Firewall with Dial Back-Up Reference Manual

ManualsBrandsNETGEAR ManualsNetwork RouterCable/DSL ProSafe Firewall FR328S

M-10207-01, Reference Manual v2

October 2003

NETGEAR, Inc.

4500 Great America Parkway

Santa Clara, CA 95054 USA

Phone 1-888-NETGEAR

FR328S ProSafe Firewall

with Dial Back-Up

Reference Manual v2

Summary of content (135 pages)

PAGE 1
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 NETGEAR, Inc.
PAGE 2
© 2003 by NETGEAR, Inc. Full Manual. All rights reserved. Trademarks NETGEAR and Auto Uplink are trademarks or registered trademarks of Netgear, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders.
PAGE 3
Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß dasFR328S ProSafe Firewall with Dial Back-Up gemäß der im BMPT-AmtsblVfg 243/ 1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.
PAGE 4
iv M-10207-01, Reference Manual v2
PAGE 5
Contents Chapter 1 About This Manual Audience, Versions, Conventions ...................................................................................1-1 How to Use this Manual ..................................................................................................1-2 How to Print this Manual .................................................................................................1-3 Chapter 2 Introduction Key Features ....................................................................
PAGE 6
How to Complete the Wizard-Detected Dynamic IP Account Setup ...................... 3-11 How to Complete Wizard-Detected Fixed IP Account Setup .................................3-12 Configuring a Serial Port as the Primary Internet Connection ......................................3-13 How to Configure the Serial Port for an Internet Connection .................................3-13 Testing Your Internet Connection ..................................................................................
PAGE 7
Considerations for Inbound Rules ...................................................................5-10 Outbound Rules (Service Blocking) ....................................................................... 5-11 Outbound Rule Example: Blocking Instant Messenger ................................... 5-11 Order of Precedence for Rules ..............................................................................5-13 Setting Times and Scheduling Firewall Services .............................................
PAGE 8
MTU Size .................................................................................................................7-3 DHCP .......................................................................................................................7-4 Use router as DHCP server ...............................................................................7-4 Reserved IP addresses .....................................................................................7-5 How to Configure LAN TCP/IP Setup ....
PAGE 9
Private IP Addresses ............................................................................................... B-7 Single IP Address Operation Using NAT ....................................................................... B-8 MAC Addresses and Address Resolution Protocol ................................................. B-9 Related Documents ................................................................................................. B-9 Domain Name Server ......................................
PAGE 10
Glossary Index x Contents M-10207-01, Reference Manual v2
PAGE 11
Chapter 1 About This Manual Thank your for purchasing the NETGEAR™ FR328S ProSafe Firewall with Dial Back-Up. This chapter describes the target audience, versions, conventions, and features of this manual. Audience, Versions, Conventions This reference manual assumes that the reader has basic to intermediate computer and Internet skills. However, basic computer network, Internet, and firewall technologies tutorial information is provided in the Appendices and on the Netgear website.
PAGE 12
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Use this Manual The HTML version of this manual includes a variety of navigation features as well as links to PDF versions of the full manual and individual chapters. 2 1 3 Figure Preface -2: HTML version of this manual 1. Left pane. Use the left pane to view the Contents, Index, Search, and Favorites tabs. To view the HTML version of the manual, you must have a version 4 or later browser with JavaScript enabled. 2. Toolbar buttons.
PAGE 13
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Print this Manual To print this manual you man choose one of the following several options, according to your needs. • Printing a “How To” Sequence of Steps in the HTML View. Use the Print button on the upper right of the toolbar to print the currently displayed topic.
PAGE 14
PAGE 15
Chapter 2 Introduction This chapter describes the features of the NETGEAR FR328S ProSafe Firewall with Dial Back-Up. The FR328S is a complete security solution that protects your network from attacks and intrusions. Unlike simple Internet sharing routers that rely on Network Address Translation (NAT) for security, the FR328S uses Stateful Packet Inspection for Denial of Service (DoS) attack protection and intrusion detection.
PAGE 16
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Remote Access Server (RAS) allows you to log in remotely through the serial port to access a server on your LAN, other LAN resources, or the Internet based on a user name and password you define. • LAN-to-LAN access between two FR328S firewalls through the serial port with the option of enabling auto-failover Internet access across the serial LAN-to-LAN connection.
PAGE 17
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Automatic Configuration of Attached PCs by DHCP The FR328S dynamically assigns network configuration information, including IP, gateway, and domain name server (DNS) addresses, to attached PCs on the LAN using the Dynamic Host Configuration Protocol (DHCP). This feature greatly simplifies configuration of PCs on your local network.
PAGE 18
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Browser-based management Browser-based configuration allows you to easily configure your firewall from almost any type of personal computer, such as Windows, Macintosh, or Linux. A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based interface.
PAGE 19
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The Firewall’s Front Panel The front panel of the FR328S (Figure 2-1) contains status LEDs. Figure 2-1: FR328S Front Panel You can use some of the LEDs to verify connections. Table 2-1 lists and describes each LED on the front panel of the firewall. These LEDs are green when lit, except for the TEST LED, which is amber. Table 2-1: LED Descriptions Label Activity Description POWER On Power is supplied to the firewall.
