Netopia 4553 User manual

Netopia

™

4553

G.SHDSL Router

User’s Reference Guide

Copyright

This manual and any associated artwork, software, and product designs are copyrighted with

part, without the prior written consent of Netopia, Inc. Under the law, copying includes

translation to another language or format.

Netopia, Inc.

2470 Mariner Square Loop

Alameda, CA 94501-1010

U.S.A.

Part Number

For additional copies of this electronic manual, order Netopia part number 6161088-PF-01.

Printed Copies

For printed copies of this manual, order Netopia part number TER/Doc

(P/N 6161088-00-01).

G

B

Chapter 1 — Introduction..........................................................1-9

Overview ....................................................................... 1-9

Features and capabilities ............................................... 1-9

How to use this guide .................................................. 1-10

Chapter 2 — Making the Physical Connections........................2-11

Find a location............................................................. 2-11

What you need ............................................................ 2-11

Identify the connectors and attach the cables ................ 2-12

Netopia Router status lights ......................................... 2-13

Chapter 3 — Sharing the Connections .....................................3-15

Conﬁguring TCP/IP on Windows-based Computers.......... 3-15

Dynamic conﬁguration (recommended)................. 3-16

Static conﬁguration (optional).............................. 3-17

Conﬁguring TCP/IP on Macintosh Computers ................. 3-19

Dynamic conﬁguration (recommended)................. 3-19

Static conﬁguration (optional).............................. 3-20

Chapter 4 — Connecting to Your Local Area Network ............... 4-23

Readying computers on your local network..................... 4-23

Connecting to an Ethernet network................................ 4-24

Chapter 5 — Console-Based Management ...............................5-25

Connecting through a Telnet session ............................. 5-26

Conﬁguring Telnet software ................................. 5-27

Connecting a console cable to your router ..................... 5-27

Navigating through the console screens ........................ 5-28

Chapter 6 — Easy Setup .........................................................6-29

Easy Setup console screens......................................... 6-29

Accessing the Easy Setup console screens .......... 6-29

Quick Easy Setup connection path ................................ 6-30

DSL Line Conﬁguration ....................................... 6-31

Easy Setup Proﬁle .............................................. 6-32

IP Easy Setup .................................................... 6-33

CC

oo

nn

tt

ee

nn

tt

ss

iv User’s Reference Guide

Easy Setup Security Conﬁguration ....................... 6-35

Chapter 7 — WAN and System Conﬁguration ...........................7-37

WAN conﬁguration........................................................ 7-37

Creating a new Connection Proﬁle ................................. 7-40

The default proﬁle........................................................ 7-43

IP parameters (default proﬁle) screen .................. 7-45

Scheduled Connections ............................................... 7-45

Frame Relay conﬁguration ............................................ 7-50

Frame Relay DLCI conﬁguration ........................... 7-52

System conﬁguration screens ...................................... 7-57

Navigating through the system conﬁguration screens...... 7-57

System conﬁguration features ............................. 7-58

IP setup............................................................. 7-59

Filter sets (ﬁrewalls) ........................................... 7-59

IP address serving ............................................. 7-59

Date and time.................................................... 7-59

Console conﬁguration ......................................... 7-60

SNMP (Simple Network Management Protocol) ..... 7-60

Security............................................................. 7-61

Upgrade feature set ........................................... 7-61

Logging ............................................................. 7-61

Installing the Syslog client .................................. 7-62

Chapter 8 — IP Setup .............................................................8-63

IP setup ...................................................................... 8-64

IP subnets ......................................................... 8-66

Static routes...................................................... 8-68

IP Address Serviing...................................................... 8-72

IP Address Pools ................................................ 8-75

DHCP NetBIOS Options....................................... 8-77

More Address Serving Options...................................... 8-79

Conﬁguring the IP Address Server options............ 8-80

DHCP Relay Agent........................................................ 8-85

Contents v

G

Connection Proﬁles ...................................................... 8-87

Chapter 9 — Multiple Network Address Translation .................9-91

Overview ..................................................................... 9-91

