SpeedTouch™ 605/608/608 WL/620 (Wireless) Business DSL Routers Inte rnet Plug ISDN -in et N W LA Pow Ethe rn er User’s Guide
SpeedTouch™ 605/608 608 WL/620 User’s Guide
Copyright Copyright ©1999-2005 THOMSON. All rights reserved. Distribution and copying of this document, use and communication of its contents is not permitted without written authorization from THOMSON. The content of this document is furnished for informational use only, may be subject to change without notice, and should not be construed as a commitment by THOMSON. THOMSON assumes no responsibility or liability for any errors or inaccuracies that may appear in this document.
Contents Contents About this User’s Guide .............................................. 1 E-DOC-CTC-20051017-0151 v1.0 1 Getting to know your SpeedTouch™ ......................... 3 1.1 SpeedTouch™ LED Behaviour ........................................................ 4 1.2 Accessing your SpeedTouch™ ....................................................... 6 1.2.1 Access via the Web Interface .......................................................................................... 7 1.2.
Contents ii 4 Basic Configuration .................................................... 35 4.1 Navigation.................................................................................... 36 4.1.1 Menu ............................................................................................................................... 37 4.1.2 Language Bar ................................................................................................................. 38 4.1.3 Navigation Bar ..........
Contents 4.5 Toolbox ........................................................................................ 57 4.5.1 Remote Assistance ........................................................................................................ 58 4.5.2 Game & Application Sharing ........................................................................................ 59 4.5.3 Defined Games & Applications..................................................................................... 61 4.5.
Contents iv 5.2 SpeedTouch™............................................................................. 102 5.2.1 Easy Setup.................................................................................................................... 103 5.2.2 System Information ..................................................................................................... 104 5.2.3 Connections.............................................................................................................
Contents E-DOC-CTC-20051017-0151 v1.0 5.7 VPN ............................................................................................ 176 5.7.1 LAN to LAN................................................................................................................... 177 5.7.2 VPN Client..................................................................................................................... 178 5.7.3 VPN Server .....................................................................
Contents vi E-DOC-CTC-20051017-0151 v1.
About this User’s Guide About this User’s Guide Used symbols The following symbols are used in this User’s Guide: A note provides additional information about a topic. A tip provides an alternative method or shortcut to perform an action. ! Terminology Documentation and software updates A caution warns you about potential problems or specific precautions that need to be taken.
About this User’s Guide 2 E-DOC-CTC-20051017-0151 v1.
Chapter 1 Getting to know your SpeedTouch™ 1 Getting to know your SpeedTouch™ Introduction With the SpeedTouch™605(i) and SpeedTouch™608(i) Business DSL Routers and the SpeedTouch™608 WL(i) and SpeedTouch™620(i) Wireless Business DSL Routers you can build a secure small (home-)office network, seamlessly connecting wired and wireless devices and surf the Internet at high speed, all combined in one device.
Chapter 1 Getting to know your SpeedTouch™ 1.1 SpeedTouch™ LED Behaviour Inte rne t L DS N ISD g-In Plu AN WL Eth Pow ern et The SpeedTouch™ is equipped with a number of LEDs on its front panel, indicating the state of the device during normal operation. er Front panel LEDs The following table shows the meaning of the different LEDs.
Chapter 1 Getting to know your SpeedTouch™ Indicator Description Name Colour State Plug-in Green Blinking Data passing through the cardbus Solid on Cardbus is connected, no data passing through Off ISDN Green Cardbus is not connected Blinking ISDN activity Solid on ISDN line connected, no activity Off DSL Green No ISDN line Blinking Pending DSL line synchronisation Solid on DSL line synchronised Off Internet Green Red No DSL line Blinking Internet activity Solid on Internet con
Chapter 1 Getting to know your SpeedTouch™ 1.2 Accessing your SpeedTouch™ Access methods 6 Your SpeedTouch™ is accessible in one of the following ways: Access Method Can be used to Web browser Configure your SpeedTouch™ via HTTP or HTTPS. For more information, see “1.2.1 Access via the Web Interface” on page 7. Command Line Interface (CLI) Fine-tune your SpeedTouch™ configuration. For more information, see “1.2.2 Access via CLI” on page 8.
Chapter 1 Getting to know your SpeedTouch™ 1.2.1 Access via the Web Interface To access the SpeedTouch™ via the Web interface Proceed as follows: 1 Open a Web browser. 2 In the address bar, type your SpeedTouch™’s IP address or DNS host name (http://speedtouch.lan or 192.168.1.254 by default) You can access the pages via HTTP or HTTPS. For remote assistance the secure version HTTPS is used in combination with certificates.
Chapter 1 Getting to know your SpeedTouch™ 1.2.2 Access via CLI To access the SpeedTouch™ via the Command Line Interface (CLI) You can access the Command Line Interface (CLI) via: The embedded Expert pages. For more information, see “5 Expert Configuration” on page 99. A Telnet session This requires a TCP/IP connection between the host from which the Telnet session is opened and the SpeedTouch™. Your SpeedTouch™ and the connected computer must have an IP address in the same subnet.
Chapter 1 Getting to know your SpeedTouch™ To start a Telnet session Proceed as follows: 1 Open a telnet application. You can use the Command Prompt window. In Microsoft Windows XP for instance: 2 1 On the Windows taskbar, click Start. 2 Select (All) Programs > Accessories > Command Prompt. Connect to your SpeedTouch™. In the Command Prompt window: At the prompt, type telnet followed by the IP address of your SpeedTouch™ (192.168.1.254 by default).
Chapter 1 Getting to know your SpeedTouch™ 1.2.3 Access via FTP To access the SpeedTouch™ via the File Transfer Protocol (FTP) File system To open an FTP session You can access the file system of the SpeedTouch™ via the File Transfer Protocol (FTP), in order to: Restore or back up configuration files, templates or language packs. Upgrade your configuration or firmware.
Chapter 1 Getting to know your SpeedTouch™ File system access rights Common FTP commands In the different directories you have the following rights: Directory Access rights root NO read/write active read-only dl read/write Depending on the access rights you have in a directory, you can use one of the following commands: Use the command ... to ... cd access another directory than the one currently open. Example: ftp>cd dl. dir list the directory files. Example: ftp>dir.
Chapter 1 Getting to know your SpeedTouch™ FTP file transfer To allow correct file transfers, set the transfer mode to “binary”: at the ftp prompt, type bin and press ENTER. Turn on the hashing option to see the progression of the file transfer: At the ftp prompt, type hash and press ENTER. Example. /home/doejohn{1}$ftp 192.168.1.254 Connected to 192.168.1.254 220 Inactivity timer = 120 seconds. Use 'site idle ' to change. Name (192.168.1.
Chapter 1 Getting to know your SpeedTouch™ 1.2.4 Remote Assistance To access the SpeedTouch™ remotely To enable remote access You can make your SpeedTouch accessible from the Internet with regard to remote support. In this way, you can allow your help desk to access your SpeedTouch™ remotely. Proceed as follows: 1 Go to the SpeedTouch™ pages, as described in “1.2.1 Access via the Web Interface” on page 7. 2 In the menu, select Toolbox > Remote Assistance. 3 Click Enable Remote Assistance.
Chapter 1 Getting to know your SpeedTouch™ 14 E-DOC-CTC-20051017-0151 v1.
Chapter 2 Local Network Setup 2 Local Network Setup Introduction Device settings E-DOC-CTC-20051017-0151 v1.0 The SpeedTouch™ offers you the following local networking solutions: Wired Ethernet Wireless Ethernet Once you have connected a device, you can personalise its settings. For more information, see “ Configure” on page 85.
Chapter 2 Local Network Setup 2.1 Wired Ethernet Local network The Ethernet ports on the back panel allow you to connect the SpeedTouch™ to an existing 10 or 100Base-T Ethernet network or one (or more) computer(s) with an installed Ethernet card. Using the SpeedTouch™ Ethernet switch, you can create a local Ethernet network of up to four devices, without needing extra networking devices. In the SpeedTouch™ package, a yellow full-wired straight-through RJ-45/ RJ-45 Ethernet cable is included.
Chapter 2 Local Network Setup 2.2 Wireless Ethernet Introduction The SpeedTouch™ 608 WL/620Wi-Fi® certified IEEE 802.11g compliant wireless access point allows multiple computers to connect wirelessly to your local network over the SpeedTouch™ Wireless LAN environment. The SpeedTouch™ is backward compatible with IEEE 802.11b, which means 802.11b and 802.11g devices can coexist in the same wireless network.
Chapter 2 Local Network Setup 2.2.1 Wireless Basics 802.11b/g 802.11b is an IEEE standard, operating at 2,4 GHz at a speed of up to 11 Mb/s. 802.11g, a newer IEEE standard also operating at 2,4 GHz, gives you up to 54 Mb/s speed, more security and better performance. Wireless Fidelity The Wi-Fi certification ensures that your SpeedTouch™ will interoperate with any Wi-Fi certified 802.11g and 802.11b compliant wireless device.
