327 | Motorola 7.7.4 specification

two-way message exchanges while Aggressive mode only requires 3 total message exchanges.

null modem. Cable or connection device used to connect two computing devices directly rather than over a network.

-----P-----

packet. Logical grouping of information that includes a header and data. Compare frame, datagram.

PAP. Password Authentication Protocol. Security protocol within the PPP protocol suite that prevents unauthorized access to network services. See RFC 1334 for PAP speciﬁcations. Com- pare CHAP.

parity. Method of checking the integrity of each character received over a communication channel.

Peer External IP Address. The Peer External IP Address is the public, or routable IP address of the remote gateway or VPN server you are establishing the tunnel with.

Peer Internal IP Network. The Peer Internal IP Network is the private, or Local Area Network (LAN) address of the remote gateway or VPN Server you are communicating with.

Peer Internal IP Netmask. The Peer Internal IP Netmask is the subnet mask of the Peer Internal IP Network.

PFS Enable. Enable Perfect Forward Secrecy. PFS forces a DH negotiation during Phase II of IKE-IPSec SA exchange. You can disable this or select a DH group 1, 2, or 5. PFS is a security principle that ensures that any single key being compromised will permit access to only data protected by that single key. In

327

Image 327

Motorola 7.7.4 manual 327

Contents

Administrator’s Handbook Copyright Table of Contents Advanced Setup Index Table of Contents Introduction Organization Documentation Conventions Bold terminal type User-entered text face Overview of Major Capabilities Instant-On PPP PPPoE/PPPoA Point-to-Point Protocol over Ethernet/ATM Wide Area Network Termination DNS Proxy Dhcp Dynamic Host Conﬁguration Protocol Server UPnP Embedded Web Server Diagnostics Management Remote Access Control Password ProtectionNetwork Address Translation NAT Motorola Netopia Gateway NAT Combination NAT Bypass Conﬁguration Motorola Netopia Advanced Features for NATDefault Server Internal Servers VPN IPSec Pass Through IP-Passthrough VPN IPSec Tunnel Termination Dynamic DNS Stateful Inspection Firewall Page Basic Mode Setup Important Safety Instructions Set up the Motorola Netopia Gateway Microsoft Windows Set up the Motorola Netopia Gateway Macintosh MacOS 9 or higher or Mac OS Conﬁgure the Motorola Netopia Gateway Page Configure the Motorola Netopia Gateway Motorola Netopia Gateway Status Indicator Lights Accessing the Web User Interface Links Bar Home Page Information Home Home Page Links Wireless ID Ssid Enable Wireless Privacy Advanced Conﬁguration Options optional Operating Mode Default Channel About Closed System Mode and Wireless Encryption Privacy Radius Server authentication Page WPA-PSK WEP-Manual Examples Enable Multiple Wireless IDs Home Page WiFi Multimedia Page Wireless MAC Authorization optional Page Home Link Gaming Supported Games and Software Http Deﬁne Custom Service Page Static NAT Page Link Advanced Setup Link Status ATM LAN Wireless supported models only User List Link Diagnostics Link Help Open the Web Connection Advanced SetupPage Home Page Advanced Setup Summary Information Advanced Setup Conﬁgure Link Conﬁgure Link Connection Select the IP Type Links Bar Link Dhcp Server Additional IP Subnets Page Link IP Passthrough Click Enable Link NAT Page Supported Games and Software Nntp Deﬁne Custom Service Page Static NAT IPSec VPN Link IPSec Conﬁguring an IPSec VPN Tunnel Parameter Motorola Netopia Peer Gateway Tunnel Conﬁguration page appears Click the Submit button Links Bar Parameter Descriptions 100 PAT Address 101 Soft MBytes 102 103 104 Link Router Password 105 Link Time Zone 106 Overview 107 Ethernet Switching/Policy Setup 108 109 110 111 112 113 Multiple Wireless IDs on 114 115 116 117 Example 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 