Manuals / Netopia / Computer Equipment / Network Router

Netopia R5200, R5300, R5100 manual Possible modifications

Models: R5300 R5100 R5200

1 290

Download 290 pages 3.3 Kb

Page 199

Security 13-21

A more complicated ﬁlter set would be required to provide WAN access to a LAN-based server. See the next section, “Possible modiﬁcations,” for ways to allow remote hosts to use services provided by servers on the LAN.

Possible modifications

You can modify the sample ﬁlter set Basic Firewall to allow incoming trafﬁc using the examples below. These modiﬁcations are not intended to be combined. Each modiﬁcation is to be the only one used with Basic Firewall.

The results of combining ﬁlter set modiﬁcations can be difﬁcult to predict. It is recommended that you take special care if you are making more than one modiﬁcation to the sample ﬁlter set.

Trusted host. To allow unlimited access by a trusted remote host with the IP address a.b.c.d (corresponding to a numbered IP address such as 163.176.8.243), insert the following input ﬁlter ahead of the current input ﬁlter 1:

■Enabled: Yes

■Forward: Yes

■Source IP Address: a.b.c.d

■Source IP Address Mask: 255.255.255.255

■Dest. IP Address: 0.0.0.0

■Dest. IP Address Mask: 0.0.0.0

■Protocol Type: 0

Trusted subnet. To allow unlimited access by a trusted remote subnet with subnet address a.b.c.d (corresponding to a numbered IP address such as 163.176.8.0) and subnet mask e.f.g.h (corresponding to a numbered IP mask such as 255.255.255.0), insert the following input ﬁlter ahead of the current input ﬁlter 1:

■Enabled: Yes

■Forward: Yes

■Source IP Address: a.b.c.d

■Source IP Address Mask: e.f.g.h

■Dest. IP Address: 0.0.0.0

■Dest. IP Address Mask: 0.0.0.0

■Protocol Type: 0

Image 199

Netopia R5200, R5300, R5100 manual Possible modifications

Contents

Netopia R5000 Series Routers Part Number Contents Setting up your Router with the SmartStart Wizard Part II Advanced Configuration Vi User’s Reference Guide Aurp Viii User’s Reference Guide Part III Appendixes User’s Reference Guide Index Index-1 Limited Warranty and Limitation of Remedies Xii User’s Reference Guide Part I Getting Started User’s Reference Guide Chapter Introduction Features and capabilitiesOverview How to use this guide Finding an Internet service provider Chapter Setting Up Internet ServicesType of Service Data Rate Speed Datalink Protocol Pricing and support Unique requirementsEndorsements Deciding on an ISP account Without Network Address Translation Obtaining information from the ISPLocal LAN IP address information to obtain With Network Address TranslationUser’s Reference Guide Find a location Chapter Making the Physical ConnectionsWhat you need Serial Line port Connect the routerR5100 Serial R5200 DDS and R5300 T1Attach the cables Identify the connectorsNetopia R5000 Series Router LED front panel Netopia R5000 Series Router status lightsUser’s Reference Guide Readying computers on your local network Chapter Connecting to Your Local Area NetworkUser’s Reference Guide Crossover Switch Auxiliary port Port Ethernet hub Connecting to an Ethernet network10Base-T Adding an external modem Connecting to a LocalTalk network User’s Reference Guide Chapter Setting up your Router with the SmartStart Wizard Before running SmartStart Installed and properly conﬁgured. SeeSmartStart Wizard configuration screens Setting up your Router with the SmartStart WizardEasy option Setup options screen. You can choose either Easy orAdvanced option Conﬁguration screen on Conﬁguration tab Dynamic configuration recommendedStatic configuration optional Add. Repeat this process for the secondary DNS TCP/IP Configuring TCP/IP on Macintosh computersTCP/IP or MacTCP Close the TCP/IP control panel and save the settings Dynamic configuration using MacIP optionalSetting up your Router with the SmartStart Wizard User’s Reference Guide Chapter Console-Based Management Filter sets ﬁrewalls. See Security on Connecting through a Telnet sessionSnmp Simple Network Management Protocol. See Snmp on Connecting a console cable to your router Configuring Telnet softwareMac ANSI, VT-100, or VT-200 Navigating through the console screensScreen differences Chapter Easy SetupEasy Setup console screens Accessing the Easy Setup console screensScreen similar to the following Main Menu appears See Appendix A, Troubleshooting, for more suggestionsSerial Line Easy Setup screen appears Serial Line Easy Setup configuration screenT1 Line Conﬁguration screen appears T1 Line configuration screenDDS Line Conﬁguration screen appears DDS Line configuration screenEasy Setup Proﬁle screen appears Easy Setup Profile screenIP Easy Setup Easy Setup Security Configuration Easy Setup User’s Reference Guide Part II Advanced Configuration User’s Reference Guide WAN configuration Chapter WAN and System ConfigurationConfiguration Line configuration for a Serial line Line configuration for a DDS line Line configuration for a T1 line WAN and System Conﬁguration Easy Setup Frame Relay screens Configuring Frame RelayMain Menu Easy Setup Line Configuration Setup Line Configuration WAN Configuration Frame Relay screensFrame Relay configuration WAN and System Conﬁguration Displaying a Frame Relay Dlci configuration table Frame Relay Dlci configurationWAN and System Conﬁguration Changing a Frame Relay Dlci configurationDlci Adding a Frame Relay Dlci configurationDeleting a Frame Relay Dlci configuration Creating a new Connection Proﬁle ADD Profile NOW CancelIPX Profile Parameters Remote IPX Network Datalink Frame Relay Options Auto-Detect DLCIs PAP Dial IP Address IPX Network-+ Configuration Default Profile Default profileIP parameters default profile screen IPX parameters default profile screen Configuration Scheduled Connections Scheduled connections switched async onlyViewing scheduled connections Adding a scheduled connection Set Weekly Schedule Set Once-Only Schedule Deleting a scheduled connection Modifying a scheduled connectionConnection accounting screens switched async only Budget Setup screen appears Budget Statistics in Hhhhmm Navigating through the system configuration screens System configuration screensSystem configuration features Date and time Network protocols setupFilter sets firewalls IP address servingConsole configuration Logging Upgrade feature setSnmp Simple Network Management Protocol SecurityInstalling the Syslog client User’s Reference Guide Network Address Translation features Chapter IP Setup and Network Address TranslationHOW NAT Works Previous Screen Using Network Address TranslationV2 multicast Numbered Unnumbered Sdsl WAN1 Associating port numbers with nodesConnection Profiles Advanced IP/IPX router configuration optionsATM Funi IPX Profile Parameters Remote IPX Network Network Address Translation guidelines IP setup IP Setup and Network Address Translation Select Add Export. The Add Exported Service screen appears Select Service. a pop-up menu of services and ports appears IP subnets IP Setup and Network Address Translation Static routes Viewing static routes Static Routes screen will appearAdding a static route Modifying a static route Rules of static route installationDeleting a static route Main System Menu Configuration IP Address Serving 176.163.222.10 Dhcp NetBios Options Serve Bootp Clients IP Address Pools User’s Reference Guide Dhcp NetBIOS Options NetBios Type Select Release BootP Leases and press Return MacIP KIP forwarding setupYou have ﬁnished your IP setup Internetwork Packet Exchange IPX Chapter IPX SetupIPX features IPX definitionsRouting Information Protocol RIP Service Advertising Protocol SAPIPX address SocketIPX setup screen NetBIOSIPX spoofing Default Gateway Address IPX routing tables User’s Reference Guide AppleTalk