Reference Guide for the Model RO318 Cable/DSL Security Router NETGEAR, Inc.
© 2001 by NETGEAR, Inc. All rights reserved. Trademarks NETGEAR and FirstGear are trademarks Netgear, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders. Statement of Conditions In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice.
Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das Model RO318 Cable/DSL Security Router gemäß der im BMPT-AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.
iv
Contents About This Guide Technical Support ............................................................................................................xiii Related Publications ........................................................................................................xiii Typographical Conventions ............................................................................................. xv Special Message Formats .............................................................................
Chapter 3 Preparing Your Network Preparing Your Personal Computers for IP Networking .................................................3-1 Configuring Windows 95 or later for IP Networking ........................................................3-2 Configuring TCP/IP Properties .................................................................................3-4 Verifying TCP/IP Properties (Windows) ...................................................................
Static Routes ..................................................................................................................5-8 Static Route Example .............................................................................................5-10 Chapter 6 Maintenance System Status ................................................................................................................6-1 DHCP Table ..................................................................................................
Netmask .................................................................................................................. B-4 Subnet Addressing .................................................................................................. B-5 Private IP Addresses ............................................................................................... B-7 Single IP Address Operation Using NAT .................................................................
Figure 2-1. RO318 Front Panel ..................................................................................2-3 Figure 2-2. RO318 Rear Panel ...................................................................................2-4 Figure 4-1. Login window ...........................................................................................4-2 Figure 4-2. Browser-based configuration main menu ................................................4-3 Figure 4-3.
x
Table 2-1. LED Descriptions .....................................................................................2-3 Table 4-1. Content Filter Log entry descriptions .....................................................4-12 Table 4-2. Security Event Log entry descriptions ....................................................4-13 Table 4-3. Log display buttons ................................................................................4-13 Table 5-1. Dynamic DNS configuration fields .............
xii
About This Guide Congratulations on your purchase of the NETGEAR™ Model RO318 Cable/DSL Security Router. The Model RO318 router provides a secure connection for multiple personal computers (PCs) to the Internet through an external broadband access device (such as a cable modem or DSL modem) that is normally intended for use by a single PC.
Reference Guide for the Model RO318 Cable/DSL Security Router For more information about IP address translation, refer to RFC 1631, The IP Network Address Translator (NAT).
Reference Guide for the Model RO318 Cable/DSL Security Router Typographical Conventions This guide uses the following typographical conventions: italics Book titles and UNIX file, command, and directory names. courier font Screen text, user-typed command-line entries. Initial Caps Menu titles and window and button names. [Enter] Named keys in text are shown enclosed in square brackets. The notation [Enter] is used for the Enter key and the Return key.
Chapter 1 Introduction This chapter describes the features of the NETGEAR Model RO318 Cable/DSL Security Router and discusses planning considerations for installation. About the Router The Model RO318 Cable/DSL Security Router with 8-port switch connects your local area network (LAN) to the Internet through an external single-user access device such as a cable modem or DSL modem.
Reference Guide for the Model RO318 Cable/DSL Security Router – • • Built in 8-port 10/100 Mbps Switch – Allows LAN connections at 10 megabits per second (Mbps) or 100 Mbps – Autosensing for Ethernet (10BASE-T) or Fast Ethernet (100BASE-Tx) transmissions – Autosensing MDI/MDIX configures each port for normal or uplink connection – Half-duplex or full-duplex operation Ethernet connection to a wide area network (WAN) device, such as a cable modem or DSL modem – • • Incoming port forwarding and D
Reference Guide for the Model RO318 Cable/DSL Security Router Security The Model RO318 router is equipped with several features designed to maintain security, as described in this section. • Stateful Packet Inspection for True Firewall Protection Unlike simple Internet sharing routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions.
Reference Guide for the Model RO318 Cable/DSL Security Router Autosensing 10/100 Ethernet With its internal, 8-port 10/100 switch, the Model RO318 router can connect to either a 10 Mbps standard Ethernet network or a 100 Mbps Fast Ethernet network. The local LAN interface is autosensing and is capable of full-duplex or half-duplex operation.
