OfficeConnect® ADSL Wireless 11g Firewall Router User Guide Model WL-542 3CRWDR100A-72 3CRWDR100B-72 3CRWDR100U-72 http://www.3com.com/ Part No.
3Com Corporation 350 Campus Drive, Marlborough, MA USA 01752-3064 Copyright © 2004, 2005, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
CONTENTS ABOUT THIS GUIDE Naming Convention 5 Conventions 6 Feedback About this User Guide Related Documentation 7 1 6 INTRODUCING THE ROUTER OfficeConnect ADSL Wireless 11g Firewall Router Router Advantages 11 Package Contents 11 Minimum System and Component Requirements Front Panel 12 Rear Panel 13 2 INSTALLING THE ROUTER Introduction 15 Safety Information 15 Positioning the Router 15 Using the Rubber Feet 16 Powering Up the Router 16 Connecting the Router 16 3 SETTING UP YOUR COMPUTERS Obtaining a
RUNNING THE SETUP WIZARD Accessing the Setup Wizard 25 Setup Wizard - Connection Type 5 27 CONFIGURING THE ROUTER Navigating Through the Router Configuration Pages Main Menu 35 Status Screen 35 Status 35 LAN Setup 36 LAN Settings 37 Wireless Settings 39 Configuring Wireless 39 Encryption 40 Internet Settings 46 Connection Type 46 DNS 55 Hostname & MAC 56 Firewall 57 Special Applications 58 Virtual Servers 59 Client IP Filters 60 MAC Address Filtering 65 DMZ 66 Advanced 68 Routing 70 DDNS 73 SNMP 74 Sy
Status 80 ADSL Status 80 ATM PVC Status 81 Logs 81 Support/Feedback 82 Support 82 Feedback 82 6 TROUBLESHOOTING Basic Connection Checks 83 Browsing to the Router Configuration Screens 83 Connecting to the Internet 84 Forgotten Password and Reset to Factory Defaults 84 Wireless Networking 85 Recovering from Corrupted Software 87 Frequently Asked Questions 88 A IP ADDRESSING The Internet Protocol Suite 89 Managing the Router over the Network 89 IP Addresses and Subnet Masks 89 How does a Device Obtain an
C SAFETY INFORMATION D END USER SOFTWARE LICENSE AGREEMENT E OBTAINING SUPPORT FOR YOUR PRODUCT Register Your Product 103 Purchase Value-Added Services 103 Troubleshoot Online 104 Access Software Downloads 104 Telephone Technical Support and Repair Contact Us 105 GLOSSARY REGULATORY NOTICES INDEX 104
ABOUT THIS GUIDE This guide describes how to install and configure the OfficeConnect ADSL Wireless 11g Firewall Router (3CRWD100x-72). This guide is intended for use by those responsible for installing and setting up network equipment; consequently, it assumes a basic working knowledge of LANs (Local Area Networks) and Internet Routers.
6 ABOUT THIS GUIDE Conventions Table 1 and Table 2 list conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions. Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device. Warning Information that alerts you to potential personal injury.
Related Documentation 7 Example: ■ OfficeConnect ADSL Wireless 11g Firewall Router User Guide ■ Part Number DUA100A-72AAA01 ■ Page 24 Do not use this e-mail address for technical support questions. For information about contacting Technical Support, please refer to Appendix E. Related Documentation In addition to this guide, each Router document set includes one Installation Guide. This guide contains the instructions you need to install and configure your Router.
8 ABOUT THIS GUIDE
1 INTRODUCING THE ROUTER Welcome to the world of networking with 3Com®. In the modern business environment, communication and sharing information is crucial. Computer networks have proved to be one of the fastest modes of communication but, until recently, only large businesses could afford the networking advantage.
10 CHAPTER 1: INTRODUCING THE ROUTER Figure 1 Example Network Without a Router When you use the Router in your network (Figure 2), it becomes your connection to the Internet. Connections can be made directly to the Router, or to an OfficeConnect Switch or Hub, expanding the number of computers you can have in your network.
Router Advantages Router Advantages Package Contents 11 The advantages of the Router include: ■ Shared Internet connection for both wired and wireless computers ■ High speed 802.
12 CHAPTER 1: INTRODUCING THE ROUTER Minimum System and Component Requirements Front Panel Your Router requires that the computer(s) and components in your network be configured with at least the following: ■ A computer with an operating system that supports TCP/IP networking protocols (for example Windows 98/NT/Me/2000/XP, Unix, Mac OS 8.5 or higher). ■ An Ethernet 10 Mbps or 10/100 Mbps NIC for each computer to be connected to the four-port switch on your Router. ■ An 802.11b or 802.
Rear Panel 13 3 Online LED Green If this LED is on, your username/password has been authenticated successfully with your ISP. 4 Wireless LAN (WLAN) Status LED Green If the LED is on it indicates that wireless networking is enabled. If the LED is flashing, the link is OK and data is being transmitted or received. If the LED is off, the Wireless LAN has been disabled in the Router, or there is a problem. Refer to Chapter 6 “Troubleshooting”.
14 CHAPTER 1: INTRODUCING THE ROUTER 7 ADSL Port Using the RJ11 cable provided, you should connect your Router to the telephone socket via a splitter. 8 Power Adapter Socket Only use the power adapter that is supplied with this Router. Do not use any other adapter. 9 Reset Button If you want to reset your Router to factory default settings, and cannot access the web management interface (for example, due to a lost password), then you may use this button.
2 Introduction Safety Information INSTALLING THE ROUTER This chapter will guide you through a basic installation of the Router, including: ■ Connecting the Router to the Internet. ■ Connecting the Router to your network. ■ Setting up your computers for networking with the Router. Please note the following: WARNING: Please read the “Safety Information” section in Appendix C before you start.
16 CHAPTER 2: INSTALLING THE ROUTER When positioning your Router, ensure: Using the Rubber Feet Powering Up the Router ■ It is out of direct sunlight and away from sources of heat. ■ Cabling is away from power lines, fluorescent lighting fixtures, and sources of electrical noise such as radios, transmitters and broadband amplifiers. ■ Water or moisture cannot enter the case of the unit. ■ Air flow around the unit and through the vents in the side of the case is not restricted.