Chapter 2 Local Network Setup Antennas Direct the external antenna to allow optimization of the wireless link. If for example the antenna is erect, wireless links in the horizontal plane are favoured. Please note that the antenna characteristics are influenced by the environment, that is by reflections of the radio signal against walls or ceilings.
Chapter 2 Local Network Setup 2.2.2 Connecting Wireless Clients for the First Time Wireless default settings After every Reset-to-Defaults, the SpeedTouch™ wireless access point configuration is returned to its initial default settings. These default settings are: Security level is low (security disabled) for an easy first use, meaning the data will not be encrypted. Wireless security settings are described in “2.2.3 Wireless Security” on page 22.
Chapter 2 Local Network Setup First-time association example The example below shows how the SpeedTouch™ wireless network is presented towards a Windows XP Service Pack 2 system. Proceed as follows to associate your wireless client to the SpeedTouch™: 1 Click the network icon in the notification area: The Wireless Network Connection window appears: 2 In the Choose a wireless network list, select the SpeedTouch™ wireless network and click Connect.
Chapter 2 Local Network Setup 2.2.3 Wireless Security Introduction Since the SpeedTouch™ wireless environment is a radio environment, precautions must be taken to ensure that your wireless network is safe from malicious intruders.
Chapter 2 Local Network Setup Access Control List (ACL) The SpeedTouch™ features a managed Access Control List (ACL) and a physical registration mechanism in the form of the Association / Registration button on the back panel of your SpeedTouch™. On the Wireless Access Point page, you have the following options for the ACL: New stations are Allowed (automatically): All new stations can access the SpeedTouch™. Allowed (via registration): Only allowed stations in the ACL have access.
Chapter 2 Local Network Setup 2.2.4 Connecting Additional Wireless Clients Preconditions Security issues Make sure that: The SpeedTouch™ is turned on and ready for service. The SpeedTouch™ has been configured as DHCP server (default). The wireless client adapters have been installed on all the computers you want to connect to the WLAN.
Chapter 2 Local Network Setup Registering clients via the association button Proceed as follows to register new wireless network clients via the association button: 1 Push the Association button on the SpeedTouch™ back panel for at least two seconds. The WLAN LED toggles between green and red. The ACL will be unlocked for a time frame of one minute.
Chapter 2 Local Network Setup 2.2.5 Extending the Range of Your Wirelstess Network Wireless Distribution System (WDS) The SpeedTouch™ features the Wireless Distribution System (WDS) functionality. This feature allows you to extend the range of your wireless network by introducing one or more WDS-enabled devices into your wireless network. WDS enables data packets to pass from one wireless access point to another, as if the access points were ports on a wired Ethernet switch.
Chapter 2 Local Network Setup To configure WDS Proceed as follows: 1 Go to the SpeedTouch™ Web pages. 2 In the menu, select Home Network. 3 Click your WLAN. 4 In the upper right corner, click Configure. If not already done, set a fixed channel and check whether the security settings (WEP encryption or no encryption) on your SpeedTouch™ are the same as on the repeater. 5 On the Wireless Access Point page, in the Pick a task list, click Configure WDS. 6 Select WDS Enabled.
Chapter 2 Local Network Setup 28 E-DOC-CTC-20051017-0151 v1.
Chapter 3 Internet Connectivity Dial-In Clients 3 Internet Connectivity Dial-In Clients Introduction Access methods If you want to set up initial Internet connectivity using the Home Install Wizard on the Setup CD or the embedded Easy Setup, refer to the provided Installation and Setup Guide. Depending on the configuration of the SpeedTouch™ you may have: Direct access: As soon as the initial configuration is finished, immediate and uninterrupted WAN access is provided.
Chapter 3 Internet Connectivity Dial-In Clients Embedded PPP dial-in clients The SpeedTouch™’s embedded PPP dial-in client allows you to establish an Internet connection for computers residing on your local network, using only one computer of the network to control the client. If this computer runs: Broadband host PPPoE dial-in clients Any Operating System you can always use the SpeedTouch™ Web pages. See “3.1 SpeedTouch™ Web Pages” on page 31 to proceed.
Chapter 3 Internet Connectivity Dial-In Clients 3.1 SpeedTouch™ Web Pages Introduction As the SpeedTouch™ Web pages are controllable from any Operating System with an installed Web browser, the method to establish PPP sessions described later, can be used on any computer system. For more information on Internet connection setup, refer to the provided Installation and Setup Guide.
Chapter 3 Internet Connectivity Dial-In Clients Terminating an Internet session Proceed as follows to close an active PPP connection: 1 Go to the SpeedTouch™ Web pages. 2 Click Disconnect at the appropriate broadband connection. The SpeedTouch™ embedded PPP dial-in client closes the Internet connection. The Internet Link status changes to Disconnected and your computer is offline. 32 E-DOC-CTC-20051017-0151 v1.
Chapter 3 Internet Connectivity Dial-In Clients 3.2 Internet Gateway Device Control Agent Introduction Windows XP users can easily establish PPP sessions, thanks to the Windows XP Internet Gateway Device (IGD) Discovery and Control Client that allows you to control the SpeedTouch™ directly from you computer. The IGD Control Client only allows to connect or disconnect a fully configured connection.
Chapter 3 Internet Connectivity Dial-In Clients Internet connection status Terminating an Internet session As long as the SpeedTouch™ embedded PPP dial-in client is connected, you can view the connection status and some counters by double-clicking the Internet Connection icon in the Network Connections window. Proceed as follows to terminate an Internet session: 1 In the Windows taskbar, click Start. 2 Select (Settings >) Control Panel > (Network and Internet Connections >) Network Connections.
Chapter 4 Basic Configuration 4 Basic Configuration Embedded The SpeedTouch™ comes with embedded Web pages, providing an interface to the software installed on the device. It allows easy setup and management of the SpeedTouch™ via your Web browser from any PC connected to the SpeedTouch™. See “1.2.1 Access via the Web Interface” on page 7 to access the pages. Basic and Expert Mode SpeedTouch™ documentation E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.1 Navigation Navigation components The SpeedTouch™ Web interface consists of the following components: Menu Language Bar Navigation Bar Notification Area Tasks Navigation bar Notification area Language bar Menu Tasks 36 E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.1.1 Menu Menu items Collapsing and expanding the menu E-DOC-CTC-20051017-0151 v1.0 The menu is located on the left side of the page and consists of the following menu items: SpeedTouch: Provides basic information on the SpeedTouch™. Broadband Connection: Allows you to view/configure your broadband connections. Toolbox: Allows you to assign games or applications to a device and secure your Internet connection.
Chapter 4 Basic Configuration 4.1.2 Language Bar Language bar The language bar is located under the SpeedTouch™ logo and allows you to change the language of the SpeedTouch™ Web interface. ! 38 The language bar will only be shown if more than one language is available. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.1.3 Navigation Bar Navigation bar Display level E-DOC-CTC-20051017-0151 v1.0 The navigation bar is located at the top of the page and allows you to: View the current user name. Click this name to change your password or switch to another user. View the current position on the SpeedTouch™ Web interface. Get context-related Help information.
Chapter 4 Basic Configuration 4.1.4 Notification Area Notification area The notification area is located under the Navigation Bar and is used to display: Error messages, indicated by a red traffic light. Warnings, indicated by an orange traffic light. Information, indicated by a green traffic light. If none of these events occur, the notification area will not be shown. 40 E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.1.5 Tasks Tasks E-DOC-CTC-20051017-0151 v1.0 To allow a quick configuration of your SpeedTouch™, some pages may offer you a number of related tasks in the Pick a task list. These tasks will guide you to the page where you can perform the selected task.
Chapter 4 Basic Configuration 4.2 Home SpeedTouch™ home page 42 The SpeedTouch™ home page gives you a short overview of all the configurable aspects of the SpeedTouch™: SpeedTouch Broadband Connection Toolbox Office Network E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.3 SpeedTouch The SpeedTouch menu The SpeedTouch page E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.3.1 Information Information 44 The Information page summarizes important information on your SpeedTouch™. You may need this information when you contact your helpdesk. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.3.2 SpeedTouch™ Easy Setup Easy Setup Wizard The Easy Setup Wizard helps you to configure your SpeedTouch™ Internet connection. Proceed as follows to configure the SpeedTouch™ using the SpeedTouch™ Easy Setup wizard: 1 In the left menu, click SpeedTouch. 2 In the Pick a task list, click Set up. The Easy Setup wizard will now guide you through the configuration of your SpeedTouch™. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.3.3 Restart Restarting your SpeedTouch™ Proceed as follows: 1 In the left menu, click SpeedTouch. 2 In the Pick a task list, click Restart.The following message appears: 3 Click Yes, restart my SpeedTouch. The SpeedTouch™ restarts. The SpeedTouch™ returns to the Home page. 46 E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.3.4 Configuration Overview Details Configure The Overview page displays the current configuration of your SpeedTouch™. The Details page displays more detailed information on the current configuration of your SpeedTouch™. The Configure page allows you to change the current configuration. If you want to: Reconfigure your SpeedTouch™: Click Configuration Wizard under Service Configuration. For more information, see “4.3.2 SpeedTouch™ Easy Setup” on page 45.