Reference Guide for the Model RO318 Cable/DSL Security Router Easy Installation and Management You can install, configure, and operate the Model RO318 Cable/DSL Security Router within minutes after connecting it to the network. The following features simplify installation and management tasks: • Browser-based management Browser-based configuration allows you to easily configure your router from almost any type of personal computer, such as Windows, Macintosh, or Linux.
Reference Guide for the Model RO318 Cable/DSL Security Router 1-6 Introduction
Chapter 2 Setting Up the Hardware This chapter describes the Model RO318 Cable/DSL Security Router hardware and provides instructions for installing it.
Reference Guide for the Model RO318 Cable/DSL Security Router Local Network Hardware Requirements The Model RO318 Cable/DSL Security Router is intended for use in a network of personal computers (PCs) that are interconnected by twisted-pair Ethernet cables. PC Requirements To install and run the Model RO318 router over your network of PCs, each PC must have the following: • An installed Ethernet Network Interface Card (NIC). • A connection to the network via a hub or switch.
Reference Guide for the Model RO318 Cable/DSL Security Router The Router’s Front Panel The front panel of the Model RO318 router (Figure 2-1) contains status LEDs. Figure 2-1. RO318 Front Panel You can use some of the LEDs to verify connections. Table 2-1 lists and describes each LED on the front panel of the Model RO318 router. These LEDs are green when lit. Table 2-1. LED Descriptions Label Activity Description PWR (Power) On Off Power is supplied to the router.
Reference Guide for the Model RO318 Cable/DSL Security Router The Router’s Rear Panel The rear panel of the Model RO318 router (Figure 2-2) contains port connections and a power switch. Figure 2-2.
Reference Guide for the Model RO318 Cable/DSL Security Router Connecting to your Local Ethernet Network Your local network will attach to the router port or ports marked LOCAL. The LOCAL ports are capable of operation at either 10 Mbps (10BASE-T) or 100 Mbps (100BASE-Tx), depending on the Ethernet interface of the attached PC, hub, or switch. For any connection which will operate at 100 Mbps, you must use a Category 5 (Cat 5) rated cable, such as the white Ethernet cable included with the router.
Reference Guide for the Model RO318 Cable/DSL Security Router Connecting the Power Adapter To connect the router to the power adapter: 1. Plug the connector of the power adapter into the 12 VDC adapter outlet on the rear panel of the router. 2. Plug the other end of the adapter into a standard wall outlet. 3. Set the router’s Power switch to the ON position. 4. Verify that the PWR LED on the router is lit.
Chapter 3 Preparing Your Network This chapter describes how to prepare your PC network to connect to the Internet through the Model RO318 Cable/DSL Security Router and how to order broadband Internet service from an Internet service provider (ISP). Preparing Your Personal Computers for IP Networking The Model RO318 Cable/DSL Security Router uses the Transmission Control Protocol/Internet Protocol (TCP/IP).
Reference Guide for the Model RO318 Cable/DSL Security Router Follow the instructions provided with your operating system or networking software to install TCP/IP on your computer. Although TCP/IP is built into the Windows operating system (starting with Windows 95), you need to enable and configure it as described in “Configuring Windows 95 or later for IP Networking” on page 3-2. To configure the Macintosh, see “Configuring the Macintosh for IP Networking on page 3-5.
Reference Guide for the Model RO318 Cable/DSL Security Router You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the adapter, TCP/IP, or Client for Microsoft Networks. If you need the adapter: a. Click the Add button. b. Select Adapter, and then click Add. c. Select the manufacturer and model of your Ethernet adapter, and then click OK.
Reference Guide for the Model RO318 Cable/DSL Security Router d. Select TCP/IP, and then click OK. If you need Client for Microsoft Networks: 3. a. Click the Add button. b. Select Client, and then click Add. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. Restart your PC for the changes to take effect.
Reference Guide for the Model RO318 Cable/DSL Security Router To check your PC’s TCP/IP configuration: 1. On the Windows taskbar, click the Start button, and then click Run. The Run window opens. 2. Type winipcfg, and then click OK. The IP Configuration window opens, which lists (among other things), your IP address, subnet mask, and default gateway. 3. Select your Ethernet adapter.
