Manuals / SMC Networks / Computer Equipment / Network Router

SMC Networks SMC7404BRA EU manual DMZ Host Support, Security, Virtual Private Network VPN

Models: SMC7404BRA EU

1 130

Download 130 pages 9.51 Kb

Page 15

INTRODUCTION

•DMZ Host Support

Allows a networked computer to be fully exposed to the Internet. This function is used when NAT and firewall security prevent an Internet application from functioning correctly.

•Security

The Barricade supports security features that deny Internet access to specified users, or filter all requests for specific services the administrator does not want to serve. The Barricade’s firewall also blocks common hacker attacks, including IP Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan, and TCP SYN flooding.

•Virtual Private Network (VPN)

The Barricade supports three of the most commonly used VPN protocols – PPTP, L2TP, and IPSec. These protocols allow remote users to establish a secure connection to their corporate network. If your service provider supports VPNs, then these protocols can be used to create an authenticated and encrypted tunnel for passing secure data over the Internet (i.e., a traditionally shared data network.) The VPN protocols supported by the Barricade are briefly described below.

•Point-to-Point Tunneling Protocol – Provides a secure tunnel for remote client access to a PPTP security gateway. PPTP includes provisions for call origination and flow control required by ISPs.

•L2TP merges the best features of PPTP and L2F. Like PPTP, L2TP requires that the ISP's routers support the protocol.

•IP Security – Provides IP network-layer encryption. IPSec can support large encryption networks (such as the Internet) by using digital certificates for device authentication.

1-4

Image 15

SMC Networks SMC7404BRA EU manual DMZ Host Support, Security, Virtual Private Network VPN

