Administrator’s Handbook Motorola Netopia Embedded Software Version 7.8.
Administrator’s Handbook Copyright Copyright © 2009 by Motorola, Inc. All rights reserved. No part of this publication may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation or adaptation) without written permission from Motorola, Inc. Motorola reserves the right to revise this publication and to make changes in content from time to time without obligation on the part of Motorola to provide notification of such revision or change.
Table of Contents Table of Contents CHAPTER 1 Setting up Your Motorola Netopia® Gateway .......... 7 What’s New in 7.8.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Important Safety Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 POWER SUPPLY INSTALLATION. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 TELECOMMUNICATION INSTALLATION . . . . . . . . . . . . . . . . . . . . . . . 9 PRODUCT VENTILATION . . . . . . . . . . . . . . . . . . . . . . . .
Administrator’s Handbook CHAPTER 3 Expert Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 Home Page - Expert Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Home Page Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Links Bar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents CHAPTER 5 Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 Starting and Ending a CLI Session . . . . . . . . . . . . . . . . . . . . 131 Logging In. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Ending a CLI Session. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Saving Settings .
Administrator’s Handbook CHAPTER 6 Technical Specifications and Safety Information Description . . . .245 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Power requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .245 Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .245 Software and protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .245 Agency approvals .
CHAPTER 1 Setting up Your Motorola Netopia® Gateway This Administrator’s Handbook covers the advanced features of the Motorola Netopia® 2200- 3300and 7000-Series Gateway family. Your Motorola Netopia® equipment offers advanced configuration features accessed through the Webbased interface screens and the Command Line Interface (CLI). This Administrator’s Handbook documents the advanced features, including advanced testing, security, monitoring, and configuration.
Administrator’s Handbook What’s New in 7.8.2 ❑ WFA WMM Automatic Unscheduled Power Save support. No user configuration required. ❑ Wireless MAC Filter for each SSID. See “Enable Multiple Wireless IDs” on page 39 and “Wireless MAC Address Authorization Settings” on page 222. ❑ Wireless Scheduler. See “Enable Wireless Scheduler” on page 32 and “Wireless Settings (supported models)” on page 216. ❑ ADSL and VDSL WIAD Voice-over-IP (VoIP) support.
Important Safety Instructions POWER SUPPLY INSTALLATION Connect the power supply cord to the power jack on the Motorola Netopia® Gateway. Plug the power supply into an appropriate electrical outlet. ☛ CAUTION: Depending on the power supply provided with the product, either the direct plug-in power supply blades, power supply cord plug or the appliance coupler serves as the mains power disconnect.
Administrator’s Handbook Wichtige Sicherheitshinweise NETZTEIL INSTALLIEREN Verbinden Sie das Kabel vom Netzteil mit dem Power-Anschluss an dem Motorola Netopia® Gateway. Stecken Sie dann das Netzteil in eine Netzsteckdose. ☛ Achtung: Abhängig von dem mit dem Produkt gelieferten Netzteil, entweder die direkten Steckernetzgeräte, Stecker vom Netzkabel oder der Gerätekoppler dienen als Hauptspannungsunterbrechung. Es ist wichtig, dass das Steckernetzgerät, Steckdose oder Gerätekoppler frei zugänglich sind.
Set up your Gateway Refer to your User Manual for instructions on how to connect your Motorola Netopia® Gateway to your power source, PC or local area network, and your Internet access point, whether it is a dedicated DSL outlet or a DSL or cable modem. Different Motorola Netopia® Gateway models are supplied for any of these connections. Be sure to enable Dynamic Addressing on your PC. See “Configure Your PC for Dynamic Addressing”.
Administrator’s Handbook Configure Your PC for Dynamic Addressing The following instructions assume that you want to use the automatic configuration and address sharing features of the Gateway to provide IP information to devices on your Local Area Network. To connect additional computers that will use the Gateway’s address sharing feature repeat these steps for each computer. Microsoft Windows: 1. Navigate to the TCP/IP Properties Control Panel. a.
c. Windows Vista is set to obtain an IP address automatically by default. You may not need to configure it at all. To check, open the Networking Control Panel and select Internet Protocol Version 4 (TCP/IPv4). Click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties window should appear as shown. If not, select the radio buttons shown above, and click the OK button.
Administrator’s Handbook Macintosh MacOS 9.2 and higher or Mac OS X 10.1.5 or higher: 1. Access the TCP/IP or Network control panel. a. MacOS follows a path like this: Apple Menu -> Control Panels -> TCP/IP Control Panel b. Mac OS X follows a path like this: Apple Menu -> System Preferences -> Network Then go to Step 2. 2. 3. 4. Select Built-in Ethernet Select Configure Using DHCP Close and Save, if prompted. Proceed to the next section “Motorola Netopia® Gateway Quickstart” on page 15.
Motorola Netopia® Gateway Quickstart 1. Run a Web browser, such as Mozilla Firefox or Microsoft Internet Explorer. Enter http://192.168.1.254 in the URL Address text box. Press Return. (If your ISP’s Configuration Worksheet tells you to use an IP address other than 192.168.1.254 to log in, enter http://< ip-address>.) 2. The Motorola Netopia® Router displays the Language Preference page.
Administrator’s Handbook This user name and password are separate from the user name and password you will use to access the Internet. You may change them later. You will be challenged for this Admin username and password any time that you attempt to access the Motorola Netopia® Gateway’s configuration pages. When you connect to your Gateway as an Administrator, you enter “admin” as the UserName and the Password you just created. 4. Click OK.
5. Enter the User Name and Password supplied by your Internet Service Provider. Click the Connect button. You will be redirected to an Internet web page to register your new Modem. Congratulations! Your installation is complete. You can now surf to your favorite Web sites by typing an URL in your browser’s location box or by selecting one of your favorite Internet bookmarks. Optional services that you may have contracted with your provider are also available.
Administrator’s Handbook 18
CHAPTER 2 Basic Mode Features Using the Web-based user interface for the Motorola Netopia® Gateway you can configure, troubleshoot, and monitor the status of your Gateway.
Administrator’s Handbook The Home Page Home Page for a PPPoE Connection Home Page Information The Home page displays information about the following categories: ❑ ❑ ❑ ❑ Connection Information (supported VoIP models only) Telephone Information Router Information Local Network Language Selection Buttons Language Selection Buttons are located at the top of every page.
More Buttons ❑ Restart Connection – For a PPPoE connection, clicking this button will resend your current PPPoE login credentials and reestablish your Internet connection. For a DHCP connection, clicking this button will release and renew the DHCP lease from your service provider’s DHCP server, which assigns your local IP address. ❑ Connect – Only displays if you are not connected. For a PPPoE connection, clicking this button will allow you to attempt to login using a different User ID and Password.
Administrator’s Handbook Links Bar The links in the left-hand column of the Home page access a series of pages to allow you to monitor, diagnose, and update your Gateway. The following sections give brief descriptions of these pages.
Firewall When you click the Firewall link, the Firewall selection page appears. In addition to the recommended Medium setting, for special circumstances, High and Low levels of firewall protection are available. You can also turn all firewall protection Off. Consider your security needs carefully before making any changes here. If you select a different level of firewall protection, click the Save Changes button.