Connecting the Router 17 Figure 5 Connecting the Router net Power Supply Unit Inter Telephone Socket 3Com OfficeConnect ADSL Wireless 11g Firewall Router Splitter/ Microfilter Block Your PC Wireless Users 1 Run the provided telephone cable from the wall jack providing ADSL service to the ADSL port on your ADSL Router. When inserting an ADSL RJ-11 plug, be sure the tab on the plug clicks into position to ensure that it is properly seated.
18 CHAPTER 2: INSTALLING THE ROUTER Figure 6 Installing with a splitter
Connecting the Router 19 Figure 7 Installing without a splitter You have now completed the hardware installation of your Router. Next you need to set up your computers so that they can make use of the Router to communicate with the Internet. 3Com recommends that you perform the initial Router configuration from a computer that is directly connected to one of the LAN ports.
20 CHAPTER 2: INSTALLING THE ROUTER
3 SETTING UP YOUR COMPUTERS The Router has the ability to dynamically allocate network addresses to the computers on your network, using DHCP. However, your computers need to be configured correctly for this to take place. To change the configuration of your computers to allow this, follow the instructions in this chapter.
22 CHAPTER 3: SETTING UP YOUR COMPUTERS Figure 8 Local Area Properties Screen 6 Ensure that the options Obtain an IP Address automatically, and Obtain DNS server address automatically are both selected as shown in Figure 9. Click OK. Figure 9 Internet Protocol (TCP/IP) Properties Screen 7 Restart your computer.
Obtaining an IP Address Automatically 23 Windows XP 1 From the Windows Start menu, select Control Panel. 2 Click on Network and Internet Connections. 3 Click on the Network Connections icon. 4 Double click on LAN or High Speed Connection icon. A screen titled Local Area Connection Status will appear. 5 Select Internet Protocol TCP/IP and click on Properties. 6 Ensure that the options Obtain an IP Address automatically, and Obtain DNS servers automatically are both selected. Click OK.
24 CHAPTER 3: SETTING UP YOUR COMPUTERS Disabling PPPoE and PPTP Client Software If you have PPPoE client software installed on your computer, you will need to disable it. To do this: 1 From the Windows Start menu, select Settings > Control Panel. 2 Double click on Internet Options. 3 Select the Connections Tab. A screen similar to Figure 10 should be displayed. 4 Select the Never Dial a Connection option.
4 Accessing the Setup Wizard RUNNING THE SETUP WIZARD The Router setup program is Web-based, which means that it is accessed through your Web browser (Netscape Navigator 4.7 or higher, Internet Explorer 5.0 or higher, or Mozilla 1.2.1 or higher). To use the Setup Wizard: 1 Ensure that you have at least one computer connected to the Router. Refer to Chapter 2 for details on how to do this. 2 Launch your Web browser on the computer.
26 CHAPTER 4: RUNNING THE SETUP WIZARD Figure 12 Router Login Screen 5 When you have logged in either: ■ The Status screen will appear (Figure 13). Select Setup Wizard from the menu. or ■ If your Router has not been configured before, the Wizard will launch automatically (refer to Figure 14). 6 You will be guided step by step through a basic setup procedure.
Accessing the Setup Wizard Setup Wizard Connection Type 27 Figure 14 Connection Type Screen The Connection Type screen allows you to set up the Router for the type of Internet connection you have. Before setting up your connection type, have your account information from your ISP ready.
28 CHAPTER 4: RUNNING THE SETUP WIZARD PPPoE Mode Figure 15 PPPoE Screen To set up the router for use with a PPP over Ethernet (PPPoE) connection, use the following procedure: 1 Enter your PPP over Ethernet user name in the Username text box. 2 Enter your PPP over Ethernet password in the Password text box. 3 Re-type your PPP over Ethernet password in the Retype Password text box. 4 Enter your VPI and VCI information in the VPI/VCI text boxes.
Accessing the Setup Wizard 29 Figure 16 Wireless Settings Screen 7 Set the Wireless Channel you want to use from the Channel drop-down list. 8 Specify the SSID to be used by your Wireless Network in the SSID field. If there are other wireless networks in your area, you should give your wireless network a unique name.
30 CHAPTER 4: RUNNING THE SETUP WIZARD 5 Select the encapsulation type (LLC or VC MUX) in the Encapsulation drop-down list. This information will have been provided to you by your ISP. 6 Check all of your settings, and then click Next. The Wireless Settings screen is displayed. Figure 18 Wireless Settings Screen 7 Set the Wireless Channel you want to use from the Channel drop-down list. 8 Specify the SSID to be used by your Wireless Network in the SSID field.
Accessing the Setup Wizard 31 Bridge Mode (for a single PC) (RFC 1483 Bridged Mode) To set up the Router for use with an RFC1483 bridged connection: Figure 19 Bridged Mode Configuration Screen 1 Enter your VPI and VCI information in the VPI/VCI text boxes. 2 Select the encapsulation type (LLC or VC MUX) in the Encapsulation drop-down list. This information will have been provided to you by your ISP. 3 Check all of your settings, and then click Next. The Wireless Settings screen is displayed.
32 CHAPTER 4: RUNNING THE SETUP WIZARD Routing Mode over ATM (RFC 1483 Routed Mode) To set up the Router for use with an RFC1483 routed connection: Figure 21 Routing Mode Screen 1 Enter your Internet IP address in the WAN IP text box. 2 Enter the subnet mask in the Subnet Mask text box. 3 Enter the default router in the Default Gateway text box. 4 Enter the DNS address in the DNS text box. 5 Enter your VPI and VCI information in the VPI/VCI text boxes.
