User Manual

ManualsBrandsWellink ManualsComputers & AccessoriesADSL Modem

VisionNet

VisionNetVisionNet

VisionNet

202ER ADSL Ethernet Router

User’s Manual

Revision 1.1

February 27, 2003

Summary of content (98 pages)

PAGE 1
VisionNet 202ER ADSL Ethernet Router User’s Manual Revision 1.
PAGE 2
VisionNet 202ER ADSL Ethernet Router User’s Guide Table of Contents 1 Introduction .......................................................... 9 Features.................................................................................. 9 System Requirements ........................................................... 9 Using this Document............................................................ 10 Notational conventions ................................................. 10 Typographical conventions .....
PAGE 3
VisionNet 202ER ADSL Ethernet Router User’s Guide DNS Settings................................................................. 24 PPP Settings ................................................................. 24 Default Router Settings ................................................ 25 Testing Your Installation ...................................................... 26 Using VisionNet’s Diagnostic Utilities ................................. 27 4 Getting Started with the Configuration Manager............
PAGE 4
VisionNet 202ER ADSL Ethernet Router User’s Guide Configuring DHCP Server ................................................... 47 Viewing, modifying, and deleting address pools, and excluding IP addresses from a pool............................................................................. 50 Viewing current DHCP address assignments ............ 50 Configuring DHCP Relay..................................................... 52 Setting the DHCP Mode ......................................................
PAGE 5
VisionNet 202ER ADSL Ethernet Router User’s Guide Do I need to define IP routes? ..................................... 78 Viewing the IP Routing Table.............................................. 79 Adding IP Routes ................................................................. 81 11 Configuring the Routing Information Protocol........................................................... 89 RIP Overview .......................................................................
PAGE 6
VisionNet 202ER ADSL Ethernet Router User’s Guide Overview of Bridges...........................................................109 Using the Bridging Feature................................................110 Defining Bridge Interfaces .................................................111 Deleting a Bridge Interface................................................112 17 Configuring Firewall Settings .......................... 113 Configuring Global Firewall Settings.................................
PAGE 7
VisionNet 202ER ADSL Ethernet Router User’s Guide Diagnosing Problem using IP Utilities...............................139 ping ..............................................................................139 nslookup ......................................................................140 D Glossary...........................................................
PAGE 8
PAGE 9
VisionNet 202ER ADSL Ethernet Router User’s Guide 4 Getting Started with the Configuration Manager The VisionNet 202ER includes preinstalled program called the Configuration Manager, which provides an interface to the software installed on the device. It enables you to configure the device settings to meet the needs of your network. You access it through your web browser from any PC connected to the VisionNet 202ER via the LAN port. This chapter describes how to use the Configuration Manager.
PAGE 10
VisionNet 202ER ADSL Ethernet Router User’s Guide Figure 7. Login Screen 2. Enter your user name and password, and then click . 3. The first time you launch the program, use these defaults: Note Default User Name: admin Default Password : visionnet You can change the password at any time (see Changing Your Login Password on page 35). The user name cannot be changed. The System View page displays each time you launch the program (shown in Figure 8 on page 31).
PAGE 11
VisionNet 202ER ADSL Ethernet Router User’s Guid Functional Layout Configuration Manager tasks are grouped into categories, which you can access by clicking the tabs at the top of each page. Each tab, except for the Home tab which displays when you first log in, displays the available tasks horizontally the top of the page. You can click on these to display the specific configuration options. A separate page displays for each task in the task bar.
PAGE 12
VisionNet 202ER ADSL Ethernet Router User’s Guide The Home Tab and System View Table The Home Tab displays the System View table when you first access the program: Figure 8. System View Page The System View table provides a snapshot of your system configuration, and provides links to the software pages that enable you to configure each setting (if available). The following table describes the various sections of the system view table.
PAGE 13
VisionNet 202ER ADSL Ethernet Router User’s Guid Table Heading Description LAN Interfaces Displays the software names and various settings for the device interfaces that communicate directly with your network. These typically include at least one Ethernet interface, named eth-0, and may include a USB interface named usb-0. You can configure some properties of these interfaces, as described in Chapter 5.
PAGE 14
VisionNet 202ER ADSL Ethernet Router User’s Guide Changing the System Date and Time The device keeps a record of the current date and time, which it uses to calculate and report various performance data. Note Changing the VisionNet 202ER date and time does not affect the date and time on your PCs. Follow these instructions to change the date and time: 1. At the bottom of the System View page, click . The System – Modify page displays in a separate browser window: Figure 9. System – Modify Page 2.