Administrator’s Handbook As a device on the Internet, a Motorola Netopia® Gateway requires an IP address in order to send or receive traffic. The IP traffic sent or received have an associated application port which is dependent on the nature of the connection request.
This table shows how outbound traffic is treated. Outbound means the traffic is coming from the LANside computers into the LAN side of the Gateway.
Administrator’s Handbook Wireless Protected Setup When you click the Wireless Protected Setup link in the left-hand links bar, the Wireless Protected Setup configuration page appears. Wireless Protected Setup (WPS) is a not a new security protocol. It is simply an easier way to use existing protocols to provide greater security for your wireless network connections. By default, Privacy is set to Wireless Protected Access (WPA-PSK).
❑ or by using the Gateway’s WPS Push-button. Make sure your wireless clients are running. Click the Start button to begin the exchange, which may last up to two minutes. Do not power off your Router during the exchange. The Router will display a success message when the exchange has completed.
Administrator’s Handbook Wireless (supported models) When you click Wireless, the 3-D Reach Wireless configuration page appears. Enable Wireless The wireless function is automatically enabled by default. If you uncheck the Enable Wireless checkbox, the Wireless Options are disabled, and the Gateway will not provide or broadcast its wireless LAN services. Wireless ID (SSID) The Wireless ID is preset to a number unique to your unit.
Enable Wireless Scheduler If you check the Enable Wireless Scheduler checkbox, the screen expands to allow you to set times of day when the wireless radio will turn off and on. This makes it possible to control your wireless LAN’s hours of operation automatically. Enable Wireless Protected Setup (WPS) See “Wireless Protected Setup” on page 26. Privacy By default, Privacy is set to WPA-PSK with a Wireless Protected Access Pre-Shared key.
Administrator’s Handbook Advanced Configuration Options (optional) When you click the Advanced Configuration Options button, the Advanced 802.11 Wireless screen appears. This screen varies its options depending on which form of wireless Privacy you have selected. Operating Mode The pull-down menu allows you to select and lock the Gateway into the wireless transmission mode you want. For compatibility with clients using 802.11b (up to 11 Mbps transmission) and 802.11g (up to 20+ Mbps), select Normal (802.
close to this Router. Channel selection is not necessary at the client computers; the clients will scan the available channels seeking access points using the same SSID as the client. AutoChannel Setting For 802.11G models, AutoChannel is a feature that allows the Motorola Netopia® Gateway to determine the best channel to broadcast automatically. Three settings are available from the pull-down menu: Off-Use default, At Startup, and Continuous.
Administrator’s Handbook Wireless client cards from different manufacturers and different operating systems accomplish connecting to a wireless LAN and enabling WEP or WPA in a variety of ways. Consult the documentation for your particular wireless card and/or operating system. Block Wireless Bridging Check the checkbox to block wireless clients from communicating with other wireless clients on the LAN side of the Gateway. Enable Wireless Scheduler See “Enable Wireless Scheduler” on page 29.
Privacy ❑ WEP - Automatic: provides an easy way to generate WEP (Wired Equivalent Privacy) keys for encryption of your wireless network traffic. See “WEP-Automatic” on page 38. ❑ WEP - Manual: WEP Security is a Privacy option that is based on encryption between the Router and any PCs (“clients”) you have with wireless cards. If you are not using WPA-PSK Privacy, you can use WEP encryption instead.
Administrator’s Handbook RADIUS Server authentication RADIUS servers allow external authentication of users by means of a remote authentication database. The remote authentication database is maintained by a Remote Authentication Dial-In User Service (RADIUS) server. In conjunction with Wireless User Authentication, you can use a RADIUS server database to authenticate users seeking access to the wireless services, as well as the authorized user list maintained locally within the Gateway.
WPA-PSK One of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-down menu. The screen expands to allow you to enter a Pre Shared Key. The key can be between 8 and 63 characters, but for best security it should be at least 20 characters. When you have entered your key, click the Save Changes button.
Administrator’s Handbook WEP-Manual Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Manual from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your client wireless card) for IP traffic on your LAN. WEP - Manual allows you to enter your own encryption keys manually.
Examples: ❑ 40bit: 02468ACE02 ❑ 128bit: 0123456789ABCDEF0123456789 ❑ 256bit: 592CA140F0A238B0C61AE162F592CA140F0A238B0C61AE162F21A09C Use WEP encryption key (1 – 4) #: Specifies which key the Gateway will use to encrypt transmitted traffic. The default is key #1. Click the click Save Changes button. Any WEP-enabled client must have an identical key of the same length as the Router, in order to successfully receive and decrypt the traffic.
Administrator’s Handbook WEP-Automatic Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Automatic from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your client wireless card) for IP traffic on your LAN. Enter a Passphrase. The number of characters to use is shown in the pull-down menu.
Enable Multiple Wireless IDs This feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. To enable Multiple Wireless IDs, click the button. The Enable Multiple Wireless IDs screen appears to allow you to add up to three additional Wireless IDs. When the Multiple Wireless SSIDs screen appears, check the Enable SSID checkbox for each SSID you want to enable.
Administrator’s Handbook ❑ You also have the choice of applying WPA Version 1 and 2, WPA Version 1 Only, or WPA Version 2 Only from the pull-down menu. These can be applied to each SSID individually. ❑ If you choose WPA-802.1x privacy, the Configure RADIUS Server option appears, to allow you to specify your RADIUS server information. See “RADIUS Server authentication” on page 34. ❑ You can now choose to Limit Wireless Access by MAC Address.
You do this in the same manner as you do to authorize MAC addresses for the primary SSID. See “Wireless MAC Authorization (optional)” on page 44. Click the Save Changes button. The Gateway will prompt you to restart it. Click the Yes button, and the Gateway will restart with your new settings. ☛ NOTES: The Gateway supports up to 4 different SSIDs: • One SSID is broadcast by default and has wireless bridging enabled by default.
Administrator’s Handbook WiFi Multimedia WiFi Multimedia is an advanced feature that allows you to prioritize various types of data travelling over the wireless network. Certain types of data that are sensitive to delays, such as voice or video, must be prioritized ahead of other, less delay-sensitive types, such as email. WiFi Multimedia currently implements wireless Quality of Service (QoS) by transmitting data depending on Diffserv priority settings.
The screen expands. Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. ☛ NOTE: It is not recommended that you modify these settings without direct knowledge or instructions to do so. Modifying these settings inappropriately could seriously degrade network performance. ❑ AIFs: (Arbitration Interframe Spacing) the wait time in milliseconds for data frames.
Administrator’s Handbook Wireless MAC Authorization (optional) MAC Authorization allows you to specify which client PCs are allowed to join the wireless LAN by unique hardware (MAC) address. To enable this feature, click the Limit Wireless Access by MAC Address button. The MAC Authorization screen appears. Select Enabled from the pull-down menu. The screen expands to permit you to add MAC addresses. Click the Add button.
Click the Submit button. When you are finished adding MAC addresses click the Save Changes button. You will be returned to the 802.11 Wireless page. You can Add, Edit, or Delete any of your entries later by returning to this page.
