Solwise Ltd. Set-up instructions for Asus SL6000 VPN ADSL Router www.solwiseforum.co.uk The Solwise Forum is designed to be the first port-of-call for technical support and sales advice for the whole Solwise product range. Please check the forum for coverage on any technical problems you have. Many people have trodden your path before you, and a quick check on the forum will reduce the pressure on our support staff. Revision 0.
Chapter 1. Introduction Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Notification is hereby given that Solwise Ltd. reserves the right to modify, change, update or revise this document from time to time as required without the prior obligation to notify any person, company or organization. Further, Solwise makes no warranty or representation, either express or implied, with respect to merchantability, or fitness of its products for a particular purpose. Solwise Ltd.
SL6000 User’s Guide DOC compliance information NOTICE: The Canadian Department of Communications label identifies certified equipment. This certification means that the equipment meets certain telecommunications network protective, operational and safety requirements. The Department does not guarantee the equipment will operate to the user’s satisfaction. Before installing this equipment, users ensure that it is permissible to be connected to the facilities of the local Telecommunications Company.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 1. Introduction Table of Contents 1 Introduction..........................................................8 1.1 Overview................................................................... 8 1.2 Specifications and Features ..................................... 8 1.3 What’s in the package? .......................................... 10 1.4 Front Panel ............................................................. 10 1.5 Rear Panel........
Chapter 1. Introduction Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 5.4 Configuring Outbound ACL Rules .......................... 46 5.4.1 Options in Outbound ACL Configuration Page................................................. 46 5.5 5.6 6 5.4.2 Add an Outbound ACL Rule.......................... 48 5.4.3 Modify Outbound ACL Rules......................... 49 5.4.4 Delete Outbound ACL Rules......................... 49 5.4.5 Display Outbound ACL Rules........................
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 1. Introduction 7.2 WAN ....................................................................... 69 7.2.1 ADSL ............................................................. 69 7.2.2 Channel ......................................................... 70 7.3 Networking.............................................................. 74 7.3.1 DNS Server ................................................... 74 7.3.2 DNS Relay......................
1 Introduction 1.1 Overview The ASUS ADSL Router features multi-mode ADSL technology that provides a downstream rate of up to 8M bps over existing copper wire lines, which is more than 100 times faster than a traditional 56K analogue modem.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 1. Introduction Bridged Function (ADSL) IEEE802.1d Transparent bridge with spanning tree support.
Chapter 1. Introduction Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Depth Weight Power Supply 182.5 mm (7.18 inches) 485g Input Voltage AC 230V, 50Hz (For EURO Region) Power Consumption Operating Environment Operating Temperature Non-Operating Temperature Humidity 15VAC, 700mA Regulatory Agency Compliance 1.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 1. Introduction WAN green On: WAN link established and active Flashing: Data is transmitted via WAN connection LAN1 green On: LAN link is established Off: No WAN link LAN2 Flashing: Data is transmitted via LAN connection LAN3 LAN4 Off: No LAN link 1.
Chapter 2. Connecting to your network and line Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 2 Connecting to your network and line Step 1. Connect the ADSL modem. For SL-6000/6300: Connect one end of the Line cable to the port labeled ADSL on the rear panel of the device. Connect the other end to the ADSL port on the splitter or micro-filter. Step 2. Connect the computers or a LAN.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 2.
Chapter 3. Setting up TCP/IP on your computer Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 3 Setting up TCP/IP on your computer You first of all need to check the TCP/IP settings of your computer. Please note that the author is assuming you are using MS Windows (Win9x or 2K/XP) or Mac OS10; please make appropriate allowances if using another operating system or platform such as Linux. The default IP address of the ASUS router is 192.168.7.1 on subnet mask 255.255.255.0.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 3. Setting up TCP/IP on your computer itself, select that line. Click on Properties. 3. Click the IP Address tab and select Obtain and IP address automatically. 4. Click on the Gateway tab and verify that the Installed Gateway field is blank. Click on OK. 5. Click again on OK. Windows may as you for the original Windows installation disk or additional files. Supply them by pointing to the correct location, e.g.
Chapter 3. Setting up TCP/IP on your computer 3.1.3 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Configure the PC (TCP/IP Settings) for Windows 2000 1. Click on Start -> Settings -> Control Panel. Double-click on the Network and Dial-up Connection icon. The Network screen will appear. 2. Select the Local Area Connection icon for the applicable Ethernet adapter (usually it is the first Local Area Connection listed). Double-click on Local Area Connection and click Properties.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 3. Setting up TCP/IP on your computer 3. Select Internet Protocol (TCP/IP) and click on Properties. 4. Select Obtain an IP address automatically and click on OK on the subsequent screens to complete the PC’s configuration. 5. Restart your computer.