PAGE 15
VisionNet 202ER ADSL Ethernet Router User’s Guid Changing Your Login Password The first time you log into the Configuration Manager, you use the default user ID and password (root and root). The system allows only one user ID and password. Only the password can be changed. Note This user ID and password is only used for logging into the Configuration Manager; it is not the same as the login you may use to connect to your ISP (described in Chapter 12).
PAGE 16
VisionNet 202ER ADSL Ethernet Router User’s Guide Committing Your Changes and Rebooting the Device Committing your changes Whenever you use the Configuration Manager to change system settings, the changes are initially placed in temporary storage (called random access memory or RAM). Your changes are made effective when you submit them, but will be lost if the device is reset or turned off. To save your changes for future use, you can use the commit function.
PAGE 17
VisionNet 202ER ADSL Ethernet Router User’s Guid Rebooting the device using Configuration Manager To reboot the device, display the Commit and Reboot page, select the appropriate reboot mode from the drop-down menu, and then click . You can select from the following three options when rebooting: WARNING Option Description Reboot from Last Configuration Reboots the device using the current settings in permanent memory, including any changes you just committed.
PAGE 18
VisionNet 202ER ADSL Ethernet Router User’s Guide 5 Setting the LAN IP Address This chapter describes how to configure the interfaces on the ADSL/Ethernet router that communicate with your LAN.. Configuring your LAN IP address If you are using the ADSL/Ethernet router with multiple PCs on your LAN, you must connect the LAN via an Ethernet hub to the device's LAN port, called eth-0. You must assign a unique IP address to each device port that you use.
PAGE 19
VisionNet 202ER ADSL Ethernet Router User’s Guide Follow these steps to change the default LAN IP address or to configure the LAN port as a DHCP client. 1. Launch Configuration Manager, and then click the LAN Config. The LAN Configuration page displays, as shown in Figure 12. Figure 12.
PAGE 20
VisionNet 202ER ADSL Ethernet Router User’s Guid The LAN Configuration table displays the following settings: Setting Description System Mode The preconfigured mode for your device, such as Routing or Bridging mode. This setting is not user configurable. LAN IP Address The IP address your computers use to identify the device’s LAN port. Note that the public IP address assigned to you by your ISP is not your LAN IP address.
PAGE 21
VisionNet 202ER ADSL Ethernet Router User’s Guide referred to as a "Configured IP Address" in the program. If the configured IP address is not available from the DHCP server, the server will distribute another address to the LAN port. Even if another number is assigned, the same configured IP address will continue to display in this field. For a description of how DHCP works, see Chapter 7. 3. Click .
PAGE 22
VisionNet 202ER ADSL Ethernet Router User’s Guide 6 Viewing System IP Information and Performance Statistics The interfaces on the VisionNet 202ER that communicate with other network and Internet devices are identified by unique Internet protocol (IP) addresses. You can use the Configuration Manager to view the list of IP addresses that your device uses, and to view other system and network performance data. See Appendix A for a description of IP addresses and masks.
PAGE 23
VisionNet 202ER ADSL Ethernet Router User’s Guide Viewing IP Global Statistics You can view statistics on the processing of Internet protocol packets (a packet is a collection of data that has been bundled for transmission). You will not typically need to view this data, but you may find it helpful when working with your ISP to diagnose network and Internet data transmission problems. To view global IP statistics, click on the IP Address Table page.
PAGE 24
VisionNet 202ER ADSL Ethernet Router User’s Guide 7 Configuring Dynamic Host Configuration Protocol You can configure your network and VisionNet 202ER to use the Dynamic Host Configuration Protocol (DHCP). This chapter provides an overview of DHCP and instructions for implementing it on your network. Overview of DHCP What is DHCP? DHCP is a protocol that enables network administrators to centrally manage the assignment and distribution of IP information to computers on a network.
PAGE 25
VisionNet 202ER ADSL Ethernet Router User’s Guide VisionNet 202ER DHCP modes The device can be configured as a DHCP server, DHCP relay agent, or, in some cases, a DHCP client. If you configure the device as a DHCP server, it will maintain the pool of addresses and distribute them to your LAN computers.