Administrator’s Handbook Gaming When you click Gaming, the NAT (Games and Other Services) page appears. NAT (Games and Other Services) allows you to host internet applications when NAT is enabled. You can host different games and software on different PCs. From the Service Name pull-down menu, you can select any of a large number of predefined games and software. (See “List of Supported Games and Software” on page 47.) 1. Once you choose a software service or game, click Enable.
List of Supported Games and Software Act of War - Direct Action Age of Empires II Age of Empires, v.1.0 Age of Empires: The Rise of Rome, v.1.
Administrator’s Handbook 48 Microsoft Golf 2001 Edition Midtown Madness, v 1.0 mIRC Auth-IdentD mIRC Chat mIRC DCC - IRC DCC Monster Truck Madness 2, v 2.0 Monster Truck Madness, v 1.0 Motocross Madness 2, v 2.0 Motocross Madness, v 1.
Define Custom Service To configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. ❑ Port Forwarding forwards a range of WAN ports to an IP address on the LAN. ❑ Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Click the Next button. If you chose Port Forwarding, the Port Range entry screen appears. Port Forwarding forwards a range of WAN ports to an IP address on the LAN.
Administrator’s Handbook Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Enter the following information: ❑ Service Name: A unique identifier for the Custom Service. ❑ Global Port Range: Range of ports on which incoming traffic will be received. ❑ Local Trigger Port: Port number of the type of outbound traffic that needs to happen (will be the trigger) to then allow the configured ports for inbound traffic.
Expert Mode Expert Mode allows you to configure a wide variety of specific Gateway and networking settings. Expert Mode is for advanced users and system administrators, and most users will not need to modify these settings. If you need to enter Expert Mode, and click the Expert Mode link, you will be challenged to confirm your choice. Consult with your Internet Service Provider or your system administrator before attempting to modify any settings in the Expert Mode.
Administrator’s Handbook Troubleshoot When you click the Troubleshoot link, the Links Bar expands to offer two troubleshooting sub-headings: ❑“Diagnostics” on page 53 ❑“Statistics” on page 54 52
Diagnostics This automated multi-layer test examines the functionality of the Gateway from the physical connections to the data traffic being sent by users through the Gateway. You enter a web address URL or an IP address in the Web Address field and click the Test button. Results will be displayed in the Progress Window as they are generated. This sequence of tests takes approximately one minute to generate results. Please wait for the test to run to completion.
Administrator’s Handbook Statistics When you click Statistics in the left hand column of links, the links bar expands to display six statistical sub-headings: ❑“DSL” on page 54 ❑“ATM” on page 55 ❑“Ethernet” on page 55 ❑“IP” on page 55 ❑“LAN” on page 55 ❑“Wireless” on page 56 ❑“Logs” on page 56 These screens will vary depending on your Gateway’s model and traffic activity. ☛ Note: Available Statistics links vary by platform. DSL When you click DSL, the DSL Statistics page appears.
ATM When you click ATM, the ATM Statistics page appears. The ATM Statistics page: ❑ displays your Gateway's unique hardware (MAC) address. ❑ displays detailed statistics about your WAN data traffic, upstream and downstream. This information is useful for troubleshooting and when seeking technical support. Ethernet When you click Ethernet, the Ethernet Statistics page appears. The Ethernet Statistics page: ❑ displays your Gateway's unique hardware (MAC) address.
Administrator’s Handbook ❑ DHCP End Address: Last IP address in the range being served to your LAN by the Gateway's DHCP server ❑ DHCP Server Status: May be On or Off ❑ DNS Server: The IP address of the default DNS server Devices on LAN Displays the IP Address, MAC (hardware) Address, and network Name for each device on your LAN connected to the Gateway. Wireless When you click Wireless, the Wireless Statistics page appears.
Help Click the Help link in the left-hand column of links to display a page of explanatory information. Help is available for every page in the Web interface.
Administrator’s Handbook 58
CHAPTER 3 Expert Mode Using the Expert Mode Web-based user interface for the Motorola Netopia® Gateway you can configure, troubleshoot, and monitor the status of your Gateway.
Administrator’s Handbook Home Page - Expert Mode The Home Page is the summary page for your Motorola Netopia® Gateway. The toolbar on the left side provides links to controlling, configuring, and monitoring pages. Critical configuration and operational status is displayed in the center section. When you click Yes, enter expert mode, the Expert Mode Home page appears.
Supported languages in the Americas are Latin American Spanish, Brazilian Portuguese, and English. More Buttons ❑ Restart Connection – For a PPPoE connection, clicking this button will resend your current PPPoE login credentials and reestablish your Internet connection. For a DHCP connection, clicking this button will release and renew the DHCP lease from your service provider’s DHCP server, which assigns your local IP address. ❑ Connect – Only displays if you are not connected.
Administrator’s Handbook Help Click the Help link in the left-hand column of links to display a page of explanatory information. Help is available for every page in the Web interface.
Links Bar The Links Bar is the frame at the left-hand side of the page containing the major navigation links. These links are available from almost every page, allowing you to move freely about the site. The headings in the following table are hyperlinks. You can click on any heading to read about that feature.
Administrator’s Handbook Configure 64 When you click Configure in the left hand column of links, the links bar expands.
Connection When you click Connection, the Connection Configuration page appears. This screen’s appearance will vary depending on your type of connection to the Internet. Here is an example. Here you can set up or change the way you connect to your ISP. You should only change these settings at your ISP's direction, or by agreement with your ISP. ❑ VPI/VCI: These values depend on the way your ISP's equipment is configured. 8/35 and 0/35 are the most common virtual circuit pairs, but others are also used.
Administrator’s Handbook ❑ ❑ ❑ ❑ ❑ ❑ ❑ ❑ ❑ PPPoE/PPPoA causes the Gateway to attempt to connect by trying these protocols in parallel, and using the first one that is successful. If you choose to disable the feature, select Off. User Name and Password: Provided by your ISP for PPP-based Protocols. Does not appear for RFC1483-based Protocols.
LAN/WAN (supported models) The LAN/WAN Turnaround feature allows Ethernet port 4 to be used as the WAN interface. ❑ When you click the Enable button, the DSL interface is disabled. ❑ When you click the Disable button, the Ethernet port 4 and the DSL interface function normally.
Administrator’s Handbook DHCP Server When you click DHCP Server, the DHCP Server Configuration page appears. m The Server configuration determines the functionality of your DHCP Settings. This functionality enables the Gateway to assign your LAN computer(s) a “private” IP address and other parameters that allow network communication. This feature simplifies network administration because the Gateway maintains a list of IP address assignments.
The IP Subnets screen allows you to configure up to seven secondary subnets and their DHCP ranges, by entering IP address/subnet mask pairs: ☛ Note: You need not use this screen if you have only a single Ethernet IP subnet. This screen displays seven rows of editable columns. All seven row labels are always visible, regardless of the number of subnets configured. ❑ To add an IP subnet, select one of the rows, and click the Edit button. Check the Enabled checkbox and click the Submit button.
