Advanced IP Proﬁle Options | Netopia 4542, 4541 manual

Virtual Private Networks (VPNs) 10-11

Map Lists, Server Lists, and PAT addresses are described in detail in Chapter 9, “Multiple Network Address Translation.”

■You can specify a Filter Set. See "About ﬁlters and ﬁlter sets" on page 11-4.

■You can remove a Filter Set.

■You can choose to conﬁgure Advanced IP Proﬁle Options (see “Advanced IP Proﬁle Options,” in the following section).

Note: The SPI title ﬁeld above changes to SPI (Security Parameters Index) -- Use Advanced IP Proﬁle Options if any of the SPI values differ from each other.

Advanced IP Proﬁle Options

Advanced IP Profile Options

ESP Receive SPI:	123456789
ESP Transmit SPI:	123456789
AH Receive SPI:	123456789
AH Transmit SPI:	123456789
Local Tunnel Endpoint Address:	0.0.0.0
Next Hop Gateway:	0.0.0.0

SPI = Security Parameters Index, valid range is 1 - 4294967295.

■You can specify an ESP Receive SPI. The value must be unique over the set of all ESP SPIs speciﬁed for the remote tunnel endpoint.

■You can specify an ESP Transmit SPI. The value must be unique over the set of all ESP SPIs speciﬁed for the remote tunnel endpoint.

■You can specify an AH Receive SPI if AH authentication has been requested. The value must be unique over the set of all AH SPIs speciﬁed for the router.

■You can specify an AH Transmit SPI if AH authentication has been requested. The value must be unique over the set of all AH SPIs speciﬁed for the remote tunnel endpoint.

■You can specify a Local Tunnel Endpoint Address. If not 0.0.0.0, this value must be one of the assigned interface addresses, either WAN or LAN. This is used as the source address of all IPsec trafﬁc.

■You can specify a Next Hop Gateway. If you specify the Remote Tunnel Endpoint Address, and the address is in the same subnet as the Remote Members Network you speciﬁed in the IP Proﬁle Parameters, the Next Hop Gateway option allows you to enter the address by which the gateway partner is reached.

