Manuals / Netopia / Computer Equipment / Network Router

Netopia 4752 manual Example

Models: 4752

1 284

Download 284 pages 8.12 Kb

Page 197

Security 13-25

Example 2

		Filter Rule:		200.1.1.0		(Source IP Network Address)

				255.255.255.128		(Source IP Mask)

				Forward = No		(What happens on match)

Incoming packet has the source address of 200.1.1.184.

	IP Address		Binary Representation

	200.1.1.184		10111000		(Source address in incoming IP packet)

	AND

	255.255.255.128		10000000		(Perform the logical AND)

			10000000		(Logical AND result)

This incoming IP packet (10000000) has a source IP address that does not match the network address in the Source IP Address ﬁeld (00000000) in the Netopia 4752. This rule will forward this packet because the packet does not match.

Example 3

		Filter Rule:		200.1.1.96		(Source IP Network Address)

				255.255.255.240		(Source IP Mask)

				Forward = No		(What happens on match)

Incoming packet has the source address of 200.1.1.184.

	IP Address		Binary Representation

	200.1.1.184		10111000		(Source address in incoming IP packet)

	AND

	255.255.255.240		11110000		(Perform the logical AND)

			10110000		(Logical AND result)

Since the Source IP Network Address in the Netopia 4752 is 01100000, and the source IP address after the logical AND is 1011000, this rule does not match and this packet will be forwarded.