Administrator’s Handbook IP Passthrough When you click IP Passthrough, the IP Passthrough Configuration page appears. The IP passthrough feature allows a single PC on the LAN to have the Gateway’s public address assigned to it. It also provides PAT (NAPT) via the same public IP address for all other hosts on the private LAN subnet. Using IP passthrough: ❑ The public WAN IP is used to provide IP address translation for private LAN computers. ❑ The public WAN IP is assigned and reused on a LAN computer.
NAT When you click NAT, the NAT (Games and Other Services) page appears. NAT Configuration allows you to host internet applications when NAT is enabled. You can host different games and software on different PCs. From the Service Name pull-down menu, you can select any of a large number of predefined games and software. (See “List of Supported Games and Software” on page 72.) 1. Once you choose a software service or game, click Enable. The Enable Service screen appears.
Administrator’s Handbook List of Supported Games and Software 72 Act of War - Direct Action Age of Empires II Age of Empires, v.1.0 Age of Empires: The Rise of Rome, v.1.
Microsoft Golf 2001 Edition Midtown Madness, v 1.0 mIRC Auth-IdentD mIRC Chat mIRC DCC - IRC DCC Monster Truck Madness 2, v 2.0 Monster Truck Madness, v 1.0 Motocross Madness 2, v 2.0 Motocross Madness, v 1.
Administrator’s Handbook Define Custom Service To configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. ❑ Port Forwarding forwards a range of WAN ports to an IP address on the LAN. ❑ Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Click the Next button. If you chose Port Forwarding, the Port Range entry screen appears. Port Forwarding forwards a range of WAN ports to an IP address on the LAN.
Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Enter the following information: ❑ Service Name: A unique identifier for the Custom Service. ❑ Global Port Range: Range of ports on which incoming traffic will be received. ❑ Local Trigger Port: Port number of the type of outbound traffic that needs to happen (will be the trigger) to then allow the configured ports for inbound traffic.
Administrator’s Handbook Router Password When you click Router Password, the Gateway Password page appears. Here you can change the administrative password that you use when logging onto the Gateway as admin. Passwords are case sensitive fields, and must be 1 to 32 characters long. Store your password in a safe place. Enter your new password, and confirm it. Click the Save Changes button.
Time Zone When you click the Time Zone link, the Time Zone page appears. You can set your local time zone by selecting the number of hours your time zone is distant from Greenwich Mean Time (GMT +12 – -12) from the pull-down menu. This allows you to set the time zone for general time stamp purposes. If you are in a time zone that honors Daylight Saving Time, you will also have the option to automatically enable or disable it.
Administrator’s Handbook VLAN When you click VLAN, the VLANs page appears. Overview A Virtual Local Area Network (VLAN) is a network of computers or other devices that behave as if they are connected to the same wire even though they may be physically located on different segments of a LAN. You set up VLANs by configuring the Gateway software rather than hardware. This makes VLANs very flexible. VLANs behave like separate and independent networks. VLANs are strictly layer 2 entities.
- LAN-side VLAN with IP interface-to-VLAN binding - Inter-VLAN routing groups to extend VLAN segmentation up through the IP routing layer. ❑ Bridged VLANs - these VLANs are used to bridge traffic from LAN to WAN ❑ Prioritization per VLAN and per port Ethernet Switching/Policy Setup Before you configure any VLANs, the unconfigured Gateway is set up as a router composed of a LAN switch, a WAN switch, and a router in the middle, with LAN and WAN IP interfaces connected to their respective switches.
Administrator’s Handbook An example of multiple VLANs, using a Netopia Router with VGx managed switch technology, is shown below: To configure VLANs check the Enable checkbox. To create a VLAN select a list item from the main VLAN page and click the Edit button. The VLAN Entry page appears. Check the Enable checkbox, and enter a descriptive name for the VLAN.
You can create up to 8 VLANs, and you can also restrict any VLAN, and the computers on it, from administering the Gateway. ❑ VLAN Name – A descriptive name for the VLAN. ❑ Type – LAN or WAN Port(s) can be enabled on the VLAN. You can choose a type designation as follows: By-Port: indicating that the VLAN is port-based. When this setting is enabled on a Gateway with a LAN Ethernet Managed Switch, the switch will be segmented into the number of physical ports.
Administrator’s Handbook Displayed port interfaces vary depending on the kinds of physical ports on your Gateway, for example, Ethernet. For Motorola Netopia® VGx technology models, separate Ethernet switch ports are displayed and may be configured. To enable any of them on this VLAN, check the associated Enable checkbox(es). Typically you will choose a physical port, such as an Ethernet port (example: eth0.1). ❑ When you enable an interface, the Tag, Priority, and Promote checkboxes, and the 802.
❑ Click the Submit button. ❑ If you want to create more VLANs, click the Configure link (in the left-hand toolbar) and then the VLAN link, and repeat the process. You can Edit, Clear, Enable, or Disable your VLAN entries by returning to the VLANs page, and selecting the appropriate entry from the displayed list. ❑ When you are finished, click the Save Changes button.
Administrator’s Handbook To view the settings for each VLAN, select the desired VLAN from the list and click the Details button. The screen expands to display the VLAN settings.
VoIP (supported models) Voice-over-IP (VoIP) refers to the ability to make voice telephone calls over the Internet. This differs from traditional phone calls that use the Public Switched Telephone Network (PSTN). VoIP calls use an Internet protocol, Session Initiation Protocol (SIP), to transmit sound over a network or the Internet in the form of data packets. Certain Motorola Netopia® Gateway models have two separate voice ports for connecting telephone handsets. These models support VoIP.
Administrator’s Handbook SIP Line Entry 86 Registration Interval (in secs) Length of time the VoIP registration will be valid before it will be renewed. Default is 1 hour. Registrar Server Registration Server name or IP address. Registrar Port Registration Server port. Default is 5060. Proxy Server Proxy server name or IP address. Proxy Port Proxy server port, if required. Default is 5060. Outbound Proxy Server Outbound Proxy server name or IP address, if required.
SIP Line Entry Digit Map A set of rules used to recognize a number dialed by the user and to ensure this number matches the dial plan defined by the ITSP. Call Features Settings DTMF Mode Choose the Dual Tone Multi-Frequency Mode: • Inband: Sends the DTMF digits as a normal inband tone. • RFC2833: Sends the DTMF digits as an event as part of the RTP packet header information. • Info: Sends the DTMF digits in the SIP INFO message.
Administrator’s Handbook The Home page for a VoIP-enabled Gateway with both phone lines registered is shown below.
Wireless (supported models) When you click Wireless, the 3-D Reach Wireless configuration page appears. Enable Wireless The wireless function is automatically enabled by default. If you uncheck the Enable Wireless checkbox, the Wireless Options are disabled, and the Gateway will not provide or broadcast its wireless LAN services. Wireless ID (SSID) The Wireless ID is preset to a number unique to your unit.
Administrator’s Handbook Enable Wireless Scheduler If you check the Enable Wireless Scheduler checkbox, the screen expands to allow you to set times of day when the wireless radio will turn off and on. This makes it possible to control your wireless LAN’s hours of operation automatically. Enable Wireless Protected Setup (WPS) See “Wireless Protected Setup” on page 26. Privacy By default, Privacy is set to WPA-PSK with a Wireless Protected Access Pre-Shared key.