Reference Guide for the Model RO318 Cable/DSL Security Router 2. From the “Connect via” box, select your Macintosh’s Ethernet interface. 3. From the “Configure” box, select Using DHCP Server. You can leave the DHCP Client ID box empty. 4. Close the TCP/IP Control Panel. 5. Repeat this for each Macintosh on your network. Verifying TCP/IP Properties (Macintosh) After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel.
Reference Guide for the Model RO318 Cable/DSL Security Router Your Internet Account For access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using an external broadband access device such as a cable modem or DSL modem. This modem must be a separate physical box (not a card) and must provide an Ethernet port intended for connection to a Network Interface Card (NIC) in a PC.
Reference Guide for the Model RO318 Cable/DSL Security Router • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’s router • One or more domain name server (DNS) IP addresses • Host name and domain suffix For example, your account’s full server names may look like this: mail.xxx.yyy.com In this example, the domain suffix is xxx.yyy.com. If any of these items are dynamically supplied by the ISP, your router automatically acquires them.
Reference Guide for the Model RO318 Cable/DSL Security Router 6. Select the DNS Configuration tab. If any DNS server addresses are shown, write down the addresses. If any information appears in the Host or Domain information box, write it down. Click Disable DNS. 7. Click OK to save your changes and close the TCP/IP Properties dialog box. You are returned to the Network window. 8. Click OK. 9. Reboot your PC at the prompt. You may also be prompted to insert your Windows CD.
Reference Guide for the Model RO318 Cable/DSL Security Router 3-10 Preparing Your Network
Chapter 4 Basic Configuration of the Router This chapter describes how to perform the basic configuration of your Model RO318 Cable/DSL Security Router using the Setup Wizard, which walks you through the configuration process for your Internet connection. This chapter also describes the configuration for content filtering and reporting.
Reference Guide for the Model RO318 Cable/DSL Security Router A login window opens as shown in Figure 4-1 below:. Figure 4-1. Login window This screen may have a different appearance in other browsers. 5. Type admin in the User Name box, 1234 in the Password box, and then click OK. If your router password was previously changed, enter the current password.
Reference Guide for the Model RO318 Cable/DSL Security Router 6. In the opening screen, shown in Figure 4-2, select WIZARD SETUP. Figure 4-2.
Reference Guide for the Model RO318 Cable/DSL Security Router 7. In the first Wizard screen, enter your account’s Host Name and Domain Name, as shown in Figure 4-3 below: Figure 4-3. Browser-based Setup Wizard, first screen These parameters may be necessary to access your ISP’s services such as mail or news servers. If you leave the Domain Name field blank, the router will attempt to learn the domain automatically from the ISP. If this is not successful, you will need to enter it manually.
Reference Guide for the Model RO318 Cable/DSL Security Router 8. Click on Next to go to the ISP Parameters screen, shown in Figure 4-4 below: Figure 4-4. Browser-based Setup Wizard, second screen This screen determines whether a login program will be run. a. If your service provider does not require a login program, leave Encapsulation as Ethernet and proceed to Step 9. b.
Reference Guide for the Model RO318 Cable/DSL Security Router • • If provided by your ISP, enter your PPTP IP Address and the Server IP Address of their PPTP Server. If provided by your ISP, enter the Connection ID/Name for your service. Otherwise leave this field blank. Proceed to Step 9. d. If your service provider is RoadRunner AND you are required to run a RoadRunner login program, leave Encapsulation as Ethernet and select Service Type as either RR-Manager or RR-Toshiba.
Reference Guide for the Model RO318 Cable/DSL Security Router a. WAN IP Address Assignment: Unless your ISP has assigned a fixed permanent IP address for your use, select "Get automatically from ISP". Otherwise, enter your IP Address, Subnet Mask, and the IP Address of your ISP’s gateway router. b. DNS Server Address Assignment: If you know that your ISP does not automatically transmit DNS addresses to the router during login, select “Use this server” and enter the IP address of the ISP’s DNS server.