Accessing the Setup Wizard 33 8 Set the Wireless Channel you want to use from the Channel drop-down list. 9 Specify the SSID to be used by your Wireless Network in the SSID field. If there are other wireless networks in your area, you should give your wireless network a unique name. Dynamic/Fixed IP in 1483 Bridge Mode (For Multiple PCs) For bridge mode to work, you need to assign an IP address to the Router.
34 CHAPTER 4: RUNNING THE SETUP WIZARD Figure 24 Wireless Settings Screen 8 Set the Wireless Channel you want to use from the Channel drop-down list. 9 Specify the SSID to be used by your Wireless Network in the SSID field. If there are other wireless networks in your area, you should give your wireless network a unique name. Configuration Summary Figure 25 Configuration Summary Screen When you complete the Setup Wizard, a configuration summary will display.
5 CONFIGURING THE ROUTER Navigating Through the Router Configuration Pages Main Menu Status Screen This chapter describes all the screens available through the Router configuration pages, and is provided as a reference. To get to the configuration pages, browse to the Router by entering the URL in the location bar of your browser. The default URL is http://192.168.1.1 but if you changed the Router LAN IP address during initial configuration, use the new IP address instead.
36 CHAPTER 5: CONFIGURING THE ROUTER LAN Setup Your Router is equipped with a DHCP server that will automatically assign IP addresses to each computer on your network. The factory default settings for the DHCP server will work in most any application. If you need to make changes to the settings, you can do so. The changes that you can make are: ■ Change the Internal IP address of the Router. The default is 192.168.1.1 ■ Change the Subnet Mask. The default is 255.255.255.
LAN Setup LAN Settings 37 The LAN Settings screen is used to specify the LAN IP address of your Router, and to configure the DHCP server. Figure 27 LAN Settings Screen 1 Select LAN Settings and then specify the Router IP Address and Subnet Mask in the appropriate fields. The default IP address of the Router is 192.168.1.1. 2 If you want to use the Router as a DHCP Server, click in the On check option.
38 CHAPTER 5: CONFIGURING THE ROUTER DHCP Clients List The DHCP Clients List provides details on the devices that have received IP addresses from the Router. The list is only created when the Router is set up as a DHCP server. For each device that is connected to the LAN the following information is displayed: ■ IP address — The Internet Protocol (IP) address issued to the client machine. ■ Host Name — The client machine’s host name, if configured.
Wireless Settings Wireless Settings 39 From these pages, you can configure the settings for wireless connections. Figure 29 Wireless Settings Screen This screen allows you to enable or disable the wireless section of your LAN. When disabled, no wireless PCs can gain access to either the Internet or other PCs on your Wired or Wireless LAN through this Router. Select the required setting, and press Apply.
40 CHAPTER 5: CONFIGURING THE ROUTER To enable Wireless function: 1 Select the Wireless Channel you want to use from the Channel drop-down list. 2 Specify the SSID to be used by your Wireless Network in the SSID field. If there are other wireless networks in your area, you should give your wireless network a unique name. 3 Enable or disable SSID Broadcast.
Wireless Settings ■ WPA-PSK (no Server) (see page 41) ■ 128-bit WEP (see page 42) ■ 64-bit WEP (see page 43) ■ WPA (with RADIUS Server) (see page 44) 41 Select the required value from the drop down list, and press Apply. Disabled In this mode, wireless transmissions will not be encrypted, and will be visible to everyone. However, when setting up or debugging wireless networks, it is often useful to use this security mode.
42 CHAPTER 5: CONFIGURING THE ROUTER 2 Optionally, check the Hide PSK check box, if you want the key that you enter to be shown on the screen as a series of asterisks (*). 3 Click Apply. 128-bit WEP WEP is the basic mechanism to transmit your data securely over the wireless network. Matching encryption keys must be setup on your Router and wireless client devices to use WEP.
Wireless Settings 43 64-bit WEP WEP is the basic mechanism to transmit your data securely over the wireless network. Matching encryption keys must be setup on your Router and wireless client devices to use WEP. Figure 34 64-bit WEP Screen To enable 64-bit WEP: 1 Manually enter the key: ■ enter the WEP key as 5 pairs of hex digits (0-9, A-F). Automatically generate the key: ■ enter a memorable passphrase in the Passphrase box, and then click Generate to generate the hex keys from the passphrase.
44 CHAPTER 5: CONFIGURING THE ROUTER WPA (with RADIUS Server) WPA (WiFi Protected Access) provides dynamic key changes and constitutes the best security solution. On a wireless network where not all devices support WPA, WEP (Wired Equivalent Privacy) should be used. Wireless Protected Access using a server to distribute keys to the clients, and this function requires that a Radius server is running on the network.
Wireless Settings 45 Wireless WDS Settings The Router supports WDS (Wireless Distribution System). WDS enables one or more Access Points to rebroadcast received signals to extend range and reach, though this can affect the overall throughput of data. Figure 36 Wireless WDS Settings Screen To enable wireless repeating: 1 Check the Enable WDS check box. 2 Enter the MAC address(es) of one or more access points in the AP MAC Address table. 3 Click Apply.
46 CHAPTER 5: CONFIGURING THE ROUTER Internet Settings Connection Type From these pages, you can configure the settings for your DSL connection. The Internet Settings screen is used to configure the parameters for your DSL connection. The information necessary to complete these screens should be obtained from your ISP. Check with your ISP as for what type of connection you should choose.
Internet Settings 47 PPPoE PPP over Ethernet, providing routing for multiple PCs. To configure this page correctly, you should obtain the information on this page from your ISP. Figure 38 PPPoE Settings Screen 1 Select PPPoE from the Protocol drop-down menu. 2 Then enter the IP address and Subnet Mask information provided by your ISP into the IP address and Subnet Mask fields. 3 Enter the VPI and VCI parameters provided to you by your ISP in the VPI and VCI fields.
48 CHAPTER 5: CONFIGURING THE ROUTER ■ VBR (variable bit rate): QoS class defined by the ATM Forum for ATM networks. VBR is subdivided into a real time (RT) class and non-real time (NRT) class. VBR (RT) is used for connections in which there is a fixed timing relationship between samples. VBR (NRT) is used for connections in which there is no fixed timing relationship between samples, but that still need a guaranteed QoS. Compare with ABR, CBR, and UBR. 6 Enter the PCR/SCR/MBS values.
