Manuals / SMC Networks / Computer Equipment / Network Router

SMC Networks SMC7904BRB2 Virtual Server, DMZ Host Support, Security, Virtual Private Network VPN

Models: SMC7904BRB2

1 126

Download 126 pages 37.06 Kb

Page 17

APPLICATIONS

•Virtual Server

If you have a fixed IP address, you can set the Barricade to act as a virtual host for network address translation. Remote users access various services at your site using a constant IP address. Then, depending on the requested service (or port number), the Barricade can route the request to the appropriate server (at another internal IP address). This secures your network from direct attack by hackers, and provides more flexible management by allowing you to change internal IP addresses without affecting outside access to your network.

•DMZ Host Support

Allows a networked computer to be fully exposed to the Internet. This function is used when NAT and firewall security prevent an Internet application from functioning correctly.

•Security

The Barricade supports security features that deny Internet access to specified users, or filter all requests for specific services that the administrator does not want to serve. The Barricade’s firewall also blocks common hacker attacks, including IP Spoofing, Land Attack, Ping of Death, IP with zero length, Smurf Attack, UDP port loopback, Snork Attack, TCP null scan, and TCP SYN flooding.

•Virtual Private Network (VPN)

The Barricade supports three of the most commonly used VPN protocols — PPTP, L2TP, and IPSec. These protocols allow remote users to establish a secure connection to their corporate network. If your service provider supports VPNs, then these protocols can be used to create an authenticated and encrypted tunnel for passing secure data over the Internet (i.e., a traditionally shared data network). The VPN protocols supported by the Barricade are briefly described below.

1-3

Image 17

SMC Networks SMC7904BRB2 manual Virtual Server, DMZ Host Support, Security, Virtual Private Network VPN, Applications