PAGE 20
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The Firewall’s Rear Panel The rear panel of the FR328S (Figure 2-2) contains the connections identified below. LO CA L 10/ 100M M O DEM 8 7 6 5 4 3 2 1 IN TER N ET 1 2 V DC O .
PAGE 21
Chapter 3 Connecting the Firewall to the Internet This chapter describes how to set up the firewall on your Local Area Network (LAN), connect to the Internet, perform basic configuration of your FR328S ProSafe Firewall with Dial Back-Up using the Setup Wizard, or how to manually configure your Internet connection. What You Will Need Before You Begin You need to prepare these three things before you can connect your firewall to the Internet: 1.
PAGE 22
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Configuration Requirements For the initial connection to the Internet and configuration of your firewall, you will need to connect a computer to the firewall which is set to automatically get its TCP/IP configuration from the firewall via DHCP. Note: For assistance with DHCP configuration, please refer to the animated Windows TCP/IP Configuration Tutorials on the Resource CD (SW-10045-01) or in Appendix C, "Preparing Your Network".
PAGE 23
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Record Your Internet Connection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and password are case sensitive and must be entered exactly as given by your ISP. Some ISPs use your full e-mail address as the login name. The Service Name is not required by all ISPs.
PAGE 24
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Connecting the FR328S Firewall to Your LAN This section provides instructions for connecting the FR328S ProSafe Firewall with Dial Back-Up to your Local Area Network (LAN). Note: The Resource CD included with your firewall contains an animated Installation Assistant to guide you through this procedure. How to Connect the Firewall to Your LAN There are three steps to connecting your firewall: 1. Connect the firewall to your network. 2.
PAGE 25
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 c. Connect the Ethernet cable (A) from your Cable or DSL modem to the FR328S’s Internet port. LO CA L 10/ 100M M O DEM 8 7 6 5 4 3 2 1 A IN TER N ET DSL modem 1 2 V DC O . 5 A Figure 3-2: Connect the Cable or DSL Modem to the firewall d. Connect the Ethernet cable (B) which came with the firewall from a Local port on the router to your computer.
PAGE 26
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 e. 2. Turn on the Cable or DSL modem and wait about 30 seconds for the lights to stop blinking. Log in to the Firewall Note: To connect to the firewall, your computer needs to be configured to obtain an IP address automatically via DHCP. Please refer to Appendix C, "Preparing Your Network" for instructions on how to do this. a. Turn on the firewall and wait for the Test light to stop blinking. b. Now, turn on your computer.
PAGE 27
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 A login window opens as shown in Figure 3-5 below: Figure 3-5: Login window d. For security reasons, the firewall has its own user name and password. When prompted, enter admin for the firewall User Name and password for the firewall Password, both in lower case letters. Note: The user name and password are not the same as any user name or password you may use to log in to your Internet connection. 3.
PAGE 28
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 b. Select the NAT option and click Next to follow the steps in the Setup Wizard to input the configuration parameters from your ISP to connect to the Internet. If you choose not to use NAT, each computer on the LAN connected to the FR328S must have a valid public IP address in the same subnet as the Wan port of the FR328S.
PAGE 29
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 When the Wizard launches, select Yes in the menu below to allow the firewall to automatically determine your connection. Figure 3-7: Setup Wizard Note: If you do not see the Setup Wizard, click the Setup Wizard link in the upper left to bring up this menu. 2.
PAGE 30
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Complete the Wizard-Detected Login Account Setup If the Setup Wizard determines that your Internet service account uses a login protocol such as PPP over Ethernet (PPPoE), you will be directed to a menu like the PPPoE menu in Figure 3-8: Figure 3-8: Setup Wizard menu for PPPoE login accounts 1. Enter your Account Name (may also be called Host Name) and Domain Name.
PAGE 31
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 4. Click Apply to save your settings. 5. Click Test to test your Internet connection. If the NETGEAR website does not appear within one minute, refer to Chapter 8, Troubleshooting”.
PAGE 32
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 3. The Router’s MAC Address is the Ethernet MAC address that will be used by the firewall on the Internet port. If your ISP allows access from only one specific computer’s Ethernet MAC address, select “Use this MAC address.” The firewall will then capture and use the MAC address of the computer that you are now using. You must be using the one computer that is allowed by the ISP. Otherwise, you can type in a MAC address.
PAGE 33
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 1. Enter your assigned IP Address, Subnet Mask, and the IP Address of your ISP’s gateway router. This information should have been provided to you by your ISP. You will need the configuration parameters from your ISP you recorded in “Record Your Internet Connection Information” on page 3-3. 2. Enter the IP address of your ISP’s Primary DNS Server. If a Secondary DNS Server address is available, enter it also.
PAGE 34
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 b. From the Setup Basic Settings menu, click Serial Port. Figure 3-11: Serial Internet Connection configuration menu c. Fill in the ISDN or analog ISP Internet configuration parameters as appropriate: • • d. 3-14 For a Dial-up Account, enter the Account information. Check “Connect as required” to enable the firewall to automatically dial the number. To enable Idle Time disconnect, check the box and enter a time in minutes.
PAGE 35
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Note: You can validate modem string settings by first connecting the modem directly to a PC, establishing a connection to your ISP, and then copying the modem string settings from the PC configuration and pasting them into the FR328S Modem Properties Initial String field. For more information on this procedure, please refer to the support area of the NETGEAR web site. • • Select the Serial Line Speed.
