Manuals / Netopia / Computer Equipment / Network Router

Netopia 4542, 4541 manual Example

Models: 4542 4541

1 209

Download 209 pages 41.22 Kb

Page 171

Security 11-27

Example 4

		Filter Rule:		200.1.1.96		(Source IP Network Address)

				255.255.255.240		(Source IP Mask)

				Forward = No		(What happens on match)

Incoming packet has the source address of 200.1.1.104.

	IP Address		Binary Representation

	200.1.1.104		01101000		(Source address in incoming IP packet)

	AND

	255.255.255.240		11110000		(Perform the logical AND)

			01100000		(Logical AND result)

Since the Source IP Network Address in the Netopia 4541/4542 is 01100000, and the source IP address after the logical AND is 01100000, this rule does match and this packet will not be forwarded.

Example 5

		Filter Rule:		200.1.1.96		(Source IP Network Address)

				255.255.255.255		(Source IP Mask)

				Forward = No		(What happens on match)

Incoming packet has the source address of 200.1.1.96.

	IP Address		Binary Representation

	200.1.1.96		01100000		(Source address in incoming IP packet)

	AND

	255.255.255.255		11111111		(Perform the logical AND)

			01100000		(Logical AND result)

Since the Source IP Network Address in the Netopia 4541/4542 is 01100000, and the source IP address after the logical AND is 01100000, this rule does match and this packet will not be forwarded. This rule masks off a single IP address.