Link Status 145 Ethernet 146 Wireless 147 Logs 148 User List 149 Result Meaning 150 151 Link Remote Access 152 From a Server 153 Link Reset Router 154 Link Restart Router 155 156 Help 157 Basic Troubleshooting 158 Status Indicator Lights 159 LED Function Summary Matrix Thicker than the standard telephone cable 160 161 Rear View 162 163 Command Line Interface 164 165 Overview 166 167 Config Commands 168 Logging Saving Settings Ending a CLI Session169 Shell Command Shortcuts Shell Prompt170 Common Commands 172 Download serveraddress ﬁlename conﬁrm License key Loglevel level173 Netstat Netstat -r174 Reset crash Reset arpReset atm Reset cdmode Reset security-log Reset heartbeatReset ipmap Reset log Show bridge interfaces Show backupRestart seconds Show all-info 178 Show diffservShow dslf device-association Show enet all Show ip arp Show featuresShow etheroam ah Show group-mgmt Show ip ﬁrewall Show ip igmpShow ip interfaces Show ip ipsec Show rtsp Show logShow memory all Show pppoe 182 Show vlan 183 Show wireless all Show wireless clients MACaddress184 Who WAN CommandsUpload serveraddress ﬁlename conﬁrm View conﬁg Reset ppp vccn Reset dhcp client release vcc-idReset dhcp client renew vcc-id Reset dsl Start ppp vccn Config Mode PromptNavigating the Config Hierarchy Show ppp stats lcp ipcp Entering Commands in Config Mode Set ip ethernet a ipaddress188 189 Guidelines Config CommandsDisplaying Current Gateway Settings Step Mode a CLI Conﬁguration Technique 190 Validating Your Conﬁguration Remote ATA Conﬁguration Commands Set ata proﬁle 0.. ata-static-wan-gateway ipaddr Set ata proﬁle 0.. ata-dhcpc-vid stringSet ata proﬁle 0.. ata-static-wan-ip ipaddr Set ata proﬁle 0.. ata-static-wan-subnet-mask subnetmask Set ata proﬁle 0.. ata-user-name string Set ata proﬁle 0.. ata-user-password stringSet ata proﬁle 0.. ata-outproxy-port port Set ata proﬁle 0.. ata-auth-id value Set atm vcc n option on off DSL CommandsSet atm vcc n qos service-class cbr ubr vbr Set atm option on off Set atm vcc n vci 0 Set atm vcc n qos sustained-cell-rate 1 ...nSet atm vcc n qos max-burst-size 1 ...n Set atm vcc n vpi 0 Set bridge concurrent-bridging-routing on off Bridging SettingsSet atm vccn pppoe-sessions 1 Set bridge sys-bridge on off 197 Set bridge table-timeout 30Set bridge ethernet option on off Set bridge dsl vccn option on off Dhcp Settings Set dhcp range 2.. end-address ipaddress Set dhcp default-option-group nameSet dhcp server-address ipaddress Set dhcp range 2.. start-address ipaddress Set dhcp gen-option name name Set dhcp gen-option option 1200 Option Data Format Data Size Can Bytes Conﬁgure 201 202 Set dhcp gen-option data-type ascii hex dotted-decimal Set dhcp gen-option data data203 Set dhcp ﬁlterset name string rule n dhcp-option 0 Set dhcp ﬁlterset name string rule n absent-action204 Set dhcp ﬁlterset name string rule n absent-pool ipaddress Pass discard continueSet dhcp ﬁlterset name string rule n match-str matchstring Set dhcp ﬁlterset name string rule n match-pool ipaddress 206 Set dhcp assigned-ﬁlterset string Set dmt dsl-annex-support off on DMT SettingsSet dmt dmt dying-gasp default off on Set dmt wiringMode auto tipring AA1 Set dns domain-name domain-name Set dmt metallic-termination auto disabled alwaysonDomain Name System Settings Set dns proxy-enable Set dns secondary-address ipaddress Set dns conﬁgured-dns-priority 0209 210 211 Igmp Settings 212 Set igmp query-response-intvl value Set igmp snooping off onSet igmp robustness value Set igmp query-intvl value Set igmp last-member-query-intvl value Set igmp wireless-m2u on offSet igmp log-enable on off Set igmp version 1 2 Set ip dsl vccn address ipaddress IP SettingsSet ip arp-timeout 60 Set ip option on off Set ip dsl vccn addr-mapping on off Set ip dsl vccn restrictions admin-disabled noneSet ip dsl vccn broadcast broadcastaddress Set ip dsl vccn