PAGE 36
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Manually Configuring Your Internet Connection You can manually configure your firewall using the menu below, or you can allow the Setup Wizard to determine your configuration as described in the previous section.
PAGE 37
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Manually Configure the Primary Internet Connection Use these steps to manually configure the primary Internet connection in the Basic Settings menu. 1. Select your Internet connection type (broadband with or without login, or serial). Note: If you are a Telstra BigPond broadband customer, or if you are in an area such as Austria that uses broadband PPTP, login is required.
PAGE 38
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 3-18 Connecting the Firewall to the Internet M-10207-01, Reference Manual v2
PAGE 39
Chapter 4 Serial Port Configuration This chapter describes how to configure the serial port options of your FR328S ProSafe Firewall with Dial Back-Up. The FR328S serial port lets you share the broadband connection of another FR328S, share resources between two LANs, and take advantage of the routing functions on the broadband (WAN), LAN, and serial network interfaces.
PAGE 40
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Configuring a Serial Port Modem You can configure a serial port modem for any of the features described above. Be sure you have prepared the basic requirements listed below, then follow the ‘how to’ procedure. Basic Requirements for Serial Port Modem Configuration Configuring a serial port modem requires these elements: 1. A serial analog or ISDN modem. 2. A serial modem cable with a DB9 connector. 3. An active phone or ISDN line.
PAGE 41
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 — If your modem is not on the list, select “User Defined” and enter the Modem Properties. If you are using the “User Defined” selection and configuring your own modem stings, fill in the Modem Properties settings.
PAGE 42
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Figure 4-2: Auto-Rollover configuration menu 3. Configure the Auto-Rollover settings. 4. Click Apply for the changes to take effect. Configuring Dial-in on the Serial Port Dial-in lets a single remote computer connect to the FR328S through the serial port to gain access to LAN resources or a remote access server. Be sure you have prepared the basic requirements listed below, then follow the ‘how to’ procedure.
PAGE 43
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Basic Requirements for Dial-in Dial-in requires these elements: 1. A broadband connection to the FR328S. 2. An analog phone line. 3. A serial modem properly configured and attached to the DB9 connector on the serial port. 4. The Dial-in settings configured and applied to the FR328S. How to Configure Dial-in Follow the steps below to configure a serial port dial-in connection. 1.
PAGE 44
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Configuring LAN-to-LAN Settings LAN-to-LAN enables direct communications between two FR328S firewalls. FR328S A Serial Connection FR328S B 192.168.0.1 192.168.3.1 Figure 4-4: LAN-to-LAN network configuration Basic Requirements for LAN-to-LAN Connections Serial port LAN-to-LAN configurations require these elements: 1. An ISDN or analog phone line with an active ISDN or dial-up ISP account. 2.
PAGE 45
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Figure 4-5: LAN-to-LAN configuration menu 3. Configure the LAN-to-LAN settings. Note: The LAN subnet address of each FR328S must be different. 4. Click Apply for the changes to take effect.
PAGE 46
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 4-8 Serial Port Configuration M-10207-01, Reference Manual v2
PAGE 47
Chapter 5 Protecting Your Network This chapter describes how to use the basic firewall features of the FR328S ProSafe Firewall with Dial Back-Up to protect your network. Protecting Access to Your FR328S Firewall For security reasons, the firewall has its own user name and password. Also, after a period of inactivity for a set length of time, the administrator login will automatically disconnect. When prompted, enter admin for the firewall User Name and password for the firewall password.
PAGE 48
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. From the Main Menu of the browser interface, under the Maintenance heading, select Set Password to bring up the menu shown in Figure 5-1. Figure 5-1: Set Password menu 3. To change the password, first enter the old password, and then enter the new password twice. 4. Click Apply to save your changes. Note: After changing the password, you will be required to log in again to continue the configuration.
PAGE 49
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Blocking Keywords, Sites, and Services The firewall provides a variety of options for blocking Internet based content and communications services. With its content filtering feature, the FR328S Firewall prevents objectionable content from reaching your PCs. The FR328S allows you to control access to Internet content by screening for keywords within Web addresses.
PAGE 50
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. Click on the Block Sites link of the Security menu. Figure 5-2: Block Sites menu 3. To enable keyword blocking, check “Turn keyword blocking on”, enter a keyword or domain in the Keyword box, click Add Keyword, then click Apply. Some examples of Keyword application follow: • If the keyword “XXX” is specified, the URL is blocked, as is the newsgroup alt.pictures.xxx. • If the keyword “.
PAGE 51
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Services Services are functions performed by server computers at the request of client computers. For example, Web servers serve web pages, time servers serve time and date information, and game hosts serve data about other players’ moves. When a computer on the Internet sends a request for service to a server computer, the requested service is identified by a service or port number.
PAGE 52
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 3. Modify the menu shown below for defining or editing a service. Figure 5-4: Add Services menu 4. Click Apply to save your changes. Rules Firewall rules are used to block or allow specific traffic passing through from one side to the other. Inbound rules (WAN to LAN) restrict access by outsiders to private resources, selectively allowing only specific outside users to access specific resources.
