configuration , then W AN (W ide Area Network) Setup . The DSL Line Configuration screen appears.
W AN and System Configuration 9-3 need to change it unless your provider specifically tells you to do so. ■ Select Data Link Encapsulation and from the pop-up menu choose your DLE. ■ If you selected RFC1483, the next pop-up menu RFC1483 Mode of fers the choice of Bridged 1483 or Routed 1483.
9-4 Administration Guide M M M M u u u u ll l l t t t t ii i i p p p p ll l l e e e e A A A A T T T T M M M M P P P P V V V V C C C C c c c c o o o o n n n n f f f f ii i i g g g g u u u u r r r r a a a a t t t t ii i i o o o o n n n n Y ou configur e Vir tual Circuits in the Add/Change Cir cuit screen.
W AN and System Configuration 9-5 Choosing Display/Change Circuit (or Delete Cir cuit) displays a pop-up menu that allows you to select the circuit to be modified or deleted.
9-6 Administration Guide ■ Circuit Enabled allows you to enable or disable the cir cuit, using the T ab key . The default is enabled. ■ Traffic Type allows you to select which type of traf fic will be routed on this cir cuit, V oice or Data. If you choose V oice, the Connection Profile is field becomes unavailable and does not display .
W AN and System Configuration 9-7 A A A A d d d d d d d d ii i i n n n n g g g g a a a a c c c c ii i i r r r r c c c c u u u u ii i i t t t t Choosing Add Circuit displays the Add Cir cuit screen. The fields in the Add Circuit scr een are the similar to the fields in the Change Circuit scr een described above.
9-8 Administration Guide M M M M o o o o n n n n ii i i t t t t o o o o r r r r ii i i n n n n g g g g m m m m u u u u ll l l t t t t ii i i p p p p ll l l e e e e v v v v ii i i r r r r t t t t u u u u a a a a ll l l c c c c ii i i r r r r c c c c u u u u ii i i t t t t s s s s The General Statistics screen adds a selection for A TM VC Statistics.
W AN and System Configuration 9-9 The A TM VC Statistics scr een appears. ■ T o display more infor mation about each circuit associated with the selected WAN module, use the up or down ar row key to highlight the circuit you want to view . Press Retur n.
9-10 Administration Guide Cr eating a New Connection Profile For a Netopia 4753, connection profiles ar e useful for configuring the connection and authentication settings for negotiating a PPP connection on the DSL link.
W AN and System Configuration 9-11 3. Select Data Link Encapsulation and press Retur n. The pop-up menu of fers the possible data link encapsulation methods for connection profiles used for a variety of purposes: PPP , RFC1483, A TMP , PPTP , or IPsec.
9-12 Administration Guide 7. T oggle or enter any IP Parameters you requir e and return to the Add Connection Pr ofile screen by pressing Escape. For more infor mation, see “IP Setup” on page 10-1 . 8. Select COMMIT and press Retur n. Y our new Connection Profile will be added.
W AN and System Configuration 9-13 The W AN Default Pr ofile If you are using RFC1483 datalink encapsulation, the WAN Default Profile screen contr ols whether or not the DSL link will come up without an explicitly configured connection pr ofile.
9-14 Administration Guide IP Parameters (Default Profile) scr een If you are using RFC1483 datalink encapsulation, the IP Parameters (Default Pr ofile) screen allows you to configure various IP par.
W AN and System Configuration 9-15 The A TMP/PPTP Default Pr ofile The A TMP/PPTP Default Pr ofile screen controls whether or not your device will answer VPN connection attempts without an explicitly configured connection pr ofile. See “Vir tual Private Networks (VPNs)” on page 12-1 for more infor mation.
9-16 Administration Guide This par ticular path guide shows how to get to the IP Setup scr eens. The path guide represents these steps: ■ Beginning in the Main Menu, select System Configuration and press Retur n. The System Configuration screen appears.
W AN and System Configuration 9-17 The System Configuration menu screen appears: Network pr otocols setup These screens allow you to configur e your network’s use of the standard networking protocols: ■ IP: Details are given in “IP Setup” on page 10-2 .
9-18 Administration Guide The Netopia 4753 uses Network Time Protocol (NTP) by default to set the date and time automatically . Y ou may want to modify the default settings for your own environment. NTP takes ef fect five minutes after the device boots.
W AN and System Configuration 9-19 DD/MM/YY , or YY/MM/DD. ■ Enter the Current Date in whatever for mat you have chosen. ■ From the pop-up System Time For mat menu select your prefer red time notation: AM/PM or 24hr . ■ Enter the Current Time in whatever for mat you have chosen.
9-20 Administration Guide SNMP (Simple Network Management Pr otocol) These screens allow you to monitor and configur e many of the data routing features of your network by means of a standard Simple Network Management Pr otocol (SNMP) agent. ■ Details are given in “SNMP” on page 14-13 .
W AN and System Configuration 9-21 By default, all events are logged in the event histor y . ■ By toggling each event descriptor to either Ye s or No , you can deter mine which ones are logged and which are ignor ed. ■ Y ou can enable or disable the syslog client dynamically .
9-22 Administration Guide.
IP Setup 10-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 0 0 0 0 II I I P P P P S S S S e e e e t t t t u u u u p p p p The Netopia 4753 uses Internet Pr otocol (IP) to communicate both locally and with remote networks. This chapter shows you how to configure the r outer to route IP traf fic.
10-2 Administration Guide IP Setup The IP Setup options screen is wher e you configure the Ethernet side of the Netopia 4753. The infor mation you enter here contr ols how the router routes IP traf fic.
IP Setup 10-3 The Netopia 4753 G.SHDSL Integrated Access Device suppor ts multiple IP subnets on the Ether net inter face. Y ou may want to configure multiple IP subnets to ser vice more hosts than are possible with your primar y subnet. It is not always possible to obtain a lar ger subnet fr om your ISP .
10-4 Administration Guide IP subnets The IP Subnets screen allows you to configur e up to eight Ethernet IP subnets on unlimited-user models, one “primar y” subnet and up to seven secondar y subnets, by entering IP address/subnet mask pairs: Note: Y ou need not use this scr een if you have only a single Ethernet IP subnet.
IP Setup 10-5 For example: ■ T o delete a configured subnet, set both the IP addr ess and subnet mask values to 0.0.0.0, either explicitly or by clearing each field and pressing Retur n to commit the change. When a configured subnet is deleted, the values in subsequent rows adjust up to fill the vacant fields.
10-6 Administration Guide If you have configured multiple Ether net IP subnets, the IP Setup screen changes slightly: The IP address and Subnet mask items ar e hidden, and the Define Additional Subnets.