Chapter 4 Basic Configuration 4.3.5 Back up & Restore Introduction Accessing the Backup & Restore page Saving your current configuration Restoring a previously saved configuration The Back up & Restore page allows you to: Save your current configuration. Restore a previously saved configuration. Proceed as follows: 1 In the SpeedTouch menu, click Configuration. 2 Click Configure. 3 In the Pick a task list, click Save or Restore Configuration.
Chapter 4 Basic Configuration 4.3.6 Reset to Factory Defaults Introduction Resetting the SpeedTouch™ factory defaults The Reset to Factory Defaults page allows you to reset the SpeedTouch™ to return to the initial configuration of your SpeedTouch™. All your changes will be deleted.The following message appears: Proceed as follows: 1 In the left menu, click SpeedTouch. 2 In the Pick a task list, click Return to Factory Default Settings. 3 Click Yes, reset my SpeedTouch.
Chapter 4 Basic Configuration 4.3.7 Event Logs Event Logging The Event Logs page summarizes the last events recorded on your SpeedTouch™. Recorded Events The Recorded Events table gives you an overview of the last event logs that have been recorded since the SpeedTouch™ was turned on. The first column of the table indicates the importance of the event log.
Chapter 4 Basic Configuration 4.3.8 Update Updating the SpeedTouch™ system software E-DOC-CTC-20051017-0151 v1.0 The Update page allows you to: View System Information. View information on the current System Firmware. Update your SpeedTouch™ from a remote server. Use this option if you want your SpeedTouch™ to check the internet for new firmware and update if it found one. Update from a PC. Use this option if you want to install an update on your SpeedTouch™ that is located on the PC.
Chapter 4 Basic Configuration 4.4 Broadband Connection The Broadband Connection menu The Broadband Connection page The Broadband Connection menu consists of following menu items: DSL Connection Internet Services The Broadband Connection page gives you a short status overview of the connections configured on the SpeedTouch™. Click View more to see more information on the selected broadband connection.
Chapter 4 Basic Configuration 4.4.1 Connectivity Check Introduction Checking your Internet connectivity On this page, you can perform a connectivity check on an Internet service of your SpeedTouch™. The following message appears: Proceed as follows: 1 In the left menu, click Broadband Connection. 2 In the Pick a task list, click Check connectivity to the Internet. 3 In the Internet Service to Check list, click the Internet service that you want to check. 4 Click Check Connectivity.
Chapter 4 Basic Configuration 4.4.2 DSL Connection Overview Details 54 Click Overview to view basic information on your DSL connection. Click Details to view more detailed information on your DSL connection. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.4.3 Internet Services Internet Services information The Internet Services page displays information on your Internet Connection(s). If you configured a dial-up connection you can establish/terminate the connection by clicking Connect/Disconnect. To view more detailed information on a specific connection, click the View more link of the corresponding connection. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.4.4 Internet Service Settings Accessing the Internet Service Settings page Overview Proceed as follows: 1 In the Broadband Connection menu, click Internet Services. 2 Click the View more link of the Internet service you want to view. The Overview page gives you basic information on the selected Internet Service. If you configured a connection you can establish/terminate the connection by clicking Connect/Disconnect.
Chapter 4 Basic Configuration 4.5 Toolbox The Toolbox menu The Toolbox page E-DOC-CTC-20051017-0151 v1.0 The Toolbox menu consists of the following menu items: Remote Assistance Allows you to make your SpeedTouch™ accessible for remote support. Game & Application Sharing Allows you to share services and games that you run in your private network towards the Internet. Web Site Filtering Allows you to block/allow access to specific Web sites.
Chapter 4 Basic Configuration 4.5.1 Remote Assistance Enabling Remote Assistance The Remote Assistance page allows you to make your SpeedTouch™ accessible for remote support. If you want to enable remote assistance, you must be connected to the Internet. ! Proceed as follows to use remote assistance: 1 If necessary, type a password in the Password box. 2 Click Enable Remote Assistance.
Chapter 4 Basic Configuration 4.5.2 Game & Application Sharing Overview Configure The Overview page summarizes the applications or games installed on a particular local host on your network, for which the SpeedTouch™ should accept inbound initiated connections coming from the Internet. On the Configure page, you can: Select Use UPnP to enable UPnP on the SpeedTouch™.
Chapter 4 Basic Configuration 60 Assign a game or application to a specific network device. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.5.3 Defined Games & Applications Accessing the Defined Games & Applications page Proceed as follows to access the Defined Games & Applications page: The Defined Games & Applications page This page gives you an overview of the games and applications defined on your SpeedTouch™. Each game or application can be assigned to a device on your local network. 1 In the Toolbox menu, click Game & Application Sharing.
Chapter 4 Basic Configuration 4.5.4 Game or Application Definition Accessing the Game or Application Definition page Overview Proceed as follows to access the Game or Application Definition page: 1 In the Toolbox menu, click Game & Application Sharing. 2 In the Pick a task list, click Modify a game or application. 3 Click the name of the game or application you want to view/change.
Chapter 4 Basic Configuration Adding a Port Translation rule Proceed as follows: 1 Click the Edit link of the TCP/UDP port definition of the game or application. 2 In the Protocol list, click the protocol the game or application uses. 3 In the Port Range box, type the port range the game or application uses. 4 In the Translate To box, type the port range to which the SpeedTouch™ has to translate the ports specified under Port Range.
Chapter 4 Basic Configuration 4.5.5 New Game or Application Creating a new game or application Proceed as follows: 1 In the Toolbox menu, click Game & Application Sharing. 2 In the Pick a task list, click Create a new game or application.The following window appears: 3 Type the name of the game or application in the Name box. 4 Click: Clone Existing Game or Application if you want to start from the port mappings of the selected game or application.
Chapter 4 Basic Configuration 4.5.6 Web Site Filtering Web Site Filtering The SpeedTouch™ allows you to block/allow particular Web sites: Based on the Web site’s URL. As within a Web site lots of references can be made to other URLs, it is recommended to use this feature in combination with content based filtering. Based on the Web site’s content. By redirecting a Web site to another Web site.
Chapter 4 Basic Configuration Deny access to a specific Web site Use this feature if: Allow is selected under Action for Unknown Sites. Block is selected under Action for Unknown Sites and you want to make an exception on an allow rule. For example: you are allowing “provider.com” but you want to deny access to “mail.provider.com”. A content category/group is allowed by Content Based Filtering and you want to make an exception.
Chapter 4 Basic Configuration Redirecting all Web sites Configure content based filtering settings Proceed as follows: 1 Type “*” in the Web Site box. 2 Click Redirect in the Action list. 3 Type the URL of the Web site you want to redirect to (for example “mycompany.com/internetpolicy.htm”) in the Redirect box. 4 Click Add. 5 Type the URL of the Web site you want to redirect to (for example “mycompany.com/internetpolicy.htm”) in the Web Site box. 6 Click Allow in the Action list.
Chapter 4 Basic Configuration 4.5.7 Web Filtering Activation Accessing this page Web Filtering Activation page Standard license activation 68 Proceed as follows: 1 In the Toolbox menu, click Web Site Filtering. 2 In the Pick a task list, click Activate Web Filtering License. This page you can: Activate a Web Filtering evaluation license. Activate a free 30-days Web Filtering evaluation license. Proceed as follows: 1 Click Standard.
Chapter 4 Basic Configuration 4.5.8 Content Level Accessing the Content Level page Overview Proceed as follows: 1 In the Toolbox menu, click Web Site Filtering. 2 Click Configure. 3 Click the Edit link of the content level you want to edit. The Content Level page gives you an overview of the different categories and their rules. The following icons indicate whether the content type is allowed or not. Icon Description The category/group is allowed. The category/group is not allowed.
Chapter 4 Basic Configuration 4.5.9 New Content Level Accessing the New Content Level page Procedure On this page you to create a new content level. Proceed as follows to access this page: 1 In the Toolbox menu, click Web Site Filtering. 2 In the upper right corner, click Configure. 3 In the Pick a task list, click Create a new content level.
Chapter 4 Basic Configuration Content level definition Only Web sites that match the selected content level will be allowed. Proceed as follows: 1 2 Content level activation If you want to: Allow a category: Select the check box next to the category name. Allow an entire group: Select the check box next to the group name. Block a category: Clear the check box next to the category name. Block an entire group: Clear the check box next to the group name. Click Apply.
Chapter 4 Basic Configuration 4.5.10 Firewall About the firewall Overview The Overview page summarizes the overall security policy configured on your SpeedTouch™. Configure On the Configure page you can select the security level of the SpeedTouch™. Security Levels 72 The firewall allows you to secure traffic from and to the SpeedTouch™. There are different security levels, depending on the degree of security you need.
