SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Security Your Gateway provides broad security measures against unwanted users. Security also allows for the configuration of the Gateway firewall, administrator password, (NAT) Network Address Translation, and DMZ (Demilitarized Zone) configuration. To use the security option, click the Security button on the Gateway Options pane. This displays the “Security Options” window containing icons to access the security features.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Firewall Settings A firewall is a system designed to prevent unauthorized access to or from a private network. The firewall window provides a listing of options to be enabled or disabled as well as links to configure the more complex details of each feature. To configure the firewall: 1. From the “Security Options” window, click Firewall Settings. This displays the "Firewall Settings" window. 2.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Security Level Security level refers to how much access is permitted from your Gateway to the Internet or other networks. To enable and configure the security level feature: 1. Select Level from the “Firewall Settings” window. 2. Click the Configure hyperlink next to Level. This displays the “Firewall Level Configuration” window. 3. Select the firewall security level from the Select Firewall Level drop-down menu.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Attack Detection If the Attack Detection System is enabled, the Gateway provides protection against the most common hacker attacks that attempt to access your computer/network from the Internet. Intrusion attempts can also be logged to provide a record of attempts and their source (when available). To enable and configure the attack detection feature: 1. Select Attack Detection from the “Firewall Settings” window. 2.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features • TCP FIN An outside device can send an attack using TCP FIN. This attack never allows a data packet to finish transmitting and brings down your system. • TCP XMAS An outside device can send an attack using TCP packets with all the flags set. This causes your system to slow to a halt.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features IP Filtering Define inbound and outbound IP filter rules using this procedure. IP filtering rules can only be defined if the Firewall Level setting is Custom. This method of firewall protection is recommended for advanced users only. To define IP filtering rules: 1. Click the Configuration hyperlink next to the IP Filter option on the “Firewall Settings” window.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Add New IP Filter Rules The “Basic Rule Definition” window is displayed when you select Add New IP Filter Rule from the “Firewall IP Configuration Wizard” window. Using this option, you can define both inbound and outbound rules. Each rule defined is added to the Rule Definition table. To add a new rule: 1. Type up to a five digit numeric value in Rule No to uniquely identify the rule. 2.
SE567/SE568 Series Residential Gateway User’s Guide 9. Configuring Advanced Features If you selected This IP Address, enter an IP address in the IP Address field and do one of the following: • Enter a netmask in the Netmask field. • Select or Host to use your Gateway netmask as the source netmask. 10. Under the Destination heading, select a network connection from the Network Interface drop-down menu. 11.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features TCP/UDP Options Window The “TCP/UDP Options” window is displayed if you select TCP or UDP protocol from the “Protocol Definition” window. If you selected either of these protocol types, you must identify the source and destination ports. 1.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features ICMP Options Window The “ICMP Options” window is displayed if you select ICMP protocol from the “Protocol Definition” window. 1. Do one of the following: • Select any of the ICMP options you wish to filter. • Select All Types to filter all options. 2. Click Next. 3. Click Finish.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Clone IP Filter Rules The “Clone Rule Definitions” window is displayed when you select Clone IP Filter Level from the “Firewall IP Configuration Wizard” window. Using this option, you can clone either high or low level rules and modify them according to your needs. If you choose to clone IP filter rules, the rules already defined in the Rule Definition table are discarded. To clone IP filter rules: 1.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features DMZ The DMZ feature allows a computer on your home network to circumvent the firewall and have direct access to the internet. This feature is primarily used for gaming. The Gateway allows you to configure a temporary or permanent DMZ (Demilitarized Zone) to bypass the firewall for network or Internet gaming. If the DMZ feature is enabled, you must select the computer to be used as the DMZ computer/host.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Firewall Snooze Control The snooze feature allows you to bypass the firewall for a set amount of time so outside support personnel can access your Gateway or network, or so you can run an application that conflicts with the firewall. This function is recommended for use only when you require this special level of unrestricted access as it leaves your Gateway and network exposed to the Internet with no firewall protection.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Administrator Password You may change the Gateway administrator password at any time if you have administrative rights to the Gateway. To change the administrator password: 1. From the “Security Options” window, click the Admin Password button. This displays the “Enter Network Password” window. 2. Provide the administrator log on ID and password, then click OK. This displays the Gateway Administrator Setup window. 3.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Address Translation The Address Translation feature provides different methods of keeping individual users/computers hidden behind a single outward-facing address, while still allowing them to access the Internet and related applications. If you have more than one available Internet connection interface, they will all be displayed in the drop-down menu for ease of selection.