PAGE 26
VisionNet 202ER ADSL Ethernet Router User’s Guid Configuring DHCP Server Note By default, the device is configured as a DHCP server, with a predefined IP address pool of 10.0.0.4 through 10.0.0.15 (subnet mask 255.255.255.0). To change this range of addresses, see “Viewing, modifying, and deleting address pools” on page 50. First, you must configure your PCs to accept DHCP information assigned by a DHCP server: 1. Open the Windows Control Panel and display the computer's Networking properties.
PAGE 27
VisionNet 202ER ADSL Ethernet Router User’s Guide Figure 16.
PAGE 28
VisionNet 202ER ADSL Ethernet Router User’s Guid 4. The Start IP Address, End IP Address, Net Mask, and Gateway Address fields are required; the others are optional. Field Description Start/End IP Addresses Specify the lowest and highest addresses in the pool. Mac Address Use this field only if you want to assign a specific IP address to a specific computer (that is, you are creating an exception to the dynamic assignment of addresses).
PAGE 29
VisionNet 202ER ADSL Ethernet Router User’s Guide 5. Click . A confirmation page displays briefly to indicate that the pool has been added successfully. After a few seconds, the DHCP Server Pool – Add page displays with the newly added pool. 6. Follow the instructions in “Setting the DHCP Mode” on page 53 to set the DHCP mode to DHCP Server.
PAGE 30
VisionNet 202ER ADSL Ethernet Router User’s Guid computers. To view a table of all current IP address assignments, display the DHCP Server Configuration page, and then click . A page displays similar to the on shown in Figure 18: Figure 18. DHCP Server Address Table Page The DHCP Server Address Table lists any IP addresses that are currently leased to LAN devices.
PAGE 31
VisionNet 202ER ADSL Ethernet Router User’s Guide Configuring DHCP Relay Some ISPs perform the DHCP server function for their customers’ home/small office networks. In this case, you can configure the device as a DHCP relay agent. When a computer on your network requests Internet access, the VisionNet 202ER contacts your ISP to obtain an IP address (and other information), and then forwards that information to the computer.
PAGE 32
VisionNet 202ER ADSL Ethernet Router User’s Guid A page displays to confirm your changes, and then the program returns to the DHCP Relay Configuration page. 6. Follow the instructions in “Setting the DHCP Mode” on page 53 to set the DHCP mode to DHCP Relay. Setting the DHCP Mode You should set the DHCP mode only after you have configured DHCP relay or DHCP server settings. See “Configuring DHCP Server” on page 47 or “Configuring DHCP Relay” on page 52 for additional instructions.
PAGE 33
PAGE 34
VisionNet 202ER ADSL Ethernet Router User’s Guide 8 Configuring Network Address Translation This chapter provides an overview of Network Address Translation (NAT) and instructions for modifying the default configuration on your device. Overview of NAT Network Address Translation is a method for disguising the private IP addresses you use on your LAN as the public IP address you use on the Internet.
PAGE 35
VisionNet 202ER ADSL Ethernet Router User’s Guide disguised source port number. The VisionNet 202ER changes the IP address and source port number back to the original values (having kept track of the changes it made earlier), and then routes the packet to the originating computer. NAT rules such as these provide several benefits: They eliminate the need for purchasing multiple public IP addresses for computers on your LAN.
PAGE 36
VisionNet 202ER ADSL Ethernet Router User’s Guid assigned to your computers (see “Adding NAT Rules” on page 63 for instructions). Viewing NAT Global Settings and Statistics To view your NAT settings, launch the Configuration Manager, Click NAT in the Virtual Server tab. The NAT Configuration page displays by default, as shown in Figure 20. Figure 20.
PAGE 37
VisionNet 202ER ADSL Ethernet Router User’s Guide The NAT Global Information table contains the following fields: Field Description TCP Idle Timeout (sec) For a NAT translation session on data that uses the TCP protocol, the translation will no longer be performed if no matching data packets are received after the specified time has elapsed.
PAGE 38
VisionNet 202ER ADSL Ethernet Router User’s Guid Figure 21. NAT Rule Global Statistics Page The table provides basic information for each NAT rule you have set up. You can click to restart the accumulation of the statistics at their initial values.
PAGE 39
VisionNet 202ER ADSL Ethernet Router User’s Guide Viewing NAT Rules and Rule Statistics To view the NAT Rules currently defined on your system, select NAT Rule Entry in the NAT Options drop-down list. The NAT Rule Configuration page displays, as shown in Figure 22. Figure 22. NAT Rule Configuration Page The NAT Rule Configuration table displays a row containing basic information for each rule.