netmask netmask Set ip dsl vccn rip-send off v1 v2 v1-compat v2-MD5 Set ip dsl vccn mcast-fwd on offSet ip dsl vccn igmp-null-source-addr on off Set ip dsl vccn unnumbered on off Set ip ethernet a broadcast broadcastaddress Set ip dsl vccn rip-receive Off v1 v2 v1-compat v2-MD5Set ip ethernet a option on off Set ip ethernet a address ipaddress 219 Set ip ethernet a restrictions none admin-disabledSet ip ethernet a netmask netmask Set ip ethernet a rip-send Off v1 v2 v1-compat v2-MD5 Set ip ethernet a subnet n netmask netmask Set ip ethernet a rip-receive off v1 v2 v1-compat v2-MD5Set ip ethernet a subnet 2 .. option on off Set ip ethernet a subnet n address ipaddress 221 Set ip ip-ppp vccn option on offSet ip ip-ppp vccn address ipaddress Set ip ip-ppp vccn peer-address ipaddress Set ip ip-ppp vccn rip-send off v1 v2 v1-compat v2-MD5 Set ip ip-ppp vccn restrictions admin-disabled noneSet ip ip-ppp vccn addr-mapping on off Set ip ip-ppp vccn auto-sensing off dhcp/pppoe pppoe/pppoa Set ip ip-ppp vccn unnumbered on off Set ip ip-ppp vccn rip-receive off v1 v2 v1-compat v2-MD5Set ip ip-ppp vccn igmp-null-source-addr on off Set ip ip-ppp vccn mcast-fwd on off 224 Set ip ip-ppp vccn dns acquired-dns-priority 0 225 Set ip static-arp ip-addressipaddressSet ip igmp-forwarding off on Set ip ipsec-passthrough off on 226 Set ip prioritize off on Set diffserv option off on Set diffserv lohi-ratio 60 100 percent227 228 Qos off assure expedite network-control 229 Set diffserv qos dscp-map default custom 230 By default, the following settings are used in custom mode 231 Queue Conﬁguration 232 233 Set queue name wfq weight-type bps 234 235 Set queue name priorityqueuename default-inputqueuename 236 Rate-limiting weighted fair queue to 100Kbps 237 Set ip sip-passthrough on offSet ip ethernet B rtsp-passthrough off on Set ip static-routes destination-networknetaddress 238 Set ip-maps name name external-ip ip address IPMaps SettingsDelete ip static-routes destination-network netaddress Set ip-maps name name internal-ip ip address Network Address Translation NAT Pinhole Settings Network Address Translation NAT Default Settings Set pinhole name name external-port-end 0 Set pinhole name nameSet pinhole name name protocol-select tcp udp Set pinhole name name external-port-start 0 PPPoE /PPPoA Settings Set ppp module vccn lost-echoes-max integer Set ppp module vccn protocol-compression on offSet ppp module vccn lcp-echo-requests on off Set ppp module vccn echo-period integer Set ppp module vccn time-out integer Set ppp module vccn restart-timer integerSet ppp module vccn terminate-max integer Set ppp module vccn connection-type instant-on always-on Set ppp module vccn port-authentication username username Set ppp module vccn port-authentication password password245 Set wan-over-ether ipoe-sessions 1 PPPoE with IPoE SettingsSet wan-over-ether pppoe on off Set wan-over-ether pppoe-with-ipoe on off 247 Set atm vcc n encap pppoe-llc 248 Ethernet Port SettingsSet ip ip-ppp vcc1 mcast-fwd on off Set ip ip-ppp vcc1 igmp-null-source-addr off on Set ethernet oam ah pass-through off on 802.3ah Ethernet OAM SettingsSet ethernet oam ah mode active passive Set ethernet oam ah option off on 250 Set ethernet oam ah discovery-timer 1Set ethernet oam ah keepalive-timer 5 Etheroam ah ping 251 Command Line Interface Preference SettingsSet preference verbose on off Set preference more lines 252 Port Renumbering SettingsSet servers web-http 1 Set servers telnet-tcp 1 253 Security Settings Application Select this Level Other Considerations 254 Port Session Type Port State 255 256 Set security ipsec option off on off Set security ipsec tunnels name 123 tun-enable on on off Set security ipsec tunnels name257 258 Set security ipsec tunnels name 123 IKE-mode DH-group 1 1 2 Set security ipsec tunnels name 123 xauth username username Set security ipsec tunnels name 