Chapter 4 Basic Configuration Low: All outgoing connections are allowed. All incoming connections are blocked, except for ICMP (Internet Control Management Protocol) and inbound connections assigned to a local host via Game and Application Sharing. Disabled: All in- and outgoing traffic is allowed to pass through your SpeedTouch™, including Game and Application Sharing. This is the default firewall level. BlockAll: All traffic from and to the Internet is blocked.
Chapter 4 Basic Configuration 5 Select a row using the Edit link to modify the security rule. Click Add to create a new security rule. Edit or define following parameters of the rule: The Name of the security rule The Source Interface and IP Address (range) Use Any as IP address in case all traffic for the interface should be parsed. Or you can type a User-defined IP address (range).
Chapter 4 Basic Configuration 4.5.11 Intrusion Detection Intrusion Detection Your SpeedTouch™ protects your network against malicious intrusions. The Intrusion Detection page shows you the intrusions you are protected against. The Protected Intrusions table shows the number of times the SpeedTouch™ actively protected your network against each intrusion since last statistics reset. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.5.12 Dynamic DNS Dynamic DNS Overview Configure The Dynamic DNS service allows you to assign a dynamic DNS host name (for example john.dyndns.org) to a broadband connection even if it is using a dynamic IP address. As soon as the device gets a new IP address, the dynamic DNS server updates its entry to the new IP address. Click Overview to view the different Dynamic DNS clients with their name, host names, interface and IP address.
Chapter 4 Basic Configuration 4.5.13 User Management Overview The Overview page gives you an overview of the currently configured users and their privileges. Click the name of a user to edit his user account. Configure Types of users E-DOC-CTC-20051017-0151 v1.0 On the Configure page, you can: Click Add to create a new user account. Click Edit to change a user account. Click Delete to remove a user.
Chapter 4 Basic Configuration 78 User Privileges WAN_Admin This user can perform only WAN related configurations via any access channel from any origin. User This user has access to the GUI (Overview pages, remote assistance) via HTTP or HTTPS access channel from LAN origin only. Guest This user does not have any privileges. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.5.14 Edit User Editing a user account Proceed as follows: 1 In the Toolbox menu, click User Management. 2 Under Local User Data, click the name of the user you want to edit. The Edit User page appears. On this page, you can: Click Reset Password to reset the password of the selected user to the user name. So, if you reset the password of John his password will be “John”. Change the administration rights of the selected user. ! E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.5.15 Change Default User The Default User page On this page you can change the default user. If users browse to the SpeedTouch™ Web pages, they will be automatically logged on with this account. ! Changing the default user 80 To allow users to automatically log on under this account, this default user account must be configured with a blank password. Proceed as follows: 1 In the Toolbox menu, click User Management.
Chapter 4 Basic Configuration 4.5.16 Add User Adding users Proceed as follows: 1 In the Toolbox menu, click User Management. 2 In the Pick a task list, click Add new user. 3 The Add User page appears. 4 Under User definition you can configure: The name of the new user. The password of the new user will be equal to the user name; for example if the user name is John Doe, the password will be John Doe. Also when resetting a user, the password will be changed into the user name.
Chapter 4 Basic Configuration 4.6 Office Network Office Network Menu The Office Network page Viewing (wireless) client information 82 The Office Network menu consists of the following items: Devices Allows you the view/configure the devices detected on your local network. Interfaces Allows you to view/configure the interfaces that are available on the SpeedTouch™. The Office Network page gives you an overview of your SpeedTouch™ network.
Chapter 4 Basic Configuration 4.6.1 Devices Overview The Overview page gives you an overview of the devices that are currently connected to the SpeedTouch™ network. Click on a device name to get more information on a specific device. The detected device ‘dsldevice’ is the SpeedTouch™ itself. Configure The Configure page gives you an overview of the devices that are currently connected to the SpeedTouch™ network.
Chapter 4 Basic Configuration 4.6.2 Device Settings Accessing the device settings page Overview Proceed as follows: 1 In the Office Network menu, click Devices. 2 In the Detected Device(s) list, click the name of the device you want to view. The Overview page displays the following items: 84 Information allows you to view: Status shows whether the device is currently connected to the SpeedTouch™ network. Type shows the device type.
Chapter 4 Basic Configuration Configure E-DOC-CTC-20051017-0151 v1.0 The Configure page allows you to: Change the device information. Allow a game or service running on this device to be initiated from the Internet.
Chapter 4 Basic Configuration 4.6.3 Assign Public IP Introduction On this page you can assign the public IP address of your Internet Connection(s) to a specific device on your local network. You might want to do this if: You do not want to use the Network Address Translation engine of your SpeedTouch™. This device is running server applications (Web server,...) and you want it to be accessible from the Internet.
Chapter 4 Basic Configuration 4.6.4 Wireless Device Settings Availability Accessing the wireless device settings page Overview This page is only available on SpeedTouch™ devices equipped with a wireless access point. Proceed as follows: 1 In the Office Network menu, click Devices. 2 In the Detected Device(s) list, click the name of the wireless device you want to view. The Overview page displays the following items: Configure E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.6.5 Access Point Settings Availability Accessing the Access Point settings This page is only available on SpeedTouch™ devices equipped with a wireless access point. Proceed as follows: 1 In the left menu, click Office Network. 2 Under Wireless, click the name of the Access Point you want to view or configure. The Access Point names have the following format: “WLAN: “ + Network Name, for example “WLAN: SpeedTouch123456”.
Chapter 4 Basic Configuration Allow multicast from Broadband Network: Displays whether you to allow/deny multicast messages from the Internet. Large bandwidth streams, like video streams, have a large impact on your wireless performance. WMM: Displays whether WMM is enabled or disabled.For more information about WMM, see “ Access point settings” on page 164. WMM or Wi-Fi MultiMedia enhances QoS at wireless driver level.
Chapter 4 Basic Configuration WPA-PSK 64 bit, Hexadecimal: The 40-bit Network key must consist of 10 hexadecimal digits. 128 bit, Alphanumeric: The 104-bit Network key consists of 13 alphanumeric characters. 128 bit, Hexadecimal: The 104-bit Network key consists of 26 hexadecimal digits. 4 Click Apply to immediately apply your changes. 5 Configure your wireless client(s) with the same settings.
Chapter 4 Basic Configuration 5 In the WPA Version list, click the desired WPA version. Depending on the WPA version you choose, one of the following WPA encryption will be set automatically: Access control on the SpeedTouch™ E-DOC-CTC-20051017-0151 v1.0 WPA: TKIP WPA2: AES WPA+WPA2: TKIP+AES 6 Click Apply to immediately apply your changes. 7 Configure your wireless client(s) with the same settings.
Chapter 4 Basic Configuration Allowing new wireless If you selected New stations are allowed (via registration) or in the New stations are not allowed list, wireless clients have to be added manually. Proceed as follows: 1 In the Office Network menu, click Devices. 2 In the Pick a task list, click Search for wireless devices. The SpeedTouch™ searches for new wireless stations that use the encryption key of the SpeedTouch™ Access Point. The SpeedTouch™ takes you to the Office Network.
Chapter 4 Basic Configuration 4.6.6 Configuring WDS Availability What is WDS This page is only available on SpeedTouch™ devices equipped with a wireless access point. The Wireless Distribution System (WDS) allows you to extend the range of your wireless network by introducing one or more WDS-enabled devices into your wireless network. ! Configuring WDS You can only establish WDS links with WDS-enabled devices.
Chapter 4 Basic Configuration 4.6.7 Interfaces Interfaces overview 94 The Interfaces page gives you an overview of the interfaces used on your SpeedTouch™. If you want to know more about the network settings of a specific interface, click the name of the interface you want to view. E-DOC-CTC-20051017-0151 v1.
Chapter 4 Basic Configuration 4.6.8 Interface Settings Overview Configure The Overview page gives you an overview of the current interface settings. The Configure page allows you to: Change the IP address settings of the SpeedTouch™. Change the DHCP IP address pool settings. Before changing the DHCP pools, make sure that at least one IP address of the SpeedTouch™ uses the same subnet as the IP addresses in the DHCP pools.
Chapter 4 Basic Configuration 4.6.9 DHCP Pool DHCP Pool page Accessing the DHCP Pool page On the DHCP Pool page, you can create/change a DHCP pool. Proceed as follows: 1 In the Office Network menu, click Interfaces. 2 Click the name of the interface which DHCP pool settings you want to change. 3 Click Configure. 4 Under DHCP Pools, click: Add to add a new DCHP pool. Edit to edit an existing DHCP pool. Delete to delete an existing DHCP pool.
Chapter 4 Basic Configuration Components of the DHCP Pool page The following settings are available for configuration: Interface: The SpeedTouch™ interface to which the DHCP pool applies. Start Address: The start IP address of the DHCP server’s address pool. End Address: The end IP address of the DHCP server’s address pool. Both the start and end IP address define the IP address range used by the DHCP server to assign leases. Subnet Mask: The subnet mask of the DHCP server’s address pool.