Chapter 3. Setting up TCP/IP on your computer 3.1.4 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Configure the PC (TCP/IP settings) for Windows XP The following instructions assume you are running Windows XP’s default interface. If you are using the Classical interface (where the icons and menus look like previous Windows versions) , please follow the instructions for Windows 2000(step 3b). 1. Click on Start-> Control Panel. Click on the Network and Internet Connections icon.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 3. Setting up TCP/IP on your computer 3. Select Obtain an IP address automatically and click on OK on the subsequent screens to complete the PC’s configuration. 4. Restart your computer.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 4 PPPoA Router configuration (For the UK) The SL-6000/6300 provides a preinstalled software program called Configuration Manager that enables you to configure SL-6000/6300 via your Web browser. To configure using your browser you must first of all must have successfully installed TCP/IP protocol on your computer as detailed above.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 4.2 Chapter 4. PPPoA Router configuration (For the UK) Running the Set-up Wizard Now run the Set-up Wizard…. Click on Next.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Unless you want to change the configuration passwords used (admin/admin) then click Next.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide The Time Zone screen allows you to alter the date/time settings. If you want change these values and then click on Next….
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4. PPPoA Router configuration (For the UK) You can now alter the LAN IP settings if you want.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide The next screen allows you to alter the DHCP server settings. If you are happy with them just click on Next.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4.
Chapter 4.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Now, if your router is connected to a valid ADSL connection and you have set-up for ‘Automatic IP Address Assignment’ the router should connect to your ISP and display the connection IP address.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 4.3 Chapter 4. PPPoA Router configuration (For the UK) Enabling NAT Now you need to enable NAT. You do this by creating an NAT POOL.
Chapter 4. PPPoA Router configuration (For the UK) Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Make a new NAT Pool of type Interface and select the new PPPoA Routed Interface.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4.
Chapter 4. PPPoA Router configuration (For the UK) 4.4 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Enabling outbound access through the firewall Now we need to modify/create the Outbound ACL (Access Control Configuration).
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4. PPPoA Router configuration (For the UK) By default the standard Outbound ACL rules are set for NAT applied to the WAN interface. However, for operation with a NAT Pool (as created above) you need to alter these rules to apply to the NAT Pool. So, you have two options: You could modify the existing rules or you can just create a new ‘Allow All’ rule (though, of course, an ‘allow all rule’ will effectively turn your firewall off). 4.4.
Chapter 4.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4. PPPoA Router configuration (For the UK) Now click on Modify. You will need to do all the rules to enable full, standard access. 4.4.2 Creating an Allow All rule Your alternative is to create an Allow All rule.
Chapter 4.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 4. PPPoA Router configuration (For the UK) Now, internet access should work! If it doesn’t work then check on the WAN ADSL screen that it shows you are connected. If not then this says it can’t find the ADSL signal on the line. Next goto the WAN//Channel page and make sure it shows an IP address for the link: Address 0.0.0.0 is NOT correct. If there is no address shown then this means it’s not logging in with the ISP.
Chapter 4.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 5. Configuring Firewall/NAT Settings 5 Configuring Firewall/NAT Settings SL-6000 provides built-in firewall/NAT functions, enabling you to protect the system against denial of service (DoS) attacks and other types of malicious accesses to your LAN while providing Internet access sharing at the same time. You can also specify how to monitor attempted attacks, and who should be automatically notified.
Chapter 5. Configuring Firewall/NAT Settings Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Default Inbound Access Rules No default inbound access rule is configured. That is, all traffic from external hosts to the internal hosts is denied. Default Outbound Access Rules The default outbound access rule allows all the traffic originated from your LAN to be forwarded to the external network using NAT. 5.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Allow Deny Chapter 5. Configuring Firewall/NAT Settings Select this button to configure the rule as an allow rule. This rule when bound to the Firewall will allow matching packets to pass through. Select this button to configure the rule as a deny rule. This rule when bound to the Firewall will not allow matching packets to pass through. Move to This option allows you to set a priority for this rule.