Advanced Configuration Options (optional) When you click the Advanced Configuration Options button, the Advanced 802.11 Wireless screen appears. This screen varies its options depending on which form of wireless Privacy you have selected. Operating Mode The pull-down menu allows you to select and lock the Gateway into the wireless transmission mode you want. For compatibility with clients using 802.11b (up to 11 Mbps transmission) and 802.11g (up to 20+ Mbps), select Normal (802.11b + g).
Administrator’s Handbook close to this Router. Channel selection is not necessary at the client computers; the clients will scan the available channels seeking access points using the same SSID as the client. AutoChannel Setting For 802.11G models, AutoChannel is a feature that allows the Netopia Router to determine the best channel to broadcast automatically. Three settings are available from the pull-down menu: Off-Use default, At Startup, and Continuous.
Wireless client cards from different manufacturers and different operating systems accomplish connecting to a wireless LAN and enabling WEP or WPA in a variety of ways. Consult the documentation for your particular wireless card and/or operating system. Block Wireless Bridging Check the checkbox to block wireless clients from communicating with other wireless clients on the LAN side of the Gateway. Enable Wireless Scheduler See “Enable Wireless Scheduler” on page 90.
Administrator’s Handbook RADIUS Server authentication RADIUS servers allow external authentication of users by means of a remote authentication database. The remote authentication database is maintained by a Remote Authentication Dial-In User Service (RADIUS) server. In conjunction with Wireless User Authentication, you can use a RADIUS server database to authenticate users seeking access to the wireless services, as well as the authorized user list maintained locally within the Gateway.
WPA-PSK One of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-down menu. The screen expands to allow you to enter a Pre Shared Key. The key can be between 8 and 63 characters, but for best security it should be at least 20 characters. When you have entered your key, click the Save Changes button.
Administrator’s Handbook WEP-Manual Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Manual from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your client wireless card) for IP traffic on your LAN. WEP - Manual allows you to enter your own encryption keys manually.
Examples: ❑ 40bit: 02468ACE02 ❑ 128bit: 0123456789ABCDEF0123456789 ❑ 256bit: 592CA140F0A238B0C61AE162F592CA140F0A238B0C61AE162F21A09C Use WEP encryption key (1 – 4) #: Specifies which key the Gateway will use to encrypt transmitted traffic. The default is key #1. Click the click Save Changes button. Any WEP-enabled client must have an identical key of the same length as the Router, in order to successfully receive and decrypt the traffic.
Administrator’s Handbook WEP-Automatic Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Automatic from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of network data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your client wireless card) for IP traffic on your LAN. Enter a Passphrase. The number of characters to use is shown in the pull-down menu.
Enable Multiple Wireless IDs This feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. To enable Multiple Wireless IDs, click the button. The Enable Multiple Wireless IDs screen appears to allow you to add up to three additional Wireless IDs. When the Multiple Wireless SSIDs screen appears, check the Enable SSID checkbox for each SSID you want to enable.
Administrator’s Handbook ❑ You also have the choice of applying WPA Version 1 and 2, WPA Version 1 Only, or WPA Version 2 Only from the pull-down menu. These can be applied to each SSID individually. ❑ If you choose WPA-802.1x privacy, the Configure RADIUS Server option appears, to allow you to specify your RADIUS server information. See “RADIUS Server authentication” on page 94. ❑ You can now choose to Limit Wireless Access by MAC Address.
You do this in the same manner as you do to authorize MAC addresses for the primary SSID. See “Wireless MAC Authorization (optional)” on page 104. Click the Save Changes button. The Gateway will prompt you to restart it. Click the Yes button, and the Gateway will restart with your new settings. ☛ NOTES: The Gateway supports up to 4 different SSIDs: • One SSID is broadcast by default and has wireless bridging enabled by default.
Administrator’s Handbook WiFi Multimedia WiFi Multimedia is an advanced feature that allows you to prioritize various types of data travelling over the wireless network. Certain types of data that are sensitive to delays, such as voice or video, must be prioritized ahead of other, less delay-sensitive types, such as email. WiFi Multimedia currently implements wireless Quality of Service (QoS) by transmitting data depending on Diffserv priority settings.
The screen expands. Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. ☛ NOTE: It is not recommended that you modify these settings without direct knowledge or instructions to do so. Modifying these settings inappropriately could seriously degrade network performance. ❑ AIFs: (Arbitration Interframe Spacing) the wait time in milliseconds for data frames.
Administrator’s Handbook Wireless MAC Authorization (optional) MAC Authorization allows you to specify which client PCs are allowed to join the wireless LAN by unique hardware (MAC) address. To enable this feature, click the Limit Wireless Access by MAC Address button. The MAC Authorization screen appears. Select Enabled from the pull-down menu. The screen expands to permit you to add MAC addresses. Click the Add button.
Click the Submit button. When you are finished adding MAC addresses click the Save Changes button. You will be returned to the 802.11 Wireless page. You can Add, Edit, or Delete any of your entries later by returning to this page.
Administrator’s Handbook Statistics ☛ When you click Statistics in the left hand column of links, the links bar expands. Note: Available Statistics links vary by platform. DSL When you click DSL, the DSL Statistics page appears. The DSL Statistics page displays information about the Gateway's WAN connection to the Internet. ❑ Line State: May be Up (connected) or Down (disconnected). ❑ Modulation: Method of regulating the DSL signal.
The ATM Statistics page: ❑ displays your Gateway's unique hardware (MAC) address. ❑ displays detailed statistics about your WAN data traffic, upstream and downstream. This information is useful for troubleshooting and when seeking technical support. Ethernet When you click Ethernet, the Ethernet Statistics page appears. The Ethernet Statistics page: ❑ displays your Gateway's unique hardware (MAC) address. ❑ displays detailed statistics about your LAN data traffic, upstream and downstream.
Administrator’s Handbook Devices on LAN Displays the IP Address, MAC (hardware) Address, and network Name for each device on your LAN connected to the Gateway. Wireless When you click Wireless, the Wireless Statistics page appears. The Wireless Statistics page: ❑ displays your Router's unique hardware Wireless (MAC) address. ❑ displays detailed statistics about your Wireless LAN data traffic, upstream and downstream. Logs When you click Logs, the Logs page appears.
Diagnostics When you click Diagnostics, the Diagnostics page appears. This automated multi-layer test examines the functionality of the Gateway from the physical connections to the data traffic being sent by users through the Gateway. You enter a web address URL in the Web Address field and click the Test button. Results will be displayed in the Progress Window as they are generated. This sequence of tests takes approximately one minute to generate results. Please wait for the test to run to completion.
Administrator’s Handbook Remote Access When you click Remote Access, the Enable Remote Access page appears. This link allows you to authorize a remotely-located person, such as a support technician, to directly access your Motorola Netopia® Gateway. This is useful for fixing configuration problems when you need expert help. You can limit the amount of time such a person will have access to your Gateway. This will prevent unauthorized individuals from gaining access after the time limit has expired.