networks Chapter AppleTalk SetupAppleTalk protocol AT Routing Table Routers and seeding MacIPInstalling AppleTalk Upgrade NOW EtherTalk setup Configuring AppleTalkLocalTalk setup Viewing Aurp partners Aurp setupAurp Free Trade Zone Modifying an Aurp partner Adding an Aurp partnerDeleting an Aurp partner Configuring Aurp OptionsReceiving Aurp connections Aurp Options Tickle Interval Hhmmss User’s Reference Guide Quick View status overview Chapter Monitoring ToolsGeneral status Status lights Current statusStatistics & Logs Physical Interface General StatisticsNetwork Interface Event histories WAN Event History Device Event History Routing tablesIPX routing table IP routing tableAppleTalk routing table IPX Sap Bindery tableServed IP Addresses IP Address Lease Management screen appears Snmp System InformationCommunity strings Snmp Setup screenSnmp traps Deleting IP trap receivers Setting the IP trap receiversViewing IP trap receivers Modifying IP trap receiversT1 Line Statistics and Diagnostics screen T1 DiagnosticsSelect T1 Line Statistics / Diagnostics and press Return T1 Line Statistics / Diagnostics screen appears Monitoring Tools Web-based monitoring Accounting for switched interfaces only Frame Relay Statistics Connection Status Connect/Disconnect Router Budget Configuration Connection Budgets Connection Budget Configuration Budget Statistics Event History pages Device Event History Suggested security measures Chapter SecurityUser accounts Protecting the Security Options screen Protecting the configuration screensDial-in console access What’s a filter and what’s a filter set? Enable SmartStart/SmartView/Web serverTelnet access About filters and filter setsFilter priority How filter sets workUser’s Reference Guide Parts of a filter How individual filters workFilter’s actions Filtering ruleWho 513 161 Aurp AppleTalk 387Port number comparisons Transmission Control Protocol Other filter attributesPutting the parts together Internet Control Message ProtocolFiltering example #1 Filtering example #2 Design guidelinesDisadvantages of filters Working with IP filters and filter sets An approach to using filtersNaming a new filter set Adding a filter setNetopia Router Input and output filters-source and destinationADD this Filter NOW Cancel User’s Reference Guide Viewing filters Moving filtersModifying filters Deleting filters Viewing filter setsModifying filter sets Sample IP filter setTCP Icmp UDP Possible modifications User’s Reference Guide IPX filters Main Menu System Configuration Filter Sets FirewallsViewing and modifying packet filters IPX packet filtersAdding a packet filter Adding a packet filter set IPX packet filter setsDeleting a packet filter Viewing and modifying packet filter setsNo Match Deleting a packet filter set IPX SAP filtersViewing and modifying SAP filters Deleting a SAP filter Adding a SAP filterViewing and modifying SAP filter sets IPX SAP filter setsAdding a SAP filter set Deleting a SAP filter set ACK Bit Yes Firewall tutorial General firewall termsBasic IP packet components Basic protocol typesExample TCP/UDP Ports Firewall design rulesFirewall Logic Logical and function Binary representationEstablished connections Implied rulesExample IP filter set screen Example network Filter basicsExample Example filtersExample Example Chapter Utilities and Diagnostics Ping Utilities and Diagnostics Stop Ping TimeTrace Route Telnet client Disconnect Telnet console session Factory defaultsUpdating firmware Transferring configuration and firmware files with TftpDownloading configuration files Transferring configuration and firmware files with Xmodem Uploading configuration filesIdle Do you want to send a saved configuration to your Netopia? Restarting the system User’s Reference Guide Part III Appendixes User’s Reference Guide Configuration problems Appendix a TroubleshootingNetwork problems Console connection problemsPower outages How to reset the router to factory defaultsEnvironment profile How to reach usTechnical support Before contacting NetopiaFAX-Back Netopia Bulletin Board Service 1Online product information Product information can be found in the followingUser’s Reference Guide Appendix B Understanding IP Addressing What is IP?About IP addressing Subnets and subnet masks Subnet masks Example Using subnets on a Class C IP internetCustomer Site a ISP Network Network configurationDistributing IP addresses Example Working with a Class C subnetBackground Technical note on subnet masking 255.255.255.0 ConfigurationNetopia R5000 Series Router Dhcp server characteristics 255.255.255.192Manually distributing IP addresses Using address servingMacIP serving Serve dynamic WAN clients Tips and rules for distributing IP addressesDhcp example Internet Nested IP subnets0.0 C.1 WAN 3719 Packet header types BroadcastsUser’s Reference Guide Appendix C Understanding Netopia NAT Behavior Network configurationBackground User’s Reference Guide Understanding Netopia NAT Behavior C-3 Netopia Router WWW Server ISP Router LAN Understanding Netopia NAT Behavior C-5 Exported servicesImportant notes Understanding Netopia NAT Behavior C-7 Summary Appendix D Binary Conversion Table Decimal Binary Appendix E Further Reading User’s Reference Guide No August Further Reading E-3User’s Reference Guide Pin Not used DCE Ready Appendix F Technical Specifications and Safety InformationPinouts for Auxiliary port modem cable HD-15 DB-25 Pin Ground Not usedPin Not used HD-15 DB-25 PinPin Rset EIA-530 Pin Not used Tset EIA-530Software and protocols Power requirementsDescription EnvironmentFCC Class B Agency approvalsRegulatory notices North America R5100, R5200, R5300Technical Speciﬁcations and Safety Information F-5 Australian Safety Information R5100 Important safety instructionsDeclaration for Canadian users Battery Telecommunication installation cautionsUser’s Reference Guide Glossary User’s Reference Guide Glossary User’s Reference Guide Glossary Remapping See network number remapping Glossary User’s Reference Guide Numerics IndexDeﬁned DisplayAccount types LocalTalk conﬁguration Index-3Index-4 Index-5 Index-6 Limited Warranty and Limitation of Remedies User’s Reference Guide