Chapter 5. Configuring Firewall/NAT Settings Begin End Destination Port Any Single, Range Service Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Enter the starting port number of the range Enter the ending port number of the range Select this option if you want this rule to apply to all applications with an arbitrary destination port number. Select any of these and enter details as described in the Source Port section above.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 5. Configuring Firewall/NAT Settings 5. Assign a priority for this rule by selecting a number from the “Move to” drop-down list. Note that the number indicates the priority of the rule with 1 being the highest. Higher priority rules will be examined prior to the lower priority rules by the firewall. 6. Click on the Add button to create the new ACL rule.
Chapter 5. Configuring Firewall/NAT Settings Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 3. Click on the Delete button to delete this ACL rule. Note that the ACL rule deleted will be removed from the ACL rule table located at the lower half of the same configuration page. 5.3.5 Display Inbound ACL Rules To see existing inbound ACL rules, follow the instructions below: 1. Log into Configuration Manager as admin, click the Firewall menu, and then click Inbound ACL submenu. 2.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 5. Configuring Firewall/NAT Settings Action Allow Select this button to configure the rule as an allow rule. This rule when bound to the Firewall will allow matching packets to pass through. Deny Select this button to configure the rule as a deny rule. This rule when bound to the Firewall will not allow matching packets to pass through. Move to This option allows you to set a priority for this rule.
Chapter 5. Configuring Firewall/NAT Settings Solwise Asus SL6000 ADSL Ethernet Router User’s Guide is selected. Begin End Destination Port Any Enter the starting port number of the range Enter the ending port number of the range Select this option if you want this rule to apply to all applications with an arbitrary destination port number. Select any of these and enter details as described in the Source Port section above.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 5. Configuring Firewall/NAT Settings 6. Click on the Add button to create the new ACL rule. The new ACL rule will then be displayed in the outbound access control list table at the lower half of the Outbound ACL Configuration page. Figure above illustrates how to create a rule to allow outbound HTTP traffic. This rule allows outbound HTTP traffic to be directed to any host on the external network for a host in your LAN w/ IP address 192.168.1.
Chapter 5. Configuring Firewall/NAT Settings 5.4.5 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Display Outbound ACL Rules To see existing outbound ACL rules, follow the instructions below: 1. Log into Configuration Manager as admin, click the Firewall menu, and then click Outbound ACL submenu. 2. The outbound ACL rule table located at the lower half of the Outbound ACL Configuration page shows all the configured outbound ACL rules. 5.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Protocol Port 5.5.2 Chapter 5. Configuring Firewall/NAT Settings Enter the type of protocol the service uses. Enter the port number that is set for this service. Add a Service To add a service, follow the instructions below: 1. Log into Configuration Manager as admin, click the Firewall menu, and then click Service submenu. The Firewall Service Configuration page displays, as shown above.
Chapter 5. Configuring Firewall/NAT Settings Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 1. Log into Configuration Manager as admin, click the Firewall menu, and then click Service submenu. 2. The service list table located at the lower half of the Service Configuration page shows all the configured services. 5.6 Firewall Statistics The Firewall Statistics page displays details regarding the active connections. Figure below shows a sample firewall statistics for active connections.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 6. Configuring VPN 6 Configuring VPN The chapter contains instructions for configuring VPN connections using automatic keying and manual keys. 6.1 Default Parameters The SL-6000 is pre-configured with a default set of proposals/connections. They cover the most commonly used sets of parameters, required for typical deployment scenarios. It is recommended that you use these pre-configured proposals/connections to simplify VPN connection setup.
Chapter 6.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 6. Configuring VPN This will reduce quick re-keying which will unnecessarily burden the system. Limits for key length The maximum key length for pre shared key, cipher key and Authentication Key is 50characters. If the cipher key length is greater than the length specified by the encryption algorithm, the key is truncated to the appropriate length. Priority of the connections The allow-ike-io default rule has the highest priority (1).
Chapter 6. Configuring VPN Solwise Asus SL6000 ADSL Ethernet Router User’s Guide them to configure basic Access Rule that will be used to establish a tunnel from local secure group to remote secure group with basic parameters. Options in this screen allow you to: Add an Access List, and set basic parameters for it Modify an Access List Delete an existing Access List 6.2.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 6. Configuring VPN fields become available for entry when this option is selected: Enter the starting IP address of the range. Enter the ending IP address of the range. Start IP End IP Remote Secure Group This option allows you to set the remote (destination) secure network to which this rule should apply. This option allows you to apply this rule inclusively on all computers in the external network.