PAGE 40
VisionNet 202ER ADSL Ethernet Router User’s Guid Viewing Current NAT Translations To view a list of NAT translations that have recently been performed and which remain in effect (for any of the defined rules), select NAT Translations from the NAT Options drop-down list. The NAT Translations page displays, as shown in Figure 24: Figure 24.
PAGE 41
VisionNet 202ER ADSL Ethernet Router User’s Guide Figure 25. NAT Translation – Details Page In addition to the information displayed in the NAT Translations table, this table displays the following for the selected current translation sessions: 62 Field Description Translated InAddress The public IP address to which the private IP address was translated. In Address The private IP address that was translated. Out Address The IP address of the outside destination (web, ftp site, etc.
PAGE 42
VisionNet 202ER ADSL Ethernet Router User’s Guid Adding NAT Rules This section explains how to create rules for the various NAT flavors. Note You cannot edit existing NAT rules. To change a rule setup, delete it and add a new rule with the modified settings. The napt rule: Translating between private and public IP addresses Follow these instructions to create a rule for translating the private IP addresses on your LAN to your public IP address.
PAGE 43
VisionNet 202ER ADSL Ethernet Router User’s Guide higher priority rules are invoked before lower-priority rules. It is recommended that you select rule IDs as multiples of 5 so that, in the future, you can insert a rule between two existing rules. Once a data packet matches a rule, the data is acted upon according to that rule and is not subjected to higher-numbered rules. 4. From the IFName drop-down list, select the interface on the device to which this rule applies.
PAGE 44
VisionNet 202ER ADSL Ethernet Router User’s Guid 11. Click to save your changes to permanent memory. The rdr rule: Allowing external access to a LAN computer You can create an rdr rule to make a computer on your LAN, such as a Web or FTP server, available to Internet users without requiring you to obtain a public IP address for that computer. The computer’s private IP address is translated to your public IP address in all incoming and outgoing data packets.
PAGE 45
VisionNet 202ER ADSL Ethernet Router User’s Guide Figure 27. NAT Rule – Add Page (rdr Flavor) Follow these instructions to add an rdr rule (see steps 1-4 under "The napt rule" on page 63 for specific instructions corresponding to steps 1 and 2 below): 1. Display the NAT Rule – Add Page, select RDR as the Rule Flavor, and enter a Rule ID. 2. Select the interface on which this rule will be effective. 3. Select a protocol to which this rule applies, or choose ALL.
PAGE 46
VisionNet 202ER ADSL Ethernet Router User’s Guid If you have multiple WAN (PPP) interfaces, this rule will not be enforced for data that arrives on other PPP interfaces. This rule will not be enforced for data that arrives on WAN interfaces not specified here. If you have multiple WAN interfaces and want the rule to be enforced on more than one of them (or all), type the starting and ending IP addresses of the range. 6.
PAGE 47
VisionNet 202ER ADSL Ethernet Router User’s Guide The basic rule: Performing 1:1 translations The basic flavor translates the private (LAN-side) IP address to a public (WAN-side) address, like napt rules. However, unlike napt rules, basic rules do not also translate the port numbers in the packet header; they are passed through untranslated. Therefore, the basic rule does not provide the same level of security as the napt rule. Figure 28 shows the fields used for adding a basic rule. Figure 28.
PAGE 48
VisionNet 202ER ADSL Ethernet Router User’s Guid You can create a basic rule for each specific address translation to occur. The range of addresses should correspond to private addresses already in use on your network, whether assigned statically to your PCs, or assigned dynamically using DHCP. 5. In the Global Address From and Global Address To fields, type the starting and ending address that identify the pool of public IP addresses to which to translate your private addresses.
PAGE 49
VisionNet 202ER ADSL Ethernet Router User’s Guide 1. Display the NAT Rule – Add Page, select FILTER as the Rule Flavor, and enter a Rule ID. 2. Select the interface on which this rule will be effective. 3. Select a protocol to which this rule applies, or choose ALL. This selection specifies which type of Internet communication will be subject to this translation rule. You can select ALL if the rule applies to all data.
PAGE 50
VisionNet 202ER ADSL Ethernet Router User’s Guid Specify both a destination address (or range) and a destination port (or range) if you want this translation rule to apply to accesses to the specified server type at the specified IP address or network. 7. Follow steps 7-12 under "The napt rule" on page 63 to submit your changes. The bimap rule: Performing two-way translations Unlike the other NAT flavors, the bimap flavor performs address translations in both the outgoing and incoming directions.