Features............................................................ 9-91

Supported Trafﬁc ............................................... 9-95

MultiNAT Conﬁguration ................................................. 9-95

Easy Setup Proﬁle conﬁguration .......................... 9-96

Server Lists and Dynamic NAT conﬁguration ......... 9-96

IP setup............................................................. 9-97

Modifying map lists .......................................... 9-102

Adding Server Lists.................................................... 9-104

Modifying server lists ....................................... 9-107

Deleting a server ............................................. 9-109

Binding Map Lists and Server Lists ............................. 9-110

IP proﬁle parameters ........................................ 9-110

IP Parameters (WAN Default Proﬁle)................... 9-112

NAT Associations ....................................................... 9-114

MultiNAT Conﬁguration Example .................................. 9-116

Chapter 10 — Virtual Private Networks ...............................10-121

Overview ................................................................. 10-121

About PPTP Tunnels ................................................. 10-123

PPTP conﬁguration.......................................... 10-124

About IPsec Tunnels................................................. 10-127

Conﬁguration ................................................. 10-127

IP Proﬁle Parameters ...................................... 10-130

Advanced IP Proﬁle Optiona ............................ 10-131

Interoperation with other features.................... 10-132

About ATMP Tunnels................................................. 10-132

ATMP conﬁguration......................................... 10-132

Encryption Support .................................................. 10-135

MS-CHAP V2 and 128-bit strong encryption...... 10-135

ATMP/PPTP Default Proﬁle........................................ 10-136

vi User’s Reference Guide

VPN QuickView ........................................................ 10-137

Dial-Up Networking for VPN ....................................... 10-138

Installing Dial-Up Networking ........................... 10-138

Creating a new Dial-Up Networking proﬁle ........ 10-139

Conﬁguring a Dial-Up Networking proﬁle ........... 10-140

Installing the VPN Client ........................................... 10-141

Windows 95 VPN installation........................... 10-141

Windows 98 VPN installation........................... 10-142

Connecting using Dial-Up Networking ............... 10-143

Allowing VPNs through a Firewall............................... 10-143

PPTP example ................................................ 10-144

ATMP example ............................................... 10-146

Chapter 11 — Security ....................................................... 11-151

Suggested security measures ................................... 11-151

User accounts ......................................................... 11-151

Telnet access .......................................................... 11-153

About ﬁlters and ﬁlter sets ....................................... 11-154

What’s a ﬁlter and what’s a ﬁlter set?.............. 11-154

How ﬁlter sets work........................................ 11-154

How individual ﬁlters work............................... 11-156

Design guidelines........................................... 11-161

Working with IP ﬁlters and ﬁlter sets.......................... 11-162

Adding a ﬁlter set ........................................... 11-162

Deleting a ﬁlter set......................................... 11-167

A sample IP ﬁlter set ...................................... 11-167

Firewall tutorial ........................................................ 11-170

General ﬁrewall terms .................................... 11-170

Basic IP packet components ........................... 11-171

Basic protocol types ....................................... 11-171

Firewall design rules....................................... 11-172

Filter basics................................................... 11-174

Example ﬁlters ............................................... 11-175

Contents vii

G

Chapter 12 — Monitoring Tools ...........................................12-179

Quick View status overview ...................................... 12-179

General status ............................................... 12-180

Current status ............................................... 12-181

Status lights .................................................. 12-181

Statistics & Logs ..................................................... 12-182

Event histories ........................................................ 12-182

IP Routing Table....................................................... 12-185

General Statistics .................................................... 12-185

System Information.................................................. 12-187

SNMP ..................................................................... 12-188

The SNMP Setup screen ................................. 12-188

SNMP traps ................................................... 12-189

Chapter 13 — Utilities and Diagnostics ...............................13-193

Ping ........................................................................ 13-194

Trace Route............................................................. 13-196

Telnet client............................................................. 13-197

Factory defaults....................................................... 13-198

Transferring conﬁguration and ﬁrmware ﬁles with TFTP 13-198

Updating ﬁrmware .......................................... 13-199

Downloading conﬁguration ﬁles ....................... 13-199

Uploading conﬁguration ﬁles ........................... 13-200

Transferring conﬁguration and ﬁrmware ﬁles with

XMODEM................................................................. 13-200

Updating ﬁrmware .......................................... 13-201

Downloading conﬁguration ﬁles ....................... 13-202

Uploading conﬁguration ﬁles ........................... 13-202

Restarting the system.............................................. 13-203

Appendix A — Troubleshooting..............................................A-205

Conﬁguration problems .............................................. A-205

Console connection problems ........................... A-206

Network problems ............................................ A-206

viii User’s Reference Guide

How to reset the router to factory defaults .................. A-207

Power outages........................................................... A-207

Technical support ...................................................... A-208

How to reach us............................................... A-208

Appendix B — Technical Speciﬁcations and Safety Information

............................................................................................B-211

Warranty

Introduction 1-9

CC

hh

aa

pp

tt

ee

rr

11

II

nn

tt

rr

oo

dd

uu

cc

tt

ii

oo

nn

Overview

The Netopia 4553 G.shdsl Router is a full-featured, stand-alone DSL router for connecting diverse local area