Chapter 6. Configuring VPN Encryption / Authentication Operation Mode PFS Group Life Times 6.2.2 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Select one of the following pre-configured IKE proposals from the drop-down list. If “All” is selected, all the pre-configured proposals will be associated with existing tunnel and one (among the set of IPSec proposals) will be selected automatically and used by IPSec to communicate with its peer.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 6. Configuring VPN To add a rule for a VPN connection, follow the instructions below: 1. Log into Configuration Manager as admin, click the VPN menu, and then click Tunnel submenu. The VPN Tunnel Configuration page displays, as shown in Figure 9.1. Note that when you open the VPN Tunnel Configuration page, a list of existing rules for VPN connections are also displayed in the lower half of the configuration page such as those shown in Figure 9.
Chapter 6. Configuring VPN Solwise Asus SL6000 ADSL Ethernet Router User’s Guide allow-ike-io, which is needed by IKE. Higher priority rules will be examined prior to the lower priority rules by the VPN. 8. Click on the Add button to create the new VPN rule. The new VPN rule will then be displayed in the VPN Connection Status table at the lower half of the VPN Configuration page. 6.2.3 Modify VPN Rules To modify a VPN rule, follow the instructions below: 1.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 6.3 Chapter 6. Configuring VPN Establish VPN Connection Using Manual Keys This section describes the steps to establish the VPN tunnel-using manual keying. Manual keying is a method to achieve security when ease of configuration and maintenance is more important or automatic keying is not feasible due to interoperability issues between IKE implementations on the gateways.
Chapter 6. Configuring VPN Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Remote Secure Group This option allows you to set the remote (destination) secure network to which this rule should apply. This option allows you to apply this rule inclusively on all computers in the external network. Use the “Type” drop-down list to select one of the following: IP Address Subnet IP Range Remote Secure Gateway Select any of these and enter details as described in the Local Secure Group above.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 6. Configuring VPN To add a rule for a VPN connection, follow the instructions below: 1. Log into Configuration Manager as admin, click the VPN menu, and then click Tunnel submenu. The VPN Tunnel Configuration page displays, as shown in above. Note that when you open the VPN Tunnel Configuration page, a list of existing rules for VPN connections are also displayed in the lower half of the configuration page such as those shown above. 2.
Chapter 6. Configuring VPN Solwise Asus SL6000 ADSL Ethernet Router User’s Guide allow-ike-io, which is needed by IKE. Higher priority rules will be examined prior to the lower priority rules by the VPN. 8. Click on the Add button to create the new VPN rule. The new VPN rule will then be displayed in the VPN Connection Status table at the lower half of the VPN Configuration page. 6.3.3 Modify VPN Rules To modify a VPN rule, follow the instructions below: 1.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 6.4 Chapter 6. Configuring VPN VPN Statistics Statistics option allows you to view the information about the VPN statistics – Global, IKE SAs and IPSec SAs. Table 9.6 gives description for the VPN statistics parameters.
Chapter 6.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail 7 The Configuration Pages in more detail 7.1 7.1.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide or ATM. 2. IP Address: Enter the selected interface's IP Address, which can also be used for Administrative access to the Broadband Gateway. 3.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail DHCP Server Assignments displays the current IP Address assignments made by the DHCP server. • • Disabling DHCP will prevent your LAN PCs from obtaining IP addresses from the Broadband Gateway and thus can disrupt your LAN's network services The range of IP addresses must be on the same subnet as the LAN network. Notes • 7.2 7.2.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide handshake protocol. To set a handshake protocol select the protocol and click the Connect button Configuration Parameters Handshake Protocol: For Annex-A users, the protocols supported are Multimode, GMT/Annex-A, G.Lite, Alcatel1.4, ANSI T1.413 and ADI. For Annex-B users, the only protocol supported is GMT. Notes Changing the ADSL handshake protocol will cause temporary loss of Internet connectivity 7.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail to carry traffic on a best-effort basis, unless Traffic Parameters have been explicitly specified • The dynamic and static routing on the Broadband Gateway Configuration Parameters 1. 2.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide specified is in cells You can use the ATM Service Basic page to add, modify or delete the ATM Services used for connecting to your ISP. To delete a specific service, select the Channel, and click on the Delete button.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail following fields must be specified: IP Address: Enter the MPoA Routed service interface's IP Address. Contact your ISP for details Subnet Mask: Enter the MPoA Routed service interface's Subnet Mask. Contact your ISP for details o MPoA Bridge/PPPoE Relay: No further configuration parameters need to be specified for MPoA Bridge and PPPoE Relay Services 2.