Reference Guide for the Model RO318 Cable/DSL Security Router Configuring Security Features The Model RO318 Cable/DSL Security Router provides you with Web content filtering options, plus activity reporting and instant e-mail alerts of browsing destinations and security incidents. Parents and network administrators can establish restricted browsing policies based on time-of-day, web addresses and web address keywords.
Reference Guide for the Model RO318 Cable/DSL Security Router • Send immediate alert when attack is detected Check this box if you would like immediate notification of hacking attempts. • Send immediate alert upon attempted access to a blocked site Check this box if you would like immediate notification of inappropriate access attempts. • Log Schedule Specifies how often to send the logs: Hourly, Daily, Weekly, or When Full. • Day for Sending Log Specifies which day of the week to send the log.
Reference Guide for the Model RO318 Cable/DSL Security Router To enable keyword blocking, check Enable Keyword Blocking, then click Apply. Be sure that a time period for blocking is specified on the Schedule setup screen. To add a keyword or domain, type it in the Keyword box, click Add Keyword, then click Apply. To delete a keyword or domain, select it from the list, click Delete Keyword, then click Apply. Keyword application examples: • If the keyword "XXX" is specified, the web address
Reference Guide for the Model RO318 Cable/DSL Security Router Trusted The Model RO318 router allows you to specify one Trusted Host, which is a PC that will be exempt from blocking and logging. Since the Trusted Host will be identified by an IP address, you should configure that PC with a fixed IP address. The Trusted tab is shown below. To specify a Trusted Host, enter the Trusted Host’s IP address in the Trusted Device box and click Apply.
Reference Guide for the Model RO318 Cable/DSL Security Router Logs The Model RO318 router maintains two activity logs, one for browsing destinations and another for security incidents. The Content Filter Log is a detailed record of what websites you have accessed or attempted to access. Content Filter Log entries will only appear when keyword blocking is enabled, and no log entries will be made for the Trusted Host. The Security Event Log is a record of attempts to access your router from the Internet.
Reference Guide for the Model RO318 Cable/DSL Security Router Security Event Log entries are described in Table 4-2 Table 4-2. Security Event Log entry descriptions Field Description No. The index number of the content filter log entries. 128 entries are available numbered from 0 to 127. The log will keep the record of the latest 128 entries. The time and date the log entry was recorded.
Reference Guide for the Model RO318 Cable/DSL Security Router 4-14 Basic Configuration of the Router
Chapter 5 Advanced Configuration of the Router This chapter describes how to configure the advanced features of your Model RO318 Cable/DSL Security Router. These features can be found by clicking on the Advanced heading in the Main Menu of the browser interface. System Settings The first feature category under the Advanced heading is System settings. These are general purpose settings. System Tab The System Tab contains fields for setting the System (Host) Name and Domain Name.
Reference Guide for the Model RO318 Cable/DSL Security Router Dynamic DNS Your router supports Dynamic Domain Name Service (DDNS). In a Dynamic DNS service, an IP registry server provides a public central database where dynamically-assigned IP addresses can be stored and retrieved by hostname lookup. The Dynamic DNS server also stores password-protected e-mail addresses along with IP addresses and hostnames and accepts queries based on e-mail addresses.
Reference Guide for the Model RO318 Cable/DSL Security Router LAN Setup The second feature category under the Advanced heading is LAN Setup. This menu allows configuration of LAN IP services such as DHCP and RIP. From the Main Menu of the browser interface, under Advanced, click on LAN to view the LAN Setup menu, shown in Figure 5-1 Figure 5-1.
Reference Guide for the Model RO318 Cable/DSL Security Router Table 5-2 lists and describes the fields to use for setting up DHCP parameters.. Table 5-2. DHCP Setup Fields Field Description DHCP Server: If this box is checked, the router acts as a DHCP server. If this box is cleared, the router’s DHCP server is disabled. Pool Starting Address The beginning of the range of IP addresses to assign. Count The number of sequential addresses available for assignment to attached hosts. The maximum is 32.