PAGE 51
VisionNet 202ER ADSL Ethernet Router User’s Guide 4. In the Global Address field, type the address that you want to serve as the publicly known address for the LAN computer. 5. Follow steps 7-12 under "The napt rule" on page 63 to submit your changes. The pass rule: Allowing specific addresses to pass through untranslated You can create a pass rule to allow a range of IP addresses to remain untranslated when another rule would otherwise do so. Figure 31.
PAGE 52
VisionNet 202ER ADSL Ethernet Router User’s Guide 9 Configuring DNS Server Addresses About DNS Domain Name System (DNS) servers map the user-friendly domain names that users type into their Web browsers (e.g., "yahoo.com") to the equivalent numerical IP addresses that are used for Internet routing. When a PC user types a domain name into a browser, the PC must first send a request to a DNS server to obtain the equivalent IP address.
PAGE 53
VisionNet 202ER ADSL Ethernet Router User’s Guide Configuring DNS Relay When you specify the device's LAN port IP address as the DNS address, then the ADSL/Ethernet automatically performs “DNS relay”; i.e., because the device itself is not a DNS server, it forwards domain name lookup requests that it receives on its LAN port to a DNS server at the ISP. It then relays the response to the PC. When performing DNS relay, the VisionNet 202ER must maintain the IP addresses of the DNS servers it contacts.
PAGE 54
VisionNet 202ER ADSL Ethernet Router User’s Guid a. the WAN tab, and then click DNS in the task bar. The DNS Configuration page displays. b. Type the IP address of the DNS server in an empty row and click . You can enter only two addresses. c. Click the Enable radio button, and then click . 3. Click Save and Reboot in the Save Setting tab. 4. Click to save your changes to permanent memory.
PAGE 55
PAGE 56
VisionNet 202ER ADSL Ethernet Router User’s Guide 10 Configuring IP Routes You can use Configuration Manager to define specific routes for your Internet and network data. This chapter describes basic routing concepts and provides instructions for creating routes. Note that most users do not need to define IP routes. Overview of IP Routes The essential challenge of a router is: when it receives data intended for a particular destination, which next device should it send that data to.
PAGE 57
VisionNet 202ER ADSL Ethernet Router User’s Guide Hops and gateways Each time Internet data is passed from one Internet address to another, it is said to take a hop. A hop can be a handoff to a different port on the same device, to a different device on the same network, or to a device on an entirely different network. When a hop passes data from one type of network to another, it uses a gateway.
PAGE 58
VisionNet 202ER ADSL Ethernet Router User’s Guid Viewing the IP Routing Table All IP-enabled computers and routers maintain a table of IP addresses that are commonly accessed by their users. For each of these destination IP addresses, the table lists the IP address of the first hop the data should take. This table is known as the device’s routing table. To view the VisionNet 202ER’s routing table, the System Status tab, and then click Routing Table in the task bar.
PAGE 59
VisionNet 202ER ADSL Ethernet Router User’s Guide The following table defines the fields in the IP Routing Table. Table 3. IP Routing Table Fields 80 Field Description Destination Specifies the IP address of the destination computer. The destination can specified as the IP address of a specific computer or an entire network.
PAGE 60
VisionNet 202ER ADSL Ethernet Router User’s Guid Adding IP Routes Follow these instructions to add an IP route to the routing table. 1. From the IP Route Table page, click . The IP Route – Add page displays, as shown in Figure 33. Figure 33. IP Route – Add Page 2. Specify the destination, network mask, and gateway or next hop for this route. For a description of these fields, refer to Table 3 on page 80. To create a route that defines the default gateway for your LAN, enter 0.0.0.
PAGE 61
PAGE 62
VisionNet 202ER ADSL Ethernet Router User’s Guide 11 Configuring the Routing Information Protocol The VisionNet 202ER can be configured to communicate with other routing devices to determine the best path for sending data to its intended destination. Routing devices communicate this information using a variety of IP protocols. This chapter describes how to configure the VisionNet 202ER to use one of these, called the Routing Information Protocol (RIP).
PAGE 63
VisionNet 202ER ADSL Ethernet Router User’s Guide Configuring the VisionNet 202ER’s Interfaces with RIP The following instructions describe how to enable RIP on the VisionNet 202ER. Note In order for the VisionNet 202ER to communicate with other devices using RIP, you must also enable the other devices to use the protocol. See the product documentation for those devices. 1. Launch the Configuration Manager, the Security tab, and then click RIP in the task bar.