Chapter 4 Basic Configuration 98 E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5 Expert Configuration Introduction The SpeedTouch™ Expert Mode pages allows for advanced configuration and maintenance of your SpeedTouch™ device. While the Basic pages are mainly constructed to allow you to overview and diagnose the running product and its configuration, the Expert Mode pages have been designed to allow in-depth configuration of every aspect of your SpeedTouch™. Web GUI overview E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration Expert Mode navigation The Navigation and notification area displays the current user and the site navigator, as well as notification messages, if applicable. In addition, following action buttons are always available on every page: Click ... To ... Save All force a save of the current configuration of your SpeedTouch™. CLI access the complete SpeedTouch™ Command Line Interface in a graphical way. Help open the SpeedTouch™ help pages.
Chapter 5 Expert Configuration 5.1 Home Overview The Expert Mode home page is in fact the same as the SpeedTouch™ home page in Basic Mode; it provides an instant overview of all aspects of your SpeedTouch™ configuration and operational status. For more information, see Home (of Basic Configuration web interface). E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.2 SpeedTouch™ Overview 102 The SpeedTouch™ menu consists of the following topics: Click ... To ... Easy Setup start the embedded Easy Setup wizard. System Information view important SpeedTouch™ information. Connections start/stop PPP connection sessions. Diagnostics view detailed system and configuration information of the SpeedTouch™ and perform IP connectivity checks on WAN connections. Syslog view/configure the SpeedTouch™ system logging engine.
Chapter 5 Expert Configuration 5.2.1 Easy Setup Introduction Click Easy Setup to start the SpeedTouch™ Easy Setup wizard. The Easy Setup wizard provides an easy way to prepare the SpeedTouch™ for Internet connectivity.
Chapter 5 Expert Configuration 5.2.2 System Information Overview Diagnostics The System Information page is the SpeedTouch™ expert start page. It consists of four sections: Diagnostics DSL Line Info Configuration System Select Diagnostics to view the results of the System Self Test, LAN connectivity and DSL synchronisation test: If result is ... Then ... the overall status of the particular item is healthy. an error situation has been detected for that item.
Chapter 5 Expert Configuration System Select System to view some important system information of the SpeedTouch™. The System table lists the SpeedTouch™’s: Product Name Physical Address. This worldwide unique hardware address is also called Medium Access Control (MAC) address. Software Release Board Name Serial Number Product Code Most of the information is also listed on the identification label on the bottom of the SpeedTouch™. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.2.3 Connections Overview The Connections page allows you to start and stop PPP connection sessions. All existing PPP connections are listed in the Connections table. If no PPP connections have been defined, this table is empty.
Chapter 5 Expert Configuration 5.2.4 Diagnostics Overview The Diagnostics page provides in-depth information, counters and statistical data on the SpeedTouch™ system settings, and its LAN and WAN connections. The diagnostics are broken down into three expandible categories: System LAN WAN Per category an overall status is displayed: If the status is ... Then ... the overall status of the particular category is healthy. an error situation has been detected for that category.
Chapter 5 Expert Configuration 5.2.5 Syslog Overview Messages The Syslog page consists of two sections: Messages Configuration This section allows to overview system log and alert messages your SpeedTouch™ generated during operation. System log messages are used to provide a historical overview of events, errors, and messages generated during SpeedTouch™ operation.
Chapter 5 Expert Configuration To change or delete a destination: 1 Select the applicable interface 2 If needed, make your changes and click: New to add a new destination with the new settings next to the existing one. Apply to apply the changes to the existing destination. Delete to remove the destination from the list of destinations. Click Deactivate to withdraw all forwarding of syslog messages for all destinations; to re-enable forwarding of syslog messages, click Activate.
Chapter 5 Expert Configuration 5.2.6 System Update Overview System configuration The System Update page features all means for management and maintenance of your SpeedTouch™. It consists of two sections: System configuration System Upgrade The System Configuration section allows you to manage locally stored system files. Select: Upload system files Upload File to upload a system file to the SpeedTouch™. See “ Upload system files” on page 110 for more information.
Chapter 5 Expert Configuration To upload system files: 1 Click Browse to specify the file on your local drive you wish to upload. 2 Click Upload to upload the system file to your SpeedTouch™. Each file requires an amount of memory. Make sure to limit the number of files to the minimum. ! Manage configuration files This table allows you to view configuration files that are currently stored on your SpeedTouch™.
Chapter 5 Expert Configuration System Upgrade The System Upgrade section allows you to manage your SpeedTouch™’s system software and upload or apply a new system software. For extended management reasons and roll-back scenarios your SpeedTouch™ provides storage room for two system software packages: the active system software the SpeedTouch™ is currently running and the passive one.
Chapter 5 Expert Configuration 5.2.7 SpeedTouch™ Services Overview The SpeedTouch™ Services page allows you to view and configure all services that are currently configured on your SpeedTouch™. The purpose of this page is to centralise the management of all SpeedTouch™ embedded Services and Applications, or otherwise stated, all internal modules and engines of the SpeedTouch™ that accept, relay or initiate IP traffic.
Chapter 5 Expert Configuration Edit SpeedTouch™ service properties Editing SpeedTouch™ services might be useful in cases where you want to hide/ protect the service by deviation from the typical service settings or restricting access from/to interfaces. However; ! Do not edit SpeedTouch™ system services unless specifically needed. To edit a SpeedTouch™ system service: 1 Select the service.
Chapter 5 Expert Configuration SpeedTouch™ service types E-DOC-CTC-20051017-0151 v1.0 The SpeedTouch™ service can be of following type: Type Indicates a SpeedTouch™ service that... Client is the originator of an IP connection (source IP packets). Server is the responder of an IP connection (listening to IP packets). Peer can be an originator or a responder of an IP connection. Proxy is a responder on the LAN side and originator on the WAN side of the SpeedTouch™.
Chapter 5 Expert Configuration 5.2.8 SNTP Overview The Simple Network Time Protocol (SNTP) web page allows you to configure the SpeedTouch™ real-time clock. The page contains two sections: SNTP Client Manual Selecting Manual immediately disables the SpeedTouch™ SNTP client. As a consequence the SpeedTouch™ real-time clock will no longer be periodically synchronised with an Internet time server.
Chapter 5 Expert Configuration 5.2.9 SLA Overview The Service Level Agreement (SLA) page allows you to view and configure ping and traceroute tests. The page contains two sections: Ping Select Ping to view/configure and perform ping tests. Select Traceroute to view/configure and perform traceroute tests. The Ping table provides a list of configured ping test entries. By default no ping tests are configured. To add a ping test see Add/delete a ping test.
Chapter 5 Expert Configuration Ping tests and results To start/stop a ping test: 1 Select the ping test entry. 2 Click: Activate to start the ping test. Deactivate a ping test that is currently running. To view the results of the ping test: 1 Select the ping test entry, if needed. 2 Click Result. To overview a history of ping tests: Traceroute 1 Select the ping test entry. 2 Click History. The Traceroute table provides a list of configured traceroute test entries.
Chapter 5 Expert Configuration Add/delete a traceroute test To add a traceroute test entry: 1 Click New (if an entry is currently selected, click Cancel first). 2 Type a name for the traceroute test entry. 3 Type the host name or IP address of the target to traceroute. 4 Click Apply. To delete a traceroute test: Modify traceroute test properties traceroute tests and results 1 Select the traceroute test entry to delete. 2 Click Delete.
Chapter 5 Expert Configuration 5.2.10 Add-on Overview Some of the SpeedTouch™'s extended functionalities require a software activation key to enable the corresponding software module. To acquire a software activation key for activating a SpeedTouch™ software module, proceed as follows: 1 Click the name of the software module you intend to activate. This link will forward you to the SpeedTouch™ software activation key web server.
Chapter 5 Expert Configuration 5.3 IP Router Overview E-DOC-CTC-20051017-0151 v1.0 The IP Router menu consists of the following topics: Click ... To ... IP Addresses view/configure the IP addresses assigned to any of the SpeedTouch™ interfaces. Expressions view/configure interface, or IP, or Service related expressions. Classification view/configure packet classification and handling. IP Routing view/configure the SpeedTouch™ IP forwarding and routing table.
Chapter 5 Expert Configuration 5.3.1 IP Addresses Overview The IP address table shows all IP addresses configured on any of SpeedTouch™’s interfaces.
Chapter 5 Expert Configuration 5.3.2 Expressions Overview Expressions are used in rules for source and destination interface, source and destination IP address(es) (ranges) and services. The Expressions page consists of three sections: Interface IP Service Expressions are also used by the SpeedTouch™ Stateful Inspection Firewall. Interface The Interface section bundles all expressions that express a relation based on Interfaces.