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Address Translation With NAT Network Address Translation (NAT) translates an IP address from your home network to an address on the Internet. It allows only one machine to access the Internet. To enable and configure NAT address translation: 1. Select Address Translation (NAT) from the “Address Translation (NAT/NAPT)” window. 2. Click the Configure hyperlink next to Address Translation (NAT).
SE567/SE568 Series Residential Gateway User’s Guide Configuring Advanced Features Address Translation With NAPT Many applications require special port access to the Internet in order to function. By enabling Network Address Port Translation (NAPT), multiple computers in your home network have access to the Internet by translating port addresses to an Internet IP address while masking their IP addresses from outside users. Only TCP, UDP, and ICMP protocols support NAPT.
SE567/SE568 Series Residential Gateway User’s Guide 5. Configuring Advanced Features Do one of the following: • Select one of the following services from the Select service by name drop-down menu. − Telnet Telnet is a program that allows you to connect to other computers over the Internet. This options uses port 23. − FTP (File Transfer Protocol) FTP is used to transfer files in both ASCI and Binary format between local and remote devices. This option uses port 21.
Chapter 7 Monitoring Gateway Health 7 This chapter explains how to monitor the health of the Gateway. This chapter describes how to monitor the health of the Gateway. The Gateway health options are used to gauge the various measures of Gateway’s health. To use the Gateway health options, click the Gateway Health button from the Gateway Options pane. This displays the “Gateway Health” window.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Statistics You can display statistics for the Internet, Home Networking, Security, and Logging. To display any of these statistics, click the Statistics button from the “Gateway Health” window. This displays the “Gigaset Gateway Statistics” window. Click the hyperlink for the type of statistics you wish to view.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Internet Stats Internet statistics are commonly used by your Internet Service provider to diagnose service-related issues. Internet statistics include either ATM or DSL statistics. ATM Statistics View status and statistical information for the WAN-side Asynchronous Transfer Mode (ATM) network connection. WAN-side connection to the service provider is based on an Asynchronous Transfer Mode (ATM) network connection.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Home Networking Stats Home Networking statistics are helpful for troubleshooting issues on your home network. These statistics are displayed for each physical interface connected to the Gateway. They are separated into Ethernet, USB, or Wireless statistics. Ethernet Statistics View status and statistical information for LAN-side Ethernet connectivity.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Logging Extensive activity logs are provided for advanced troubleshooting and administrative use. The following types of logs are available: System, Firewall, and User Access. System Logging System logging displays Gateway status, user login, interfaces accessed, etc. Activity displayed in the system log is defined using the checkboxes provided at the bottom of the window. Click Apply after making any changes.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Update Firmware This feature updates the firmware of your Gateway through the Internet or from a device connected to your Gateway. This option may not be available on your Gateway configuration. If available, you must be logged in as the Gateway Administrator to access the utility. To access this feature, click the Update Firmware button from your “Gateway Health” window. This displays the “System Update” window.
SE567/SE568 Series Residential Gateway User’s Guide Monitoring Gateway Health Diagnostics The Gateway provides diagnostic tests and data for each interface. This data is commonly requested by technical support to assist in troubleshooting. To access this feature, click the Diagnostics button from your “Gateway Health” window. This displays the “Diagnostics” window. To use the diagnostic option: 1. Select a connection to test from the Connection to Test drop-down menu.