Image 171

Netopia 4542, 4541 manual Example

Contents

Netopia 4541 Adsl Routers Part Number Contents User’s Reference Guide Contents User’s Reference Guide Snmp Limited Warranty and Limitation of Remedies-Revised January Features and capabilities Chapter IntroductionOverview How to use this guide Chapter Making the Physical Connections Find a locationWhat you need Adsl port Ethernet port Identify the connectors and attach the cablesNetopia 4541/4542 Adsl Router status lights User’s Reference Guide Conﬁguring TCP/IP on Windows-based Computers Chapter Sharing the ConnectionConﬁguration tab Dynamic conﬁguration recommendedStatic conﬁguration optional Add. Repeat this process for the secondary DNS TCP/IP Conﬁguring TCP/IP on Macintosh ComputersTCP/IP or MacTCP Sharing the Connection User’s Reference Guide Readying computers on your local network Chapter Connecting to Your Local Area NetworkConnecting to an Ethernet network Chapter Console-Based Management Connecting through a Telnet session Filter sets ﬁrewalls. See Security onSnmp Simple Network Management Protocol. See Snmp on Conﬁguring Telnet software Connecting a console cable to your routerMac ANSI, VT-100, or VT-200 Navigating through the console screensChapter Easy Setup Easy Setup console screensAccessing the Easy Setup console screens Quick Easy Setup connection path Main Menu appears DSL Line ConﬁgurationEasy Setup Proﬁle IP Easy Setup Ethernet IP Address 192.168.1.1 Ethernet Subnet Mask Easy Setup Security Conﬁguration User’s Reference Guide WAN conﬁguration Chapter WAN and System ConfigurationConfiguration Setup Adsl Line Conﬁguration screen appearsFDM Cancel Creating a new Connection Proﬁle PAP Easy Setup Profile 255.225.255.255 0.0 Default Profile Default Proﬁle screen appears Default proﬁleIP parameters default proﬁle screen Configuration Scheduled ConnectionsScheduled connections Viewing scheduled connections Adding a scheduled connection Set Weekly Schedule Set Once-Only Schedule Modifying a scheduled connection Deleting a scheduled connectionSystem conﬁguration screens Navigating through the system conﬁguration screens System conﬁguration features Date and time IP setupFilter sets ﬁrewalls IP address servingSnmp Simple Network Management Protocol Console conﬁgurationUpgrade feature set SecurityLogging Installing the Syslog client User’s Reference Guide Chapter IP Setup IP Address Serving IP Setup IP subnets For example Static routes Viewing static routes Static Routes screen will appearAdding a static route Rules of static route installation Modifying a static routeDeleting a static route Main Menu System Configuration IP Address Serving IP Setup IP Address Serving IP Address Serving Mode IP Address Pools User’s Reference Guide Dhcp NetBIOS Options NetBios Type More Address Serving Options Conﬁguring the IP Address Server options Scroll UP 192.168.1.112 192.168.1.113 Scroll Down Lease Management 192.168.1.101 Dhcp Dhcp Relay Agent Dhcp Relay Agent Connection Proﬁles Easy-PAT List WAN Configuration User’s Reference Guide Chapter Multiple Network Address Translation FeaturesStatic mapping Following is a general description of these featuresPort Address Translation Server listsWAN Network Complex maps MultiNAT Conﬁguration Supported trafﬁcServer Lists and Dynamic NAT conﬁguration Easy Setup Proﬁle conﬁgurationSelect Network Address Translation NAT and press Return NAT rules Network Address Translation screen appearsAdd NAT Public Range screen appears ADD NAT MAP Select Show/Change NAT Map List screen appears Modifying map listsChange NAT MAP Adding Server Lists ADD NAT Server Port Show/Change NAT Server List screen appears Modifying server listsChange NAT Server Deleting a server IP proﬁle parameters Binding Map Lists and Server Lists+--NAT Map List Name Toggle Address Translation Enabled to Yes IP Parameters WAN Default ProﬁleIP Parameters Default Profile NAT Associations NAT Associations +NAT Map List Name-+ MultiNAT Conﬁguration Example Previous Screen Enter your ISP-supplied values as shown belowChange NAT Public Range ADD NAT MAP User’s Reference Guide Chapter Virtual Private Networks VPNs Transit Intern etwork Summary About Pptp TunnelsPptp conﬁguration Configuration Add Connection ProfileChap User’s Reference Guide Conﬁguration About IPsec TunnelsDES Encryption Key Authentication Type IP Proﬁle Parameters Advanced IP Proﬁle Options Interoperation with other features About Atmp TunnelsAtmp conﬁguration Data Link Options Frame Relay RFC1483 User’s Reference Guide MS-CHAP V2 and 128-bit strong encryption Encryption SupportTransparently ATMP/PPTP Default ProﬁleQuickView VPN QuickViewDial-Up Networking for VPN Installing Dial-Up NetworkingCreating a new Dial-Up Networking proﬁle Conﬁguring a Dial-Up Networking proﬁle Windows 95 VPN installation Installing the VPN ClientWindows 98 VPN installation Allowing VPNs through a Firewall Connecting using Dial-Up NetworkingFilter Sets Display/Change Basic Firewall Pptp exampleGRE Atmp example Virtual Private Networks VPNs UDP Change Output Filter EnabledYes ForwardYes Source IP Address User’s Reference Guide Chapter Security Suggested security measuresUser accounts Protecting the conﬁguration screens Protecting the Security Options screenTelnet access About ﬁlters and ﬁlter sets What’s a ﬁlter and what’s a ﬁlter set?How ﬁlter sets work Forward Filter priorityﬁltering rule How individual ﬁlters workWho 513 Parts of a ﬁlterPort numbers 161 Aurp AppleTalk 387Other ﬁlter attributes Port number comparisonsUser Datagram Protocol Putting the parts togetherInternet Control Message Protocol Transmission Control ProtocolFiltering example #2 Filtering example #1Disadvantages of ﬁlters Design guidelinesAn approach to using ﬁlters Working with IP ﬁlters and ﬁlter setsAdding a ﬁlter set Naming a new ﬁlter set Netopia Router Adding ﬁlters to a ﬁlter setANY Modifying ﬁlters Viewing ﬁltersMoving ﬁlters Deleting a ﬁlter setSample ﬁlter set Deleting ﬁltersTCP Icmp UDP Possible modiﬁcations Firewall tutorial General ﬁrewall terms Basic IP packet components Basic protocol typesExample TCP/UDP Ports Firewall Logic UDP Port ServiceFirewall design rules AurpLogical and function Implied rulesEstablished connections Filter basics Example ﬁlter set screenThis is an example of the Netopia ﬁlter set screen Example ﬁlters Example networkExample Example Example User’s Reference Guide Quick View status overview Chapter Monitoring ToolsATM Adsl WAN General statusStatus lights Current statusEvent histories Statistics & LogsDevice Event History WAN Event HistoryDevice Event History Current Date IP Routing Table General StatisticsMain Menu Statistics & Logs Network Interface Physical InterfaceSnmp System InformationCommunity strings Snmp Setup screenSnmp traps Deleting IP trap receivers Setting the IP trap receiversViewing IP trap receivers Modifying IP trap receiversChapter Utilities and Diagnostics Ping Utilities and Diagnostics Time Trace RouteTelnet client Telnet client screen appears Factory defaultsUpdating ﬁrmware Transferring conﬁguration and ﬁrmware ﬁles with TftpDownloading conﬁguration ﬁles Transferring conﬁguration and ﬁrmware ﬁles with Xmodem Uploading conﬁguration ﬁlesUpdating ﬁrmware Do you want to send a saved configuration to your Netopia? Restarting the system Conﬁguration problems Appendix a TroubleshootingNetwork problems Console connection problemsPower outages How to reset the router to factory defaultsBefore contacting Netopia How to reach usNetopia Bulletin Board Service 1 Technical supportOnline product information Product information can be found in the followingFAX-Back User’s Reference Guide Appendix B Technical Specifications and Safety Information International Regulatory noticesDecember 1 Canada CSA CAN/CSA-C22.2 No FCC Part 15 Class BDeclaration for Canadian users Technical Speciﬁcations and Safety Information B-3Battery Important safety instructionsAustralian Safety Information Telecommunication installation cautionsTechnical Speciﬁcations and Safety Information B-5 User’s Reference Guide Limited Warranty and Limitation of Remedies-Revised January