PAGE 53
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 To access the Rules configuration of the FR328S, click the Rules link on the main menu, then click Add for either an Outbound or Inbound Service. Figure 5-5. Rules menu • To edit an existing rule, select its button on the left side of the table and click Edit. • To delete an existing rule, select its button on the left side of the table and click Delete.
PAGE 54
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Note: Some residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location. If you are unsure, refer to the Acceptable Use Policy of your ISP. Remember that allowing inbound services opens holes in your firewall.
PAGE 55
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The parameters are: • Service From this list, select the application or service to be allowed or blocked. The list already displays many common services, but you are not limited to these choices. Use the Add Services menu to add any additional services or applications that do not already appear. • Action Choose how you would like this type of traffic to be handled.
PAGE 56
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Inbound Rule Example: Allowing Videoconference from Restricted Addresses If you want to allow incoming videoconferencing to be initiated from a restricted range of outside IP addresses, such as from a branch office, you can create an inbound rule. In the example shown in Figure 5-7, CU-SeeMe connections are allowed only from a specified range of external IP addresses.
PAGE 57
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Outbound Rules (Service Blocking) The FR328S allows you to block the use of certain Internet services by PCs on your network. This is called service blocking or port filtering.
PAGE 58
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The parameters are: • Service From this list, select the application or service to be allowed or blocked. The list already displays many common services, but you are not limited to these choices. Use the Add Services menu to add any additional services or applications that do not already appear. • Action Choose how you would like this type of traffic to be handled.
PAGE 59
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu, as shown in Figure 5-9: Figure 5-9. Rules table with examples For any traffic attempting to pass through the firewall, the packet information is subjected to the rules in the order shown in the Rules Table, beginning at the top and proceeding to the default rules at the bottom.
PAGE 60
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Set Your Time Zone In order to localize the time for your log entries, you must specify your Time Zone: 1. Log in to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default password of password, or using whatever password and LAN address you have chosen for the firewall. 2. Click Schedule on the Security menu to display menu shown below. Figure 5-10: Schedule Services menu 3.
PAGE 61
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Note: If your region uses Daylight Savings Time, you must manually check Adjust for Daylight Savings Time on the first day of Daylight Savings Time, and uncheck it at the end. Enabling Daylight Savings Time will cause one hour to be added to the standard time. 4. The firewall uses Netgear NTP servers by default. If you would prefer to use a particular NTP server as the primary server, enter its IP address under Use this NTP Server. 5.
PAGE 62
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 5-16 Protecting Your Network M-10207-01, Reference Manual v2
PAGE 63
Chapter 6 Managing Your Network This chapter describes how to perform network management tasks with your FR328S ProSafe Firewall with Dial Back-Up. Network Management Information The FR328S provides a variety of status and usage information which is discussed below. Viewing Router Status and Usage Statistics From the Main Menu, under Maintenance, select Router Status to view the screen in Figure 6-1.
PAGE 64
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 This screen shows the following parameters: Table 6-1. Menu 3.2 - Router Status Fields Field Description System Name This field displays the Host Name assigned to the firewall in the Basic Settings menu. Firmware Version This field displays the firewall firmware version. LAN Port These parameters apply to the Local (WAN) port of the firewall.
PAGE 65
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Click the “Show Statistics” button to display firewall usage statistics, as shown in Figure 6-2 below: Figure 6-2. Router Statistics screen This screen shows the following statistics: Table 6-2. Router Statistics Fields Field Description WAN, LAN, or Serial Port The statistics for the WAN (Internet), LAN (local), and Serial ports. For each port, the screen displays: Status The link status of the port.
PAGE 66
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Viewing Attached Devices The Attached Devices menu contains a table of all IP devices that the firewall has discovered on the local network. From the Main Menu of the browser interface, under the Maintenance heading, select Attached Devices to view the table, shown in Figure 6-3. Figure 6-3: Attached Devices menu For each device, the table shows the IP address, NetBIOS Host Name, if available, and the Ethernet MAC address.
PAGE 67
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Viewing, Selecting, and Saving Logged Information The firewall will log security-related events such as denied incoming service requests, hacker probes, and administrator logins. If you enabled content filtering in the Block Sites menu, the Logs page shows you when someone on your network tried to access a blocked site. If you enabled e-mail notification, you'll receive these logs in an e-mail message.
PAGE 68
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Log entries are described in Table 6-5 Table 6-5: Security Log entry descriptions Field Description Date and Time The date and time the log entry was recorded. Description or Action The type of event and what action was taken if any. Source IP The IP address of the initiating device for this log entry.
PAGE 69
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Router operation (start up, get time, etc.) • Known DoS attacks and Port Scans Saving Log Files on a Server You can choose to write the logs to a PC running a syslog program. To activate this feature, check the Enable Syslog box and enter the IP address of the server where the log file will be written. Be sure to click Apply to save your changes. Examples of log messages Following are examples of log messages.
PAGE 70
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Enabling Security Event E-mail Notification In order to receive logs and alerts by e-mail, you must provide your e-mail information in the E-Mail subheading: Figure 6-7: E-mail notification menu • Turn e-mail notification on Check this box if you wish to receive e-mail logs and alerts from the firewall. • Your outgoing mail server Enter the name or IP address of your ISP’s outgoing (SMTP) mail server (such as mail.myISP.com).