IP Setup 10-7 The Static Routes screen will appear . Viewing static r outes T o display a view-only table of static routes, select Display/Change Static Route . The table shown below will appear . The table has the following columns: Dest. Network: The network IP address of the destination network.
10-8 Administration Guide Subnet Mask: The subnet mask associated with the destination network. Next Gateway: The IP address of the r outer that will be used to reach the destination network. Priority: An indication of whether the Netopia 4753 will use the static route when it conflicts with infor mation received fr om RIP packets.
IP Setup 10-9 infor mation; Low means that the RIP information takes pr ecedence over the static route. ■ If the static route conflicts with a connection pr ofile, the connection profile will always take precedence.
10-10 Administration Guide IP Addr ess Ser ving In addition to being a router , the Netopia 4753 is also an IP address ser ver . There are thr ee protocols it can use to distribute IP addresses.
IP Setup 10-11 Follow these steps to configure IP Addr ess Ser ving: ■ If you enabled IP Address Ser ving, then DHCP , BootP clients and Dynamic WAN clients are automatically enabled. ■ The IP Address Ser ving Mode pop-up menu allows you to choose the way in which the Netopia 4753 will ser ve IP addr esses.
10-12 Administration Guide If you have configured multiple Ether net IP subnets, the appearance of the IP Address Ser ving screen is altered slightly: The first three menu items ar e hidden, and Configure Address Pools... appears instead. If you select Configure Address Pools.
IP Setup 10-13 IP Addr ess Pools The IP Address Pools scr een allows you to configure a separate IP address ser ving pool for each of up to eight configured Ether net IP subnets: This screen consists of between two and eight r ows of four columns each.
10-14 Administration Guide Numerous factors influence the choice of ser ved address. It is dif ficult to specify the addr ess that will be ser ved to a par ticular client in all circumstances.
IP Setup 10-15 DHCP NetBIOS Options If your network uses NetBIOS, you can enable the Netopia 4753 to use DHCP to distribute NetBIOS infor mation. NetBIOS stands for Network Basic Input/Output System. It is a layer of software originally developed by IBM and Sytek to link a network operating system with specific hardwar e.
10-16 Administration Guide ■ From the NetBios Type pop-up menu, select the type of NetBIOS used on your network. ■ T o ser ve DHCP clients with the NetBIOS scope, select Ser ve NetBios Scope and toggle it to Ye s . Select NetBios Scope and enter the scope.
IP Setup 10-17 Select Release BootP Leases and press Retur n. Mor e Address Serving Options The Netopia 4753 includes a number of enhancements in the built-in DHCP IP address ser ver . These enhancements include: ■ The ability to exclude one or more IP addr esses from the address ser ving pool so the addresses will not be ser ved to clients.
10-18 Administration Guide Configuring the IP Addr ess Ser ver options T o access the enhanced DHCP ser ver functions, fr om the Main Menu navigate to Statistics & Logs and then Ser ved IP Addresses . The following example shows the Ser ved IP Addr esses screen after three clients have leased IP addr esses.
IP Setup 10-19 Y ou can select the entries in the Ser ved IP Addresses scr een. Use the up and down arr ow keys to move the selection to one of the entries in the list of ser ved IP addr esses. Once you select an entr y , pressing Retur n displays an action pop-up menu that lists operations that can be per for med on that entr y .
10-20 Administration Guide ■ Details… is displayed if the entr y is associated with both a host name and a client identifier . Selecting Details… displays a pop-up menu that provides additional infor mation associated with the IP address.
IP Setup 10-21 ■ Include is displayed if the entr y is either excluded or declined. An IP address is marked declined when a client to whom the DHCP ser ver of fers the address declines the address. A client declines an addr ess if it determines that a leased addr ess is already in use by another device.
10-22 Administration Guide The router’s Ether net IP address(es) will be automatically excluded from the addr ess ser ving pool(s) on star tup. Entries in the ser ved IP addr ess list corr esponding to the router’s Ether net IP address(es) that have been automatically excluded on star tup ar e not selectable.
IP Setup 10-23 D D D D H H H H C C C C P P P P R R R R e e e e ll l l a a a a y y y y A A A A g g g g e e e e n n n n t t t t The Netopia 4753 of fers DHCP Relay Agent functionality , as defined in RFC1542.
10-24 Administration Guide Select IP Address Ser ving and press Retur n. The IP Address Ser ving screen appears. Select IP Address Ser ving Mode . The pop-up menu of fers the choices of Disabled , DHCP Server (the default), and DHCP Relay Agent . If you select DHCP Relay Agent and press Retur n, the screen changes as shown below .
IP Setup 10-25 Note: The remote DHCP ser ver(s) to which the Netopia Router is relaying DHCP r equests must be capable of ser vicing r elayed requests. Not all DHCP ser vers suppor t this feature. For example, the DHCP ser ver in the Netopia Router does not .
10-26 Administration Guide 1. Select Profile Name and enter a name for this connection pr ofile. It can be any name you wish. For example: the name of your ISP . 2. T oggle the Profile Enabled value to Ye s or No . The default is Y es. 3. Select IP Profile Parameters and press Retur n.
IP Setup 10-27 5. Select ADD PROFILE NOW and press Retur n. Y our new connection profile will be added. If you want to view the connection profiles in your r outer , r eturn to the W AN Configuration scr een, and select Display/Change Connection Profile .
10-28 Administration Guide.
Multiple Network Address T ranslation 11-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 1 1 1 1 M M M M u u u u ll l l t t t t ii i i p p p p ll l l e e e e N N N N e e e e t t t t .
11-2 Administration Guide The following is a general description of these features: Port Address T ranslation The simplest for m of classic Network Address T ranslation is PAT (Por t Addr ess T ranslation).
Multiple Network Address T ranslation 11-3 When addresses ar e returned to the gr oup of available addresses, they are r eturned to the head of the gr oup, being the most recently used. If that same host r equests a connection an hour later , and the same public address is still available, then it will be mapped to the same private host.
11-4 Administration Guide Exterior addresses ar e allocated to internal hosts on a demand, or as-needed, basis and then made available when traf fic from that host ceases. Once an inter nal host has been allocated an address, it will use that address for all traf fic.
Multiple Network Address T ranslation 11-5 In order to suppor t this type of mapping, you define two address ranges. First, you define a public range which contains the first and last public address to be used and the way in which these addr esses should be used (P A T , static, or dynamic).
11-6 Administration Guide MultiNA T Configuration Y ou configur e the MultiNA T features thr ough the console menu: ■ For a simple 1-to-many NA T configuration (classic NA T or P A T), use the Easy Setup Profile configuration , described below .