Update Router When you click Update Router, the Software Upgrade page appears. Operating System Software is what makes your Gateway run and occasionally it needs to be updated. Your Current Software Version is displayed at the top of the page. If you want to check for an updated version without installing it, click the Check Software from Server link.
Administrator’s Handbook Reset Router You might need to reset your Gateway to its factory default state, and clear all of your previous settings. The Reset Router link allows you to do that. When you click the link, you will be challenged to confirm that this is what you want to do. If you want to clear your settings, click the Yes, reset to factory settings button. The Gateway configuration will be reset to the factory default.
Restart Router When the Gateway is restarted, it will disconnect all users, initialize all its interfaces, and copy the Operating System Software and feature keys from its internal storage. When you make configuration changes, you must restart for the changes to take effect.
Administrator’s Handbook Basic Mode When you click Basic Mode, you are returned immediately to the Basic Mode Home page 114
CHAPTER 4 Basic Troubleshooting This section gives some simple suggestions for troubleshooting problems with your Gateway’s initial configuration. Before troubleshooting, make sure you have ❑ read the User Manual; ❑ plugged in all the necessary cables; and ❑ set your PC’s TCP/IP controls to obtain an IP address automatically.
Administrator’s Handbook Status Indicator Lights The first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined in the following section. The first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined below.
Motorola Netopia® Router 2240N/2241N status indicator lights Power LED Power Ethernet USB DSL Internet Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. Ethernet Solid green when connected. Flash green when there is activity on the LAN. USB (Model 2241N only) Solid green when connected. Flash green when there is activity on the LAN. DSL Solid green when trained. Blinking green when no line is attached or when training.
Administrator’s Handbook Motorola Netopia® Router 2246N status indicator lights Power LED Power 118 Ethernet 1, 2, 3, 4 DSL Internet Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN. DSL Solid green when trained. Blinking green when no line is attached or when training. Internet Solid green when Broadband device is connected.
Motorola Netopia® Router 2247NWG status indicator lights Power LED Power Ethernet 1, 2, 3, 4 Wireless DSL Internet Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN. Wireless Flashes green when there is activity on the wireless LAN. Off if driver fails to initialize, or if wireless is disabled. DSL Solid green when trained.
Administrator’s Handbook Motorola Netopia® Router 2247-42 VoIP model status indicator lights Power DSL Ethernet 1, 2, 3, 4 Wireless Internet Line Phone 1, Phone 2 LED Power 120 Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN. Wireless Flashes green when there is activity on the wireless LAN.
Motorola Netopia® Router 3347-02 status indicator lights Power Wireless DSL Internet Ethernet 1, 2, 3, 4 LED Action Power Green when power is on. Red when updating embedded software, or for system failure. DSL Solid green when Internet connection is established. Internet Solid green when Gateway is connected. Flashes green when transmitting or receiving data on the WAN port. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN.
Administrator’s Handbook Motorola Netopia® Router 7000-series status indicator lights Wireless Ethernet 1, 2, 3, 4 DSL Power LED Power 122 Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. DSL (DSL 1 & 2: ADSL2+ models only) Solid green when trained. Blinking green when no line is attached or when training. Flashes green for DSL traffic. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN.
Motorola Netopia® Router 7346/56-series status indicator lights Power LED Power Ethernet 1, 2, 3, 4 DSL Action Green when power is on. Red if device malfunctions. Flashes Red when new embedded software is being installed. Ethernet 1, 2, 3, 4 Solid green when connected. Flash green when there is activity on the LAN. DSL Solid green when trained. Blinking green when no line is attached or when training. Flashes green for DSL traffic.
Administrator’s Handbook LED Function Summary Matrix Unlit Solid Green Flashing Green Solid Red Flashing Red Power No power Power on N/A System failure Installing new embedded software USB Active No signal USB port connected to PC Activity on the USB cable N/A N/A DSL Sync No signal DSL line synched with the DSLAM Attempting to train with DSLAM N/A N/A DSL Traffic No signal N/A Activity on the DSL cable N/A N/A Ethernet Traffic No signal N/A Activity on the Ethernet port N
1. Make sure you have Ethernet drivers installed on the PC. 2. Make sure the PC’s TCP/IP Properties for the Ethernet Network Control Panel is set to obtain an IP address via DHCP. EN Traffic Unlit 3. Make sure the PC has obtained an address in the 192.168.1.x range. (You may have changed the subnet addressing.) 4. Make sure the PC is configured to access the Internet over a LAN. 5.
Administrator’s Handbook Factory Reset Switch Lose your password? This section shows how to reset the Motorola Netopia® Router so that you can access the configuration screens once again. ☛ NOTE: Keep in mind that all of your settings will need to be reconfigured. If you don't have a password, the only way to access the Motorola Netopia® Router is the following: 1. Referring to the following diagram, find the round Reset Switch opening.
CHAPTER 5 Command Line Interface The Motorola Netopia® Gateway operating software includes a command line interface (CLI) that lets you access your Motorola Netopia® Gateway over a telnet connection. You can use the command line interface to enter and update the unit’s configuration settings, monitor its performance, and restart it.
Administrator’s Handbook CONFIG Commands 128 “Remote ATA Configuration Commands” on page 148 “PPPoE with IPoE Settings” on page 190 “DSL Commands” on page 150 “Ethernet Port Settings” on page 191 “Bridging Settings” on page 151 “802.
Overview The CLI has two major command modes: SHELL and CONFIG. Summary tables that list the commands are provided below. Details of the entire command set follow in this section.
Administrator’s Handbook CONFIG Commands Command Verbs delete help save script set validate view Status and/or Description Delete configuration list data Help command option Save configuration data Print configuration data Set configuration data Validate configuration settings View configuration data Keywords ata atm backup bridge dhcp dmt diffserv dns dslf-cpewan dslf-lanmgnt dynamic-dns ethernet ethernet-MAC-override igmp ip ip-maps nat-default pinhole ppp wan-over-ether preferences queue radius securi
Starting and Ending a CLI Session Open a telnet connection from a workstation on your network. You initiate a telnet connection by issuing the following command from an IP host that supports telnet, for example, a personal computer running a telnet application such as NCSA Telnet. telnet You must know the IP address of the Motorola Netopia® Gateway before you can make a telnet connection to it. By default, your Motorola Netopia® Gateway uses 192.168.1.
Administrator’s Handbook About SHELL Commands You begin in SHELL mode when you start a CLI session. SHELL mode lets you perform the following tasks with your Motorola Netopia® Gateway: ❑ Monitor its performance ❑ Display and reset Gateway statistics ❑ Issue administrative commands to restart Motorola Netopia® Gateway functions SHELL Prompt When you are in SHELL mode, the CLI prompt is the name of the Motorola Netopia® Gateway followed by a right angle bracket (>).
SHELL Commands Common Commands arp nnn.nnn.nnn.nnn Sends an Address Resolution Protocol (ARP) request to match the nnn.nnn.nnn.nnn IP address to an Ethernet hardware address. clear [yes] Clears the configuration settings in a Motorola Netopia® Gateway. If you do not use the optional yes qualifier, you are prompted to confirm the clear command. clear_certificate Removes an SSL certificate that has been installed. clear_log Erases the log information stored in flash if persistent logging is enabled.