Chapter 7. The Configuration Pages in more detail 7.3 Networking 7.3.1 DNS Server Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Usage Guidelines You can use this page to add, delete and modify host IP address entries so as to facilitate the LAN PCs to specify host names rather than specific IP addresses while communicating with specific PCs on the Internet.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 7.3.2 Chapter 7.
Chapter 7. The Configuration Pages in more detail 7.3.3 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Routing Usage Guidelines You can use this page to setup dynamic and static routing on the Broadband Gateway. Dynamic routing is supported via RIP (Routing Information Protocol) versions 1 and 2. The Broadband Gateway can be configured to accept and send routing updates via RIPv1 or RIPv2. Select the Enable or Disable option to enable or disable dynamic routing.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail select it from the drop down list and click on the Delete button. To modify a specific static routing entry, select the entry from the drop down list, modify the Destination IP Address, Destination Netmask and/or Gateway IP Address settings and then click on the Modify button. 7.4 7.4.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide from the drop down list. To delete an existing rule, choose the rule id in the drop down list and click on the DeleteRule button.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail o Any: You can select this option if you would not like to specify any specific port. o Single: You can specify the exact source port number. Port: Type the port number o Range: You can specify the source port range.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide radio button else click disable. • 7.4.2 VPN: Select enable if you want the traffic to go through Broadband Gateway VPN. Outbound ACL Usage Guidelines With this option you can configure the access rules for allowing machines in local host to access the internet. To add a new access rule, choose the Add New option in the drop down list, select the action as either Allow or Deny.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail • ID: The index to configure rules else select Add New to configure new one • Action: Select Allow button to configure the rule as an allow rule else select Deny • Move to: You can set the priority (in terms of processing) of the rule using this option. • o o Source IP: This section allows you to set the source network to which this rule should apply.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Start Port: Type the starting value of the port range End Port: Type the ending value of the port range • Destination Port: This section allows you to set the destination port to which this rule should apply. You can use the drop-down list to select one of the following: o Any: You can select this option if you would not like to specify any specific port.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 7.4.3 Chapter 7. The Configuration Pages in more detail Group ACL Usage Guidelines: With this option you can configure access rules for user-groups. With this option you can allow users belonging to different groups to access different services at any desired time-frame.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide down list and click on the Delete Rule button. Configuration Parameters • o Action Allow/Deny: Select Allow button to configure the rule as an allow rule else select Deny • Type: Select "Outbound" if you'd like the users to access Internet services and select "Inbound" if you'd like users to access LAN services.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail You can select any of these details as described above in "Source". • Source Port: This section allows you to set the source port to which this rule should apply. You can use the drop-down list to select one of the following: o Any: You can select this option if you'd not like to specify any specific port. o Single: You can specify the exact source port number.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide o RPC: Select the RPC service filter if you'd like to filter RPC program numbers o HTTP: Select the HTTP application filter if you'd like to filter HTTP file extensions • • 7.4.4 Log: If you would like to enable logging of messages originated from this rule, click enable radio button else click disable. VPN: Select enable if you want the traffic to go through Broadband Gateway's VPN.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail • From LAN/WAN: Select External to allow internet machines to access this service, Internal to allow LAN machines to access this service. • Protocol: Select the protocol type from the drop down list. • Port number: Enter the port number. 7.4.5 Service Usage Guidelines You can configure services (applications using specified port numbers) using this option.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide • Name: Type the Service name that you would like to add. • Protocol: You can select the protocol from the drop down list. • Public Port: Type the port number of the Service name that you want to add. 7.4.6 DOS Usage Guidelines You are protected against the following attacks: Shows all the Denial of Service(DoS) attacks against which the firewall protects your network by default.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail this protection by checking the check box. • MIME Flood Attack Check: o You can select this box to protect the mail server in your network against MIME flooding. • Maximum IP Fragment Count: o This data is used during transmission or reception of IP fragments.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide commands of SMTP, FTP and RPC services and HTTP file extensions. For FTP, SMTP and RPC service filters: If an application filter is configured to allow certain commands, the Broadband Gateway will allow ONLY those commands. If an application filter is configured to deny certain commands, the Broadband Gateway will deny ONLY those commands.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail STOR Put to FTP server RNFR Rename from RNTO Rename to DELE Delete file RMD Remove directory MKD Create directory LIST Long Listing of directory contents NLST Short listing of directory contents SITE Site parameters (Specific services provided by the FTP server) 7.4.7.