networks (LANs) to the Internet and other remote networks. It supports the newly ratiﬁed ITU G.991.2 standard

for symmetric DSL series. The Netopia 4553 G.shdsl Router uses a high performance telecommunications line

to provide your whole network with a high-speed connection to the outside world.

This section covers the following topics:

■

“Features and capabilities” on page 1-9

■

“How to use this guide” on page 1-10

Features and capabilities

The Netopia 4553 G.shdsl Router provides the following features:

■

Support for IP routing for Internet and Intranet connectivity

■

Compatible with G.shdsl ITU standard G.991.2.

■

G.shdsl WAN interface supports symmetric data rates from 144 kbps to 2.32 Mbps

■

Built-in VPN features offer secure Internet connections between remote ofﬁces and travelers

■

Built-in ﬁrewall protects LAN resources from Internet intruders

■

Support for Ethernet LANs with multiple Ethernet IP subnets

■

10/100-Base T Ethernet port connects easily to an existing LAN hub

■

Interoperable with a wide array of DSLAM equipment

■

Console-based Telnet client

■

UNIX syslog client

■

Status lights (LEDs) for easy monitoring and troubleshooting

■

Support for Console-based management

■

NAT/NATP, multi-NAT, and DHCP for security and convenience

■

Wall-mountable, Bookshelf (Side-stackable), or Desktop-stackable design for efﬁcient space usage

1-10 User’s Reference Guide

How to use this guide

In addition to the simple documentation contained in the accompanying

Getting Started Guide

, this guide is

designed to be your single source for information about your Netopia 4553 G.shdsl Router. It is intended to be

viewed on-line, using the powerful features of the Adobe Acrobat Reader. The information display has been

deliberately designed to present the maximum information in the minimum space on your screen. You can keep

this document open while you perform any of the procedures described, and ﬁnd useful information about the

procedure you are performing.

You can also print out all of the manual, or individual sections, if you prefer to work from hard copy rather than

on-line documentation. The pages are formatted to print on standard 8 1/2 by 11 inch paper. We recommend

that you print on 3-hole punched paper, so that you can put the pages in a binder for future reference. For your

convenience, a printed copy is available from Netopia. Order part number TE4553/Doc.

This guide is organized into chapters describing the Netopia 4553’s advanced features. You may want to read

each chapter’s introductory section to familiarize yourself with the various features available.

Use the guide’s table of contents and index to locate informational topics.

Making the Physical Connections 2-11

CC

hh

aa

pp

tt

ee

rr

22

MM

aa

kk

ii

nn

gg

tt

hh

ee

PP

hh

yy

ss

ii

cc

aa

ll

CC

oo

nn

ee

cc

tt

ii

oo

nn

ss

This section tells you how to make the physical connections to your Netopia 4553 Router. This section covers

the following topics:

■

“Find a location” on page 2-11

■

“What you need” on page 2-11

■

“Identify the connectors and attach the cables” on page 2-12

■

“Netopia 4553 Router status lights” on page 2-13

Find a location

When choosing a location for the Netopia 4553 Router, consider:

■

Available space and ease of installation

■

Physical layout of the building and how to best use the physical space available for connecting your Netopia

4553 Router to the LAN

■

Available wiring and jacks

■

Distance from the point of installation to the next device (length of cable or wall wiring)

■

Ease of access to the front of the unit for conﬁguration and monitoring

■

Ease of access to the back of the unit for checking and changing cables

■

Cable length and network size limitations when expanding networks

For small networks, install the Netopia near one of the LANs. For large networks, you can install the Netopia in

a wiring closet or a central network administration site.

What you need

Locate all items that you need for the installation.