Chapter 5 Expert Configuration IP The IP section bundles all expressions that express a relation based on IP addresses. The Expressions table provides following information per expression: Adding an IP related expression The Name of the expression A Summary of the expression’s configuration. For more detailed information you can expand the expression (click ). To add a new IP related expression: 1 Click New. 2 In the IP Expressions Properties table: Type a Name for the expression.
Chapter 5 Expert Configuration 5.3.3 Classification Overview Labels The Classification page consists of three section: Labels, providing a list of existing packet classification labels and abilities to add/modify or delete packet classification label entries. Routing Rules allow you to associate a routing label (used in IP Routing) to a data flow by means of classification rules.
Chapter 5 Expert Configuration Routing Rules The Routing Rules section provides an overview of the existing routing rules. Proceed as follows to create a new rule: 1 Click New to create a new rule. 2 Fill in all the fields. 3 IP QoS Rules Index: The index of the label rule. Name: The name of the rule. Label: The label allows to identify packets with matching criteria. If such a packet arrives it is “labelled” with a packet classification label. Still no packet classified routing is done.
Chapter 5 Expert Configuration 5.3.4 IP Routing Overview The IP Routing table presents the current content of the SpeedTouch™ Routing Information Base. It contains all routes to all possible destinations and is consulted by the SpeedTouch™ any time prior to sending or forwarding any packets. Similar to the IP address table, a number of IP Routes are pre-configured. Other routes are either added via adding an IP address manually, or via the address negotiation of a Packet Service connection session, e.g.
Chapter 5 Expert Configuration 5.3.5 RIP Overview Configuration Interfaces Neighbours 128 The RIP web page contains three tabs: Configuration Interfaces Neighbours The Configuration section allows you to enable/disable the SpeedTouch™ RIP functionality and configure the some basic RIP settings.
Chapter 5 Expert Configuration 5.3.6 NAT Overview Interfaces The NAT menu consists of following sections: Interfaces Mappings Templates The Interface page allows you to enable/disable NAPT on a specific interface. Proceed as follows to enable/disable an interface: Mappings 1 Select the interface that has to be enabled/disabled 2 Click Save All to make the settings permanent.
Chapter 5 Expert Configuration Creating a NAT mapping Templates Proceed as follows to create a address translation mapping: 1 Click New to create a new map. 2 Select or fill in all the fields (see above). 3 Click Apply. The Template page allows you to create a NA(P)T template. Depending on your needs following fields are available: Interface: The name of the IP interface that needs to be NAT-ed. Group: The IP interface group scope for this template.
Chapter 5 Expert Configuration 5.3.7 IP QoS Definition Quality of Service is the ability for an application to obtain the network service it requires for successful operation. Nowadays the total amount of data traffic increases, while new types of data emerge, like: voice data, video data, audio data. These new types of data pose new requirements for data transport, e.g. low latency, low data loss, … To meet these requirements, the entire network must ensure them via a connection service guarantee.
Chapter 5 Expert Configuration Configuration The Configuration page allows you to configure IPQoS for a given destination interface for the IPQoS queues instantiation. When enabling or disabling IPQoS, take the following into account: if the WAN interface (for example PPPoA, IPoA, ...) is detached at the time of enabling/disabling IPQoS, then the WAN interface has to be attached in order for the enabling/disabling of IPQoS to take effect.
Chapter 5 Expert Configuration Queues The Queues page allows you to prioritize data. The following settings are available: Propagate: If the propagate function is enabled, an overflow to a lower priority queue will be created in case the initial queue is full. If the function is disabled packets in excess of the queue will be dropped. ECN: If the ECN marking is enabled, the Congestion Experienced code-point in the ECN field is set.
Chapter 5 Expert Configuration # marked: The number of packets that exceeded the mark rate and - as a consequence are marked. # compliant: The number of packets that comply to the IPQoS meter rate limits and - as a consequence - can pass. To add a new IPQoS rate limiting entry: 1 Click New. 2 Type: 3 a Name for the new entry.
Chapter 5 Expert Configuration 5.4 Connections Overview E-DOC-CTC-20051017-0151 v1.0 The Connections menu consists of the following topics: Click ... To ... ATM view/configure SpeedTouch™’s ATM interfaces. Routed PPPoE view/configure the Routed PPP over Ethernet (PPPoE) Internet services. Routed PPPoA view/configure the Routed PPP over ATM (PPPoA) Internet services. Routed PPPoI view/configure the Routed PPP over ISDN (PPPoI) Internet services.
Chapter 5 Expert Configuration 5.4.1 ATM Overview Phonebook The ATM page consists of following sections: Phonebook QoS Book Interfaces The SpeedTouch™ Phonebook is a repository for ATM connectivity information. A number of pre-configured entries may already reside in the SpeedTouch™ Phonebook. The Phonebook: Adding a phonebook entry Connection Service Name 136 Allows you to use named connections. Provides an instant overview of all possible connections.
Chapter 5 Expert Configuration Virtual Channel Identifiers (VPI and VCI) The address format is vpi*vci, e.g. 8*35; or vpi.vci, e.g. 8.35. VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) are two parameters identifying ATM Virtual Channels. It is the responsibility of the network operator to provide end-to-end connectivity throughout the network on these virtual channels.
Chapter 5 Expert Configuration 138 Upper layer protocol: Select the Upper Layer Protocol (ULP) for this interface. Choose between: ip (for a Routed IPoA interface). mac (for a Bridged Ethernet, Routed ETHoA, Bridged PPP over Ethernet (PPPoE), Routed PPPoE or a PPPoE Relay interface). ppp (for a Routed PPP over ATM (PPPoA) interface). E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.4.2 Routed PPPoE Introduction Creating a Routed PPPoE connection entry Additional configuration The Routed PPPoE configuration page allows you to add new Routed PPPoE, or Routed PPPoE Relay connection entries or to change settings of existing entries. To add a Routed PPPoE connection entry: 1 Click New. 2 In the Interface box, type a unique interface name (different from the MER interface name).
Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities. Following fields are available: Mode: A PPP connection can be established in three ways: Manually: You have to press the Dial-In button of a particular connection. Always-On: The SpeedTouch™ automatically tries to establish PPP connections. On-Demand: A PPP connection is triggered by specific frames arriving at the Ethernet port.
Chapter 5 Expert Configuration 5.4.3 Routed PPPoA Introduction Creating a Routed PPPoA connection entry Additional configuration The Routed PPPoA configuration page allows you to add new Routed PPPoA connection entries or to change settings of existing entries. To add a Routed PPPoA connection entry: 1 Click New. 2 In the Interface box, type a unique interface name (different from the MER interface name).
Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities. Following fields are available: Mode: A PPP connection can be established in three ways: Manually: You have to press the Dial-In button of a particular connection. Always-On: The SpeedTouch™ automatically tries to establish PPP connections. On-Demand: A PPP connection is triggered by specific frames arriving at the Ethernet port.
Chapter 5 Expert Configuration E-DOC-CTC-20051017-0151 v1.0 Bytes sent: Number of bytes transmitted over this PPP connection.
Chapter 5 Expert Configuration 5.4.4 Routed PPPoI Availability Introduction Creating a Routed PPPoI connection entry The ISDN modem is only fully functional after activating the ISDN software module with the ISDN software module activation key. For more information, see “5.2.10 Add-on” on page 120. The Routed PPPoI configuration page allows you to add new Routed PPPoI connection entries or to change settings of existing entries. To add a Routed PPPoI connection entry: 1 Click New.
Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities. Following fields are available: Mode: A PPP connection can be established in three ways: Manually: You have to press the Dial-In button of a particular connection. Always-On: The SpeedTouch™ automatically tries to establish PPP connections. On-Demand: A PPP connection is triggered by specific frames arriving at the Ethernet port.
Chapter 5 Expert Configuration Statistics 146 For a running PPP session the fourth tab allows you to overview following connection statistics: IP address: Local IP address assigned by the server. Bytes received: Number of bytes received on this PPP connection. Bytes dropped: Number of bytes failed to transmit. Bytes sent: Number of bytes transmitted over this PPP connection. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.4.5 Bridged Ethernet Overview Bridged Ethernet The Bridged Ethernet page consists of following sections: Bridged Ethernet VLAN The Bridged Ethernet page allows you to configure the SpeedTouch™ for IEEE802.1D Transparent Bridging, which equally may include preparing it for Bridged PPPoE. Next to transparent bridging, the SpeedTouch™ also features full VLAN awareness, and as such allows Ethernet interface grouping or VLAN-tag based forwarding.
Chapter 5 Expert Configuration Add a new Bridge port Proceed as follows to add a new port to the Ethernet Bridge: 1 Click New under the Bridge Ethernet overview table 2 In the Interface box, type a unique interface name; in the Destination list, select the interface you want to use for this connection. 3 Mark the Multicast filter checkbox if you wish to filter out multicast streams on this interface.