Chapter 8 Miscellaneous Gateway Options 8 This chapter explains how to customize the appearance of the configuration program and to reboot the Gateway. This chapter is organized into parts that correspond to the following buttons shown in the Gateway Options pane. Reboot the Gateway. Customize the Gateway’s display. Customize You are able to control the background color, language, and time zone settings of your Gateway using customization options.
SE567/SE568 Series Residential Gateway User’s Guide Miscellaneous Gateway Options Color Palette Multiple color selections are available to customize the appearance of the configuration interface/program. To configure the color palette: 1. From the “Customized Settings” window, click the Color Palette button. This displays the “Customized Colors” window. 2. Using the color drop-down menus from the different display options, select the colors you wish to use in the system. 3.
SE567/SE568 Series Residential Gateway User’s Guide Miscellaneous Gateway Options Language Multiple languages may be available for displaying text in the configuration interface/program. This option may not be available on your Gateway configuration. To set the language used on the Gateway windows: 1. From the “Customized Settings” window, click the Language button. This displays the “Customized Language” window. 2. Select your desired language. 3. Click Apply.
SE567/SE568 Series Residential Gateway User’s Guide Miscellaneous Gateway Options Time Zone Using this option, you can configure the time parameters to automatically synchronize the Gateway’s internal date and time settings with those of your selected time zone. This time will be used to control time restrictions you may set for users as well as in entries in the system log. To enable and configure the time zone feature: 1. From the “Customized Settings” window, click the Time Zone button.
SE567/SE568 Series Residential Gateway User’s Guide Miscellaneous Gateway Options Reboot You can reboot the Gateway using the Reboot option, or you can reset the Gateway to factory defaults using the reset option. Reboot should be used when the Gateway needs to be restarted. The Gateway can also be rebooted using the power switch on the rear panel of the Gateway. This option can be used at either the user or administrator level. To reboot or reset factory defaults on the Gateway: 1.
A Appendix A Troubleshooting Overview This chapter covers some common problems that may be encountered while using the Wireless DSL Gateway and some possible solutions to them. If you follow the suggested steps and the Gateway still does not function properly, contact your Internet Service Provider or Technical Support for assistance. General Issues Problem: Can't connect to the Gateway to configure it.
SE567/SE568 Series Residential Gateway User’s Guide Appendix A - Troubleshooting Contacting Technical Support Before contacting technical support, please refer to the previous troubleshooting information. For issues concerning DSL service or connectivity, contact your Internet Service Provider (ISP) directly.
B Appendix B Specifications Media Interface: RJ-11 DSL WAN connection (5) 10/100Base-T RJ-45 Ethernet LAN connections (Auto-MDI/MDI-X) USB Type B connection DB-9 RS-232 Serial console port Diagnostic LEDs: Power, Status, Link and Activity for DSL, Ethernet, USB (optional), and Wireless Management: Intuitive, Web-based management Comprehensive hardware diagnostics SNMPv1 support UPnP IGD-NAT traversal support XML Management Scheme, DSL Forum 2002-281 Security: PAP (RFC 1334), CHAP (RFC 1994) Passwor
SE567/SE568 Series Residential Gateway User’s Guide Routing: Appendix B Specifications DHCP server and DNS agent Network Address Port Translation (NAPT) Network Address Translation (NAT) Packet filtering RFC 2364 Point-to-Point Protocol over ATM PVCs (PPPoA) RFC 2516 Point-to-Point Protocol over Ethernet (PPPoE) RFC 2684 (formerly 1483) Bridged Ethernet and routed encapsulation RFC 2225 (formerly 1577) Classical IP over ATM PPPoE Relay/Bridging Configurable PAP and CHAP authentication TCP/IP with RIP1 an
Siemens Subscriber Network 4849 Alpha Road Dallas, TX 75244 USA (972) 852-1000 Tel (972) 852-1001 Fax usa.800siemens@icn.siemens.com http://www.icn.siemens.
