ELSA Cable manual Security for your configuration, Password protection, Login barring

Page 37

Operating modes and functions 29

Operating modes and functions

This section is an introduction to the functions and operating modes of your device. It includes information on the following points:

KSecurity for your configuration

KSecurity for your LAN

KIP routing

KBridging

KDHCP server

Along with the description of the individual points, we will also give you information to support you as you configure your device.

Detailed sample configurations can be found in the Workshop.

Please refer to the electronic documentation for a detailed description of all parameters and menus.

Security for your configuration

A number of important parameters for the exchange of data are established in the configuration of the device. These include the security of your network, monitoring of costs and the authorizations for the individual network users.

Needless to say, the parameters that you have set should not be modified by unauthorized persons. The ELSA MicroLink Cable thus offers a variety of options to protect die configuration.

Password protection

The simplest option for the protection of the configuration is the establishment of a password. As long as a password hasn't been set, anyone can change the configuration of the device.

The password input field can be found in the configuration tool ELSA LANconfig in the 'Management' configuration section on the 'Security' tab. The password prompt can be activated in a terminal or telnet session in the /Setup/Config-Module/ passw.prompt menu. In this case, the password itself is set with the command

passwd.

Login barring

The configuration in the ELSA MicroLink Cable is protected against “brute force attacks“ by barring logins. A brute-force attack is the attempt of an unauthorized person to crack