Administrator’s Handbook You can include one or more of the following arguments with the download command. If you omit arguments, the console prompts you for this information. ❑ The server_address argument identifies the IP address of the TFTP server from which you want to copy the Motorola Netopia® Gateway configuration file. ❑ The filename argument identifies the path and name of the configuration file on the TFTP server.
❑ 2 or medium – Medium-level informational messages or greater; includes status messages that can help monitor network traffic. ❑ 3 or high – High-level informational messages or greater; includes status messages that may be significant but do not constitute errors. ❑ 4 or warning – Warnings or greater; includes recoverable error conditions and useful operator information. ❑ 5 or failure – Failures; includes messages describing error conditions that may not be recoverable.
Administrator’s Handbook reset atm Resets the Asynchronous Transfer Mode (ATM) statistics. reset cdmode This command will set up one boot flag so that the next time a 3342N/3352N restarts or reboots (power cycle), the Gateway will boot into CD-ROM mode instead of Gateway mode. This command is only for the 3342N/3352N. If the Gateway is not a 3342N/3352N this command does nothing but returns the message: “CD mode is not supported on this platform.
reset wan-users [all | ip-address] This function disconnects the specified WAN User to allow for other users to access the WAN. This function is only available if the number of WAN Users is restricted and NAT is on. Use the all parameter to disconnect all users. If you logon as Admin you can disconnect any or all users. If you logon as User, you can only disconnect yourself. reset wan This function resets WAN interface statistics.
Administrator’s Handbook show daylight-savings Displays the auto-daylight savings time settings information. show dhcp agent Displays DHCP relay-agent leases. show dhcp server leases Displays the DHCP leases stored in RAM by your Motorola Netopia® Gateway. show diffserv Displays the Differentiated Services and QoS values configured in the Motorola Netopia® Gateway. show dslf device-association Displays LAN devices that conform with the TR111 Gateway requirement.
Duplex: Full-duplex not Speed: 100BASE-X Transmit OK : Transmit unicastpkts : Receive OK : Receive unicastpkts : Tx Octets : Rx Octets : active 3309 31 5588 1976 31 1976 10/100 Ethernet 4 Port Status: Link down Transmit OK : Transmit unicastpkts : Receive OK : Receive unicastpkts : Tx Octets : Rx Octets : 0 0 0 0 0 0 show etheroam ah Displays OAM internal information, such as OAM mode, state, configurations, events and OAM statistics.
Administrator’s Handbook show ip lan-discovery Displays the LAN Host Discovery Table of hosts on the wired or wireless LAN, and whether or not they are currently online. show ip routes Displays the IP routes stored in your Motorola Netopia® Gateway. show ip state-insp Displays whether stateful inspection is enabled on an interface or not, exposed addresses and blocked packet statistics because of stateful inspection. show ipmap Displays IPMap table (NAT).
show summary Displays a summary of WAN, LAN, and Gateway information. show vlan Displays detail of VLAN status and statistics.
Administrator’s Handbook ==== segment 10 port masks ==== PortPort : 00000000-00000000 GlobalPort : 00000000-00000000 SumPort : 00000000-00000000 ==== vlan active segment ==== Type : 1 Index : 1 Vid : 1 PortMask : 00001006-00000001 SwitchMask : 00000004 WirelessMask : 00001000 ==== vlan active link ==== namePtr : eth-lan-uplink portType : 1 portIndex : 1 ifId : 45 ==== vlan active link ==== namePtr : ethernet0/0 portType : 3 portIndex : 2 ifId : 46 ==== vlan active link ==== namePtr : ssid1 portType : 5 port
namePtr portType portIndex ifId : : : : ethernet0/3 3 5 93 show voip Shows voice over IP information. show wireless [ all ] Shows wireless status and statistics. show wireless clients [ MAC_address ] Displays details on connected clients, or more details on a particular client if the MAC address is added as an argument. voip rtpstats Allows printing RTP Send and Receive statistics.
Administrator’s Handbook who Displays the names of the current shell and PPP users. WAN Commands atmping vccn [ segment | end-to-end ] Lets you check the ATM connection reachability and network connectivity. This command sends five Operations, Administration, and Maintenance (OAM) loopback calls to the specified vpi/vci destination. There is a five second total timeout interval. Use the segment argument to ping a neighbor switch. Use the end-to-end argument to ping a remote end node.
show ppp [{ stats | lcp | ipcp }] Displays information about open PPP links. You can display a subset of the PPP statistics by including an optional stats, lcp, or ipcp argument for the show ppp command. start ppp vccn Opens a PPP link on the specified virtual circuit. About CONFIG Commands You reach the configuration mode of the command line interface by typing configure (or any truncation of configure, such as con or config) at the CLI SHELL prompt.
Administrator’s Handbook ❑ Moving from any subnode to any other subnode — You can move from any subnode to any other subnode by entering a partial path that starts with a top-level CONFIG command. ❑ Scrolling backward and forward through recent commands — You can use the Up and Down arrow keys to scroll backward and forward through recent commands you have entered. When the command you want appears, press Enter to execute it.
Step Mode: A CLI Configuration Technique The Motorola Netopia® Gateway command line interface includes a step mode to automate the process of entering configuration settings. When you use the CONFIG step mode, the command line interface prompts you for all required and optional information. You can then enter the configuration values appropriate for your site without having to enter complete CLI commands.
Administrator’s Handbook CONFIG Commands This section describes the keywords and arguments for the various CONFIG commands. Remote ATA Configuration Commands Motorola Netopia® firmware supports configuration of a maximum of four Motorola Netopia® ATA profiles, which are stored in the Gateway’s configuration database. When a Motorola Netopia® ATA is discovered, the Gateway compares the MAC address of the ATA with one of the existing profiles stored in the database.
set ata profile [ 0... 3 ] ata-static-wan-gateway ip_addr Specifies a static gateway WAN IP address for the specified profile. set ata profile [ 0... 3 ] ata-proxy-server ip_addr Specifies a SIP proxy server hostname or IP address for the specified profile. set ata profile [ 0... 3 ] ata-proxy-port port Specifies a SIP proxy server port, typically 5060, for the specified profile. set ata profile [ 0...
Administrator’s Handbook DSL Commands ATM Settings. You can use the CLI to set up each ATM virtual circuit. set atm option {on | off } Enables the WAN interface of the Motorola Netopia® Gateway to be configured using the Asynchronous Transfer Mode (ATM) protocol. set atm [vcc n] option {on | off } Selects the virtual circuit for which further parameters are set.
Your Service Provider will indicate the required vpi number. set atm [vcc n] vci { 0 ... 65535 } Select the virtual channel identifier (vci) for VCC n. Your Service Provider will indicate the required vci number. set atm [vccn] encap { ppp-vcmux | ppp-llc | ether-llc | ip-llc | ppoe-vcmux | pppoe-llc } Select the encapsulation mode for VCC n.