Multiple Network Address T ranslation 11-7 1. Define the public range of addresses that exter nal computers should use to get to the NA T inter nal machines. These are the addr esses that someone on the Internet would see. 2. Create a List name that will act as a r ule or ser ver holder .
11-8 Administration Guide The Network Address T ranslation scr een appears. Public Range defines an external addr ess range and indicates what type of mapping to apply when using this range. The types of mapping available are dynamic , static and pat .
Multiple Network Address T ranslation 11-9 The Add NA T Public Range scr een appears. ■ Select Range Name and give a descriptive name to this range. ■ Select Type and from the pop-up menu, assign its type. Options are static , dynamic , or pat (the default).
11-10 Administration Guide Once the public ranges have been assigned, the next step is to bind interior addresses to them. Because these bindings occur in order ed lists, called map lists , you must first define the list, then add mappings to it. From the Network Addr ess T ranslation scr een select Add Map List and press Return.
Multiple Network Address T ranslation 11-11 to this mapping. ■ Select Use NA T Public Range and press Return. A scr een appears displaying the public ranges you have defined.
11-12 Administration Guide mapping and press Retur n. If none of your preconfigur ed ranges are suitable for this mapping, you can select <<NEW RANGE>> and create a new range. If you choose <<NEW RANGE>> , the Add NA T Public Range screen displays and you can create a new public range to be used by this map.
Multiple Network Address T ranslation 11-13 Modifying map lists Y ou can make changes to an existing map list after you have cr eated it. Since there may be more than one map list you must select which one you are modifying. From the Network Addr ess T ranslation scr een select Show/Change Map List and pr ess Return.
11-14 Administration Guide ■ Add Map allows you to add a new map to the map list. ■ Show/Change Maps allows you to modify the individual maps within the list. ■ Delete Map allows you to delete a map from the list. ■ Move Map allows you to change the priority order in which the map is evaluated within the list.
Multiple Network Address T ranslation 11-15 Make any modifications you need and then select CHANGE NA T MAP and pr ess Return. Y our changes will become ef fective and you will be retur ned to the Show/Change NA T Map List scr een. Moving maps The Move Maps screen per mits reor dering the priority of maps in a map list.
11-16 Administration Guide ■ Y ou can pr ess Escape at any time in the pop-up menu to abor t the move and restor e the map list to its original ordering.
Multiple Network Address T ranslation 11-17 Adding Server Lists Ser ver lists, also known as Expor ts, are handled similarly to map lists. If you want to make a par ticular ser ver’s por t accessibl.
11-18 Administration Guide ■ Select Add Ser ver and press Return. The Add NA T Ser ver screen appears. ■ Select Ser vice and press Return. A pop-up menu appears listing a selection of commonly expor ted ser vices. ■ Choose the ser vice you want to expor t and press Retur n.
Multiple Network Address T ranslation 11-19 ■ Enter the First and Last Por t Number between por ts 1 and 65535. Select OK and pr ess Return. Y ou will be retur ned to the Add NA T Ser ver screen. ■ Enter the Ser ver Private IP Address of the ser ver whose ser vice you are expor ting.
11-20 Administration Guide Modifying server lists Once a ser ver list exists, you can select it for modification or deletion. ■ Select Show/Change Ser ver List from the Network Address T ranslation screen. ■ Select the Ser ver List Name you want to modify fr om the pop-up menu and press Retur n.
Multiple Network Address T ranslation 11-21 ■ Selecting Show/Change Ser ver or Delete Server displays the same pop-up menu. Select any ser ver fr om the list and press Retur n. The Change NA T Ser ver scr een appears. Y ou can make changes to the ser ver’s ser vice and por t or internal or exter nal address.
11-22 Administration Guide Deleting a server T o delete a ser ver fr om the list, select Delete Server fr om the Show/Change NA T Ser ver List menu and pr ess Return. A pop-up menu lists your configured ser vers. Select the one you want to delete and press Retur n.
Multiple Network Address T ranslation 11-23 Binding Map Lists and Server Lists Once you have created your map lists and ser ver lists, for most Netopia Router models you must bind them to a profile, either a Connection Pr ofile or the Default Profile.
11-24 Administration Guide ■ Select NA T Map List and press Return. A pop-up menu displays a list of your defined map lists. ■ Select the map list you want to bind to this Connection Profile and pr ess Return. The map list you selected will now be bound to this Connection Profile.
Multiple Network Address T ranslation 11-25 IP Parameters (W AN Default Pr ofile) The Netopia 4753 in HDLC (Copper Mountain) Operation Mode suppor ts a WAN default profile that per mits several parameters to be configured without an explicitly configur ed Connection Profile.
11-26 Administration Guide ■ Select NA T Map List and press Return. A pop-up menu displays a list of your defined map lists. ■ Select the map list you want to bind to the default profile and pr ess Return. The map list you selected will now be bound to the default profile.
Multiple Network Address T ranslation 11-27 NA T Associations Configuration of map and ser ver lists alone is not suf ficient to enable NA T for a W AN connection because map and ser ver lists must be linked to a pr ofile that controls the W AN inter face.
11-28 Administration Guide keys. Select the item by pressing Retur n to display a pop-up menu of all of your configured lists. ■ Select the list name you want to assign and press Retur n again. Y our selection will then be associated with the cor responding profile or inter face.
Multiple Network Address T ranslation 11-29 MultiNA T Configuration Example T o help you understand a typical MultiNA T configuration, this section describes an example of the type of configuration you may want to implement on your site. The values shown are for example purposes only .
11-30 Administration Guide Enter your ISP-supplied values as shown below . Select NEXT SCREEN and press Retur n. Y our IP values ar e shown here. Then navigate to the Network Address T ranslation (NA T) screen. Connection Profile 1: Easy Setup Profile Connection Profile Name: Easy Setup Profile Address Translation Enabled: Yes IP Addressing.
Multiple Network Address T ranslation 11-31 Select Show/Change Public Range , then Easy-P A T Range , and pr ess Return. Enter the value your ISP assigned for your public address (206.1.1.6, in this example). T oggle Type to pat. Y our public address is then mapped to the remaining private IP addr esses using P A T .
11-32 Administration Guide Select ADD NA T PUBLIC RANGE and press Return. Y ou are retur ned to the Network Address T ranslation screen. Next, select Show/Change Map List and choose Easy-P A T List . Select Add Map . The Add NA T Map scr een appears. (Now the name Easy-P A T List is a misnomer since it has a static map included in its list.
Multiple Network Address T ranslation 11-33 T o make these changes, first limit the range of remapped addr esses on the Static Map and then edit the default ser ver list called Easy-Ser vers. ■ First, navigate to the Show/Change Map List screen, select Easy-P A T List and then Show/Change Maps .