Image 197

Netopia 4752 manual Example

Contents

Netopia Sdsl Integrated Access Device Part Number Contents Part II Advanced Configuration Contents 12-16 Contents Snmp Part III Appendixes Glossary Index Limited Warranty and Limitation of Remedies Part I Getting Started Administration Guide Overview Features and CapabilitiesChapter Introduction How to Use This Guide Finding an Internet Service Provider Chapter Setting Up Internet ServicesSmartIP Deciding on an ISP AccountWithout Network Address Translation Obtaining Information from the ISPWith Network Address Translation Administration Guide Find a Location Chapter Making the Physical ConnectionsWhat You Need 10/100 Ethernet port Identify the Connectors and Attach the CablesNetopia 4752 Status Lights Chapter Sharing the Connection Dynamic conﬁguration recommended Conﬁguring TCP/IP on Windows-based ComputersStatic conﬁguration optional Add. Repeat this process for the secondary DNS TCP/IP Conﬁguring TCP/IP on Macintosh ComputersTCP/IP or MacTCP Sharing the Connection Administration Guide Chapter Connecting to Your Local Network Readying Computers on Your Local Network Telephone Extension ports Connecting to an IP and Telephone NetworkAdministration Guide Chapter Console-Based Management Snmp Simple Network Management Protocol. See Snmp on Connecting through a Telnet SessionConﬁguring Telnet software Connecting a Console Cable to Your Device Mac ANSI, VT-100, or VT-200 PC ANSI-BBSNavigating through the Console Screens Administration Guide Accessing the Easy Setup console screens Chapter Easy SetupEasy Setup Console Screens Screen similar to the following Main Menu appears LLC Snap Quick Easy Setup Connection PathAdministration Guide Main Menu appears Sdsl Line ConﬁgurationYES Easy Setup Voice Easy Setup Easy Setup Proﬁle IP Easy Setup Easy Setup Security Conﬁguration Previous Screen To Main Menu Introduction Chapter Voice ConfigurationVoice Conﬁguration screen appears Configuring the Voice FeaturesRing Cadence 20 Hz Port Configuration Voice Coding Mu-law Administration Guide Part II Advanced Configuration Administration Guide Chapter WAN and System Configuration Setup ConfigurationWAN Conﬁguration Sdsl Line Conﬁguration screen appearsPPP Sdsl Line Configuration Multiple ATM PVC overview Multiple ATM Permanent Virtual Circuit SupportSelect Display/Change Circuit and press Return Multiple ATM PVC configurationSetup Sdsl Line Configuration Changing a circuit Administration Guide Choosing Add Circuit displays the Add Circuit screen Adding a circuitSelect VC Trafﬁc Statistics Monitoring multiple virtual circuitsATM VC Statistics screen appears Commit Creating a New Connection ProﬁleDatalink PPP/MP Options Data Compression 0.0 Default Profile Default Proﬁle screen appears WAN Default ProﬁleFor details on setting up IP Parameters see IP Setup on IP Parameters Default Proﬁle screenNavigating through the System Conﬁguration screens ATMP/PPTP Default ProﬁleSystem Conﬁguration Screens System Conﬁguration Features Filter sets IP setupIP address serving Date and timeConsole conﬁguration Security Upgrade feature setSnmp Simple Network Management Protocol Logging Installing the Syslog clientPPP PAP Following screen shows a sample syslog dump of WAN eventsAdministration Guide Chapter IP Setup IP Address Serving IP Setup IP subnets For example Static routes Viewing static routes Static Routes screen will appearAdding a static route Deleting a static route Rules of static route installationModifying a static route IP Address Serving Main Menu System Configuration IP Address ServingIP Setup Dhcp NetBios Options Serve Bootp Clients IP Address Pools Administration Guide Dhcp NetBIOS Options NetBios Type More Address Serving Options Select Release BootP Leases and press ReturnConﬁguring the IP Address Server options Scroll UP 192.168.1.112 192.168.1.113 Scroll Down Lease Management 192.168.1.101 Dhcp Dhcp Relay Agent IP Address Serving IP Address Serving Mode Connection Proﬁles Easy-PAT List WAN Configuration Administration Guide Chapter Multiple Network Address Translation FeaturesPort Address Translation Following is a general description of these featuresServer lists Static mappingWAN Network Complex maps Supported trafﬁc Server Lists and Dynamic NAT conﬁguration Easy Setup Proﬁle conﬁgurationMultiNAT Conﬁguration Select Network Address Translation NAT and press Return IP setupNAT rules Network Address Translation screen appearsAdd NAT Public Range screen appears ADD NAT MAP Select Show/Change NAT Map List screen appears Modifying map listsChange NAT MAP Moving maps Dynamic 206.1.1.252 192.168.1.252 Adding Server Lists ADD NAT Server Port Show/Change NAT Server List screen appears Modifying server listsChange NAT Server Deleting a server IP proﬁle parameters Binding Map Lists and Server Lists+--NAT Map List Name Toggle Address Translation Enabled to Yes IP Parameters WAN Default ProﬁleIP Parameters Default Profile NAT NAT AssociationsNAT Associations +NAT Map List Name-+ MultiNAT Conﬁguration Example Enter your ISP-supplied values as shown below Change NAT Public Range ADD NAT MAP Administration Guide Overview Chapter Virtual Private Networks VPNsTransit Internetwork Summary About Pptp TunnelsPptp conﬁguration Configuration Add Connection ProfileChap Administration Guide Conﬁguration