Image 125

Netopia 4542, 4541 manual Advanced IP Proﬁle Options

Contents

Netopia 4541 Adsl Routers Part Number Contents User’s Reference Guide Contents User’s Reference Guide Snmp Limited Warranty and Limitation of Remedies-Revised January Overview Features and capabilitiesChapter Introduction How to use this guide What you need Chapter Making the Physical ConnectionsFind a location Adsl port Ethernet port Identify the connectors and attach the cables Netopia 4541/4542 Adsl Router status lights User’s Reference Guide Conﬁguring TCP/IP on Windows-based Computers Chapter Sharing the Connection Conﬁguration tab Dynamic conﬁguration recommended Static conﬁguration optional Add. Repeat this process for the secondary DNS TCP/IP Conﬁguring TCP/IP on Macintosh Computers TCP/IP or MacTCP Sharing the Connection User’s Reference Guide Readying computers on your local network Chapter Connecting to Your Local Area Network Connecting to an Ethernet network Chapter Console-Based Management Snmp Simple Network Management Protocol. See Snmp on Connecting through a Telnet sessionFilter sets ﬁrewalls. See Security on Conﬁguring Telnet software Connecting a console cable to your router Mac ANSI, VT-100, or VT-200 Navigating through the console screens Accessing the Easy Setup console screens Chapter Easy SetupEasy Setup console screens Quick Easy Setup connection path Main Menu appears DSL Line Conﬁguration Easy Setup Proﬁle IP Easy Setup Ethernet IP Address 192.168.1.1 Ethernet Subnet Mask Easy Setup Security Conﬁguration User’s Reference Guide Configuration Chapter WAN and System ConfigurationSetup Adsl Line Conﬁguration screen appears WAN conﬁguration FDM Cancel Creating a new Connection Proﬁle PAP Easy Setup Profile 255.225.255.255 0.0 Default Profile Default Proﬁle screen appears Default proﬁle Scheduled connections IP parameters default proﬁle screenConfiguration Scheduled Connections Viewing scheduled connections Adding a scheduled connection Set Weekly Schedule Set Once-Only Schedule System conﬁguration screens Modifying a scheduled connectionDeleting a scheduled connection Navigating through the system conﬁguration screens System conﬁguration features Filter sets ﬁrewalls IP setupIP address serving Date and time Snmp Simple Network Management Protocol Console conﬁguration Logging Upgrade feature setSecurity Installing the Syslog client User’s Reference Guide Chapter IP Setup IP Address Serving IP Setup IP subnets For example Static routes Viewing static routes Static Routes screen will appear Adding a static route Deleting a static route Rules of static route installationModifying a static route Main Menu System Configuration IP Address Serving IP Setup IP Address Serving IP Address Serving Mode IP Address Pools User’s Reference Guide Dhcp NetBIOS Options NetBios Type More Address Serving Options Conﬁguring the IP Address Server options Scroll UP 192.168.1.112 192.168.1.113 Scroll Down Lease Management 192.168.1.101 Dhcp Dhcp Relay Agent Dhcp Relay Agent Connection Proﬁles Easy-PAT List WAN Configuration User’s Reference Guide Chapter Multiple Network Address Translation Features Port Address Translation Following is a general description of these featuresServer lists Static mapping WAN Network Complex maps MultiNAT Conﬁguration Supported trafﬁc Server Lists and Dynamic NAT conﬁguration Easy Setup Proﬁle conﬁguration Select Network Address Translation NAT and press Return NAT rules Network Address Translation screen appears Add NAT Public Range screen appears ADD NAT MAP Select Show/Change NAT Map List screen appears Modifying map lists Change NAT MAP Adding Server Lists ADD NAT Server Port Show/Change NAT Server List screen appears Modifying server lists Change NAT Server Deleting a server IP proﬁle parameters Binding Map Lists and Server Lists +--NAT Map List Name Toggle Address Translation Enabled to Yes IP Parameters WAN Default Proﬁle IP Parameters Default Profile NAT Associations NAT Associations +NAT Map List Name-+ MultiNAT Conﬁguration Example Previous Screen Enter your ISP-supplied values as shown below Change NAT Public Range ADD NAT MAP User’s Reference Guide Chapter Virtual Private Networks VPNs Transit Intern etwork Summary About Pptp Tunnels Pptp conﬁguration Configuration Add Connection Profile Chap User’s Reference Guide Conﬁguration About IPsec Tunnels DES Encryption Key Authentication Type IP Proﬁle Parameters Advanced IP Proﬁle Options Atmp conﬁguration Interoperation with other featuresAbout Atmp Tunnels Data Link Options Frame Relay RFC1483 User’s Reference Guide MS-CHAP V2 and 128-bit strong encryption Encryption Support Transparently ATMP/PPTP Default Proﬁle QuickView VPN QuickView Dial-Up Networking for VPN Installing Dial-Up Networking Creating a new Dial-Up Networking proﬁle Conﬁguring a Dial-Up Networking proﬁle Windows 95 VPN installation Installing the VPN Client Windows 98 VPN installation Allowing VPNs through a Firewall Connecting using Dial-Up Networking Filter Sets Display/Change Basic Firewall Pptp example GRE Atmp example Virtual Private Networks VPNs UDP Change Output Filter EnabledYes ForwardYes Source IP Address User’s Reference Guide User accounts Chapter SecuritySuggested security measures Protecting the conﬁguration screens Protecting the Security Options screen Telnet access How ﬁlter sets work About ﬁlters and ﬁlter setsWhat’s a ﬁlter and what’s a ﬁlter set? Forward Filter priority ﬁltering rule How individual ﬁlters work Port numbers Parts of a ﬁlter161 Aurp AppleTalk 387 Who 513 Other ﬁlter attributes Port number comparisons Internet Control Message Protocol Putting the parts togetherTransmission Control Protocol User Datagram Protocol Filtering example #2 Filtering example #1 Disadvantages of ﬁlters Design guidelines Adding a ﬁlter set An approach to using ﬁltersWorking with IP ﬁlters and ﬁlter sets Naming a new ﬁlter set Netopia Router Adding ﬁlters to a ﬁlter set ANY Modifying ﬁlters Viewing ﬁlters Sample ﬁlter set Deleting a ﬁlter setDeleting ﬁlters Moving ﬁlters TCP Icmp UDP Possible modiﬁcations Firewall tutorial General ﬁrewall terms Example TCP/UDP Ports Basic IP packet componentsBasic protocol types Firewall design rules UDP Port ServiceAurp Firewall Logic Established connections Logical and functionImplied rules This is an example of the Netopia ﬁlter set screen Filter basicsExample ﬁlter set screen Example Example ﬁltersExample network Example Example User’s Reference Guide Quick View status overview Chapter Monitoring Tools ATM Adsl WAN General status Status lights Current status Event histories Statistics & Logs Device Event History WAN Event History Device Event History Current Date Main Menu Statistics & Logs IP Routing TableGeneral Statistics Network Interface Physical Interface Snmp System Information Community strings Snmp Setup screen Snmp traps Viewing IP trap receivers Setting the IP trap receiversModifying IP trap receivers Deleting IP trap receivers Chapter Utilities and Diagnostics Ping Utilities and Diagnostics Time Trace Route Telnet client Telnet client screen appears Factory defaults Updating ﬁrmware Transferring conﬁguration and ﬁrmware ﬁles with Tftp Downloading conﬁguration ﬁles Transferring conﬁguration and ﬁrmware ﬁles with Xmodem Uploading conﬁguration ﬁles Updating ﬁrmware Do you want to send a saved configuration to your Netopia? Restarting the system Conﬁguration problems Appendix a Troubleshooting Network problems Console connection problems Power outages How to reset the router to factory defaults Netopia Bulletin Board Service 1 How to reach usTechnical support Before contacting Netopia FAX-Back Online product informationProduct information can be found in the following User’s Reference Guide Appendix B Technical Specifications and Safety Information December 1 Canada CSA CAN/CSA-C22.2 No Regulatory noticesFCC Part 15 Class B International Declaration for Canadian users Technical Speciﬁcations and Safety Information B-3 Australian Safety Information Important safety instructionsTelecommunication installation cautions Battery Technical Speciﬁcations and Safety Information B-5 User’s Reference Guide Limited Warranty and Limitation of Remedies-Revised January