Internet Settings 49 PPPoA PPP over ATM, this is a popular choice among European DSL providers. To configure this page correctly, you should obtain the information on this page from your ISP. Figure 39 PPPoA Settings Screen 1 Select PPPoA from the Protocol drop-down menu. 2 Enter the VPI and VCI parameters provided to you by your ISP in the VPI and VCI fields. 3 Select the encapsulation type (LLC or VC MUX) in the Encapsulation Type field. This information is provided to you by your ISP.
50 CHAPTER 5: CONFIGURING THE ROUTER non-real time (NRT) class. VBR (RT) is used for connections in which there is a fixed timing relationship between samples. VBR (NRT) is used for connections in which there is no fixed timing relationship between samples, but that still need a guaranteed QoS. Compare with ABR, CBR, and UBR. 5 Enter the PCR/SCR/MBS values. 6 IP assigned by ISP: ■ ■ If your ISP assigns your IP address dynamically then select Yes in the IP assigned by ISP field and proceed to step 7.
Internet Settings 51 Bridge Mode (For a Single PC) (RFC 1483 Bridged Mode) If the ISP limits some specific computers to access Internet, that means only the traffic to/from these computers will be forwarded and the other will be filtered. In this case, bridge modem is used to connect to the ISP. The ISP will generally give one Internet account and limit only one computer to access the Internet. Check with your ISP to determine if this mode is used for your DSL connection.
52 CHAPTER 5: CONFIGURING THE ROUTER such as traditional computer communications applications. The UBR service may be considered as "best effort service". ■ VBR (variable bit rate): QoS class defined by the ATM Forum for ATM networks. VBR is subdivided into a real time (RT) class and non-real time (NRT) class. VBR (RT) is used for connections in which there is a fixed timing relationship between samples.
Internet Settings 53 4 Select the encapsulation type (LLC or VC MUX) in the Encapsulation field. This information will have been provided to you by your ISP. 5 Select the type of Quality of Service that you want from the QoS Class drop-down menu. ■ ■ ■ CBR (constant bit rate): the CBR service class is intended for real-time applications, for example, those requiring tightly constrained delay and delay variation, such as voice and video applications.
54 CHAPTER 5: CONFIGURING THE ROUTER Figure 42 Dynamic/Fixed IP for Bridge Mode Screen After clicking Edit on the ATM PVC page, the ATM Interface page appears. 1 Select Dynamic/Fixed IP for Bridge Mode from the Protocol drop-down menu. 2 Enter the IP address, Subnet Mask and Default Gateway information provided by your ISP into the IP address, Subnet Mask and ISP Default Gateway fields. 3 Enter the VPI and VCI parameters provided to you by your ISP in the VPI and VCI fields.
Internet Settings 55 non-real time (NRT) class. VBR (RT) is used for connections in which there is a fixed timing relationship between samples. VBR (NRT) is used for connections in which there is no fixed timing relationship between samples, but that still need a guaranteed QoS. Compare with ABR, CBR, and UBR. 6 Enter the PCR/SCR/MBS values. 7 If your ISP uses DHCP to automatically assign IP addresses, check the DHCP Client box. 8 Click Apply.
56 CHAPTER 5: CONFIGURING THE ROUTER Figure 44 DNS Screen If the DNS information is automatically provided by your ISP every time you connect to it, check the Automatic from ISP box. If your ISP provided you with specific DNS addresses to use, enter them into the appropriate fields on this screen and click Apply. Many ISPs do not require you to enter this information into the Router.
Firewall 57 Some ISPs require a host name. If your ISP has this requirement, enter the host name in the Host Name field. 1 Three different ways to configure this page: ■ If your ISP requires an assigned MAC address, enter the values for a WAN MAC address or ■ If the computer you are now using is the one that was previously connected directly to the cable modem, select Clone or ■ To reset the MAC Address to the default, select Reset MAC. 2 Click Apply to save the settings.
58 CHAPTER 5: CONFIGURING THE ROUTER To enable the firewall function: 1 Select the level of protection (High Level, Medium Level, Low Level, or Disable) that you desire from the Firewall Enable/Disable drop-down menu. 2 Click Apply. Special Applications Special Applications let you choose specific ports to be open for specific applications to work properly with the Network Address Translation (NAT) feature of the Router.
Firewall 59 To manually enter the port information: 1 Specify the trigger port (the one used by the application when it is initialized) in the Trigger Port column, and specify whether the trigger is TCP or UDP. 2 Specify the Public Ports used by the application, that will need to be opened up in the firewall for the application to work properly. Also specify whether these ports are TCP or UDP. 3 Click Apply.
60 CHAPTER 5: CONFIGURING THE ROUTER 3 Enter the port type (TCP, UDP, or both TCP and UDP). 4 Specify the public port that will be seen by clients on the Internet, and the LAN port which the traffic will be routed to. 5 You can enable or disable each Virtual Server entry by checking or unchecking the appropriate Enable check box. 6 Click Apply to save the changes for each Virtual Server entry.
Firewall 61 To configure new access control to specific Internet services: 1 Click on Add PC. A screen similar to Figure 50 will appear. Figure 50 Add PC Screen 2 Enter a description for the filter you are defining in the Client PC Description field. 3 Enter the IP address or IP address range into the Client PC IP Address fields. 4 Select the services to be blocked. A list of popular services is given on this screen, to block a particular service place a check in the appropriate Blocking check box.
62 CHAPTER 5: CONFIGURING THE ROUTER URL Filter To configure the URL filter feature, use the table on the URL Filter page to specify the Web sites (www.somesite.com) and/or keywords you want to filter on your network. For example, entering a keyword of xxx would block access to any URL that contains the string xxx. Figure 51 URL Filter Screen To complete this configuration, you will need to create or modify an access rule in the Access Control section (see “Access Control” on page 60).