Chapter 7. The Configuration Pages in more detail 100039 nsemntd 7.4.7.4 SMTP Commands Solwise Asus SL6000 ADSL Ethernet Router User’s Guide MAIL Identifies the originator of the message RCPT Identifies the recipient of the message DATA Contents of the mail message VRFY Verifies a recipient's address EXPN Expands a mailing list TURN Switches roles of the client and server, to send mail in the reverse direction SEND Initiates a mail transaction 7.4.7.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail understanding the NAT database. To add a new NAT Pool, choose the Add New option in the drop down list, Enter the NAT Pool name in the text box; Choose the NAT pool type from the drop down list. Enter the LAN and Internet IP address values depending on the NAT pool type you choose and finally click on the Apply button.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide addresses. 7.4.7.6 IP Pool Usage Guidelines With this option you can configure IP addresses and eventually you can associate IP pools with access rules. Each IP pool contains: To add a new IP Pool name, choose the Add New option in the drop down list, Enter the IP pool name in the text box; Choose the IP pool type from the drop down list.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail End IP: Ending IP address in the IP Range If you select Subnet, you'd have to specify IP Address: IP address in the respective Subnet Subnet Mask: Subnet mask of the corresponding network If you select IP Address, you'd have to specify IP Address: Single IP Address 7.4.7.7 Firewall User Usage Guidelines: With this option you can add user groups and set users for each group.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Gateway creates dynamic policies by: Activating all the rules configured for the group Replacing the source IP address in the rule with IP address of the machine from which the user logged in. Broadband Gateway stores them in a dynamic rule list and uses them for every connection from the user. It deletes this list after the user logs out of the System's firewall.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 7.4.7.8 Chapter 7. The Configuration Pages in more detail Time Range Usage Guidelines With this option you can configure access time range records for eventual association with access rules. Access rules associated with time range record will be active only during the scheduled period of time. If the Access rule denies HTTP access during 10:00hrs to 18:00hrs then before 10:00hrs and after 18:00hrs the HTTP traffic will be permitted to pass through.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide the drop down list and click on the Delete Time-range or Delete Schedule button. Usage Guidelines Time Range Name: Enter the name of the Time range Record.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail configure a VPN tunnel you need to do the following: Define the group of PCs you want to secure on either side. Define what kind of security you want for the tunnel (confidential, authentic) You can also use this page to see (modify) the details of the tunnels you had configured earlier. Your additions and modifications will take effect only after you select Add, Modify or Delete button.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Remote Security Gateway: Remote end point of the tunnel. Specify the IP address of the remote end gateway. The local end point of the tunnel is your WAN (external interface). This should be the local security gateway of the remote end of the tunnel. Key Management You can select the way the keys are used for encryption and authentication is managed.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail authentication. MD5 uses 128-bit digest and SHA1 uses 160-bit digest. AH and ESP are security protocols. ESP provides confidentiality as well as authentication while AH provides only authentication. But AH authenticates both the data and the sender (IP header). ESP provides authentication only for the data. Encapsulation: You could choose between a tunnel and transport encapsulations.
Chapter 7. The Configuration Pages in more detail 7.6 Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Log Usage Guidelines You can use this page to enable or disable Access, System, Firewall and VPN logging to a Remote Syslog Server, Local Log File or a Remote Email Server.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide Chapter 7. The Configuration Pages in more detail Email: Use this section to specify the email address settings for sending log messages via email, and for sending the local log file content via email each time its size reaches 128kB. SMTP Server IP Address: IP address of the remote email server that will be used to forward the log messages to the Email Address user Email Address:The email address to which emails have to be sent.
Chapter 7. The Configuration Pages in more detail Solwise Asus SL6000 ADSL Ethernet Router User’s Guide While the Broadband Gateway resets, all of its services will be temporarily unavailable. Disabling Firewall will unsecured access to your LAN and can potentially allow hackers to break into your LAN PCs. Disabling DHCP will prevent your LAN PCs from obtaining IP addresses from the Broadband Gateway and thus can disrupt your LAN's network services. 7.7.
Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 7.7.3 Chapter 7. The Configuration Pages in more detail Time Zone Usage Guidelines With this option you can configure IP addresses and eventually you can associate IP pools with access rules. Each IP pool contains: Configuration Parameters • Date: Current Date • Time: Current Time • Location Time: Time Zone • SNTP Server: Maximum of 5 services can be configured. • Update Interval: SNTP update time interval.
Chapter 8. Command Line Interface mode Solwise Asus SL6000 ADSL Ethernet Router User’s Guide 8 Command Line Interface mode Although the majority of the most common set-up options can be done via the web interfaces you can also configure the unit via the Command Line Interface (CLI) mode. To run the CLI commands you can access the SL6000 using telnet modem or via serial port. By default setting, the Router is configured to communicate at a baud rate of 9600.
Displaying the current IP settings: SL6000> SL6000> show interface ethernet 0 Exit Privilege mode logout OR return to previous mode Enable Turn on the privilege command mode show Show running system information ping Send echo messages led led for manufacture Ethernet 0 Interface details: The IP address : 192.168.1.1 [db] The IP netmask : 255.255.255.0 [db] The IP address : 192.168.1.1 [stack] The IP netmask : 255.255.255.
Chapter 8.
Chapter 8.
Chapter 9. Appendix A IP Addresses, Network Masks, and Subnets SL6000 ADSL Ethernet Router User’s Guide 9 Appendix A IP Addresses, Network Masks, and Subnets 9.1 IP Addresses This section pertains only to IP addresses for IPv4 (version 4 of the Internet Protocol). IPv6 addresses are not covered. Note This section assumes basic knowledge of binary numbers, bits, and bytes. For details on this subject, see Appendix 9.
Chapter 9. Appendix A IP Addresses, Network Masks, and Subnets SL6000 ADSL Ethernet Router User’s Guide Class A: 10.30.6.125 (network = 10, host = 30.6.125) Class B: 129.88.16.49 (network = 129.88, host = 16.49) Class C: 192.60.201.11 (network = 192.60.201, host = 11) 9.1.2 Network classes The three commonly used network classes are A, B, and C. (There is also a class D but it has a special use beyond the scope of this discussion.) These classes have different uses and characteristics.
SL6000 ADSL Ethernet Router User’s Guide Chapter 9. Appendix A IP Addresses, Network Masks, and Subnets As with any class C address, all of the bits in field1 through field 3 are part of the network ID, but note how the mask specifies that the first bit in field 4 is also included. Since this extra bit has only two values (0 and 1), this means there are two subnets.
Chapter 10. Appendix B Binary Numbers SL6000 ADSL Ethernet Router User’s Guide 10Appendix B Binary Numbers 10.1 Binary Numbers In everyday life, we use the decimal system of numbers. In decimal, numbers are written using the ten digits 0, 1, 2, 3, 4, 5, 6, 7, 8, and 9. Computers, however, do not use decimal. Instead, they use binary. Definition binary numbers Hint Binary numbers are numbers written using only the two digits 0 and 1, e.g., 110100. Does "base ten" sound familiar? (Think grade school.
Chapter 10. Appendix B Binary Numbers SL6000 ADSL Ethernet Router User’s Guide The decimal value of this byte is 173 (128 + 32 + 8 + 4 + 1 = 173).
Chapter 11. Appendix C Glossary SL6000 ADSL Ethernet Router User’s Guide 11Appendix C Glossary 10BASE-T A designation for the type of wiring used by Ethernet networks with a data rate of 10 Mbps. Also known as Category 3 (CAT 3) wiring. See also data rate, Ethernet. 100BASE-T A designation for the type of wiring used by Ethernet networks with a data rate of 100 Mbps. Also known as Category 5 (CAT 5) wiring. See also data rate, Ethernet.
Chapter 11. Appendix C Glossary SL6000 ADSL Ethernet Router User’s Guide from a shared pool of IP addresses; after a specified time limit, DHCP returns the address to the pool. 118 DHCP relay Dynamic Host Configuration Protocol relay A DHCP relay is a computer that forwards DHCP data between computers that request IP addresses and the DHCP server that assigns the addresses. Each of the SL6000's interfaces can be configured as a DHCP relay. See DHCP.
SL6000 ADSL Ethernet Router User’s Guide Chapter 11. Appendix C Glossary FTP File Transfer Protocol A program used to transfer files between computers connected to the Internet. Common uses include uploading new or updated files to a web server, and downloading files from a web server. GGP Gateway to Gateway Protocol. An Internet protocol that specifies how gateway routers communicate with each other. Gbps Abbreviation for Gigabits (“GIG-uh-bits”) per second, or one billion bits per second.