Reference Guide for the Model RO318 Cable/DSL Security Router Table 5-3. Field LAN TCP/IP Setup Fields (continued) Description RIP Direction This parameter determines how the router handles RIP (Routing Information Protocol). RIP allows the router to exchange routing information with other routers. If set to None (default), the router does not participate in any RIP exchange with other routers.
Reference Guide for the Model RO318 Cable/DSL Security Router Configuring for Port Forwarding to Local Servers Although the router causes your entire local network to appear as a single machine to the Internet, you can make local servers for different services (for example, FTP or HTTP) visible and available to the Internet. This is done using the PORTS menu. From the Main Menu of the browser interface, under Advanced, click on PORTS to view the port forwarding screen, shown in Figure 5-2 Figure 5-2.
Reference Guide for the Model RO318 Cable/DSL Security Router Use the PORTS menu to configure the router to forward incoming protocols to IP addresses on your local network based on the port number. In addition to servers for specific protocols, you can also specify a Default (also called DMZ) Server to which all other incoming protocols are forwarded. To configure port forwarding to a local server: 1. Enter the Port Number in an unused Port # box. 2.
Reference Guide for the Model RO318 Cable/DSL Security Router Local Game Host or Videoconference Example Some online games and videoconferencing applications are incompatible with NAT. The Model RO318 router is programmed to recognize some of these applications and to work properly with them, but there are other applications that may not function well. In some cases, one local PC can run the application properly if that PC’s IP address is entered as the default in the PORTS Menu.
Reference Guide for the Model RO318 Cable/DSL Security Router To add or edit a Static Route, select a number and click the Edit button to open the Edit Menu, shown in Figure 5-4 Figure 5-4. Static Route Entry and Edit Menu Table 5-5 lists and describes the fields for the IP Static Route Edit menu. Table 5-5. Edit IP Static Route Fields Field Description Route Name Enter a descriptive name for this route for identification purposes only.
Reference Guide for the Model RO318 Cable/DSL Security Router Table 5-5. Edit IP Static Route Fields (continued) Field Description Metric Enter the cost in ‘hops’ of transmission for routing purposes. IP routing uses hop counts as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number does not have to be precise, but it must be between 1 and 16. In practice, 2 or 3 is usually a good number.
Reference Guide for the Model RO318 Cable/DSL Security Router In this case you must define a static route, telling your router that 134.177.0.0 should be accessed through the ISDN router at 192.168.100. The static route would look like Figure 5-5. Figure 5-5. Static Route Example In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses.
Reference Guide for the Model RO318 Cable/DSL Security Router 5-12 Advanced Configuration of the Router
Chapter 6 Maintenance This chapter describes how to use the maintenance features of your Model RO318 Cable/DSL Security Router. These features can be found by clicking on the Maintenance heading in the Main Menu of the browser interface. System Status The System Status menu provides a limited amount of status and usage information. From the Main Menu of the browser interface, click on Maintenance, then select System Status to view the System Status screen, shown in Figure 6-1 . Figure 6-1.
Reference Guide for the Model RO318 Cable/DSL Security Router The System Status screen shows the parameters listed in Table 6-1 Table 6-1. System Status fields Field Description System Name This field displays the Host Name assigned to the router. Router Firmware Version This field displays the router firmware version. WAN Port These parameters apply to the Internet (WAN) port of the router. IP Address This field displays the IP address being used by the Internet (WAN) port of the router.
Reference Guide for the Model RO318 Cable/DSL Security Router Click on the “Show Statistics” button to display router usage statistics, as shown in Figure 6-2 below: Figure 6-2. Router Statistics screen This screen shows the following statistics:. Table 6-2. Router Statistics Fields Field Description Port The statistics for the WAN (Internet) and LAN (local) ports. For each port, the screen displays: Status The link status of the port.
Reference Guide for the Model RO318 Cable/DSL Security Router DHCP Table The DHCP Table shows all IP address assignments that have been made by the router’s DHCP server. From the Main Menu of the browser interface, click on Maintenance, then select DHCP Table to view the table, shown in Figure 6-3 Figure 6-3. DHCP Table For each PC client, the table shows the IP address, Ethernet MAC address, and NetBIOS Host Name.