PAGE 71
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Send to this e-mail address Enter the e-mail address to which logs and alerts are sent. This e-mail address will also be used as the From address. If you leave this box blank, log and alert messages will not be sent via e-mail.
PAGE 72
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. From the Maintenance heading of the Main Menu, select the Settings Backup menu as seen in Figure 6-8. Figure 6-8: Settings Backup menu 3. Click Backup to save a copy of the current settings. 4. Store the .cfg file on a computer on your network. How to Restore a Configuration from a File 1. Log in to the firewall at its default LAN address of http://192.168.0.
PAGE 73
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. The firewall will then reboot automatically. After an erase, the firewall password will be password, the LAN IP address will be 192.168.0.1, and the router's DHCP client will be enabled. Note: To restore the factory default configuration settings without knowing the login password or IP address, you must use the Default Reset button on the rear panel of the firewall. See “Using the Default Reset button“ on page 8-7.
PAGE 74
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Enabling Remote Management Using the Remote Management page, you can allow a user or users on the Internet to configure, upgrade and check the status of your FR328S ProSafe Firewall with Dial Back-Up. Note: Be sure to change the router's default password to a very secure password. The ideal password should contain no dictionary words from any language, and should be a mixture of letters (both upper and lower case), numbers, and symbols.
PAGE 75
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 When accessing your router from the Internet, you will type your router's WAN IP address into your browser's Address (in IE) or Location (in Netscape) box, followed by a colon (:) and the custom port number. For example, if your external address is 134.177.0.123 and you use port number 8080, enter in your browser: https://134.177.0.
PAGE 76
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 5. Click Upload. Note: When uploading software to the firewall, it is important not to interrupt the Web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it may corrupt the software. When the upload is complete, your firewall will automatically restart. The upgrade process will typically take about one minute.
PAGE 77
Chapter 7 Advanced Configuration This chapter describes how to configure the advanced features of your FR328S ProSafe Firewall with Dial Back-Up. Configuring Advanced Security The FR328S ProSafe Firewall with Dial Back-Up provides a variety of advanced features, such as: • Setting up a Demilitarized Zone (DMZ) Server • The flexibility of configuring your LAN TCP/IP settings • Connecting a Remote Access Server through the serial port These features are discussed below.
PAGE 78
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 To assign a computer or server to be a Default DMZ server: 1. Click Default DMZ Server. 2. Type the IP address for that server. 3. Click Apply. Respond to Ping on Internet WAN Port If you want the firewall to respond to a 'ping' from the Internet, click the ‘Respond to Ping on Internet WAN Port’ check box. This should only be used as a diagnostic tool, since it allows your firewall to be discovered.
PAGE 79
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • RIP Direction RIP (Router Information Protocol) allows a router to exchange routing information with other routers. The RIP Direction selection controls how the firewall sends and receives RIP packets. Both is the default. — When set to Both or Out Only, the firewall will broadcast its routing table periodically. — When set to Both or In Only, it will incorporate the RIP information that it receives.
PAGE 80
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 DHCP By default, the firewall will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the router's LAN. The assigned default gateway address is the LAN address of the firewall. IP addresses will be assigned to the attached PCs from a pool of addresses specified in this menu.
PAGE 81
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Reserved IP addresses When you specify a reserved IP address for a PC on the LAN, that PC will always receive the same IP address each time it access the firewall’s DHCP server. Reserved IP addresses should be assigned to servers that require permanent IP settings. To reserve an IP address: 1. Click Add. 2. In the IP Address box, type the IP address to assign to the PC or server. Choose an IP address from the router’s LAN subnet, such as 192.
PAGE 82
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. From the Main Menu, under Advanced, click the LAN IP Setup link to view the menu, shown in Figure 7-1 Figure 7-1: LAN IP Setup Menu 3. Enter the TCP/IP, MTU, or DHCP parameters. 4. Click Apply to save your changes. Configuring Dynamic DNS If your network has a permanently assigned IP address, you can register a domain name and have that name linked with your IP address by public Domain Name Servers (DNS).
PAGE 83
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Configure Dynamic DNS 1. Log in to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default password of password, or using whatever password and LAN address you have chosen for the firewall. 2. From the Main Menu of the browser interface, under Advanced, click Dynamic DNS. 3.
PAGE 84
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Using Static Routes Static Routes provide additional routing information to your firewall. Under normal circumstances, the firewall has adequate routing information after it has been configured for Internet access, and you do not need to configure additional static routes. You must configure static routes only for unusual cases such as multiple routers or multiple IP subnets located on your network.
PAGE 85
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 How to Configure Static Routes 1. Log in to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default password of password, or using whatever Password and LAN address you have chosen for the firewall. 2. From the Main Menu of the browser interface, under Advanced, click on Static Routes to view the Static Routes menu. 3. To add or edit a Static Route: a.
PAGE 86
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 h. 4. Type a number between 1 and 15 as the Metric value. This represents the number of routers between your network and the destination. Usually, a setting of 2 or 3 works, but if this is a direct connection, set it to 1. Click Apply to have the static route entered into the table.