Firewall 63 Content Filter You can use the list on the Content Filter page to specify the type of content that you want to filter out. The Router comes with a 14-day free trial of the 3Com Content Filter Service (3CSBCFS). To activate the 14-day free trial of the service, you must first register your Router at www.3com.com. To continue using the service after the trial period, you must purchase the 12-month subscription license.
64 CHAPTER 5: CONFIGURING THE ROUTER 4 A list of categories is listed under Core Categories and Productivity Categories. You can define what content should be viewed/blocked using the Allow/Deny option. The Deny option is used to filter out the content that contains the specific subject matter. Content with a specific subject matter will not be filtered out if the Allow option is checked. 5 Click Apply for the changes to take effect.
Firewall 65 Figure 54 Add Schedule Rule Screen 2 Enter a name and comment for the schedule rule in the Name and Comment fields. 3 Specify the schedule rules for the required days and times - note that all times should be in 24 hour format. 4 Click Apply. MAC Address Filtering The MAC Address Filter is a powerful security feature that allows you to specify which computers are allowed on the wireless network.
66 CHAPTER 5: CONFIGURING THE ROUTER To enable the MAC Address Filtering feature: 1 Click Enable for the Enable MAC Address Filtering option. 2 In the Access Rule for registered MAC address option, select Allow or Deny to determine the access rights for the list of addresses defined in the MAC Address Filtering List.
Firewall 67 To put a computer in the DMZ, enter the last digits of its LAN IP address in the Static IP field. Put the IP address (if known) that will be accessing the DMZ PC into the Public IP field, so that only the computer on the Internet at this address can access this PC without firewall protection. If the IP address is not known, or if more than one PC on the Internet will need to access this PC, then set the Public IP to 0.0.0.0. Click Apply.
68 CHAPTER 5: CONFIGURING THE ROUTER Advanced From the Advanced screen, you can configure: ■ NAT (Network Address Translation) ■ Universal Plug and Play ■ WAN Ping Blocking ■ Remote Admin Three sub-menu items can also be configures in this page: ■ Routing ■ DDNS ■ SNMP Figure 57 Advanced Screen NAT ■ NAT — Before you enable NAT (Network Address Translation), make sure you have changed the administrator password.
Advanced 69 you turn NAT off, the computers on your network will not be able to access the Internet. Other problems may also occur. ■ IPSEC NAT-T Pass-through — NAT-T (NAT Traversal) is an Internet Draft proposed to IETF in order to help the problems associated with passing IPsec traffic through NAT Routers. For NAT-T to work, both ends of the connection need to support this function. Ensure that you select NAT-T only if it is needed as it will reduce LAN-WAN throughput.
70 CHAPTER 5: CONFIGURING THE ROUTER Remote Administration allows you to make changes to your Router’s settings from anywhere on the Internet. You can choose to either: Routing ■ Click the check box to enable any PC on the network to remotely manage your Router. ■ Enter one specific IP address that can remotely manage your router. This is more secure, as only the specified IP address will be able to manage the Router.
Advanced ■ 71 Gateway — the router used to route data to the network specified by the network address. To add a static route entry to the table, click Add and on the screen that appears type in the network address, subnet mask and router. To change an entry, click Edit and to delete an entry, click Delete. After you have finished making changes to the table, click Apply. RIP Parameters Figure 59 RIP Parameter Screen You can set up RIP independently on both LAN and WAN interfaces.
72 CHAPTER 5: CONFIGURING THE ROUTER 3Com recommends that you only use RIPv1 if there is an existing RIP-enabled device on your network that does not support RIPv2. In all other cases, you should use RIPv2. 5 Use the Poison Reverse drop-down list to enable or disable Poison Reverse on the router. Enabling Poison Reverse on your Router allows it to indicate to other RIP-enabled devices that they have both routes that point to each other, preventing data loops.
Advanced DDNS 73 The Router provides a list of dynamic DNS providers for you to choose from. Dynamic Domain Name Server (DDNS) enables you to map a static domain name to a dynamic IP address. The Router supports two DDNS providers: TZO.com and DYNDNS. Before you set up DDNS, you must obtain an account, password and static domain name from your DDNS provider. DDNS is disabled by default. Figure 61 Dynamic Domain Server (DDNS) Screen To set up Dynamic DNS: 1 Select the Dynamic DNS Enable option.
74 CHAPTER 5: CONFIGURING THE ROUTER SNMP SNMP (Simple Network Management Protocol) allows remote management of your router by a PC that has an SNMP management agent installed. SNMP Community Figure 62 SNMP Screen To Configure SNMP: 1 In the Community column, enter the name of the SNMP communication channel. Your SNMP management agent needs to be configured with this name so that it can communicate with your router.
System Tools 75 SNMP Trap You can configure your router to send status messages to the SNMP management agent if a problem occurs on the network. To configure traps: 1 In the IP Address field, enter the IP address of the PC to which you want your router to send status messages. 2 In the Community field, enter the name of the SNMP communication channel to which you want your router to send status messages.
76 CHAPTER 5: CONFIGURING THE ROUTER Reset to Factory Default Figure 64 Reset to Factory Default Screen Using this option will reset all of the settings in the Router to the factory (default) settings. It is recommended that you backup your settings before you restore all of the defaults. To restore the factory default settings, click Reset. Backup/Restore Settings Figure 65 Backup/Restore Settings Screen You can save your current configuration by clicking Save in Backup Settings.
System Tools Upgrade 77 From time to time 3Com may release new versions of the Router’s firmware. Firmware updates contain improvements and fixes to problems that may have existed. Figure 66 Upgrade Screen Please download the firmware file to your PC first, and then click Browse and select the firmware file. Click Upgrade to upload the firmware to the Router. Admin Password The Router ships with a default password of admin. 3Com recommends that you change the password for added security.
78 CHAPTER 5: CONFIGURING THE ROUTER To change the password: 1 Enter the current password into the Current Password field. 2 Enter the new password into the New Password and Confirm new Password fields. 3 Click Apply. The login timeout option allows you to set the period of time that you can be logged into the Router's setup interface. The timer starts when there is no activity. For example, you have made some changes in the setup interface, then left your computer alone without clicking "Logout".