Reference Guide for the Model RO318 Cable/DSL Security Router Note: When uploading software to the Model RO318 router, it is important not to interrupt the Web browser by closing the window, clicking a link, or loading a new page. If the browser is interrupted, it may corrupt the software. When the upload is complete, your router will automatically restart. In some cases, you may need to reconfigure the router after upgrading.
Reference Guide for the Model RO318 Cable/DSL Security Router To restore the factory default configuration settings without knowing the login password or IP address, you must use the Default Reset button on the rear panel of the router. See “Using the Default Reset button“ on page 6-7. Loading Software and Configuration Files Using FTP As an alternative to the browser interface, you can update the router software and manage the configuration file by using an FTP program.
Reference Guide for the Model RO318 Cable/DSL Security Router 3. Select binary (not ascii) transfer mode. 4. Use your FTP program to get (back up) or put (restore) the file named rom-0 in the router. After you have sent a configuration file to the router, the router programs the new configuration into flash memory and reboots itself, dropping the FTP session.
Reference Guide for the Model RO318 Cable/DSL Security Router Continue to hold the Default Reset button. The TEST LED will begin to blink, then will flicker very quickly after about 10 or 15 seconds. This indicates that the defaults have been restored and the router is now rebooting. 4. 6-8 Release the Default Reset button and wait for the router to reboot.
Chapter 7 Troubleshooting This chapter gives information about troubleshooting your Model RO318 Cable/DSL Security Router. After each problem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the router, the following sequence of events should occur: • The PWR LED lights. • The router performs a self-test for 30 seconds, during which the Test LED should blink at a rate of about 0.5 Hz and then turn off.
Reference Guide for the Model RO318 Cable/DSL Security Router Test LED Never Blinks or LED Stays On When the router is turned on, the Test LED blinks for about 30 seconds at a rate of approximately 0.5 Hz and then turns off. If the Test LED does not blink, or if it stops blinking and stays on, there is a fault within the router. If you experience problems with the Test LED: • Cycle the power to see if the router recovers and the LED blinks for the correct amount of time.
Reference Guide for the Model RO318 Cable/DSL Security Router • Make sure your PC’s IP address is on the same subnet as the router. If you are using the recommended addressing scheme, your PC’s address should be in the range of 192.168.0.2 to 192.168.0.32. Refer to “Verifying TCP/IP Properties (Windows)“ on page 3-4 or “Verifying TCP/IP Properties (Macintosh)“ on page 3-6 to find your PC’s IP address. Follow the instructions in Chapter 3 to configure your PC.
Reference Guide for the Model RO318 Cable/DSL Security Router 2. Access the Main Menu of the router’s configuration at http://192.168.0.1 3. Under the Advanced heading, click on Maintenance 4. Check that an IP address is shown for the WAN Port If 0.0.0.0 is shown, your router has not obtained an IP address from your ISP. If your router is unable to obtain an IP address from the ISP, you may need to force your cable or DSL modem to recognize your new router by performing the following procedure: 1.
Reference Guide for the Model RO318 Cable/DSL Security Router A DNS server is a host on the Internet that translates Internet names (such as www addresses) to numeric IP addresses. Typically your ISP will provide the addresses of one or two DNS servers for your use. If you entered a DNS address during the router’s configuration, reboot your PC and verify the DNS address as described in “Verifying TCP/IP Properties (Windows)“ on page 3-4.
Reference Guide for the Model RO318 Cable/DSL Security Router — Make sure the LAN LNK/ACT LED is on. If the LNK/ACT LED is off, follow the instructions in “LNK/ACT LEDs Not On” on page 7-2. — Check that the corresponding Link LEDs are on for your network interface card and for the hub ports (if any) that are connected to your workstation and router. • Wrong network configuration — Verify that the Ethernet card driver software and TCP/IP software are both installed and configured on your PC or workstation.