Chapter 5 Expert Configuration VLAN interface configuration Proceed as follows to add or remove Bridged Ethernet interfaces for a certain VLAN: 1 Select the VLAN you wish to edit. 2 A listing of all bridge interfaces will appear, each followed by a drop-down list. Change the value of the drop-down list to add or remove interfaces from this VLAN: 3 E-DOC-CTC-20051017-0151 v1.0 (none), which means that this interface is not a member of the selected VLAN.
Chapter 5 Expert Configuration 5.4.6 Routed Ethernet Introduction The Routed Ethernet web page allows you to add and modify Routed Ethernet interfaces. Routed Ethernet interfaces can be used for creating end-to-end MAC Encapsulated Routing (MER) connections, or for creating a destination interface to create Routed PPPoE connections on, or to apply a routed PPPoE Relay scenario. 150 E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.4.7 Routed IPoA Creating a new Routed IPoA Ethernet Interface To add a new Routed IPoA Ethernet interface, proceed as follows: 1 Click New. 2 Following fields become available: Interface Name: Is a name that has local significance only and allows to reference a particular Routed IPoA interface Local IP Address: Is an IP address that must be configured on the local Routed IPoA Ethernet interface and is provided by your ISP or system administrator.
Chapter 5 Expert Configuration 5.4.8 PPTP-to-PPP Relay Overview The PPTP-to-PPP Relay, referred to as "Relay" further in this section, interacts with a PPTP tunnelling application installed on the locally attached computers, for example Microsoft's Dial-Up Networking. A typical user-relay interaction scenario is as follows: A PPTP Tunnelling application is started on one of the locally attached computers.
Chapter 5 Expert Configuration 5.4.9 Virtual LAN Concept The concept of VLAN was introduced as a way to solve many of the issues of a large Layer 2 environment. It controls the traffic on a physical LAN. The physical LAN is partitioned into multiple virtual LANs. Each VLAN is assigned a number, called the VID, which identifies it uniquely within the network. Traffic between these systems stays bottled up within their VLAN.
Chapter 5 Expert Configuration 5.5 Local Networking Overview 154 The Connections menu consists of the following topics: Click ... To ... DHCP View/configure the SpeedTouch™ DHCP settings. DNS View/configure the SpeedTouch™ DNS settings. Managed Switch View/configure the SpeedTouch™ Managed Switch. Wireless View/configure the SpeedTouch™ wireless access point settings. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.5.1 DHCP Overview DHCP Server The DHCP web page offers three tabs to configure the SpeedTouch™ 's DHCP functionality: DHCP Server: To configure the general behaviour of the SpeedTouch™ 's DHCP server. DHCP Relay: To configure the SpeedTouch™ DHCP relay. DHCP Client: To configure the SpeedTouch™ DHCP client. The DHCP server configuration is split up in three sections: Server Config: To configure the SpeedTouch™ DHCP server ‘master’ settings and behaviour.
Chapter 5 Expert Configuration Server Leases In case the SpeedTouch™ DHCP server is running this table holds all leases which are assigned by the DHCP server to (accepted) DHCP clients. Following lease parameters are shown: Client ID: The MAC address of the DHCP client. Address: The IP address leased by the DHCP client. Pool: The DHCP server address pool the lease IP address is taken from. TTL: The DHCP server lease's Time To Live (in seconds).
Chapter 5 Expert Configuration Address Pools One or more disjunctive DHCP server address pools can be created per existing SpeedTouch™ interface using the Address Pool table. The first address pool displayed in the table has the highest priority for a certain interface. If you select one of the address pools, following fields become available: Name: The name of the DHCP server's address pool. Interface: The SpeedTouch™ interface for which the address pool applies.
Chapter 5 Expert Configuration DHCP Relay The DHCP relay tab allows you to add/delete and overview SpeedTouch™ 's DHCP relay interfaces. The DHCP relay configuration is split up in two sections: Relay Config Relay Config To add/delete and configure a DHCP relay server on a certain interface Relay Interfaces To enable/disable and define the behaviour of the DHCP relay agent per configured interface.
Chapter 5 Expert Configuration DHCP Client Dynamic interfaces are created and managed by means of the DHCP Client table. Following fields are listed in the DHCP Client table: Interface: The name of the SpeedTouch™ logical interface for which this DHCP client applies The Address column shows the IP address assigned to the interface given in the first column. The State column shows the current state of the dynamic interface.
Chapter 5 Expert Configuration 5.5.2 DNS Overview DNS is short for Domain Name System. It is a network functionality that allows network members to use host names rather than IP addresses for referencing networked computers. The DNS web page consists of two sections: Configuration Configuration Hostname Table In addition to the host name, a local computer needs the DNS domain name to construct a fully qualified name. By default the SpeedTouch™ DNS's domain name is lan.
Chapter 5 Expert Configuration 5.5.3 Managed Switch Overview Your SpeedTouch™ is equipped with a four-port 10/100Base-T auto-sensing MDI/ MDI-X Ethernet switch. Each physical Ethernet port of the switch can be managed individually for extended networking control and monitoring purposes. The Managed Switch page consists of two sections: Managed Ethernet Switch E-DOC-CTC-20051017-0151 v1.0 Managed Ethernet Switch provides an overview of each individual Ethernet port.
Chapter 5 Expert Configuration Mirror Configuration Port mirroring allows monitoring from one port (called mirrored port) to another port (called mirror capture port). This functionality allows any port's Ingress and/or Egress traffic to be monitored to a pre-defined "mirror capture port". Depending on your configuration you can mirror (from mirror port to mirror capture port): 162 The outgoing traffic The incoming traffic Both incoming and outgoing traffic. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.5.4 Wireless Availability Overview This page is only available on SpeedTouch™ devices equipped with a wireless access point. The SpeedTouch™ IEEE802.11g compliant Wireless LAN (WLAN) interface allows you to share its high-speed Internet connection with multiple networking clients in a local network, without needing to (re-)wire your home. The SpeedTouch™ acts as a wireless Access Point (AP), connecting wireless clients and transferring data between them.
Chapter 5 Expert Configuration Access point settings This section provides an overview and allows you to configure the basic wireless networking parameters for your SpeedTouch™ wireless access point. Following wireless access point settings can be viewed or configured: 164 Network Name (SSID): The network name, also known as Service Set ID (SSID). For more information, see “ Network Name (SSID)” on page 165. Rate: Displays the current modulation rate in which the SpeedTouch™ is operating.
Chapter 5 Expert Configuration Network Name (SSID) The WLAN's 'radio' link is a shared medium. As no physical connection exists between the SpeedTouch™ and wireless clients, a name must be given to allow unique identification of your WLAN radio link. This is done by the Network Name, also known as Service Set ID (SSID). Wireless clients must be configured for the same Network Name in order to be able to communicate with other clients on the (W)LAN - via the SpeedTouch™ wireless access point.
Chapter 5 Expert Configuration Enable/disable the wireless interface To disable your wireless interface: 1 Clear wireless interface enabled. 2 Click Apply to immediately apply your changes. ! All your wireless clients will be disconnected! You can also disable your wireless interface by pressing the front panel button for 10 seconds. When the WLAN led is extinguished, the interface is disabled. To enable the wireless interface: 1 Select Wireless interface enabled.
Chapter 5 Expert Configuration WEP The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from eavesdropping. WEP relies on a secret key that is shared between the wireless client (e.g. a laptop with a wireless ethernet card and the SpeedTouch™. The fixed secret key is used to encrypt packets before they are transmitted. I.e.
Chapter 5 Expert Configuration WPA WPA is the highest form of security available but make sure that your wireless client and client manager are compatible with it. If you want to use this level of encryption you must have a RADIUS (Remote Authentication Dial-in User Service) server installed on your network. To enable level2 - WPA: Access Control 1 Select Security Level 2 - WPA. 2 Enter the RADIUS settings provided by your network administrator in the appropriate fields.
Chapter 5 Expert Configuration 5 Networks Other Networks Yes to allow it to exchange data with other stations. No to explicitly deny the station to associate with the SpeedTouch™. Click Apply to immediately apply your changes. The Networks tab allows you to: Scan for Other Networks. Enable WDS connections with other wireless devices. The Other Networks tab allows you to overview the wireless networks in your neighbourhood. To scan for other wireless networks: WDS 1 Click Scan.
Chapter 5 Expert Configuration 5.6 Firewall Overview 170 The Firewall menu consists of the following topics: Click ... To ... Expressions view/configure interface, or IP, or Service related expressions. For more information, see “5.3.2 Expressions” on page 123. Policy view/configure the SpeedTouch™ Stateful Inspection Firewall security level and its policies. Log view log messages for SpeedTouch™ firewall events. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.6.1 Policy Firewall levels E-DOC-CTC-20051017-0151 v1.0 The Level list allows you to choose between the following level: Disabled: All traffic is allowed to pass through your SpeedTouch™. Game and Application sharing is allowed by the firewall. BlockAll: Use this Security Level to block all traffic from and to the Internet. Game and Application sharing is not allowed by the firewall.