Contents

User Guide Broadband Router with built-in ADSL ModemPage From SMC’s line of award-winning connectivity solutions December Broadband Router with built-in ADSL ModemPart No 750.9701, UK Pub No 150000035400A COMPLIANCES FCC - Class BFCC - Part Industry Canada - Class B Australia AS/NZS 3548 1995 - Class BCOMPLIANCES COMPLIANCES EC Conformance Declaration - Class BCOMPLIANCES 4 Configuring the Barricade TABLE OF CONTENTS2 Installation 3 Configuring Client PCsTABLE OF CONTENTS 5 Configuring Client TCP/IP6 Configuring Printer Services TABLE OF CONTENTS Features and Benefits CHAPTER INTRODUCTIONAbout the Barricade VPN pass-through IPSec-ESP Tunnel mode, L2TP, PPTP Shared IP Address ApplicationsWired LAN Internet AccessDMZ Host Support SecurityVirtual Private Network VPN Package Contents CHAPTER INSTALLATIONSystem Requirements Description Hardware DescriptionStatus LEDsVerify Status ConditionConnect the System Connect the ADSL Line Phone Line ConfigurationInstalling a Full-rate Connection Figure 2-1. Installing With a SplitterInstalling a Splitterless Connection Figure 2-2. Installing Without a SplitterAttach to Your Network Using Ethernet Cabling Connect the Power Adapter CHAPTER 3 CONFIGURING CLIENT PCS TCP/IP ConfigurationCONFIGURING CLIENT PCS CHAPTER CONFIGURING THE BARRICADE Making Configuration Changes Navigating the Web Browser InterfaceTime Zone Setup WizardInternet Sharing CONFIGURING THE BARRICADEParameter Setting ParameterDescription Description CONFIGURING THE BARRICADEFinish ParameterPPPoE & PPPoA ParameterDescription Finish ParameterDescription Description network, it will forward the packets to the DefaultSETUP WIZARD ParameterDescription Multiple Protocol over ATM Mode4-10 ParameterDescription Finish4-11 Parameter4-12 ParameterDescription 4-13 Advanced SetupADVANCED SETUP Navigating the Web Browser InterfaceDescription The following table briefly describes the “Advanced Setup” menu items4-14 MenuMaking Configuration Changes MAKING CONFIGURATION CHANGES4-15 System Settings CONFIGURING THE BARRICADE4-16 Password Settings SYSTEM SETTINGS4-17 4-18 Remote Management4-19 SYSTEM SETTINGSDescription PPPoE PPP over Ethernet4-20 Parameteridentifies the data channel within that virtual path 4-21Parameter DescriptionDescription then it is automatically forwarded to the default router i.e4-22 Parameter4-23 ParameterDescription 4-24 ParameterDescription 4-25 ParameterDescription 4-26 CONFIGURING THE BARRICADE4-27 Address MappingCONFIGURING THE BARRICADE Virtual Server4-28 4-29 The more common TCP service ports includeRouting System Static Route4-30 4-31 ParameterDescription 4-32 Authentication RequiredRouting Table 4-33Parameter Description 4-34 FirewallAccess Control 4-35FIREWALL 4-36 The following items are on the “Access Control” screenAccess Control Add PC 4-37FIREWALL CONFIGURING THE BARRICADE URL Blocking4-38 1. Click “Add Schedule Rule.” You may filter Internet access for local clients based on rulesSchedule Rule 4-393. Click “OK” and then click “APPLY” to save your settings CONFIGURING THE BARRICADE4-40 Intrusion Detection 4-41FIREWALL The Intrusion Detection feature of the Barricade Enable SPI andlimits the access of the incoming traffic at the WAN port. When the SPI feature is turned onDescription Defaults4-43 ParameterParameter Defaultsstate structure remains active. When the timeout 4-44Maximum number of allowed incomplete TCP Parameter Defaults Description4-45 The length of time for which an H.323 session4-46 CONFIGURING THE BARRICADE4-47 SNMPSNMP CommunityParameter A community string password specified for trapTrap 4-48Parameter ADSLADSL 4-49CONFIGURING THE BARRICADE Status4-50 Parameter Maximum fluctuation in the output powerADSL 4-514-52 ParameterDescription Tools Configuration Tools4-53 Firmware Upgrade CONFIGURING THE BARRICADE4-54 4-55 Reset4-56 StatusDescription 4-57The following items are included on this screen Parameter4-58 CONFIGURING THE BARRICADECHAPTER 5 CONFIGURING CLIENT TCP/IP Windows 95/98/Me2. In “Control Panel” double-click the “Network” icon WINDOWS 95/98/ME TCP/IP Configuration SettingInternet Explorer Disable HTTP ProxyObtain IP Settings from Your ADSL Router WINDOWS 95/98/MENetscape Windows NT WINDOWS NT 11. Windows may copy some WINDOWS NT You need to verify that the “HTTP Proxy” feature of your Web browser is disabled. This is so that your browser can view the Barricade’s HTML configuration pages. Determine which browser you use and refer to “Internet Explorer” on page 5-4 or “Netscape” on page5-10 4. Type “EXIT” and press ENTER to close the “Command Prompt” windowYour computer is now configured to connect to the Barricade CONFIGURING CLIENT TCP/IPWINDOWS Windows5-11 3. The connection status screen will open. Click “Properties.”4. Double-click “Internet Protocol TCP/IP.” 5-12Disable HTTP Proxy Obtain IP Settings from Your Barricade5-13 5-14 4. Type “EXIT” and press ENTER to close the “Command Prompt” windowYour computer is now configured to connect to the Barricade CONFIGURING CLIENT TCP/IP2. In “Control Panel” click “Network and Internet Connections.” Windows XP5-15 1. Click “start/Control Panel.”5. Double-click “Internet Protocol TCP/IP.” 5-16WINDOWS XP Disable HTTP ProxyObtain IP Settings from Your Barricade 5-175-18 Type “EXIT” and press ENTER to close the “Command Prompt” windowYour computer is now configured to connect to the Barricade CONFIGURING CLIENT TCP/IPConfiguring Your Macintosh Computer CONFIGURING YOUR MACINTOSH COMPUTER5-19 5-20 3. If “Using DHCP Server” is already selected in the “Configure” field, your computer is already configured for DHCP. Close the TCP/IP dialog box, and skip to “Disable HTTP Proxy” on page 5-21.”Disable HTTP Proxy 5-21Internet Explorer 3. Select “Direct Connection to the Internet” and click “OK.” 5-225-23 Obtain IP Settings from Your Barricade5-24 CONFIGURING CLIENT TCP/IPCHAPTER CONFIGURING PRINTER SERVICES Install the Printer Port MonitorSkip this section if you are using Unix INSTALL THE PRINTER PORT MONITOR CONFIGURING PRINTER SERVICES Configure the Network Printer in Windows 95/98/Me/2000 Configure the Print Server4. Select the monitored port. The default port name is “SMC100.” Click the “Configure Port” button Configure the Network Printer in Windows NT CONFIGURE THE PRINT SERVER2. Follow the prompts to add a local printer to your system Configure the Network Printer in Unix Systems CONFIGURE THE PRINT SERVER APPENDIX A TROUBLESHOOTING Page Page TROUBLESHOOTING Ethernet Cable APPENDIX B CABLESPin Assignments RJ-45 Port Ethernet ConnectionCrossover Wiring Straight-Through WiringADSL Cable Connection Figure B-3. RJ-11 Pinouts Signal NameNot used Not usedCABLES APPENDIX C SPECIFICATIONS Page SMCs Limited Warranty Statement LIMITED WARRANTYLIMITED WARRANTY Contact SMC LIMITED WARRANTYFull Installation Manual Firmware and Drivers