Appendix A Technical Specifications This appendix provides technical specifications for the Model RO318 Cable/DSL Security Router. General Specifications Network Protocol and Standards Compatibility Data and Routing Protocols: TCP/IP, RIP-1, RIP-2, DHCP PPP over Ethernet (PPPoE) Power Adapter North America: 120V, 60 Hz, input United Kingdom, Australia: 240V, 50 Hz, input Europe: 230V, 50 Hz, input Japan: 100V, 50/60 Hz, input All regions (output): 12 V DC @ 1.
Reference Guide for the Model RO318 Cable/DSL Security Router Physical Specifications Dimensions: 253 by 181 by 35 mm 9.95 by 7.1 by 1.4 in. Weight: 1.1 kg 2.5 lb.
Appendix B Networks, Routing, and Firewall Basics This chapter provides an overview of IP networks, routing, and firewalls. Basic Router Concepts Large amounts of bandwidth can be provided easily and relatively inexpensively in a local area network (LAN). However, providing high bandwidth between a local network and the Internet can be very expensive. Because of this expense, Internet access is usually provided by a slower-speed wide-area network (WAN) link such as a cable or DSL modem.
Reference Guide for the Model RO318 Cable/DSL Security Router Routers vary in performance and scale, number of routing protocols supported, and types of physical WAN connection they support. The Model RO318 Cable/DSL Security Router is a small office router that routes the IP protocol over a single-user broadband connection. Routing Information Protocol One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP).
Reference Guide for the Model RO318 Cable/DSL Security Router There are five standard classes of IP addresses. These address classes have different ways of determining the network and host sections of the address, allowing for different numbers of hosts on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP software to identify the address class. After the address class has been determined, the software can correctly identify the host section of the address.
Reference Guide for the Model RO318 Cable/DSL Security Router • Class D Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are in this range: 224.0.0.0 to 239.255.255.255. • Class E Class E addresses are for experimental use. This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network.
Reference Guide for the Model RO318 Cable/DSL Security Router Subnet Addressing By looking at the addressing structures, you can see that even with a Class C address, there are a large number of hosts per network. Such a structure is an inefficient use of addresses if each end of a routed link requires a different network number. It is unlikely that the smaller office LANs would have that many devices. You can resolve this problem by using a technique known as subnet addressing.
Reference Guide for the Model RO318 Cable/DSL Security Router Note: The number 192.68.135.127 is not assigned because it is the broadcast address of the first subnet. The number 192.68.135.128 is not assigned because it is the network address of the second subnet. The following table lists the additional subnet mask bits in dotted-decimal notation. To use the table, write down the original class netmask and replace the 0 value octets with the dotted-decimal value of the additional subnet bits.
Reference Guide for the Model RO318 Cable/DSL Security Router Table B-2. Netmask Formats 255.255.255.252 /30 255.255.255.254 /31 255.255.255.255 /32 NETGEAR strongly recommends that you configure all hosts on a LAN segment to use the same netmask for the following reasons: • So that hosts recognize local IP broadcast packets When a device broadcasts to its segment neighbors, it uses a destination address of the local network address with all ones for the host address.
Reference Guide for the Model RO318 Cable/DSL Security Router Single IP Address Operation Using NAT In the past, if multiple PCs on a LAN needed to access the Internet simultaneously, you had to obtain a range of IP addresses from the ISP. This type of Internet account is more costly than a single-address account typically used by a single user with a modem, rather than a router. The Model RO318 router employs an address-sharing method called Network Address Translation (NAT).
Reference Guide for the Model RO318 Cable/DSL Security Router This scheme offers the additional benefit of simple firewall-like protection because the internal LAN addresses are not available to the Internet through the translated connection. All incoming inquiries are filtered out by the router. This filtering can prevent intruders from probing your system. However, using port forwarding, you can allow one PC (for example, a Web server) on your local network to be accessible to outside users.
Reference Guide for the Model RO318 Cable/DSL Security Router IP Configuration by DHCP When an IP-based local area network is installed, each PC must be configured with an IP address. If the PCs need to access the Internet, they should also be configured with a gateway address and one or more DNS server addresses. As an alternative to manual configuration, there is a method by which each PC on the network can automatically obtain this configuration information.