System Tools 79 a checkmark in the box next to Enable Daylight Saving. The system clock may not update immediately. Allow at least 15 minutes for the router to contact the time servers on the Internet and get a response. You cannot set the clock yourself. You can specify which SNTP servers the Router will use to update it’s system clock, although doing this should only be necessary if you are experiencing difficulty.
80 CHAPTER 5: CONFIGURING THE ROUTER Status and Logs Status You can use the Status Screen to view version numbers for your router’s software and hardware and check the status of connections to WAN, LAN and WLAN interfaces. Figure 70 Status Screen This screen shows Router status and statistics. ADSL Status Figure 71 ADSL Status Screen This screen shows ADSL modem status and statistics.
Status and Logs ATM PVC Status 81 Figure 72 ATM PVC Status Screen This screen shows ATM PVC status and statistics. Logs ■ Click Disconnect to disconnect from your ISP. ■ Click Connect to connect to your ISP. Figure 73 Logs Screen This screen shows any attempts that have been made to gain access to your network as well as the system activities. ■ Click Refresh to update the display. ■ Click Clear to clear the log (note that all current entries will be erased).
82 CHAPTER 5: CONFIGURING THE ROUTER Support/Feedback Support You can use the Support/Feedback screen to obtain support and help. Figure 74 Support Screen This screen shows support information. Feedback To provide feedback to 3Com, please click Provide Feedback, and this will connect you to 3Com Web site. Figure 75 Feedback Screen This screen shows feedback information.
6 Basic Connection Checks Browsing to the Router Configuration Screens TROUBLESHOOTING ■ Check that the Router is connected to your computers and to the telephone line, and that all the equipment is powered on. Check that the LAN Status and SYNC LEDs on the Router are illuminated, and that any corresponding LEDs on the NIC are also illuminated. ■ Ensure that the computers have completed their start-up procedure and are ready for use.
84 CHAPTER 6: TROUBLESHOOTING ■ Connecting to the Internet Forgotten Password and Reset to Factory Defaults If you cannot browse to the Router, use the winipcfg utility in Windows 95/98/ME to verify that your computer has received the correct address information from the Router. From the Start menu, choose Run and then enter winipcfg. Check that the computer has an IP address of the form 192.168.1.xxx (where xxx is in the range 2-254), the subnet mask is 255.255.255.0, and the default Router is 192.
Wireless Networking 85 4 Press and hold the Reset button on the rear panel (see “Rear Panel” on page 13) for 5 seconds. 5 The Router will restart, and when the start-up sequence has completed, browse to: http://192.168.1.1 and run the configuration wizard. You may need to restart your computer before you attempt this. 6 When the configuration wizard has completed, you may reconnect your network as it was before. Wireless Networking ■ Ensure that you have an 802.11b or 802.
86 CHAPTER 6: TROUBLESHOOTING Additionally consider moving the wireless computer closer to the Router to confirm that the building structure or fittings are not adversely affecting the connectivity. If this resolves the problem consider relocating the Wireless computer or the Router, or trying a different channel on the Router. ■ Sources of interference: The 2.4Ghz ISM band is used for 802.11b and 802.11g.
Recovering from Corrupted Software Recovering from Corrupted Software 87 If the system software has become corrupted, the Router will enter a “recovery” state; DHCP is enabled, and the LAN IP address is set to 192.168.1.1. Follow the instructions below to upload a new copy of the system software to a Router unit in this state. Ensure that one of your computers has a copy of the new software image file stored on its hard disk or available on CD-ROM.
88 CHAPTER 6: TROUBLESHOOTING Frequently Asked Questions How do I reset the Router to Factory Defaults? See “Forgotten Password and Reset to Factory Defaults” on page 84. How many computers on the LAN does the Router support? A maximum of 253 computers on the LAN are supported. How many wireless clients does the Router support? A maximum of 128 wireless clients are supported. There are only 4 LAN ports on the Router.
A IP ADDRESSING The Internet Protocol Suite The Internet protocol suite consists of a well-defined set of communications protocols and several standard application protocols. Transmission Control Protocol/Internet Protocol (TCP/IP) is probably the most widely known and is a combination of two of the protocols (IP and TCP) working together.
90 APPENDIX A: IP ADDRESSING For your network to work correctly, all devices on the network must have: ■ The same sub-network address. ■ The same subnet mask. The only value that will be different is the specific host device number. This value must always be unique. An example IP address is ‘192.168.100.8’. However, the size of the network determines the structure of this IP Address. In using the Router, you will probably only encounter two types of IP Address and subnet mask structures.
How does a Device Obtain an IP Address and Subnet Mask? 91 This type of IP Address operates on a subnet mask of ‘255.255.0.0’. See Table 4 for an example about how a network (only four computers represented) and a Router might be configured. Table 4 IP Addressing and Subnet Masking How does a Device Obtain an IP Address and Subnet Mask? DHCP Addressing Device IP Address Subnet Mask PC 1 192.168.100.8 255.255.0.0 PC 2 192.168.201.30 255.255.0.0 PC 3 192.168.113.155 255.255.0.0 PC 4 192.168.
92 APPENDIX A: IP ADDRESSING an IP address at random from the industry standard subnet of 169.254.x.x (with a subnet mask of 255.255.0.0). If two devices allocate themselves the same address, the conflict is detected and one of the devices allocates itself a new address. Automatic IP addressing support was introduced by Microsoft in the Windows 98 operating system and is also supported in Windows 2000.
B TECHNICAL SPECIFICATIONS This section lists the technical specifications for the OfficeConnect ADSL Wireless 11g Firewall Router. OfficeConnect ADSL Wireless 11g Firewall Router Interfaces DSL connection LAN connection — four 10Mbps/100Mbps dual speed Ethernet ports (10BASE-T/100BASE-TX) WLAN Interfaces Standard IEEE 802.11g, Direct Sequence Spread Spectrum (DSSS) Transmission rate: 54Mbps, automatic fallback to 48, 36, 24, 18, 12, or 6 Mbps Maximum channels: 14 Range up to 304.