PAGE 64
VisionNet 202ER ADSL Ethernet Router User’s Guid the metric values assigned to each port through which data is passed before reaching the destination. Among several alternative routes, the one with the lowest hop count is considered the fastest path. For example, if you assign this port a metric of 1, then RIP will add 1 to the hop count when calculating a route that passes through this port.
PAGE 65
VisionNet 202ER ADSL Ethernet Router User’s Guide Viewing RIP Statistics From the RIP Configuration page, you can click to view statistics on attempts to send and receive route table data over RIP-enabled interfaces on the VisionNet 202ER. Figure 35. RIP Global Statistics Page You can click to reset all statistics to 0 and to display any newly accumulated data.
PAGE 66
VisionNet 202ER ADSL Ethernet Router User’s Guide 12 Configuring the ATM VCC As your LAN computers access the Internet via the VisionNet 202ER, data is exchanged with your ISP through a complex network of telephone switches, Internet routers, servers, and other specialized hardware. These various devices communicate using a common language, or protocol, called Asynchronous Transfer Mode (ATM).
PAGE 67
VisionNet 202ER ADSL Ethernet Router User’s Guide The ATM VCC Configuration table displays the following fields (contact your ISP to determine these settings): Field Description Interface The name of the lower-level interface on which this VC operates. The low-level interface names are preconfigured in the software and identify the type of traffic that can be supported, such as data or voice. Internet data services typically use an AAL5-type interface.
PAGE 68
VisionNet 202ER ADSL Ethernet Router User’s Guide 2. Select an interface name from the VCC Interface drop-down list. 3. Enter the VPI and VCI values assigned by your ISP, and select the mux type from the drop-down list. 4. Click . 5. On the confirmation page, click ATM VC Configuration page. to return to the 6. Click Save and Reboot in the Save Setting tab. 7. Click to save your changes to permanent memory. The new interface should now display in the ATM VCC Configuration table.
PAGE 69
VisionNet 202ER ADSL Ethernet Router User’s Guide Modifying ATM VCs Your device may already be preconfigured with the necessary ATM VC properties, or the table may contain placeholder values that you must change before using the device. Contact your ISP to determine your ATM VC values. Follow these instructions to modify a preconfigured VC: 1. From the ATM VC Configuration page, click in the Actions column for the interface you want to modify.
PAGE 70
VisionNet 202ER ADSL Ethernet Router User’s Guide 13 Configuring PPP Interfaces When powered on, the VisionNet 202ER initiates a connection through your DSL line to your ISP.
PAGE 71
VisionNet 202ER ADSL Ethernet Router User’s Guide You can configure the following settings on the PPP Configuration page: Inactivity TimeOut (mins): The time in minutes that must elapse before a PPP connection times out due to inactivity. Ignore WAN to LAN traffic: When enabled, data traffic traveling in the incoming direction—from the WAN port to the LAN port—will not count as activity on the WAN port; i.e., it will not prevent the connection from being terminated if inactive for the specified time.
PAGE 72
VisionNet 202ER ADSL Ethernet Router User’s Guide Field Description Use DHCP When set to Enable, the device will acquire additional IP information from the ISP's DHCP server. The PPP connection itself acquires the device's IP address, mask, DNS address, and default gateway address. With Use DHCP enabled, the device will acquire IP addresses for various other server types (WINS, SMTP, POP3, etc. -- these server types are listed on the DHCP Server Configuration page).
PAGE 73
VisionNet 202ER ADSL Ethernet Router User’s Guide Figure 40. PPP – Detail Page In addition to the properties defined on page 92, the PPP Interface – Detail table displays these fields: 94 Field Description Status Indicates whether the interface has been specified in the system as: o Enabled: A connection will be established for use when the device is turned on or rebooted. o Disabled: The PPP interface cannot currently be used.
PAGE 74
VisionNet 202ER ADSL Ethernet Router User’s Guide Field Description Last Fail Cause Indicates the action that ended the previous PPP session: o No Valid PADO Recvd: The unit initiated a PPoE handshake but did not receive a packet in reply from the ISP. o No Valid PADS Recvd: After the initial handshake, the unit did not receive a confirmation packet from the ISP. o Stopped by User: The user stopped the connection (for example, by changing the Configuration Manager settings for the PPP interface.
PAGE 75
VisionNet 202ER ADSL Ethernet Router User’s Guide Adding a PPP Interface Definition If you intend to use more than one type of service from your ISP, the device may be configured with multiple PPP interfaces, each with unique logon and other properties. Follow this procedure to define properties for a PPP interface: 1. From the PPP Configuration Page, click . The PPP Interface – Add page displays, as shown in Figure 41. Figure 41. PPP Interface – Add Page 2.