11-34 Administration Guide.
Virtual Private Networks (VPNs) 12-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 2 2 2 2 V V V V ii i i r r r r t t t t u u u u a a a a ll l l P P P P r r r r ii i i v v v v a a a .
12-2 Administration Guide T unneling is a process of cr eating a private path between a remote user or private network and another private network over some inter mediate network, such as the IP-based Internet.
Virtual Private Networks (VPNs) 12-3 In either case, the Netopia Router wraps, or encapsulates, infor mation that one end of the tunnel exchanges with the other , in a wrapper called General Routing Encapsulation (GRE), at one end of the tunnel, and unwraps, or decapsulates, it at the other end.
12-4 Administration Guide PPTP configuration T o set up the router as a PPTP Network Ser ver (PNS) capable of answering PPTP tunnel requests you must also configure the VPN Default Answer Pr ofile. See A TMP/PPTP Default Answer Profile on page 12-13 for mor e infor mation.
Virtual Private Networks (VPNs) 12-5 When you define a Connection Profile as using PPTP by selecting PPTP as the datalink encapsulation method, and then select Data Link Options , the PPTP T unnel Options screen appears. Note: Profiles using PPTP do not of fer a T elco Options scr een.
12-6 Administration Guide itself a compression pr otocol. Note: The Netopia 4753 suppor ts 128-bit (“str ong”) encr yption. Unlike MS-CHAP version 1, which suppor ts one-way authentication, MS-CHAP version 2 suppor ts mutual authentication between connected r outers and is incompatible with MS-CHAP version 1 (MS-CHAP-V1).
Virtual Private Networks (VPNs) 12-7 The IP Profile Parameters scr een appears. ■ Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel. The remote IP address and r emote IP mask refer to the remote private network into which your device will be tunnelling.
12-8 Administration Guide The Add Connection Profile scr een appears. ■ From the Data Link Encapsulation pop-up menu select IPsec . ■ Then select Data Link Options . The IPsec Encr yption & Authentication Options scr een appears. ■ Y ou must specify an Encr yption T ransform .
Virtual Private Networks (VPNs) 12-9 ■ Y ou must enter an Encr yption Key if the Encr yption T ransfor m is DES. The key for DES must be a hexadecimal string of 16 characters, using Hex characters only: '0'-'9', 'A'-'F' and 'a' - 'f'.
12-10 Administration Guide IP Pr ofile Parameters The following IP Profile Options scr een is displayed for an IPsec Connection Profile. ■ Y ou must specify an SPI (Security Parameters Index) , which is the ESP receive side SPI and the default SPI for ESP transmit, AH receive, and AH transmit.
Virtual Private Networks (VPNs) 12-11 ■ Y ou can r emove a Filter Set . ■ Y ou can choose to configur e Advanced IP Profile Options (see “Advanced IP Profile Options,” in the following section).
12-12 Administration Guide Inter operation with other features ■ Address ser ving is not suppor ted thr ough IPsec T unnels. ■ AH is not suppor ted thr ough an inter face that has NA T applied to it.
Virtual Private Networks (VPNs) 12-13 A TMP/PPTP Default Answer Pr ofile The W AN Configuration menu of fers a A TMP/PPTP Default Answer Profile option. Use this selection when your router is acting as the ser ver for VPN connections, that is, when you are on the answering end of the tunnel establishment.
12-14 Administration Guide default) if you do not. This applies to both A TMP and PPTP connections. ■ For PPTP tunnel connections only , you must define what type of authentication these connections will use. Select Receive Authentication and press Retur n.
Virtual Private Networks (VPNs) 12-15 Dial-Up Networking for VPN Microsoft Windows Dial-Up Networking softwar e permits a r emote standalone workstation to establish a VPN tunnel to a PPTP ser ver such as a Netopia Router located at a central site.
12-16 Administration Guide Note: The public IP address is the same as the r outer's Local W AN IP address if Address Translation (NA T) is enabled on your router , or if your router is configur ed for a Numbered inter face.
Virtual Private Networks (VPNs) 12-17 11. V erify that the TCP/IP option in Dial out Protocols is the only option checked, and then click OK . 12. Click Continue .
12-18 Administration Guide Note: If the router you ar e connecting to is not running NA T and has IP Addressing set to Unnumber ed, there will be no Local W AN IP Address.
Virtual Private Networks (VPNs) 12-19 About A TMP T unnels T o set up an A TMP tunnel, you cr eate a Connection Profile including the IP address and other r elevant infor mation for the remote A TMP par tner . A TMP uses the ter minology of a foreign agent that initiates tunnels and a home agent that ter minates them.
12-20 Administration Guide When you define a Connection Profile as using A TMP by selecting A TMP as the datalink encapsulation method, and then select Data Link Options , the A TMP T unnel Options scr een appears. Note: An A TMP tunnel cannot be assigned a dynamic IP addr ess by the remote ser ver, as in a PPP connection.
Virtual Private Networks (VPNs) 12-21 ■ Y ou must specify a Key String of up to (and including) 20 characters when DES is selected. When encr yption is None, this field is invisible. ■ Y ou can specify that this r outer will Initiate Connections , acting as a foreign agent ( Ye s ), or only answer them, acting as a home agent ( No ).
12-22 Administration Guide A strict firewall may not be pr ovisioned to allow VPN traf fic to pass back and for th as needed. In order to ensure that a firewall will allow a VPN, cer tain attributes must be added to the firewall's provisioning.
Virtual Private Networks (VPNs) 12-23 PPTP example T o enable a firewall to allow PPTP traf fic, you must pr ovision the firewall to allow inbound and outbound TCP packets specifically destined for por t 1723.
12-24 Administration Guide For Input Filter 2 set the Protocol Type to allow GRE as shown below . In the Display/Change IP Filter Set screen select Display/Change Output Filter . Display/Change Output Filter screen For Output Filter 1 set the Protocol Type and Destination Por t infor mation as shown below .
Virtual Private Networks (VPNs) 12-25 For Output Filter 2 set the Protocol Type to allow GRE as shown below . Change Output Filter 2 Enabled: Yes Forward: Yes Source IP Address: 0.0.0.0 Source IP Address Mask: 0.0.0.0 Dest. IP Address: 0.0.0.0 Dest. IP Address Mask: 0.
12-26 Administration Guide A TMP example T o enable a firewall to allow A TMP traf fic, you must provision the fir ewall to allow inbound and outbound UDP packets specifically destined for por t 5150. The sour ce por t may be dynamic, so often it is not useful to apply a compare function on this por tion of the control/negotiation packets.