94 APPENDIX B: TECHNICAL SPECIFICATIONS Maximum clients: 128 O/P Power 16dBm Operating Temperature 0 °C to 40 °C (32 °F to 105 °F) Power 8VA, 25 BThU/hr Humidity 0% to 90% (non-condensing) humidity Dimensions ■ Width = 220 mm (8.7 in.) ■ Depth = 133 mm (5.2 in.) ■ Height = 38 mm (1.5 in.) Weight Approximately 550 g (1.1 lbs) Standards Functional: ISO 8802/3 IEEE 802.3 IEEE 802.11b, 802.
OfficeConnect ADSL Wireless 11g Firewall Router System Requirements 95 Operating Systems The Router will support the following Operating Systems: Ethernet Performance Cable Specifications ■ Windows 95/98 ■ Windows NT 4.0 ■ Windows ME ■ Windows 2000 ■ Windows XP ■ Mac OS 8.5 or higher ■ Unix The Router complies to the IEEE 802.3i, u and x specifications.
96 APPENDIX B: TECHNICAL SPECIFICATIONS
C SAFETY INFORMATION Important Safety Information WARNING: Warnings contain directions that you must follow for your personal safety. Follow all directions carefully. You must read the following safety information carefully before you install or remove the unit: WARNING: The Router generates and uses radio frequency (rf) energy. In some environments, the use of rf energy is not permitted. The user should seek local advice on whether or not rf energy is permitted within the area of intended use.
98 APPENDIX C: SAFETY INFORMATION WARNING: RJ-45 ports. These are shielded RJ-45 data sockets. They cannot be used as telephone sockets. Only connect RJ-45 data connectors to these sockets. Wichtige Sicherheitshinweise VORSICHT: Warnhinweise enthalten Anweisungen, die Sie zu Ihrer eigenen Sicherheit befolgen müssen. Alle Anweisungen sind sorgfältig zu befolgen.
99 VORSICHT: Es sind keine von dem Benutzer zu ersetzende oder zu wartende Teile in dem Gerät vorhanden. Wenn Sie ein Problem mit dem Router haben, das nicht mittels der Fehleranalyse in dieser Anleitung behoben werden kann, setzen Sie sich mit Ihrem Lieferanten in Verbindung. VORSICHT: Vor dem Ausbau des Geräts das Netzadapterkabel herausziehen. VORSICHT: RJ-45-Anschlüsse. Dies sind abgeschirmte RJ-45-Datenbuchsen. Sie können nicht als Telefonanschlußbuchsen verwendet werden.
100 APPENDIX C: SAFETY INFORMATION conditions ne sont maintenues que si l'équipement auquel il est raccordé fonctionne dans les mêmes conditions. AVERTISSEMENT: Il n’y a pas de parties remplaceables par les utilisateurs ou entretenues par les utilisateurs à l’intérieur du moyeu. Si vous avez un problème physique avec le moyeu qui ne peut pas être résolu avec les actions de la résolution des problèmes dans ce guide, contacter votre fournisseur.
D END USER SOFTWARE LICENSE AGREEMENT 3Com Corporation END USER SOFTWARE LICENSE AGREEMENT YOU SHOULD CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS BEFORE DOWNLOADING, INSTALLING AND USING THIS PRODUCT, THE USE OF WHICH IS LICENSED BY 3COM CORPORATION ("3COM") TO ITS CUSTOMERS FOR THEIR USE ONLY AS SET FORTH BELOW. DOWNLOADING, INSTALLING OR OTHERWISE USING ANY PART OF THE SOFTWARE OR DOCUMENTATION INDICATES THAT YOU ACCEPT THESE TERMS AND CONDITIONS.
102 APPENDIX D: END USER SOFTWARE LICENSE AGREEMENT and developed solely at private expense. The Software is delivered as "Commercial Computer Software" as defined in DFARS 252.227-7014 (June 1995) or as a commercial item as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in this Agreement, which is 3Com's standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov. 1995) or FAR 52.
E Register Your Product OBTAINING SUPPORT FOR YOUR PRODUCT Warranty and other service benefits start from the date of purchase, so it is important to register your product quickly to ensure you get full use of the warranty and other service benefits available to you. Warranty and other service benefits are enabled through product registration. Register your product at http://eSupport.3com.com/. 3Com eSupport services are based on accounts that you create or have authorization to access.
104 APPENDIX E: OBTAINING SUPPORT FOR YOUR PRODUCT Troubleshoot Online You will find support tools posted on the 3Com Web site at www.3com.com. 3Com Knowledgebase helps you troubleshoot 3Com products. This query-based interactive tool is located at http://knowledgebase.3com.com and contains thousands of technical solutions written by 3Com support engineers. Access Software Downloads Software Updates are the bug fix/maintenance releases for the version of software initially purchased with the product.
Contact Us 105 To send a product directly to 3Com for repair, you must first obtain a return authorization number (RMA). Products sent to 3Com, without authorization numbers clearly marked on the outside of the package, will be returned to the sender unopened, at the sender’s expense. If your product is registered and under warranty, you can obtain an RMA number online at http://eSupport.3com.com/. First time users will need to apply for a user name and password.
106 APPENDIX E: OBTAINING SUPPORT FOR YOUR PRODUCT Country Telephone Number Country Telephone Number Austria Belgium Denmark Finland France Germany Hungary Ireland Israel Italy 0800 297 468 0800 71429 800 17309 0800 113153 0800 917959 0800 182 1502 06800 12813 1 800 553 117 1800 945 3794 800 879489 Luxembourg Netherlands Norway Poland Portugal South Africa Spain Sweden Switzerland U.K.