PAGE 87
Chapter 8 Troubleshooting This chapter gives information about troubleshooting your FR328S ProSafe Firewall with Dial Back-Up. For the common problems listed, go to the section indicated. • Is the firewall on? • Have I connected the firewall correctly? Go to “Basic Functions“ on page 8-1. • I can’t access the firewall’s configuration with my browser. Go to “Troubleshooting the Web Configuration Interface“ on page 8-3. • I’ve configured the firewall but I can’t access the Internet.
PAGE 88
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 If a port’s Link LED is lit, a link has been established to the connected device. If a port is connected to a 100 Mbps device, verify that the port’s 100 LED is lit. If any of these conditions does not occur, refer to the appropriate following section.
PAGE 89
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Be sure you are using the correct cable: — When connecting the firewall’s Internet port to a cable or DSL modem, use the cable that was supplied with the cable or DSL modem. This cable could be a standard straight-through Ethernet cable or an Ethernet crossover cable.
PAGE 90
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Click the Refresh or Reload button in the Web browser. The changes may have occurred, but the Web browser may be caching the old configuration. Troubleshooting the ISP Connection If your firewall is unable to access the Internet, you should first determine whether the firewall is able to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your firewall must request an IP address from the ISP.
PAGE 91
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Your ISP only allows one Ethernet MAC address to connect to Internet, and may check for your PC’s MAC address. In this case: Inform your ISP that you have bought a new network device, and ask them to use the firewall’s MAC address. OR Configure your firewall to spoof your PC’s MAC address. This can be done in the Basic Settings menu. Refer to “Manually Configuring Your Internet Connection“ on page 3-16.
PAGE 92
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 2. In the field provided, type Ping followed by the IP address of the firewall, as in this example: ping 192.168.0.1 3. Click on OK.
PAGE 93
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 — Check that your PC has the IP address of your firewall listed as the default gateway. If the IP configuration of your PC is assigned by DHCP, this information will not be visible in your PC’s Network Control Panel. Verify that the IP address of the firewall is listed as the default gateway as described in “Verifying TCP/IP Properties“ on page C-5.
PAGE 94
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 1. Press and hold the Default Reset button until the Test LED turns on (about 10 seconds). LO CA L 10/ 100M M O DEM 8 7 6 5 4 3 2 1 IN TER N ET 1 2 V DC O . 5 A Reset Figure 8-1. 2. Reset Button Release the Default Reset button and wait for the firewall to reboot. Problems with Date and Time The E-Mail menu in the Content Filtering section displays the current date and time of day.
PAGE 95
Appendix A Technical Specifications This appendix provides technical specifications for the FR328S ProSafe Firewall with Dial Back-Up. Network Protocol and Standards Compatibility Data and Routing Protocols: TCP/IP, RIP-1, RIP-2, DHCP PPP over Ethernet (PPPoE) Power Adapter North America: 120V, 60 Hz, input United Kingdom, Australia: 240V, 50 Hz, input Europe: 230V, 50 Hz, input Japan: 100V, 50/60 Hz, input All regions (output): 12 V DC @ 1.
PAGE 96
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Meets requirements of: FCC Part 15 Class B VCCI Class B EN 55 022 (CISPR 22), Class B Interface Specifications Local: 10BASE-T or 100BASE-Tx, RJ-45 Internet: 10BASE-T or 100BASE-Tx, RJ-45 A-2 Technical Specifications M-10207-01, Reference Manual v2
PAGE 97
Appendix B Networks, Routing, and Firewall Basics This chapter provides an overview of IP networks, routing, and networking. Related Publications As you read this document, you may be directed to various RFC documents for further information. An RFC is a Request For Comment (RFC) published by the Internet Engineering Task Force (IETF), an open organization that defines the architecture and operation of the Internet.
PAGE 98
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Routing Information Protocol One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP). Using RIP, routers periodically update one another and check for changes to add to the routing table. The FR328S Firewall supports both the older RIP-1 and the newer RIP-2 protocols. Among other improvements, RIP-2 supports subnet and multicast protocols.
PAGE 99
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 There are five standard classes of IP addresses. These address classes have different ways of determining the network and host sections of the address, allowing for different numbers of hosts on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP software to identify the address class. After the address class has been determined, the software can correctly identify the host section of the address.
PAGE 100
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • Class D Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are in this range: 224.0.0.0 to 239.255.255.255. • Class E Class E addresses are for experimental use. This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network.
PAGE 101
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Subnet Addressing By looking at the addressing structures, you can see that even with a Class C address, there are a large number of hosts per network. Such a structure is an inefficient use of addresses if each end of a routed link requires a different network number. It is unlikely that the smaller office LANs would have that many devices. You can resolve this problem by using a technique known as subnet addressing.
PAGE 102
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Note: The number 192.68.135.127 is not assigned because it is the broadcast address of the first subnet. The number 192.68.135.128 is not assigned because it is the network address of the second subnet The following table lists the additional subnet mask bits in dotted-decimal notation. To use the table, write down the original class netmask and replace the 0 value octets with the dotted-decimal value of the additional subnet bits.
PAGE 103
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Table 8-2. Netmask Formats 255.255.255.252 /30 255.255.255.254 /31 255.255.255.255 /32 Configure all hosts on a LAN segment to use the same netmask for the following reasons: • So that hosts recognize local IP broadcast packets When a device broadcasts to its segment neighbors, it uses a destination address of the local network address with all ones for the host address.