Included in your router package are:

■

The Netopia 4553 Router

■

A power adapter and cord with a mini-DIN8 connector

■

One Category 5 Ethernet cable

■

One Category 5 DSL WAN (or Line) cable

■

A DB-9 to DB-9 console cable

■

The Netopia CD containing software and documentation

2-12 User’s Reference Guide

You will need:

■

A Windows 95 or 98–based PC or a Macintosh computer with Ethernet connectivity for conﬁguring the

Netopia. This may be built-in Ethernet or an add-on card, with TCP/IP installed and conﬁgured. See

“Sharing the Connection” on page 3-15.

■

A G.shdsl wall outlet wired for a connection to a Local Exchange Carrier (LEC) who supports Symmetric

Digital Subscriber Line connections.

Identify the connectors and attach the cables

Identify the connectors and switches on the back panel and attach the necessary Netopia Router cables.

The ﬁgure below displays the back of the Netopia 4553 Router.

Netopia back panel

.

1. Connect the mini-DIN8 connector from the power adapter to the power port, and plug the other end into an

electrical outlet.

2. Connect one end of the Category 5 cable to the DSL port, and the other end to your DSL wall outlet.

Port Description

Power port A mini-DIN8 power adapter cable connection.

Console port A DB-9 console port for a direct serial connection to the console screens. You

can use this if you are an experienced user. See “Connecting a console cable to

your router” on page 5-27.

DSL port An RJ-48 jack labeled DSL for your G.shdsl connection.

Ethernet port An RJ-45 10/100Base-T Ethernet jack. You will use this to conﬁgure the

Netopia. For a new installation, use the Ethernet connection. Alternatively, you

can use the console connection to run console-based management using a

direct serial connection. You can either connect your computer directly the

Ethernet port using a crossover cable, or connect both your computer and the

Netopia to an existing Ethernet hub on your LAN.

Console Power

Ethernet port

Console port

Power port

G.shdsl port

DSL

10/100

Ethernet

Making the Physical Connections 2-13

3. Connect the Ethernet cable to the Ethernet port on the router and the other end to your computer.

You should now have: the power adapter plugged in; the Ethernet cable connected between the router and

your computer; and the DSL cable connected between the router and the DSL wall outlet.

Netopia 4553 Router status lights

The ﬁgure below represents the Netopia status light (LED) panel.

Netopia LED front panel

The following table summarizes the meaning of the various LED states and colors:

When this happens... the LEDs...

The power is on

Power

is green.

The Router detects an error

Error

is red.

The Ethernet link is established

Ethernet

is green.

The WAN has trained

DSL

is green.

The WAN is training

DSL

ﬂashes green.

Note:

The remaining LEDs are not used.

DSL

Power

Error

Ethernet

2-14 User’s Reference Guide

Sharing the Connection 3-15

CC

hh

aa

pp

tt

ee

rr

33

SS

hh

aa

rr

ii

nn

gg

tt

hh

ee

CC

oo

nn

ee

cc

tt

ii

oo

nn

Once you have set up your physical local area network, you will need to conﬁgure the TCP/IP stack on each

client workstation connected to your Netopia 4553. This chapter describes how to conﬁgure TCP/IP for both

Windows-based and Macintosh computers.

This chapter explains the following topics:

■

“Conﬁguring TCP/IP on Windows-based Computers” on page 3-15

■

“Conﬁguring TCP/IP on Macintosh Computers” on page 3-19

Conﬁguring TCP/IP on Windows-based Computers

Conﬁguring TCP/IP on a Windows computer requires the following:

■

An Ethernet card (also known as a network adapter)

■

The TCP/IP protocol must be “bound” to the adapter or card

3-16 User’s Reference Guide

Dynamic conﬁguration (recommended)

To conﬁgure your PC for dynamic addressing do the following:

Note:

You can also use these instructions to conﬁgure other computers on your network to accept IP addresses

served by the Netopia 4553.

1. Go to the Start

Menu/Settings/Control

Panels and double click

the Network icon. From

the Network components

list, select the

Conﬁguration tab.

2. Select TCP/IP-->Your Network Card. Then select

Properties. In the TCP/IP Properties screen, select the IP

Address tab. Click “Obtain an IP Address automatically”.

3. Click on the DNS Conﬁguration tab. Click Disable DNS.

DNS will be assigned by the router with DHCP.

4. Click OK in this window and the next window. When

prompted, reboot the computer.