PAGE 76
VisionNet 202ER ADSL Ethernet Router User’s Guide 4. Click to return to the PPP page and view the new interface in the table. 5. Click Save and Reboot in the Save Setting tab. 6. Click to save your changes to permanent memory. Modifying and Deleting PPP Interfaces To modify a PPP interface, display the PPP Configuration page and click in the Action(s) column for the interface you want to modify. The PPP Interface – Modify page displays, as shown in Figure 42. Figure 42.
PAGE 77
VisionNet 202ER ADSL Ethernet Router User’s Guide Bridges vs. Routers: The essential difference between a bridge and a router is that a router uses a higher-level protocol (such as the IP) to determine how to pass data. IP data packets contain IP addresses that specifically identify the destination computer. Routers can read this information and pass the data to the destination computer, or determine which next router to send the data to if the destination is not on a connected network.
PAGE 78
VisionNet 202ER ADSL Ethernet Router User’s Guide. Defining Bridge Interfaces To enable bridging, you simply specify the device interfaces on which you want to bridge data, and then enable bridging mode: 1. Launch Configuration Manager and click the Bridging in the WAN tab. The Bridge Configuration page displays, as shown in Figure 47. Figure 47. Bridge Configuration Page The table may be empty if bridging has not yet been established. 2.
PAGE 79
VisionNet 202ER ADSL Ethernet Router User’s Guide If you enable bridging on an interface that has already been assigned an IP address, then it is considered IP-enabled and will route (rather than bridge) IP packets received on the interface. The interface will bridge non-IP data it receives, however. Note You can determine whether the Ethernet (eth-0) has been assigned IP addresses by displaying the IP Address Table (display the Routing tab, and then click IP Address).
PAGE 80
VisionNet 202ER ADSL Ethernet Router User’s Guide 17 Configuring Firewall Settings Configuration Manager provides built-in firewall functions, enabling you to protect the system against denial of service (DoS) attacks and other types of malicious accesses to your LAN. You can also specify how to monitor attempted attacks, and who should be automatically notified. Configuring Global Firewall Settings Follow these instructions to configure global firewall settings: 1.
PAGE 81
VisionNet 202ER ADSL Ethernet Router User’s Guide 2. Configure any of the following settings that display in the Firewall Global Information table: 114 Field Description Black List Status If you want the device to maintain and use a black list, click Enable. Click Disable if you do not want to maintain a list. Black List Period(min) Specifies the number of minutes that a computer's IP address will remain on the black list (i.e.
PAGE 82
VisionNet 202ER ADSL Ethernet Router User’s Guide. Field Description Log Destination Specifies how attempted violations of the firewall settings will be tracked. Records of such events can be sent via Ethernet to be handled by a system utility Ethernet to (Trace) or can e-mailed to specified administrators. E-mail ID of Admin 1/2/3 Specifies the e-mail addresses of the administrators who should receive notices of any attempted firewall violations.
PAGE 83
VisionNet 202ER ADSL Ethernet Router User’s Guide Managing the Black List If data packets are received that violate the firewall settings or any of the IP Filter rules, then the source IP address of the offending packets can be blocked from such accesses for a specified period of time. You can enable or disable use of the black list using the settings described above. The source computer remains on the black list for the period of time that you specify.
PAGE 84
VisionNet 202ER ADSL Ethernet Router User’s Guide 18 Configuring IP Filters The IP filter feature enables you to create rules that control the forwarding of incoming and outgoing data between your LAN and the Internet. This chapter explains how to create IP filter rules. Overview The IP filter feature enables you to control the types of data being passed between the Internet and your network.
PAGE 85
VisionNet 202ER ADSL Ethernet Router User’s Guide description of the items that make up a rule. When rules are defined, you can use the icons that display in the Actions column to ( ), delete ( ), and view details on ( ) the corresponding rule. Configuring IP Filter Global Settings The IP Filter Configuration page enables you to configure several global IP Filter settings, and displays a table showing all existing IP Filter rules.
PAGE 86
VisionNet 202ER ADSL Ethernet Router User’s Guide. Creating IP Filter Rules To create an IP filter rule, you set various criteria that must be met in order for the rule to be invoked. Use these instructions to add a new IP filter rule, and refer to the examples on page 124 for assistance: 1. On the main IP Filter page, click . The IP Filter Rule − Add page displays, as shown in Figure 51. Figure 51.