ELSA MicroLink Cable

Image 37

Contents Manual Sonnenweg ELSA, IncAachen GermanyIntroducing the Elsa MicroLink Cable Thank you for placing your trust in this Elsa productPage Elsa Cable Modem ContentVI Content Setup/SNMP-module Viii Content Introducing the Elsa MicroLink Cable What does the unit look like?Elsa MicroLink Cable Sync Meanings of the specific blink codesThese LEDs show the corresponding network controller status BC D E F GNode or hub? Highlights of the Elsa MicroLink CableFast Internet Cable networkInternet at all times-always online Regional contentMore than just Internet BackboneProxy servers CE and FCC CE conformity and FCC radiation standardIntroducing the Elsa MicroLink Cable Elsa MicroLink Cable Installation and configurationFirst Steps Configuring the Elsa MicroLink CableConfiguration as a bridge Quick Start Quick configurationsPreparations LAN Off you go into the Web with a whole new sensation of speed Configuration as a routerOn the Router tab, enable the IP Router option Configuring fixed IP addresses not using Dhcp TCP/IP installationObtain IP addresses automatically use Dhcp Checking the IP configuration Configuration modes Requirements for inband configurationUser-friendly method inband Start up inband configuration using telnet Starting inband configuration using Elsa LANconfigThis command Means this For instance Configuration commandsSet/se/snmp/admin The Administrator Command to call up a trace follows this syntax How to start a traceWhats happening on the line? Trace OutputsThis is how FirmSafe works New firmware with FirmSafeExamples Elsa LANconfig How to load new softwareTftp Configuration using Snmp GeneralAccess protection in Snmp Accessing tables and parameters using SnmpCommand Target/Source Function Appending rows to tables using Snmp Deleting rows in tables using SnmpIP address IP-netmask Router name Distance Management Information Base MIB Error messages via Snmp trapConfiguration modes Password protection Security for your configurationLogin barring Operating modes and functionsSecurity for your LAN Access control via TCP/IPGlobally to TCP/IP packet filters EncryptionHiding place-IP masquerading NAT, PAT IP routing table IP routingIP address IP netmask Router Dis Tance 192.168.130.0 255.255.255.0 IP address IP netmask Router name Dist This is what happensWhat information is propagated by IP/RIP? Dynamic routing with IP/RIPWhat do the entries mean? IP address IP netmask Time Distance RouterInteraction of static and dynamic tables Local routingTwo addresses for the router IP masquerading NAT, PATSimple and inverse masquerading How does IP masquerading work?Cable TV net WorkDNS forwarding Which protocols can be transmitted using IP masquerading?Only small difference is that Rator BridgingWhat are the filter options? Automatic address administration with DhcpDhcp server Dhcp clientCable modem really belongs to two LANs IP address Network mask Broadcast addressDhcp on, off or auto? Default state is autoHow are the addresses assigned? IP address assignmentNetwork mask assignment Default gateway assignmentBroadcast address assignment DNS server assignmentPriority for a workstation-overwriting an assignment Priority for the Dhcp server Request assignmentOperating modes and functions Operating modes and functions Elsa MicroLink Cable Two standards get around this problem AccessCable modem technology StandardsNetwork of the cable network Cable TV net Registration in the cable networkOperator Work Registration Network and its components Network technologyConnection modes Host Kinds of networks IP addressingSame IP address, this time with another netmask ExamplesThis address Bytes Looks like this in bits 10.0.0.0 255.0.0.0 IP address Netmask RemarkIP routing and hierarchical IP addressing There are two considerations when using these IP addressesHost Smith External host Marketing Example Expansion through local networks 80-C7-6D-A4-6E Why a LAN is called multiprotocol-capableEasy as possible That is processed by all computers in the LANInterface only understands MAC addresses Data transfer within the LANLAN as easy as possible Host Smith LAN coupling on MAC basis Data transfer from the LAN onto the InternetTechnical basics Elsa MicroLink Cable Appendix Technical dataService Package contentsWarranty coverage Warranty conditionsWarranty period Warranty procedureAdditional regulations Operating mistakesTypenbezeichnung Declaration of conformityAppendix Elsa MicroLink Cable Index 32, 40 Gateway Heap reserve Inde7017, 32 17, 18Trace SetupInde72 Wireless linksDescription of the menu options R73 SymbolsOverview of the menus R74 Description of the menu optionsDescription of the menu options R75 StatusStatus Running status displays Status/Current-time Status/Operating-timeStatus/Cable-statistics R76 Description of the menu optionsDescription of the menu options R77 Status/LAN-statisticsLAN-statistics Running status displays R78 Description of the menu options Status/Bridge-statisticsCannot be modified manually Bridge-statistics Running status displaysDescription of the menu options R79 Status/TCP-IP-statisticsStatus/TCP-IP-statistics/ARP-statistics These statistics include the following valuesStatus/TCP-IP-statistics/IP-statistics R80 Description of the menu optionsStatus/TCP-IP-statistics/ICMP-statistics Status/TCP-IP-statistics/TCP-statistics Description of the menu options R81Status/TCP-IP-statistics/TFTP-statistics Status/TCP-IP-statistics/DHCP-statistics R82 Description of the menu optionsDescription of the menu options R83 Status/IP-router-statisticsShrinks accordingly. It has the following layout IP-router-statistics Statistics from the IP router areaStatus/IP-router-statistics/RIP-statistics R84 Description of the menu optionsProtocol LAN-tx Cable-tx IP-address IP-netmask Time Distance RouterConfig-statistics Remote configuration statistics Status/Config-statisticsStatus/Queue-statistics Description of the menu options R85IPr-RIP-queue-packets R86 Description of the menu optionsStatus/Init-status Status/MCNS-statisticsDescription of the menu options R87 MCSN-statisticsSystem configuration SetupStatus/DHCP-client-statistics R88 Description of the menu optionsSetup/LAN-module Setup/Cable-moduleEntering the following command Default configuration, no name is enteredR90 Description of the menu options Setup/Bridge-moduleDescription of the menu options R91 Setup/TCP-IP-moduleMAC-address field R92 Description of the menu options Configuration, the TCP/IP module is activatedDescription of the menu options R93 Configuration, the IP router module is activated Setup/IP-router-moduleIP-address Node-ID Last-access Connect IP-router-module IP router module settingsIP-address IP netmask Router-name Distance Description of the menu options R95Routing-method Routing method settings Setup/IP-router-module/Routing-methodR96 Description of the menu options Different settings have the following meaning Setup/IP-router-module/RIP-configurationSettings have the following meaning Description of the menu options R97R98 Description of the menu options Setup/IP-router-module/MasqueradingFollowing layout Description of the menu options R99 Setup/IP-router-module/firewallR10 Description of the menu options Setup/DHCP-server-module Setup/SNMP-moduleDescription of the menu options R10 On The device operates as a Dhcp serverR102 Description of the menu options Default value of 6000 minutes equals approximately 4 daysOff The device does not operate as a Dhcp server Network mask is assigned in the same way as the IP addressIP-address Node-ID Timeout Hostname Type Setup/Config-moduleConfig-module Configuration module settings Description of the menu options R103Firmware Firmware Display and keyboard settingsR104 Description of the menu options Module Version Description of the menu options R105Position Status Version Date Size Index Other This option allows you to reboot the deviceR106 Description of the menu options Other menu allows you to manage the following functions