123 xauth enable off onSet security ipsec tunnels name 123 xauth password password Set security ipsec tunnels name 123 nat-enable on off Set security ipsec tunnels name 123 local-id idvalue Set security ipsec tunnels name 123 remote-id idvalue260 261 262 Set security state-insp tcp-timeout 30 Set security state-insp xposed-addr Set security state-insp udp-timeout 30Set security state-insp dos-detect off on Set security state-insp xposed-addr exposed-address# n 264 Exposed-address# n protocol tcp udp both any Snmp Settings Set snmp v3 enable off on Set snmp notify type v1-trap v2-trap inform266 Set snmp v3 ro-account security-model none auth auth+priv Set snmp v3 ro-account auth-passwordSet snmp v3 ro-account priv-password Set snmp v3 ro-account security-name string Set snmp v3 rw-account security-model none auth auth+priv Set snmp v3 rw-account auth-passwordSet snmp v3 rw-account priv-password Set snmp v3 rw-account security-name string 269 System SettingsShow snmp v3 engine-id Set system name name 270 Set system log-size 10240 Set system idle-timeout telnet 1...120 http 1Set system username administrator name user name Set system ftp-server option off on Set system password admin user Sleep Contact-email string@domainname location string272 Set system zerotouch option on off Set system zerotouch redirect-url redirection-URL273 Syslog 275 Default syslog installation procedure 276 Type save Wireless Settings supported models Set wireless mode both-b-and-g b-only g-only Set wireless multi-ssid option on off278 279 Set wireless no-bridging off on Set wireless tx-power full medium fair low minimal280 281 Set wireless wmm option off on 282 283 Set wireless network-id privacy pre-shared-key string Set wireless network-id privacy default-keyid284 285 Set wireless mac-auth option on off 286 Set radius alt-radius-secret sharedsecret Set radius radius-name servernamestringSet radius radius-secret sharedsecret Set radius alt-radius-name servernamestring Vlan Settings Set vlan name name ports port port-pbits 0 Set vlan name name ports port tag off onSet vlan name name ports port priority off on Set vlan name name ports port promote off on Assign an IP interface 290 291 An example of a Triple-Play setup Set vlan name PPPoE11 id 292 293 Set voip phone 0 1 sip-proxy-server-domain domainname VoIP settingsSet voip phone 0 1 sip-option off on Set voip phone 0 1 sip-proxy-server servername ipaddress Set voip phone 0 1 sip-user-display-name name Set voip phone 0 1 sip-registrar-setting sip-expires-time 0Set voip phone 0 1 sip-user-password password Set voip phone 0 1 sip-out-proxy-server Set voip phone 0 1 codec G72624 priority 1 2 3 4 5 6 7 none 3 4 5 6 7 noneSet voip phone 0 1 codec G729A priority 1 2 3 4 5 6 7 none Set voip phone 0 1 codec G72616 priority 1 2 3 4 5 6 7 none 297 298 Set voip phone 0 1 sip-advanced-setting dsp-settings 299 Echo-max-attenuation 0 300 Set upnp read-only off on UPnP settingsSet upnp option on off Set upnp log off on DSL Forum settings Set dslf-lanmgmt option off on302 303 Set backup ping-host 1 2 name address Backup IP Gateway SettingsSet backup option disabled manual automatic Set backup failure-timeout 1 Set ip backup-gateway interface ip-address Set backup auto-recovery off onSet backup recovery-timeout 1 Set ip backup-gateway option on off 306 Vdsl Settings 307 Vdsl Parameter Defaults Vdsl Parameters Accepted Values 308 Parameter 309 Etsi M2 CAB 310 311 312 313 314 315 Glossary 316 317 318 319 320 321 Ethernet crossover cable. See crossover cable 322 323 324 325 326 327 328 329 330 331 332 333 Description Software and protocols 334 335 Agency approvals 336 Manufacturer’s Declaration of Conformance Declaration for Canadian users 337 338 Important Safety Instructions 339 CFR Part 68 Information 340 Electrical Safety Advisory 341 Copyright Acknowledgments 342 343 344 Index DSL 66 248 NTP VPI/VCI 350