Chapter 5 Expert Configuration Buttons Click: Customize... to create a new firewall level starting from the selected firewall level. For more information, see “ Creating a firewall rule” on page 173. Set Active to activate the selected firewall rule. ! Loose UDP tracking To save the new configuration, click Save All. If this check box is: Selected: The source port of the original UDP connection is opened for all hosts which want to connect to this port.
Chapter 5 Expert Configuration Creating a firewall rule Proceed as follows to create a new security level and to add rules: 1 Select one of the six security levels. 2 Click Customize. 3 Type name and description for the new security level and click Apply. 4 Click New to add a rule. 5 Fill in all the fields. Index: The index of the firewall rule. The firewall hierarchically goes through the rules, starting from rule 1.
Chapter 5 Expert Configuration 7 174 Click Set Active to activate the new settings. E-DOC-CTC-20051017-0151 v1.
Chapter 5 Expert Configuration 5.6.2 Log Introduction E-DOC-CTC-20051017-0151 v1.0 The Log page allows you to view log messages when: a firewall rule is hit. the firewall is enabled or disabled. the firewall level is changed. a firewall rule is created. a firewall rule is modified. a firewall rule is deleted.
Chapter 5 Expert Configuration 5.7 VPN Availability Overview 176 The VPN feature is only available if you activated the VPN software module. For more information, see “5.2.10 Add-on” on page 120. The VPN menu consists of following items Click ... To ... LAN to LAN connect your LAN with a remote LAN through an IPSec VPN tunnel. VPN Client set up a connection between the SpeedTouch™ and a remote VPN server. VPN Server set up the SpeedTouch™ as a VPN server.
Chapter 5 Expert Configuration 5.7.1 LAN to LAN Tabs Configuration procedure E-DOC-CTC-20051017-0151 v1.0 The LAN to LAN page consists of two tabs. Select: Remote Gateway Address Known as the starting page when the SpeedTouch™ must be able to initiate a VPN connection. Remote Gateway Address Unknown as the starting page when the SpeedTouch™ only needs to have responder capability.
Chapter 5 Expert Configuration 5.7.2 VPN Client The VPN Client page Configuration procedure 178 The VPN client in the SpeedTouch™ can replace a software VPN client installed on a computer. You can use it for example to connect from your home to your employer’s corporate network for tele-working. The VPN Client page allows you to configure a VPN client that functions in Initiator mode. This means that the VPN client takes the initiative to set up a secure connection to a remote VPN server.
Chapter 5 Expert Configuration 5.7.3 VPN Server The SpeedTouch™ as VPN Server In a VPN client-server scenario, the VPN server is always the responder in the IKE negotiations. Various VPN clients can dial in to a VPN server, since it supports multiple simultaneous VPN connections. A VPN server does not know a priori which remote Security Gateway will attempt to set up a VPN connection. In time, new users may join the VPN.
Chapter 5 Expert Configuration 5.7.4 Certificates Certificates pages The Certificates pages allow you to manage your certificates. Secure Storage page This page shows the list of certificates stored in the SpeedTouch™. Request Import page This page allows importing new certificates from a Certificate Authority into the SpeedTouch™. 180 CRL page This page allows managing the use of Certificates Revocation Lists. CEP page This page allows configuring the Certificates Enrollment Protocol settings.
Chapter 5 Expert Configuration 5.7.5 Advanced When to use The Advanced VPN menu gives access to two main pages where the complete IPSec configuration can be done. These pages are component-oriented, as opposed to the application-oriented pages described in “5.7.1 LAN to LAN” on page 177, “5.7.2 VPN Client” on page 178 and “5.7.3 VPN Server” on page 179. Componentoriented means that a number of components are constructed and subsequently combined.
Chapter 5 Expert Configuration 5.7.6 Debug Status page Statistics page Logging page This page shows the status of the IKE Security Association (Phase 1) and the IPSec Security Association(s) (Phase 2). For an operational VPN connection, both an IKE Security Association and an IPSec Security Association should be active. This page shows the amount of traffic carried over the IKE Security Association (Phase 1) and the IPSec Security Association(s) (Phase 2).
Chapter 5 Expert Configuration 5.8 SIP PBX Availability The SIP PBX feature is only available if you activated the SIP PBX software module. For more information, see “5.2.10 Add-on” on page 120. SpeedTouch™ SIP PBX The SpeedTouch™ has a key role in the enhancement of Voice over IP services for corporations, universities or enterprises.
Chapter 5 Expert Configuration Location Service Call Logging Enable/disable call screening. The Location Service page allows you to: View the registered users. Add new SIP users. All inbound and outbound SIP sessions that cross the multi-media SIP PBX can be monitored from the SpeedTouch™web interface. Both successful and failed calls will be shown. This is a useful tool to supervise the SIP communications involving your LAN User Agents.
Chapter 6 Software Keys 6 Software Keys Introduction A Software Key is a tool to disclose or activate services or software modules.
Chapter 6 Software Keys 3 Select the desired software module to open the registration web site on the Internet. Complete the form to request a new software Key. 4 Select the Request Software Key button to proceed. As a result you will get a text box with the key in it. 186 5 Copy the key and past it into the Software Activation Code Input Display and click the Add button. 6 Click the Restart button, to restart the SpeedTouch™and activate the software module.
Chapter 7 Troubleshooting 7 Troubleshooting Introduction This chapter suggest solutions for problems you may encounter while installing or configuring y our SpeedTouch™. If the suggestions do not resolve the problem, look at the support pages on http:// www.speedtouch.com/support or contact your service provider. For Internet connection troubleshooting, refer to the provided Installation and Setup Guide. Topics E-DOC-CTC-20051017-0151 v1.
Chapter 7 Troubleshooting 7.1 General SpeedTouch™ Troubleshooting SpeedTouch™ does not work If none of the LEDs light up, make sure that: The SpeedTouch™ is plugged into a power socket outlet. You are using the correct power supply for your SpeedTouch™ device. The power requirements for your SpeedTouch™ are clearly indicated on the identification label on the bottom of the SpeedTouch™.
Chapter 7 Troubleshooting 7.1.1 Wired Ethernet Troubleshooting LAN LED does not light up E-DOC-CTC-20051017-0151 v1.0 Make sure that: The LAN cable is securely connected to the 10/100Base-T port. You are using the correct cable type for your Ethernet equipment, that is UTP CAT5 with RJ-45 connectors.
Chapter 7 Troubleshooting 7.1.2 Wireless Ethernet Troubleshooting Not able to connect wireless clients No wireless connectivity Poor wireless connectivity or reach 190 Check the following: If registration is enabled, you must press the 'Association' button to register the wireless client or search for wireless devices via the embedded Web pages. Make sure the SpeedTouch™ Association Control List is not locked. You can check this on the Web pages.
Chapter 7 Troubleshooting 7.1.3 Upgrade Troubleshooting Error messages While upgrading your SpeedTouch™ via the Web pages, one of the following messages may appear: Message Due to Failed to retrieve new software version from the support site. Try again later. The file does not exist, meaning there is no newer software release. Loss of connectivity. Try again later. Could not install the new software version. If problem persists, contact your help desk. E-DOC-CTC-20051017-0151 v1.
Chapter 7 Troubleshooting 7.2 UPnP™ on Windows XP Systems SpeedTouch™ not detected by UPnP™ or IGD Control Client Adding UPnP™ Check the following: Make sure the UPnP™ and Internet Gateway Device Control Client Networking components are added to your Windows XP system. Your computer doesn’t support UPnP™ if you run an operating system other than Windows XP and Windows Millennium. Make sure that UPnP™ is not disabled in the SpeedTouch™ Web page; see “4.5.
Chapter 7 Troubleshooting Adding IGD Discovery and Control Your Windows XP system is able to discover and control Internet Gateway Devices (IGD), like the SpeedTouch™ on your local network. Therefore it is recommended to add the IGD Discovery and Control client to your system. Proceed as follows: 1 On the Windows taskbar, click Start. 2 Select (Settings >) Control Panel > Add or Remove Programs. 3 In the Add or Remove Programs window, click Add/Remove Windows Components.
Chapter 7 Troubleshooting 7.3 Reset to Factory Defaults Resetting your SpeedTouch™ You might consider a reset to factory defaults as described below. ! Be aware that a reset to factory defaults will revoke all configurational changes you made to the SpeedTouch™. You can choose between: Software reset Hardware reset A reset to factory default settings deletes the configuration profile settings. Therefore, after the reset, a reconfiguration of your SpeedTouch™ will be needed.
Chapter 7 Troubleshooting 4 The SpeedTouch™ restarts. ! E-DOC-CTC-20051017-0151 v1.0 Your system administrator may have disabled the physical reset button of the SpeedTouch™. In this case, a hardware reset to defaults is not possible.
Chapter 7 Troubleshooting 196 E-DOC-CTC-20051017-0151 v1.
© THOMSON 2005. All rights reserved. E-DOC-CTC-20051017-0151 v1.0 Need more help? Additional help is available online at www.speedtouch.