Virtual Private Networks (VPNs) 12-27 For Input Filter 2 set the Protocol Type to allow GRE as shown below . In the Display/Change IP Filter Set screen select Display/Change Output Filter . Display/Change Output Filter screen For Output Filter 1 set the Protocol Type and Destination Por t infor mation as shown below .
12-28 Administration Guide For Output Filter 2 set the Protocol Type to allow GRE as shown below . Change Output Filter 2 Enabled: Yes Forward: Yes Source IP Address: 0.0.0.0 Source IP Address Mask: 0.0.0.0 Dest. IP Address: 0.0.0.0 Dest. IP Address Mask: 0.
Security 13-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 3 3 3 3 S S S S e e e e c c c c u u u u r r r r ii i i t t t t y y y y The Netopia 4753 provides a number of security featur es to help protect its configuration screens and your local network from unauthorized access.
13-2 Administration Guide CAUTION! Y ou ar e strongly encouraged to add protection to the configuration scr eens. Unprotected screens could allow an unauthorized user to compromise the operation of your entir e network. Once user accounts are cr eated, users who attempt to access protected screens will be challenged.
Security 13-3 T o add a new user account, select Add User in the Security Options screen and press Retur n. The Add Name With Write Access screen appears. Follow these steps to configure the new account: 1. Select Enter Name and enter a descriptive name (for example, the user’s first name).
13-4 Administration Guide it to No . (See “SNMP traps” on page 14-15. ) ■ T o restrict T elnet access to all of the configuration scr eens, select Enable T elnet Console Access and toggle it to No . About Filters and Filter Sets Security should be a high priority for anyone administering a network connected to the Internet.
Security 13-5 Filter priority Continuing the customs inspectors analogy , imagine the inspectors lined up to examine a package. If the package matches the first inspector’s criteria, the package is either rejected or passed on to its destination, depending on the first inspector’s par ticular or ders.
13-6 Administration Guide How individual filters work As described above, a filter applies criteria to an IP packet and then takes one of three actions: ■ For war ds the packet to the local or rem.
Security 13-7 Port number comparisons A filter can also use a comparison option to evaluate a packet’s source or destination por t number . The comparison options are: No Compare: No comparison of the por t number specified in the filter with the packet’s por t number .
13-8 Administration Guide Other filter attributes There ar e three other attributes to each filter: ■ The filter’s order (i.e., priority) in the filter set ■ Whether the filter is cur rentl.
Security 13-9 Src. Por t: The source por t to match. This is the por t on the sending host that originated the packet. D. Por t: The destination por t to match. This is the por t on the receiving host for which the packet is intended. On?: Displays Ye s when the filter is in ef fect or No when it is not.
13-10 Administration Guide Filtering example #2 Suppose a filter is configured to block all incoming IP packets with the sour ce IP address of 200.233.14.0, regar dless of the type of connection or its destination. The filter would look like this: This filter blocks any packets coming from a r emote network with the IP network address 200.
Security 13-11 option in the answer profile, P AP or CHAP in connection pr ofiles, callback, and general awareness of how your network may be vulnerable. An approach to using filters The ultimate goal of network security is to prevent unauthorized access to the network without compr omising authorized access.
13-12 Administration Guide 1. Add a new filter set. 2. Create the filters for the new filter set. 3. View , change, or delete individual filters and filter sets. The sections below explain how to execute these steps. Adding a filter set Y ou can cr eate up to eight dif fer ent custom filter sets.
Security 13-13 Input and output filters—source and destination There ar e two kinds of filters you can add to a filter set: input and output. Input filters check packets received from the Inter net, destined for your network. Output filters check packets transmitted from your network to the Internet.
13-14 Administration Guide 1. T o make the filter active in the filter set, select Enabled and toggle it to Ye s . If Enabled is toggled to No , the filter can still exist in the filter set, but it will have no ef fect.
Security 13-15 10. When you are finished configuring the filter , select ADD THIS FIL TER NOW to save the filter in the filter set. Select CANCEL to discard the filter and r eturn to the Add IP Filter Set screen.
13-16 Administration Guide Modifying filter sets T o modify a filter set, select Display/Change IP Filter Set in the IP Filter Sets screen to display a list of filter sets. Select a filter set from the list and pr ess Return. The Change IP Filter Set screen appears.
Security 13-17 The five input filters and one output filter that make up Basic Firewall ar e shown in the table below . Basic Firewall’s filters play the following r oles. Input filters 1 and 2: These block W AN-originated OpenWindows and X-Windows sessions.
13-18 Administration Guide Basic Firewall is suitable for a LAN containing only client hosts that want to access ser vers on the W AN, but not for a LAN containing ser vers pr oviding ser vices to clients on the WAN. Basic Firewall’s general strategy is to explicitly for war d W AN-originated TCP and UDP traf fic to por ts gr eater than 1023.
Security 13-19 FTP sessions. T o allow W AN-originated FTP sessions to a LAN-based FTP ser ver with the IP addr ess a.b.c.d (cor responding to a numbered IP addr ess such as 163.176.8.243), inser t the following input filter ahead of the cur rent input filter 1: ■ Enabled: Y es ■ For war d: Y es ■ Source IP Addr ess: 0.
13-20 Administration Guide Basic IP packet components All IP packets contain the same basic header infor mation, as follows: This header infor mation is what the packet filter uses to make filtering decisions.
Security 13-21 Fir ewall design rules There ar e two basic rules to fir ewall design: ■ “What is not explicitly allowed is denied.” and ■ “What is not explicitly denied is allowed.” The first r ule is far more secure, and is the best appr oach to firewall design.
13-22 Administration Guide Logical AND function When a packet is compared (in most cases) a logical AND function is per for med. First the IP addresses and subnet masks are conver ted to binar y and then combined with AND.
Security 13-23 Example IP filter set screen This is an example of the Netopia IP filter set screen: Filter basics In the source or destination IP addr ess fields, the IP address that is entered must be the network addr ess of the subnet. A host address can be enter ed, but the applied subnet mask must be 32 bits (255.
13-24 Administration Guide Example network Example filters Example 1 Incoming packet has the source addr ess of 200.1.1.28 This incoming IP packet has a source IP addr ess that matches the network address in the Source IP Addr ess field (00000000) in the Netopia 4753.
Security 13-25 Example 2 Incoming packet has the source addr ess of 200.1.1.184. This incoming IP packet (10000000) has a source IP addr ess that does not match the network address in the Source IP Addr ess field (00000000) in the Netopia 4753. This r ule will for ward this packet because the packet does not match.