Reference Guide for the Model RO318 Cable/DSL Security Router Stateful Packet Inspection Unlike simple Internet sharing NAT routers, a firewall uses a process called stateful packet inspection to ensure secure firewall filtering to protect your network from attacks and intrusions. NAT performs a very limited stateful inspection in that it considers whether the incoming packet is in response to an outgoing request, but true Stateful Packet Inspection goes far beyond NAT.
Reference Guide for the Model RO318 Cable/DSL Security Router Ethernet Cabling Although Ethernet networks originally used thick or thin coaxial cable, most installations currently use unshielded twisted pair (UTP) cabling. The UTP cable contains eight conductors, arranged in four twisted pairs, and terminated with an RJ45 type connector. A normal "straight-through" UTP Ethernet cable follows the EIA568B standard wiring and pinout as described in Table B-3. Table B-3.
Reference Guide for the Model RO318 Cable/DSL Security Router • Crossover cable A crossover cable is a special cable in which the transmit and receive pairs are exchanged at one of the two cable connectors. Crossover cables are often unmarked as such, and must be identified by comparing the two connectors. Since the cable connectors are clear plastic, it is easy to place them side by side and view the order of the wire colors on each.
Reference Guide for the Model RO318 Cable/DSL Security Router B-14 Networks, Routing, and Firewall Basics
Glossary 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. Denial of Service attack A hacker attack designed to prevent your computer or network from operating or communicating. DHCP See Dynamic Host Configuration Protocol. DNS See Domain Name Server. domain name A descriptive name for an address or group of addresses on the Internet.
Reference Guide for the Model FR314 Cable/DSL Firewall Router 2 IPX See Internet Packet Exchange. ISP Internet service provider. Internet Packet Exchange Novell’s internetworking protocol. Internet Protocol The main internetworking protocol used in the Internet. Used in conjunction with the Transfer Control Protocol (TCP) to form TCP/IP. LAN See local area network. local area network LAN. A communications network serving users within a limited area, such as one floor of a building.
Reference Guide for the Model FR314 Cable/DSL Firewall Router PPP over Ethernet PPPoE. PPP over Ethernet is a protocol for connecting remote hosts to the Internet over an always-on connection by simulating a dial-up connection. PPTP Point-to-Point Tunneling Protocol. A method for establishing a virtual private network (VPN) by embedding Microsoft’s network protocol into Internet packets. PSTN Public Switched Telephone Network. Point-to-Point Protocol PPP.
Reference Guide for the Model FR314 Cable/DSL Firewall Router 4 Glossary
Index A Address Resolution Protocol B-9 Alcatel ANT 4-5 auto MDI/MDI-X switching 1-4, B-13 DHCP Client ID 3-6 DHCP Setup 5-4 DHCP status 6-2 DMZ 1-3, 5-7 DNS Proxy 1-4, 5-4 B backup configuration 6-5 blocking by keyword 4-9 DNS server 3-9, 4-7 DNS, dynamic 5-2 domain 3-9 Domain Name 4-4 domain name server (DNS) B-9 C cables, pinout B-12 Cabling B-12 Cat5 cable 2-2, 2-5, B-13 configuration automatic by DHCP 1-4 backup 6-5 erasing 6-5 restore 6-5 router, initial 4-1 Connection ID/Name 4-6 DoS attack B-1
I IANA contacting B-2 IETF xiii Web site address B-7 DHCP Client ID 3-6 Obtaining ISP Configuration Information 3-9 MDI/MDI-X wiring B-12 Metric, Static Route menu 5-10 Multicast 5-5 IGMP 5-5 installation 1-5 N Internet account address information 3-7 establishing 3-7 NAT.
reset button, clearing config 6-7 restore configuration 6-5 U uplink switch 1-4, B-12 restore factory settings 6-5 RFC 1466 xiii, B-7 1597 xiii, B-7 1631 xiv, B-8 finding B-7 RoadRunner 3-7, 4-6 rom-0 file 6-5 W warranty 1-2, 1-5 Windows, configuring for IP routing 3-2 winipcfg utility 3-4 World Wide Web iii romfile0.