Sharing the Connection 3-17

Static conﬁguration (optional)

If you are manually conﬁguring for a ﬁxed or static IP address, perform the following:

1. Go to Start Menu/Settings/Control Panels and double click the Network icon. From the Network

components list, select the Conﬁguration tab.

2. Select TCP/IP-->Your Network Card. Then select Properties. In the TCP/IP Properties screen, select the

IP Address tab. Click “Specify an IP Address.”

Enter the following:

IP Address: 192.168.1.2

Subnet Mask: 255.255.255.0, or for 12-user models 255.255.255.240

This address is an example of one that can be used to conﬁgure the router. Your ISP or network

administrator may ask you to use a different IP address and subnet mask.

3-18 User’s Reference Guide

4. Click OK in this window and the next window. When prompted, reboot the computer.

Note: You can also use these instructions to conﬁgure other computers on your network with manual or static

IP addresses. Be sure each computer on your network has its own IP address.

Click on the DNS Conﬁguration tab. Click Enable DNS.

Enter the following

information:

Host: Type the name

you want to give to

this computer.

Domain: Type your

domain name. If you

don't have a domain

name, type your ISP's

domain name; for

example,

netopia.com.

DNS Server Search

Order: Type the

primary DNS IP

address given to you

by your ISP. Click

Add. Repeat this process for the secondary DNS.

Domain Sufﬁx Search Order: Enter the same domain

name you entered above.

3. Click on the Gateway tab (shown below).

Under “New gateway,” enter

192.168.1.1. Click Add. This is the

Netopia 4553’s pre-assigned IP address.

Sharing the Connection 3-19

Conﬁguring TCP/IP on Macintosh Computers

The following is a quick guide to conﬁguring TCP/IP for MacOS computers. Conﬁguring TCP/IP in a Macintosh

computer requires the following:

■ You must have either Open Transport or Classic Networking (MacTCP) installed.

Note: If you want to use the Dynamic Host Conﬁguration Protocol (DHCP) server built into your Netopia

4553 to assign IP addresses to your Macintoshes, you must be running Open Transport, standard in

MacOS 8 and optional in earlier system versions. You can have your Netopia 4553 dynamically assign IP

addresses using MacTCP; however, to do so requires that the optional AppleTalk kit be installed which can

only be done after the router is conﬁgured.

■ You must have built-in Ethernet or a third-party Ethernet card and its associated drivers installed in your

Macintosh.

Dynamic conﬁguration (recommended)

The Dynamic Host Conﬁguration Protocol (DHCP), which enables dynamic addressing, is enabled by default in

the router. To conﬁgure your Macintosh computer for dynamic addressing do the following:

Note: You can also use these instructions to conﬁgure other computers on your network to accept IP addresses

served by the Netopia 4553.

1. Go to the Apple menu. Select Control Panels and then

TCP/IP.

2. With the TCP/IP window open, go to the Edit menu and

select User Mode. Choose Basic and click OK.

3. In the TCP/IP window, select “Connect via: Ethernet” and

“Conﬁgure: Using DHCP Server.”

3-20 User’s Reference Guide

Static conﬁguration (optional)

3. In the TCP/IP window or in the MacTCP/More window, select or type information into the ﬁelds as shown in

the following table.

4. Close the TCP/IP or MacTCP control panel and save the settings.

5. If you are using MacTCP, you must restart the computer. If you are using Open Transport, you do not need

to restart.

Note: You can also use these instructions to conﬁgure other computers on your network to accept IP addresses

served by the Netopia 4553.

Option: Select/Type:

Connect via: Ethernet

Conﬁgure: Manually

IP Address: 192.168.1.2

Subnet mask: 255.255.255.0, or for 12-user models

255.255.255.240

Router or Gateway address: 192.168.1.1

Name server address: Enter the primary and secondary name server

addresses given to you by your ISP

Implicit Search Path:

Starting domain name:

Enter your domain name; if you do not have a

domain name, enter the domain name of your ISP

If you are manually conﬁguring for a ﬁxed or static IP address,

perform the following:

1. Go to the Apple menu. Select Control Panels and then

TCP/IP or MacTCP.

2. With the TCP/IP window open, go to the Edit menu and

select User Mode. Choose Advanced and click OK.

Or, in the MacTCP window, select Ethernet and click the

More button.

Page is loading ...

Netopia 4553 User manual

Netopia 4553 User manual

Related papers

Other documents