PAGE 104
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Single IP Address Operation Using NAT In the past, if multiple PCs on a LAN needed to access the Internet simultaneously, you had to obtain a range of IP addresses from the ISP. This type of Internet account is more costly than a single-address account typically used by a single user with a modem, rather than a router. The FR328S Firewall employs an address-sharing method called Network Address Translation (NAT).
PAGE 105
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 This scheme offers the additional benefit of firewall-like protection because the internal LAN addresses are not available to the Internet through the translated connection. All incoming inquiries are filtered out by the router. This filtering can prevent intruders from probing your system. However, using port forwarding, you can allow one PC (for example, a Web server) on your local network to be accessible to outside users.
PAGE 106
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Domain Name Server Many of the resources on the Internet can be addressed by simple descriptive names such as www.NETGEAR.com. This addressing is very helpful at the application level, but the descriptive name must be translated to an IP address in order for a user to actually contact the resource.
PAGE 107
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 What is a Firewall? A firewall is a device that protects one network from another, while allowing communication between the two. A firewall incorporates the functions of the NAT router, while adding features for dealing with a hacker intrusion or attack. Several known types of intrusion or attack can be recognized when they occur.
PAGE 108
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 . Table B-1. UTP Ethernet cable wiring, straight-through Pin Wire color Signal 1 Orange/White Transmit (Tx) + 2 Orange Transmit (Tx) - 3 Green/White Receive (Rx) + 4 Blue 5 Blue/White 6 Green 7 Brown/White 8 Brown Receive (Rx) - Category 5 Cable Quality Category 5 distributed cable that meets ANSI/EIA/TIA-568-A building wiring standards can be a maximum of 328 feet (ft.
PAGE 109
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Inside Twisted Pair Cables For two devices to communicate, the transmitter of each device must be connected to the receiver of the other device. The crossover function is usually implemented internally as part of the circuitry in the device. Computers and workstation adapter cards are usually media-dependent interface ports, called MDI or uplink ports.
PAGE 110
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Figure 8-7: Category 5 UTP Cable with Male RJ-45 Plug at Each End Note: Flat “silver satin” telephone cable may have the same RJ-45 plug. However, using telephone cable results in excessive collisions, causing the attached port to be partitioned or disconnected from the network.
PAGE 111
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The FR328S Firewall incorporates Auto UplinkTM technology (also called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a normal connection (e.g. connecting to a PC) or an uplink connection (e.g. connecting to a router, switch, or hub). That port will then configure itself to the correct configuration.
PAGE 112
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 B-16 Networks, Routing, and Firewall Basics M-10207-01, Reference Manual v2
PAGE 113
Appendix C Preparing Your Network This appendix describes how to prepare your network to connect to the Internet through the FR328S ProSafe Firewall with Dial Back-Up and how to verify the readiness of broadband Internet service from an Internet service provider (ISP).
PAGE 114
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 In your IP network, each PC and the firewall must be assigned a unique IP addresses. Each PC must also have certain other IP configuration information such as a subnet mask (netmask), a domain name server (DNS) address, and a default gateway address. In most cases, you should install TCP/IP so that the PC obtains its specific network configuration information automatically from a DHCP server during bootup.
PAGE 115
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the adapter, TCP/IP, or Client for Microsoft Networks. If you need to install a new adapter, follow these steps: a. Click the Add button. b. Select Adapter, and then click Add. c.
PAGE 116
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 If you need Client for Microsoft Networks: 3. a. Click the Add button. b. Select Client, and then click Add. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. Restart your PC for the changes to take effect.
PAGE 117
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 5. Uncheck all boxes in the LAN Internet Configuration screen and click Next. 6. Proceed to the end of the Wizard. Verifying TCP/IP Properties After your PC is configured and has rebooted, you can check the TCP/IP configuration using the utility winipcfg.exe: 1. On the Windows taskbar, click the Start button, and then click Run. 2. Type winipcfg, and then click OK.
PAGE 118
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 5. Verify that ‘Client for Microsoft Networks’ and ‘Internet Protocol (TCP/IP)’ are present. If not, select Install and add them. 6. Select ‘Internet Protocol (TCP/IP)’, click Properties, and verify that “Obtain an IP address automatically is selected. 7. Click OK and close all Network and Dialup Connections windows. 8. Make sure your PC is connected to the firewall, then reboot your PC.
PAGE 119
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 The TCP/IP Control Panel opens: 2. From the “Connect via” box, select your Macintosh’s Ethernet interface. 3. From the “Configure” box, select Using DHCP Server. You can leave the DHCP Client ID box empty. 4. Close the TCP/IP Control Panel. 5. Repeat this for each Macintosh on your network. MacOS X 1. From the Apple menu, choose System Preferences, then Network. 2.
PAGE 120
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Verifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel. From the Apple menu, select Control Panels, then TCP/IP. The panel is updated to show your settings, which should match the values below if you are using the default TCP/IP settings that NETGEAR recommends: • The IP Address is between 192.168.0.2 and 192.168.0.
PAGE 121
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Verifying the Readiness of Your Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable modem or DSL modem. This modem must be a separate physical box (not a card) and must provide an Ethernet port intended for connection to a Network Interface Card (NIC) in a computer.