13-26 Administration Guide Example 4 Incoming packet has the source addr ess of 200.1.1.104. Since the Source IP Network Addr ess in the Netopia 4753 is 01100000, and the source IP address after the logical AND is 01100000, this r ule does match and this packet will not be for warded.
Security 13-27 LAN IP Filtersets The Netopia 4753 of fers LAN-side filtering on the Ethernet hub. This per mits multiple IP addr esses or subnets on the Ethernet LAN to be kept separate fr om one another and operate as vir tual independent networks sharing a single Internet connection.
13-28 Administration Guide Any customized filter set you create can be associated with the Ether net hub as shown below: Select LAN (EN Hub) IP Filter Set and from the pop-up menu, select the filter set you want to associate with the LAN inter face.
Security 13-29 T o remove the filter set fr om the Ethernet hub inter face, select Remove Filter Set and press Return . The filter set will be disconnected from the LAN inter face. Note: Removing the filter set from the LAN does not delete the filter set.
13-30 Administration Guide R R R R A A A A D D D D II I I U U U U S S S S C C C C ll l l ii i i e e e e n n n n t t t t S S S S u u u u p p p p p p p p o o o o r r r r t t t t The Netopia 4753 impleme.
Security 13-31 ■ Y ou select your desir ed mode by using the Security Databases pop-up menu. ■ Choosing Local Only , the default, selects the local authentication database. ■ Choosing RADIUS Only causes the router to ignor e the local database and to authenticate users using the configured RADIUS ser ver .
13-32 Administration Guide hostname to be resolved using the Domain Name System (DNS) infor mation configured in the r outer or by using an IP address in dotted-quad notation.
Security 13-33 Attempting to delete the last non-URG username/passwor d pair from the local authentication database when the Security Databases pop-up menu is set to either Local then RADIUS or RADIUS.
13-34 Administration Guide.
Monitoring T ools 14-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 4 4 4 4 M M M M o o o o n n n n ii i i t t t t o o o o r r r r ii i i n n n n g g g g T T T T o o o o o o o o ll l l s s s s This chapter discusses the Netopia 4753’s device and network monitoring tools.
14-2 Administration Guide General status Current Date: The cur rent date; this can be set with the Date and Time utility either automatically via NTP or manually (see “Date and time (Network Time Protocol)” on page 9-17 ). Default IP Gateway: The router’s default gateway , which may be either manually configur ed or learned via DHCP .
Monitoring T ools 14-3 Curr ent status The cur rent status section is a table showing the cur rent status of the W AN. For example: Profile Name: Lists the name of the connection pr ofile being used, if any . Rate: Shows the line rate for this connection.
14-4 Administration Guide Statistics & Logs When you are tr oubleshooting your Netopia 4753, the Statistics & Logs screens provide insight into the r ecent event activities of the router . From the Main Menu go to Statistics & Logs and select one of the options described in the sections below .
Monitoring T ools 14-5 W AN Event History The W AN Event Histor y screen lists a total of 128 events on the W AN. The most r ecent events appear at the top. Each entr y in the list contains the following infor mation: Date: Date of the event. Time: Time of the event.
14-6 Administration Guide Device Event History The Device Event Histor y scr een lists a total of 128 por t and system events, giving the time and date for each event, as well as a brief description. The most recent events appear at the top. In the Statistics & Logs screen, select Device Event Histor y .
Monitoring T ools 14-7 V oice Logs V oice Log The V oice Log screen lists a total of 128 voice-r elated events, giving the time and date for each event, as well as a brief description. The most recent events appear at the top. In the Statistics & Logs screen, select V oice Log .
14-8 Administration Guide V oice Accounting Log The V oice Accounting Log screen lists a total of 128 voice-r elated events, giving the time and date for each event, as well as a brief description. The most recent events appear at the top. In the Statistics & Logs screen, select V oice Accounting Log .
Monitoring T ools 14-9 IP Routing T able In the Statistics & Logs screen, select IP Routing T able and pr ess Return. The IP routing table displays all of the IP r outes curr ently known to the Netopia 4753. The routing table scr een represents a snapshot of the r outing table information at the time the scr een is first invoked.
14-10 Administration Guide Served IP Addresses Y ou can view all of the IP addr esses curr ently being ser ved by the Netopia 4753 G.SHDSL Integrated Access Device from the Ser ved IP Addresses scr een. From the Statistics & Logs menu, select Ser ved IP Addresses .
Monitoring T ools 14-11 This screen has thr ee options: ■ Reset All Leases : Resets all cur rent IP addresses leased thr ough DHCP without waiting for the default one–hour lease period to elapse ■ Release BootP Leases : Releases any BootP leases that may be in place and which may no longer be requir ed.
14-12 Administration Guide Physical Interface The top left side of the screen lists total packets r eceived and total packets transmitted for the following data por ts: ■ Ethernet Hub ■ SDSL 1 Net.
Monitoring T ools 14-13 System Information The System Infor mation screen gives a summar y view of the general system level values in the Netopia 4753 G.SHDSL Integrated Access Device. From the Statistics & Logs menu select System Information . The System Infor mation screen appears.
14-14 Administration Guide The SNMP Setup screen From the Main Menu, select SNMP in the System Configuration screen and pr ess Return. The SNMP Setup screen appears. Follow these steps to configure the first thr ee items in the screen: 1. Select System Name and enter a descriptive name for the Netopia 4753’s SNMP agent.
Monitoring T ools 14-15 By default, the read-only and r ead/write community strings are set to public and private, respectively . Y ou should change both of the default community strings to values known only to you and tr usted system adminis- trators.
14-16 Administration Guide Setting the IP trap receivers 1. Select Add IP Trap Receiver . 2. Select Receiver IP Address or Domain Name . Enter the IP address or domain name of the SNMP manager you want to receive the trap. 3. Select Community String if you enabled one in the SNMP Setup screen, and enter the appropriate password.
Utilities and Diagnostics 15-1 C C C C h h h h a a a a p p p p t t t t e e e e r r r r 1 1 1 1 5 5 5 5 U U U U t t t t ii i i ll l l ii i i t t t t ii i i e e e e s s s s a a a a n n n n d d d d D D D.
15-2 Administration Guide Ping The Netopia 4753 includes a standard Ping test utility . A Ping test generates IP packets destined for a par ticular (Ping-capable) IP host. Each time the tar get host receives a Ping packet, it r eturns a packet to the original sender .
Utilities and Diagnostics 15-3 Status: The cur rent status of the Ping test. This item can display the status messages shown in the able below: Packets Out: The number of packets sent by the Ping test. Packets In: The number of retur n packets received from the tar get host.