PAGE 87
VisionNet 202ER ADSL Ethernet Router User’s Guide 2. Enter or select data for each field that applies to your rule. The following table describes the fields: Field 120 Description Rule ID Each rule must be assigned a sequential ID number. Rules are processed from lowest to highest on each data packet, until a match is found. It is recommended that you assign rule IDs in multiples of 5 or 10 (e.g., 10, 20, 30) so that you leave enough room between them for inserting a new rule if necessary.
PAGE 88
VisionNet 202ER ADSL Ethernet Router User’s Guide. Field Description Black List Status Specifies whether or not a violation of this rule will result in the offending computer's IP address being added to the Black List, which blocks the ADSL/Ethernet router from forwarding packets from that source for a specified period of time. See Chapter 17, “Configuring Firewall Settings” for instructions.
PAGE 89
VisionNet 202ER ADSL Ethernet Router User’s Guide Field 122 Description Protocol Specifies the basic IP protocol criteria that must be met for rule to be invoked. Using the options in the drop-down list, you can specify that packets must contain the selected protocol (eq), that they must not contain the specified protocol (neq), or that the rule can be invoked regardless of the protocol (any).
PAGE 90
VisionNet 202ER ADSL Ethernet Router User’s Guide. Field Description ICMP Code Specifies whether the value in the code field in ICMP packet headers will be used as a criteria. The code value can be any decimal value from 0-255. You can specify that the value must equal (eq) or not equal (neq) the specified value, or you can select any to enable the rule to be invoked on all ICMP packets. This field will be dimmed (unavailable for entry) unless you specify ICMP as the protocol.
PAGE 91
VisionNet 202ER ADSL Ethernet Router User’s Guide 3. When you are done selecting criteria, ensure that the Enable radio button is selected at the top of the page, and then click . After a confirmation page displays, the IP Filter Configuration page will redisplay with the new rule showing in the table. If the security level of the rule matches the globally configured setting, a green ball in the Status column for that rule, indicating that the rule is now in effect.
PAGE 92
VisionNet 202ER ADSL Ethernet Router User’s Guide. 1. Add a new rule for incoming packets incoming on the ppp-0 interface. 2. Specify that the packet must contain the TCP protocol, and must be destined for port 23, the well-known port number used for the Telnet protocol. 3. Enable the rule by clicking the radio button at the top of the page. 4. Click to create the rule, and save your changes. Figure 52 shows how this rule could be configured: Figure 52.
PAGE 93
VisionNet 202ER ADSL Ethernet Router User’s Guide Viewing IP Filter Statistics For each rule, you can view statistics on how many packets were accepted or denied. Display the IP Filter Configuration page, and then click in the corresponding row corresponding to the rule. A page such as the following displays: Figure 53. IP Filter Rule – Statistics Page You can click to reset the count to zero and to display newly accumulated data.
PAGE 94
VisionNet 202ER ADSL Ethernet Router User’s Guide. The IP Filter Session table displays the following fields for each current IP session: Field Description Session Index The ID assigned by the system to the IP session (all sessions, whether or not they are affected by an IP filter rule, are assigned a session index). Time to expire The number of seconds in which the connection will automatically expire Protocol The underlying IP protocol used on the connection, such as TCP, UDP, IGMP, etc.
PAGE 95
PAGE 96
VisionNet 202ER ADSL Ethernet Router User’s Guide Problem PCs cannot display web pages on the Internet. Troubleshooting Suggestion translate the private address to your public IP address. The assigned IP address must be within the range specified in the NAT rules (see Chapter 8). Or, configure the PC to accept an address assigned by another device (see the Quick Start, Part 2).
PAGE 97
VisionNet 202ER ADSL Ethernet Router User’s Guide. Diagnosing Problem using IP Utilities ping Ping is a command you can use to check whether your PC can recognize other computers on your network and the Internet. A ping command sends a message to the computer you specify. If the computer receives the message, it sends messages in reply. To use it, you must know the IP address of the computer you are trying to communicate with. On Windows-based computers, you can execute a ping command from the Start menu.
PAGE 98
VisionNet 202ER ADSL Ethernet Router User’s Guide nslookup You can use the nslookup command to determine the IP address associated with an internet site name. You specify the common name, and the nslookup command looks up the name in on your DNS server (usually located with your ISP). If that name is not an entry in your ISP’s DNS table, the request is then referred to another higher-level server, and so on, until the entry is found. The server then returns the associated IP address.