About IPsec TunnelsDES Encryption Key Authentication Type Commit Cancel Advanced IP Proﬁle Options MS-CHAP V2 and 128-bit strong encryption Interoperation with other featuresEncryption Support ATMP/PPTP Default Answer Proﬁle QuickView VPN QuickViewDial-Up Networking for VPN Installing Dial-Up NetworkingCreating a new Dial-Up Networking proﬁle Conﬁguring a Dial-Up Networking proﬁle Windows 95 VPN installation Installing the VPN ClientWindows 98 VPN installation Atmp conﬁguration Connecting using Dial-Up NetworkingAbout Atmp Tunnels ATM Funi Atmp Administration Guide Pptp example on Atmp example on Allowing VPNs through a FirewallPptp example Change Input Filter EnabledYes ForwardYes Source IP Address Change Output Filter EnabledYes ForwardYes Source IP Address Atmp example Source Port ID Dest. Port Compare Change Output Filter EnabledYes ForwardYes Source IP Address Administration Guide User Accounts Chapter SecuritySuggested Security Measures Protecting the conﬁguration screens Protecting the Security Options screenTelnet Access How ﬁlter sets work About Filters and Filter SetsWhat’s a ﬁlter and what’s a ﬁlter set? Forward Filter priorityﬁltering rule How individual ﬁlters workParts of a ﬁlter Port numbers161 Aurp AppleTalk 387 Internet service TCP portWho 513 Port number comparisonsPutting the parts together Other ﬁlter attributesInternet Control Message Protocol Transmission Control ProtocolFiltering example #1 Disadvantages of ﬁlters Design guidelinesFiltering example #2 Working with IP Filters and Filter Sets An approach to using ﬁltersNaming a new ﬁlter set Adding a ﬁlter setAdding ﬁlters to a ﬁlter set Input and output ﬁlters-source and destinationNetopia R-Series Router ADD this Filter NOW Cancel Viewing ﬁlters Viewing ﬁlter setsModifying ﬁlters Deleting ﬁltersSample IP ﬁlter set Modifying ﬁlter setsDeleting a ﬁlter set TCP Icmp UDP Possible modiﬁcations Firewall Tutorial General ﬁrewall terms Example TCP/UDP Ports Basic IP packet componentsBasic protocol types Firewall design rules UDP Port ServiceAurp Firewall LogicEstablished connections Logical and functionImplied rules This is an example of the Netopia IP ﬁlter set screen Filter basicsExample IP ﬁlter set screen Example Example ﬁltersExample network Example Example LAN IP Filtersets Advanced Security Options Security Databases Security Radius Client Support Radius client configuration1812 Continue Cancel Radius Server is available to authenticate you Administration Guide Quick View Status Overview Chapter Monitoring ToolsISP General statusStatus lights Current statusEvent Histories Statistics & LogsWAN Event History Device Event History Voice Accounting Log Voice LogsVoice Accounting Log IP Routing Table Served IP Addresses General Statistics Network Interface Physical InterfaceSnmp System InformationCommunity strings Snmp Setup screenSnmp traps Viewing IP trap receivers Setting the IP trap receiversModifying IP trap receivers Deleting IP trap receiversChapter Utilities and Diagnostics Ping Receive return Ping packet Stop Ping Trace RouteTelnet Client Disconnect Telnet Console Session Factory DefaultsUpdating ﬁrmware Transferring Conﬁguration and Firmware Files with TftpDownloading conﬁguration ﬁles Uploading conﬁguration ﬁles Updating ﬁrmware Transferring Conﬁguration and Firmware Files with XmodemDownloading conﬁguration ﬁles Restarting the System Uploading conﬁguration ﬁlesPart III Appendixes Administration Guide Conﬁguration Problems Appendix a TroubleshootingNetwork problems Console connection problemsPower Outages How to Reset the Netopia 4752 to Factory DefaultsNetopia Bulletin Board Service 1 How to reach usTechnical Support Before contacting NetopiaFAX-Back Online product informationProduct information can be found in the following Administration Guide Appendix B About Sdsl Administration Guide About IP Addressing What is IP?Appendix C Understanding IP Addressing Subnets and subnet masks Subnet masks Example Using subnets on a Class C IP internetISP Network Network conﬁgurationBackground Example Working with a Class C subnetDistributing IP Addresses 255.255.255.224 Technical note on subnet maskingDhcp address serving Netopia 4752 Dhcp server characteristicsManually distributing IP addresses Using address servingMacIP serving Serve dynamic WAN clientsUnderstanding IP Addressing C-9 Tips and rules for distributing IP addressesDhcp example Internet Nested IP SubnetsWAN Packet header types BroadcastsAdministration Guide Appendix D Binary Conversion Table Decimal Binary Appendix E Further Reading Administration Guide No August Further Reading E-3Administration Guide Power requirements Appendix F Technical Specifications and Safety InformationDescription EnvironmentRegulatory notices Agency ApprovalsNorth America FCC Part 15 Class BDeclaration for Canadian users Technical Speciﬁcations and Safety Information F-3Battery Important Safety instructionsNetopia 4752 Speciﬁcations Physical interface Data featuresManagement Quality of serviceProtocols Voice feature support Voice featuresHardware speciﬁcations Pots supportAdministration Guide Glossary Administration Guide Glossary Remapping See network number remapping Glossary Administration Guide Numerics IndexIndex-2 Index-3 Index-4 Limited Warranty and Limitation of Remedies Administration Guide