15-4 Administration Guide Packets Lost: The number of packets unaccounted for , shown in total and as a percentage of total packets sent. This statistic may be updated during the Ping test, and may not be accurate until after the test is over .
Utilities and Diagnostics 15-5 4. Select Use Reverse DNS to learn the names of the r outers between the Netopia Router and the destination router . The default is Y es. 5. Select ST ART TRACE ROUTE and press Retur n. A scrolling screen will appear that lists the destination, number of hops, IP addresses of each hop, and DNS names, if selected.
15-6 Administration Guide Disconnect T elnet Console Session If you want to close your T elnet console session, select Disconnect T elnet Console Session and press Return. A dialog box appears asking you to cancel or continue your selection. If you select Continue , you will immediately ter minate your session.
Utilities and Diagnostics 15-7 T ransferring Configuration and Firmwar e Files with TFTP T rivial File T ransfer Protocol (TFTP) is a method of transfer ring data over an IP network. TFTP is a client-ser ver application, with the router as the client.
15-8 Administration Guide ■ Select GET ROUTER FIRMW ARE FROM SERVER and press Retur n. Y ou will see the following dialog box: ■ Select CANCEL to exit without downloading the file, or select CONTINUE to download the file. The system will reset at the end of the file transfer to put the new fir mware into ef fect.
Utilities and Diagnostics 15-9 ■ Select GET CONFIG FROM SERVER and press Retur n. Y ou will see the following dialog box: ■ Select CANCEL to exit without downloading the file, or select CONTINUE to download the file. The system will reset at the end of the file transfer to put the new configuration into ef fect.
15-10 Administration Guide T ransferring Configuration and Firmwar e Files with XMODEM Y ou can transfer configuration and fir mware files with XMODEM thr ough the Netopia 4753’s console por t. Be sure your ter minal emulation program suppor ts XMODEM file transfers.
Utilities and Diagnostics 15-11 3. Select CANCEL to exit without downloading the file, or select CONTINUE to download the file. If you choose CONTINUE, you will have ten seconds to use your ter minal emulation software to initiate an XMODEM transfer of the fir mware file.
15-12 Administration Guide If you choose CONTINUE, you will have ten seconds to use your ter minal emulation software to initiate an XMODEM transfer of the configuration file. If you fail to initiate the transfer in that time, the dialog box will disappear and the ter minal emulation software will infor m you of the transfer’s failure.
P P P P a a a a r r r r t t t t II I I II I I II I I : : : : A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x e e e e s s s s.
Administration Guide.
T roubleshooting A-1 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x A A A A T T T T r r r r o o o o u u u u b b b b ll l l e e e e s s s s h h h h o o o o o o o o t t t t ii i i n n n n g g g g This appendix is intended to help you troubleshoot pr oblems you may encounter while setting up and using the Netopia 4753.
A-2 Administration Guide Note: If you are attempting to modify the IP addr ess or subnet mask from a previous, successful configuration attempt, you will need to clear the IP address or r eset your Netopia 4753 to the factor y default before reinitiating the configuration pr ocess.
T roubleshooting A-3 How to Reset the Netopia 4753 to Factory Defaults Lose your password? This section shows how to r eset the Netopia 4753 so that you can access the console screens once again. Keep in mind that all of your connection pr ofiles and settings will need to be reconfigured.
A-4 Administration Guide Technical Support Netopia, Inc. is committed to providing its customers with r eliable products and documentation, backed by excellent technical suppor t. Before contacting Netopia Look in this guide for a solution to your problem.
T roubleshooting A-5 Online product information Product infor mation can be found in the following: Netopia World Wide W eb ser ver via http://www .netopia.
A-6 Administration Guide.
Understanding IP Addressing B-1 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x B B B B U U U U n n n n d d d d e e e e r r r r s s s s t t t t a a a a n n n n d d d d ii i i n n n n g .
B-2 Administration Guide IP addresses ar e maintained and assigned by the InterNIC, a quasi-governmental or ganization now increasingly under the auspices of private industr y . Note: It’s ver y common for an or ganization to obtain an IP address fr om a third par ty , usually an Inter net ser vice pr ovider (ISP).
Understanding IP Addressing B-3 Subnet masks T o create subnets, the network manager must define a subnet mask, a 32-bit number that indicates which bits in an IP address ar e used for network and subnetwork addresses and which are used for host addresses.
B-4 Administration Guide Network configuration Below is a diagram of a simple network configuration. The ISP is providing a Class C addr ess to the customer site, and both networks A and B want to gain Internet access thr ough this address. Netopia 4753 B connects to Netopia 4753 A and is provided Inter net access through Routers A and B.
Understanding IP Addressing B-5 Background The IP addresses and r outing configurations for the devices shown in the diagram are outlined below . In addition, each individual field and its meaning are described.
B-6 Administration Guide There ar e two schemes for distributing the remaining IP addresses: ■ Manually give each computer an address ■ Let the Netopia 4753 automatically distribute the addresses These two methods are not mutually exclusive; you can manually issue some of the addr esses while the rest are distributed by the Netopia 4753.
Understanding IP Addressing B-7 Configuration This section describes the specific IP address lease, r enew , and release mechanisms for both the Mac and PC, with either DHCP or MacIP address ser ving. DHCP address serving Windows 95 workstation: ■ The Win95 workstation requests and r enews its lease ever y half hour .
B-8 Administration Guide ■ The Netopia 4753 releases the DHCP addr ess back to the available DHCP address pool exactly one hour after the last-heard lease r equest. Some other DHCP implementations may hold on to the lease for an additional time after the lease expired to act as a buf fer for variances in clocks between the client and ser ver .
Understanding IP Addressing B-9 In any situation where a device is dialing into a Netopia r outer , the r outer may need to be configured to ser ve IP via the W AN inter face. This is only a requirement if the calling device has not been configur ed locally to know what its address(es) ar e.
B-10 Administration Guide The figure above shows an example of a block of IP addr esses being distributed corr ectly . The example follows these r ules: ■ An IP address must not be used as a static addr ess if it is also in a range of addresses being distributed by DHCP or MacIP .
Understanding IP Addressing B-11 Nested IP Subnets Under cer tain cir cumstances, you may want to create remote subnets fr om the limited number of IP addresses issued by your ISP or other authority . Y ou can do this using connection pr ofiles. These subnets can be nested within the range of IP addresses available to your network.
B-12 Administration Guide Routers B and C (which could also be Netopia 4753s) ser ve the two r emote networks that are subnets of a.b.c.0. The subnetting is accomplished by configuring the Netopia 4753 with connection profiles for Routers B and C (see the following table).