Chapter 11. Appendix C Glossary 120 SL6000 ADSL Ethernet Router User’s Guide ISP Internet Service Provider A company that provides Internet access to its customers, usually for a fee. LAN Local Area Network A network limited to a small geographic area, such as a home, office, or small building. LED Light Emitting Diode An electronic light-emitting device. The indicator lights on the front of the SL6000 are LEDs.
SL6000 ADSL Ethernet Router User’s Guide Chapter 11. Appendix C Glossary ping Packet Internet (or Inter-Network) Groper A program used to verify whether the host associated with an IP address is online. It can also be used to reveal the IP address for a given domain name. port A physical access point to a device such as a computer or router, through which data flows into and out of the device. POTS Plain Old Telephone Service Traditional analog telephone service using copper telephone lines.
Chapter 11. Appendix C Glossary 122 SL6000 ADSL Ethernet Router User’s Guide SNMP Simple Network Management Protocol The TCP/IP protocol used for network management. splitter A device that splits off the voice component of the DSL signal to a separate line, so that data and telephone service each have their own wiring and jacks. The splitter is installed by your telephone company where the DSL line enters your home.
SL6000 ADSL Ethernet Router User’s Guide Chapter 11. Appendix C Glossary 5 (CAT 5) is used for 100BASE-T networks. See also 10BASE-T, 100BASE-T, Ethernet. upstream The direction of data transmission from the user to the Internet. VC Virtual Circuit A connection from your ADSL router to your ISP. VCI Virtual Circuit Identifier Together with the Virtual Path Identifier (VPI), the VCI uniquely identifies a VC. Your ISP will tell you the VCI for each VC they provide. See also VC.
Chapter 12. Appendix D Resetting to Defaults using the Reset Button SL6000 ADSL Ethernet Router User’s Guide 12Appendix D Resetting to Defaults using the Reset Button If you need to reset your SL6000 to factory defaults without using the console or http interface, e.g. if you forget or loose the username/password, then you can use the reset button on the back of the router. Generally, pressing the reset button just reboots the router.
SL6000 ADSL Ethernet Router User’s Guide Chapter 12. Appendix D Resetting to Defaults using the Reset Button Hit Return to enter diagnostics Starting boot... Soft reset: resetCount:1 System saying this is the first reset Calibrating delay loop... 132.71 BogoMIPS Detected CFI Flash Chip 1 @0xBFC00000 Size(4 MB) Flash self-test pass. Boot: Detected cramfs filesystem GoC Boot Loader Software Copyright ishOni Networks, Inc. 1999 TYP_AST_REL_3.2.3, Jul 18 2003, 17:08:30 CPU ID 4 Revision 0 Loading CPU 0 .
Chapter 12. Appendix D Resetting to Defaults using the Reset Button SL6000 ADSL Ethernet Router User’s Guide GoC Boot Loader Software Copyright ishOni Networks, Inc. 1999 TYP_AST_REL_3.2.3, Jul 18 2003, 17:08:30 CPU ID 4 Revision 0 Loading CPU 0 ....... Loading CPU 1 .... Loading CPU 3 . Booting up system,please wait... Detected LX4189 (PRID: c401), Revision: 0000001e, 16 entry TLB. Board has been soft reset:2 times 9 MB SDRAM. Enabling MMU .......done Loading Lexra 4xxx/5xxx MMU routines.
SL6000 ADSL Ethernet Router User’s Guide Chapter 12. Appendix D Resetting to Defaults using the Reset Button POSIX conformance testing by UNIFIX Starting kswapd v1.8 RTC to Sysclk synchronize Started. Amd/Fujitsu Extended Query Table v1.3 at 0x0040slots per queue number of CFI chips: 1 IP: routing cache hash table of 512 buckets, 4Kbytes TCP: Hash tables configured (established 512 bind 512) IP-Config: No network devices available. Freeing unused kernel memory: 40k freedeadonly.
Chapter 12. Appendix D Resetting to Defaults using the Reset Button SL6000 ADSL Ethernet Router User’s Guide ...done bringing up the network starting evtmgr (syslogd also started) starting dslDhcpNotify starting inetd starting dns starting sntp starting user_mgr starting l2f_server starting goahead Copyright (c) 2002 GoAhead Software Inc.