Contents

Page Page Router with built-in ADSL2/2+ Modem From SMC’s line of award-winning connectivity solutions38 Tesla AugustTrademarks LIMITED WARRANTY LIMITED WARRANTY Federal Communication Commission Interference Statement COMPLIANCESReorient or relocate the receiving antenna Increase the separation between the equipment and receiverCOMPLIANCES EC Conformance DeclarationCOMPLIANCES Safety Compliance Wichtige Sicherheitshinweise GermanyCOMPLIANCES Installation TABLE OF CONTENTSConfiguring Client PC IntroductionTABLE OF CONTENTS Configuring the BarricadeTMTroubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1 Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1 TABLE OF CONTENTS viiiAbout the Barricade Features and BenefitsCHAPTER INTRODUCTION Wired LAN ApplicationsInternet Access Shared IP AddressDMZ Host Support Virtual ServerSecurity Virtual Private Network VPNPoint-to-Point Tunneling Protocol - Provides a secure tunnel for remote client access to a PPTP security gateway. PPTP includes provisions for call origination and flow control required by ISPs Package Contents CHAPTER INSTALLATIONHardware Description System RequirementsDescription SMC7904BRA2 contains the following ports on the rear panelFigure 2-1. SMC7904BRA2 Rear Panel Description SMC7904BRB2 contains the following ports on the rear panelFigure 2-2. SMC7904BRB2 Rear Panel Figure 2-3. SMC7904BRA2 Front Panel LED Indicators SMC7904BRA2Status DescriptionFigure 2-4. SMC7904BRB2 Front Panel LED Indicators SMC7904BRB2Status DescriptionConnect the ADSL Line ISP SettingsConnect the System Connect the Power Adapter Attach to Your Network Using Ethernet CablingCONNECT THE SYSTEM The connection diagram shows how to connect the BarricadeConnection Illustration INSTALLATION 2-10CHAPTER 3 CONFIGURING CLIENT PC TCP/IP ConfigurationProperties WindowsDial-Up Connections Accessories/ Command Prompt Disable HTTP ProxyObtain IP Settings from Your Barricade CONFIGURING CLIENT PC 4. Close the Command Prompt windowYour computer is now configured to connect to the Barricade Windows XP Obtain IP Settings from Your Barricade System Preferences Configuring Your Macintosh ComputerInternet Explorer 3. Uncheck all check boxes and click OK CONFIGURING YOUR MACINTOSH COMPUTERCONFIGURING CLIENT PC 3-10CHAPTER CONFIGURING THE BARRICADETM CONFIGURING THE BARRICADETM Navigating the Management InterfaceNAVIGATING THE MANAGEMENT INTERFACE Making Configuration ChangesTime Zone SETUP WIZARDSETUP WIZARD Parameter SettingParameter Setting - Country or ISP Not Listed PPPoE Click NEXT to continue to the “Confirm” settings screenParameter DescriptionPPPoA Click NEXT to continue to the “Confirm” settings screenParameter Description1483 Bridging DHCP 1483 Bridging Static 4-10Parameter Description1483 Routing 4-11Parameter DescriptionBridging 4-12Parameter DescriptionSETUP WIZARD 4-131483 Routing DHCP ParameterConfirm 4-14Parameter DescriptionIf the parameters are correct, click FINISH to save these settings 4-15SETUP WIZARD Parameter4-16 Configuration parametersThere are 13 main menu items located on the left side of the screen Each main menu item is described in the following tableMenu 4-17Description DDNSSYSTEM 4-18Time Settings CONFIGURATION PARAMETERS 4-19Password Settings Remote Management 4-20CONFIGURATION PARAMETERS 4-21The following three items are configurable ATM PVC Clone MAC DNS Click on the desired VC to configure the connection parameters 4-22VC. Encapsulation specifies how to handle multiple protocols at ATM PVCATM Interface 4-231483 Bridging Parameterterminated. This setting only applies when the Connect Type 4-24PPPoA Parameter1483 Routing 4-25Parameter DescriptionPPPoE 4-26Parameter DescriptionIP Over RFC1483 bridged 4-27Parameter DescriptionClone MAC Address 4-28CONFIGURING THE BARRICADETM CONFIGURATION PARAMETERS 4-29Description 4-30Parameter VLAN 4-31VLAN Profile 4-32Configure the VLAN settings in this screen CONFIGURATION PARAMETERS 4-33Address Mapping 4-34Virtual Server 4-35The more common TCP service ports include Special Application 4-36NAT Mapping Table 4-37CONFIGURATION PARAMETERS Static Route 4-38ROUTING Description 4-39Parameter Poison Reverse 4-40Parameter Description 4-41Routing Table FIREWALL 4-42Access Control 4-43To create a new access control rule 4-442. Define the appropriate settings for client PC services 3. Click OK and then click SAVE SETTINGS to save your settingsMAC Filter 4-45URL Blocking 4-46CONFIGURING THE BARRICADETM Schedule Rule 4-47CONFIGURATION PARAMETERS 2. Define the appropriate settings for a schedule rule 4-483. Click OK and then click SAVE SETTINGS to save your settings CONFIGURING THE BARRICADETMIntrusion Detection Intrusion Detection Feature 4-49CONFIGURING THE BARRICADETM 4-50Stateful Packet Inspection 4-51Defaults 4-52Connection Policy Parameterthat will cause the software to stop deleting half 4-53DoS Criteria and Port Scan Criteria CONFIGURING THE BARRICADETM 4-54CONFIGURATION PARAMETERS 4-55SNMP Select the SNMP Operation mode from the drop down menuCommunity 4-56unauthorized individuals from accessing information on your system 4-57Trap ParameterUPNP 4-584-59 CONFIGURING THE BARRICADETM 4-60Traffic Mapping Click Add traffic class to set the parameter detailsTraffic Statistics 4-61CONFIGURATION PARAMETERS ADSL Parameters 4-62ADSL ADSL Status 4-63The number of Fast Path Cyclic Redundancy Check errors 4-64Parameter Description Interleaved Path FEC CorrectionDDNS 4-65Ping Utility 4-66TOOLS Trace Route Utility 4-67Configuration Tools 4-68Firmware Upgrade 4-69Reset 4-70CONFIGURATION PARAMETERS 4-71STATUS Scroll down to view more information on the Status screenCONFIGURING THE BARRICADETM 4-72The following items are included on the Status screen 4-73Parameter Description4-74 Finding the MAC address of a Network CardWINDOWS NT4/2000/XP MACINTOSHTroubleshooting Chart APPENDIX A TROUBLESHOOTINGSymptom ActionSymptom Troubleshooting ChartTROUBLESHOOTING ActionAction Troubleshooting ChartSymptom TROUBLESHOOTING Ethernet Cable APPENDIX B CABLESRJ-45 Port Connection Figure B-1. RJ-45 Ethernet Connector Pin NumbersPin Assignments Straight-Through WiringCrossover Cable Pin Assignments Crossover WiringADSL CABLE ADSL CableFigure B-2. RJ-11 Connector Pin Numbers Figure B-3. RJ-11 Pinouts Signal NameWire Color Physical Characteristics Ports APPENDIX C SPECIFICATIONSADSL Features ATM FeaturesLAN Features Security FeaturesWeight 500 g Input Power 12 V 1 A IEEE Standards Safety