Understanding IP Addressing B-13 The following diagram illustrates the IP address space taken up by the two r emote IP subnets. Y ou can see from the diagram why the ter m nested is appropriate for describing these subnets.
B-14 Administration Guide.
Binary Conversion T able C-1 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x C C C C B B B B ii i i n n n n a a a a r r r r y y y y C C C C o o o o n n n n v v v v e e e e r r r r s s s.
C-2 Administration Guide Decimal Binar y Decimal Binary Decimal Binar y Decimal Binary 128 10000000 160 10100000 192 11000000 224 11100000 129 10000001 161 10100001 193 11000001 225 11100001 130 10000.
Further Reading D-1 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x D D D D F F F F u u u u r r r r t t t t h h h h e e e e r r r r R R R R e e e e a a a a d d d d ii i i n n n n g g g g Alexander , S. and R. Droms, DHCP Options and BOOTP V endor Extensions , RFC 2131, Silicon Graphics, Inc.
D-2 Administration Guide LaQuey , T racy , The Inter net Companion: A Beginner's Guide to Global Networking , Addison-W esley Publishing Company , Reading, MA, 1994. Leinwand, A., and K. Fang, Network Management: A Practical Perspective , Addison-W esley Publishing Company , Reading, MA, 1993.
Further Reading D-3 Stallings, W . Local Networks , 3rd ed., Macmillan Publishing Company , New Y ork, NY , 1990. Stevens, W .R., TCP/IP Illustrated , V ol 1, Addison-Wesley Publishing Company , Reading, MA, 1994. Sunshine, C.A. (ed.), Computer Network Architectur es and Protocols , 2nd ed.
D-4 Administration Guide.
T echnical Specifications and Safety Information E-1 A A A A p p p p p p p p e e e e n n n n d d d d ii i i x x x x E E E E T T T T e e e e c c c c h h h h n n n n ii i i c c c c a a a a ll l l S S S.
E-2 Administration Guide Agency Approvals North America Safety Approvals: ■ United States – UL Standard for Infor mation T echnology Equipment, UL 60950, Third Edition, Dated December 1, 2000 ■ Canada – CSA: CAN/CSA-C22.
T echnical Specifications and Safety Information E-3 Ser vice requirements. In the event of equipment malfunction, all r epairs should be per for med by our Company or an authorized agent. Under FCC r ules, no customer is authorized to repair this equipment.
E-4 Administration Guide Important Safety instructions CAUTIONS CAUTION: Depending on the power supply provided with the pr oduct, either the direct plug-in power supply blades, power supply cord plug or the appliance coupler ser ves as the mains power disconnect.
T echnical Specifications and Safety Information E-5 Netopia 4753 Specifications Physical interface W AN interface ■ G.SHDSL por t with suppor t for symmetric connections from 64 Kbps to 2.368 Mbps (uses RJ68 connector ■ Interoperable with G.SHDSL equipment fr om Ericsson and others.
E-6 Administration Guide Protocols ■ A TM Pr otocols: A TM Multipr otocol Encapsulation over A TM Adaption Layer 5 (RFC 1483): Logical Link Control (LLC) encapsulation r outed modes ■ Suppor t for up to 8 A TM PVCs and 16 Frame Relay PVCs ■ PPP Over A TM, PPP over Ether net: P AP , CHAP or no authentication (RFC 2364).
T echnical Specifications and Safety Information E-7 a syslog ser ver ■ SNMPv1: (RFC 1157) and MIB II (RFC 1213), Ethernet MIB and enterprise MIB for r emote management using console applications Hardware specifications ■ Memor y: 16 MB DRAM memor y ■ Environmental Requir ement: Operating: 0 ∞ to +40 ∞ C.
E-8 Administration Guide ■ Speed Dialing by dialing a feature code ■ Three W ay Calling ■ Custom Ringing ■ Distinctive Ringing.
Glossary 1 G G G G ll l l o o o o s s s s s s s s a a a a r r r r y y y y access line: A telephone line reaching fr om the telephone company central of fice to a point usually on your premises. Beyond this point the wir e is considered inside wiring.
2 Administration Guide community strings: Sequences of characters that ser ve much like passwor ds for devices using SNMP . Dif ferent community strings may be used to allow an SNMP user to gather device infor mation or change device configurations. CRC (Cyclic Redundancy Check): A computational means to ensure the integrity of a block of data.
Glossary 3 host computer: A communications device that enables users to r un applications programs to per for m such functions as text editing, program execution, access to data bases, etc.
4 Administration Guide packet-switching network: A telecommunications network based on packet-switching technology , wher ein a transmission channel is occupied only for the duration of the transmission of the packet. P AP (PPP authentication protocol): A method for ensuring secur e network access.
Glossary 5 subnet mask: A 32-bit number to specify which par t of an inter net address is the network number , and which par t is the host addr ess. When written in binar y notation, each bit written as 1 cor responds to 1 bit of network address infor mation.
6 Administration Guide.
Index-1 II I I n n n n d d d d e e e e x x x x Numerics 10Base-T , connecting 5-3 A add static route 10-8 advanced configuration features 9-16 application software 5-2 A TMP 12-12 tunnel options 12-1.
Index-2 IP setup 7-8 IPX setup 7-8 navigating 6-5 over view 7-1 quick connection path 7-3 encr yption 12-3 , 12-7 , 12-12 Ethernet 5-2 event histor y device 14-6 WA N 14-5 F features 1-2 filter par t.
Index-3 L LAN-side filtering 13-27 LED status 14-3 LEDs 3-5 , 14-3 M MIBs suppor ted 14-13 MPPE 12-12 MS-CHAPv2 12-12 multiple subnets 10-4 N NA T adding ser ver lists 11-17 defined 10-1 Easy Setup .
Index-4 security options screen 13-2 protecting 13-2 Simple Network Management Protocol, see SNMP SNMP community strings 14-14 MIBs suppor ted 14-13 setup screen 14-14 traps 14-15 src.
Index-5 W AN event histor y 14-5 Windows NT Domain Name 12-6 X XMODEM 15-10 XMODEM file transfers downloading configuration files 15-11 updating fir mware 15-10 uploading configuration files 15-.
Index-6.
Limited Warranty and Limitation of Remedies 1 L L L L ii i i m m m m ii i i t t t t e e e e d d d d W W W W a a a a r r r r r r r r a a a a n n n n t t t t y y y y a a a a n n n n d d d d L L L L ii i.
2 Administration Guide.
デバイスNetopia 4753の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Netopia 4753をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはNetopia 4753の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Netopia 4753の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Netopia 4753で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Netopia 4753を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はNetopia 4753の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Netopia 4753に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちNetopia 4753デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。