PAGE 122
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’s router • One or more domain name server (DNS) IP addresses • Host name and domain suffix For example, your account’s full server names may look like this: mail.xxx.yyy.com In this example, the domain suffix is xxx.yyy.com. If any of these items are dynamically supplied by the ISP, your firewall automatically acquires them.
PAGE 123
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 If an IP address appears under Installed Gateways, write down the address. This is the ISP’s gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS Configuration tab. If any DNS server addresses are shown, write down the addresses. If any information appears in the Host or Domain information box, write it down. Click Disable DNS. 7.
PAGE 124
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Restarting the Network Once you’ve set up your computers to work with the firewall, you must reset the network for the devices to be able to communicate correctly. Restart any computer that is connected to the firewall. After configuring all of your computers for TCP/IP networking and restarting them, and connecting them to the local network of your FR328S Firewall , you are ready to access and configure the firewall.
PAGE 125
Glossary Use the list below to find definitions for technical terms used in this manual. 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. Access Control List (ACL) An ACL is a database that an Operating System uses to track each user’s access rights to system objects (such as file directories and/or files).
PAGE 126
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Broadcast A packet sent to all devices on a network. Class of Service A term to describe treating different types of traffic with different levels of service priority. Higher priority traffic gets faster treatment during times of switch congestion Cat 5 Category 5 unshielded twisted pair (UTP) cabling.
PAGE 127
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 (known as the upstream rate). ADSL requires a special ADSL modem. ADSL is growing in popularity as more areas around the world gain access. DSLAM DSL Access Multiplexor. The piece of equipment at the telephone company central office that provides the ADSL signal. Dynamic Host Configuration Protocol DHCP. An Ethernet protocol specifying how a centralized DHCP server can assign network configuration information to multiple DHCP clients.
PAGE 128
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 recognizes the packet as belonging to a computer within its immediate neighborhood or domain. That gateway then forwards the packet directly to the computer whose address is specified. Because a message is divided into a number of packets, each packet can, if necessary, be sent by a different route across the Internet. Packets can arrive in a different order than they were sent. The Internet Protocol just delivers them.
PAGE 129
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 MAC address The Media Access Control address is a unique 48-bit hardware address assigned to every network interface card. Usually written in the form 01:23:45:67:89:ab. Maximum Receive Unit The size in bytes of the largest packet that can be sent or received. Maximum Transmit Unit The size in bytes of the largest packet that can be sent or received. Mbps Megabits per second.
PAGE 130
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 PPP over Ethernet PPPoE. PPP over Ethernet is a protocol for connecting remote hosts to the Internet over an always-on connection by simulating a dial-up connection. PPTP Point-to-Point Tunneling Protocol. A method for establishing a virtual private network (VPN) by embedding Microsoft’s network protocol into Internet packets. Protocol A set of rules for communication between devices on a network. PSTN Public Switched Telephone Network.
PAGE 131
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 WAN See “Wide Area Network” Web Also known as World-Wide Web (WWW) or W3. An Internet client-server system to distribute information, based upon the hypertext transfer protocol (HTTP). WEB Proxy Server A Web proxy server is a specialized HTTP server that allows clients access to the Internet from behind a firewall.
PAGE 132
FR328S ProSafe Firewall with Dial Back-Up Reference Manual v2 Glossary 8 M-10207-01, Reference Manual v2
PAGE 133
Index A DHCP Setup field, Ethernet Setup menu 6-2 DMZ Server 7-1 Account Name 3-10, 3-11, 3-17 DNS Proxy 2-3 Address Resolution Protocol B-9 DNS server 3-10, 3-11, 3-17, C-11 Austria 3-17 DNS, dynamic 7-6 Auto MDI/MDI-X B-15, G-1 domain C-11 Auto Uplink 2-3, B-15, G-1 Domain Name 3-10, 3-11, 3-17 domain name server (DNS) B-10 B DoS attack B-11 backup configuration 6-9 Dynamic DNS 2-3, 7-6 BigPond 3-17 E C EnterNet C-9 Cabling B-11 EPROM, for firmware upgrade 2-4 Cat5 cable 3-1, B-12,
PAGE 134
I Modem 4-2 modem 2-1, 2-6, 3-13 IANA contacting B-2 Modem Type 3-15 MTU 7-3 IETF B-1 Web site address B-7 multicasting 7-3 inbound rules 5-7 installation 2-3 N Internet account address information C-9 establishing C-9 NAT C-9 IP addresses C-10, C-11 and NAT B-8 and the Internet B-2 assigning B-2, B-9 auto-generated 8-3 private B-7 translating B-9 netmask translation table B-6 NAT.
PAGE 135
publications, related B-1 TCP/IP properties verifying for Macintosh C-8 verifying for Windows C-5, C-6 R Telstra 3-17 rear panel 2-6 time of day 8-8 reserved IP addresses 7-5 time zone 5-14 reset button, clearing config 8-7 timeout, administrator login 5-2 restore factory settings 6-10 time-stamping 5-14 RFC 1466 B-7, B-9 1597 B-7, B-9 1631 B-8, B-9 finding B-7 troubleshooting 8-1 Trusted Host 5-4 U RIP (Router Information Protocol) 7-3 Uplink switch B-14 router concepts B-1 URL 5-4 Routi