Contact Us Country Telephone Number Country US and Canada Telephone Technical Support and Repair 1 800 876 3266 107 Telephone Number
108 APPENDIX E: OBTAINING SUPPORT FOR YOUR PRODUCT
GLOSSARY 802.11b The IEEE specification for wireless Ethernet which allows speeds of up to 11 Mbps. The standard provides for 1, 2, 5.5 and 11 Mbps data rates. The rates will switch automatically depending on range and environment. 802.11g The IEEE specification for wireless Ethernet which allows speeds of up to 54 Mbps. The standard provides for 6, 12, 24, 36, 48 and 54 Mbps data rates. The rates will switch automatically depending on range and environment.
110 GLOSSARY common speed. The order of preference (best first) is: 100BASE-TX full duplex, 100BASE-TX half duplex, 10BASE-T full duplex, and 10BASE-T half duplex. Auto-negotiation is defined in the IEEE 802.3 standard for Ethernet and is an operation that takes place in a few milliseconds. Bandwidth The information capacity, measured in bits per second, that a channel can transmit. The bandwidth of Ethernet is 10 Mbps, the bandwidth of Fast Ethernet is 100 Mbps. The bandwidth for 802.
GLOSSARY 111 host computers and their respective domain names and IP addresses, so that when a domain name is requested (as in typing “3com.com” into your Internet browser), the user is sent to the proper IP address. The DNS server address used by the computers on your home network is the location of the DNS server your ISP has assigned. DSL modem DSL stands for digital subscriber line. A DSL modem uses your existing phone lines to send and receive data at high speeds.
112 GLOSSARY IEEE Institute of Electrical and Electronics Engineers. This American organization was founded in 1963 and sets standards for computers and communications. IETF Internet Engineering Task Force. An organization responsible for providing engineering solutions for TCP/IP networks. In the network management area, this group is responsible for the development of the SNMP protocol. Infrastructure mode Infrastructure mode is the wireless configuration supported by the Router.
GLOSSARY 113 MAC Media Access Control. A protocol specified by the IEEE for determining which devices have access to a network at any one time. MAC Address Media Access Control Address. Also called the hardware or physical address. A layer 2 address associated with a particular network device. Most devices that connect to a LAN have a MAC address assigned to them as they are used to identify other devices in a network. MAC addresses are 6 bytes long. NAT Network Address Translation.
114 GLOSSARY Router A device that acts as a central hub by connecting to each computer's network interface card and managing the data traffic between the local network and the Internet. Server A computer in a network that is shared by multiple end stations. Servers provide end stations with access to shared network services such as computer files and printer queues. SSID Service Set Identifier. Some vendors of wireless products use SSID interchangeably with ESSID.
GLOSSARY 115 universal plug and play Universal plug and play is a system which allows compatible applications to read some of their settings from the Router. This allows them to automatically configure some, or all, of their settings and need less user configuration. URL Filter A URL Filter is a feature of a firewall that allows it to stop its clients form browsing inappropriate Web sites. WAN Wide Area Network.
116 GLOSSARY WLAN WPA Wireless Local Area Network. A WLAN is a group of computers and devices connected together by wireless in a relatively small area (such as a house or office). Wi-Fi Protected Access. A dynamically changing encryption mechanism for wireless networking. Encryption strength is 256 bit.
117 REGULATORY NOTICES GENERAL STATEMENTS The 3Com OfficeConnect ADSL 11g Firewall Router, Model Number: WL-542 (3CRWDR100A-72, 3CRWDR100A-72, 3CRWDR100A-72) must be installed and used in strict accordance with the manufacturer's instructions as described in the user documentation that comes with the product. This product contains encryption. It is unlawful to export out of the U.S. without obtaining a U.S. Export License. This product does not contain any user serviceable components.
118 interference that may cause undesired operation. 3Com OfficeConnect ADSL 11g Firewall Router Model WL-542 INDUSTRY CANADA - RF COMPLIANCE This device complies with RSS 210 of Industry Canada. Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of this device.
119 NOTE: To ensure product operation is in compliance with local regulations, select the country in which the product is installed. Refer to 3CRWDR100A-72, 3CRWDR100A-72, 3CRWDR100A-72 User Guide. English Hereby, 3Com Corporation, declares that this RLAN device is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC.
120 EU - RESTRICTIONS FOR USE IN THE 2.4GHZ BAND BRAZIL RF COMPLIANCE This device may be operated indoors or outdoors in all countries of the European Community using the 2.4GHz band: Channels 1 - 13, except where noted below. ■ In Italy the end-user must apply for a license from the national spectrum authority to operate this device outdoors. ■ In Belgium outdoor operation is only permitted using the 2.46 - 2.4835 GHz band: Channel 13. ■ In France outdoor operation is only permitted using the 2.
INDEX 128-bit WEP 46 128-bit WEP Screen 46 1483 Bridge Mode 55 64-bit WEP Screen 47 DNS Screen 55 DSL mode 29 Dynamic Domain Server (DDNS) Screen 70 Dynamic IP Address 34 Dynamic/Fixed IP for Bridge Mode Screen 35, 55 DYNDNS 70 A E Access Control Screen 62 Add PC Screen 63 Add Schedule Rule Screen 65 Addresses IP 85 Admin Password Screen 75 ADSL Status Screen 77 Advanced Screen 68 Automatic Addressing 87 Editing DHCP Clients List Screen 42 Encryption Screen 44 Encryption, disabling 45 Numbers B Back
122 INDEX configuring 56 MAC Address Filtering Screen 66 mode 30 N NAT (Network Address Translation) 68 NAT-T (NAT Traversal) 68 Network addresses 85 Networking wireless 81 NIC wireless 14 P Password 27, 75 Poison Reverse 58 PPPoA 31 PPPoA Screen 31 PPPoA Settings Screen 52 PPPoE 26, 30, 31 PPPoE Screen 30 PPPoE Settings Screen 51 R Remote Admin 68 Reset to Factory Default Screen 73 Reset to Factory Defaults 80 Restart Router Screen 73 RFC 1483 Bridged Mode 32, 53 RFC 1483 Routed Mode 34 RIP (Routing I