Administrator’s Handbook set bridge concurrent-bridging-routing {on | off } Enables or disables Concurrent Bridging/Routing. set bridge dhcp-filterset "string" Assigns a filterset named string to the bridge configuration. ☛ NOTE: A filterset can only be configured for the bridge if the system bridge or concurrent bridging/ routing is enabled. set bridge ethernet option { on | off } Enables or disables bridging services for the specified virtual circuit using Ethernet framing.
DHCP Settings As a Dynamic Host Control Protocol (DHCP) server, your Motorola Netopia® Gateway can assign IP addresses and provide configuration information to other devices on your network dynamically. A device that acquires its IP address and other TCP/IP configuration settings from the Motorola Netopia® Gateway can use the information for a fixed period of time (called the DHCP lease).
Administrator’s Handbook set dhcp range [ 2... 8 ] start-address ip_address Specifies the starting IP address of DHCP range n when subnet n option is on. See “Additional subnets” on page 168. set dhcp range [ 2... 8 ] end-address ip_address Specifies the ending IP address of DHCP range n when subnet n option is on. See “Additional subnets” on page 168. set dhcp reserved ip-address x.x.x.
Option Data Format Data Size (bytes) Can Configure 24 Unsigned 4 byte integer 4 Yes 25 Unsigned 2 byte integer list Multiples of 2 Yes 26 Unsigned 2 byte integer 2 Yes 27 Flag 1 Yes 28 IP address 4 Yes 29 - 31 Flag 1 Yes 32 IP address 4 Yes 33 IP address and mask list Multiples of 8 Yes 34 Flag 1 Yes 35 Unsigned 4 byte integer 4 Yes 36 Flag 1 Yes 37 Unsigned 1 byte integer 1 Yes 38 Unsigned 4 byte integer 4 Yes 39 Flag 1 Yes 40 String (up to 100 c
Administrator’s Handbook Option Data Format Data Size (bytes) Can Configure 81 Complex N No 82 Sub-option list N Yes 83 Complex N No 84 Undefined ?? Yes 85 IP address list Multiples of 4 Yes 86 - 87 Unicode String Multiples of 2 Yes 88 Encoded DN list N Yes 89 IP address list Multiples of 4 Yes 90 Complex N No 91 - 97 Undefined/Weakly defined ?? Yes 98 String (up to 100 characters) N Yes 99 - 115 Undefined/Weakly defined ?? Yes 116 Flag 1 Yes 117 Uns
DHCP Option Filtering Beginning with Firmware Version 7.7, support for DHCP option filtering is provided via the filterset settings. set dhcp filterset name "string" rule n type [ dhcp-option | hw-address | requested-option ] Specifies a DHCP filterset named string as one of three possible types: The rule can either specify an option and option contents, dhcp-option; a client hardware address range, hw-address; or an option the client is requesting, requested-option.
Administrator’s Handbook set dhcp filterset name "string" rule n match-pool ip_address Specifies the start IP address of the range within a DHCP pool where that range will be used to allocate an address if the wildcard matches. The value 0.0.0.0 means regular processing; 255.255.255.255 means discard.
DMT Settings DSL Commands set dmt dsl-annex-support [ off | on ] This controls whether other annex support (just as Annex M) is enabled. Default is off. set dmt type [ lite | dmt | ansi | multi | adsl2 | adsl2+ | readsl2 | adsl2anxm | adsl2+anxm ] Selects the type of Discrete Multitone (DMT) asynchronous digital subscriber line (ADSL) protocol to use for the WAN interface. The type value also supports the following settings on certain model units: adsl2, adsl2+, readsl2, adsl2anxm, adsl2+anxm.
Administrator’s Handbook Domain Name System Settings Domain Name System (DNS) is an information service for TCP/IP networks that uses a hierarchical naming system to identify network domains and the hosts associated with them. You can identify a primary DNS server and one secondary server. Common Commands set dns domain-name domain-name Specifies the default domain name for your network.
Dynamic DNS Settings Dynamic DNS support allows you to use the free services of www.dyndns.org. Dynamic DNS automatically directs any public Internet request for your computer's name to your current dynamically-assigned IP address. This allows you to get to the IP address assigned to your Gateway, even though your actual IP address may change as a result of a PPPoE connection to the Internet. set dynamic-dns option [ off | dyndns.org ] set dynamic-dns ddns-host-name myhostname.dyndns.
Administrator’s Handbook IGMP Settings Multicasting is a method for transmitting large amounts of information to many, but not all, computers over an internet. One common use is to distribute real time voice, video, and data services to the set of computers which have joined a distributed conference. Other uses include updating the address books of mobile computer users in the field, or sending out company newsletters to a distribution list.
❑ Querier Version – select a version of the IGMP Querier: version 1, version 2, or version 3. If you know you will be communicating with other hosts that are limited to v1 or v2, for backward compatibility, select accordingly; otherwise, allow the default v3. ☛ NOTE: IGMP Querier version is relevant only if the Gateway is configured for IGMP forwarding. If any IGMP v1 routers are present on the subnet, the querier must use IGMP v1.
Administrator’s Handbook set igmp version [ 1 | 2 | 3 ] Sets the IGMP querier version: version 1, version 2, or version 3. If you know you will be communicating with other hosts that are limited to v1, for backward compatibility, select 1; otherwise, allow the default 3. set igmp last-member-query-intvl value Sets the last member query interval: the amount of time in tenths of a second that the IGMP gateway waits to receive a response to a Group-Specific Query message.
TCP/IP services and save the new configuration, the Motorola Netopia® Gateway clears its TCP/IP settings. ARP Timeout Settings set ip arp-timeout [ 60 ... 6000 ] Sets the timeout value for ARP timeout. Default = 600 secs (10 mins); range = 60 secs - 6000 secs (1–100 mins). DSL Settings set ip dsl vccn address ip_address Assigns an IP address to the virtual circuit. Enter 0.0.0.0 if you want the virtual circuit to obtain its IP address from a remote DHCP server.
Administrator’s Handbook The Gateway will continue to switch back and forth in this manner until it successfully connects. Similarly, selecting PPPoE/PPPoA causes the Gateway to attempt to connect by trying these protocols in parallel, and using the first one that is successful. set ip dsl vccn mcast-fwd [ on | off } Enables or disables multi-cast forwarding on the specified interface.
If you specify v2-MD5, you must also specify a rip-receive-key. Keys are ASCII strings with a maximum of 31 characters, and must match the other Gateway(s) keys for proper operation of MD5 support. Ethernet LAN Settings set ip ethernet A option { on | off } Enables or disables communications through the designated Ethernet port in the Gateway. You must enable TCP/IP functions for an Ethernet port before you can configure its network settings.
Administrator’s Handbook If you specify v2-MD5, you must also specify a rip-send-key. Keys are ASCII strings with a maximum of 31 characters, and must match the other Gateway(s) keys for proper operation of MD5 support. Depending on your network needs, you can configure your Motorola Netopia® Gateway to support RIP1, RIP-2, or RIP-2MD5.
set ip ip-ppp [vccn] option { on | off } Enables or disables IP routing through the virtual PPP interface. By default, IP routing is turned on. If you turn off IP routing and save the new configuration, the Motorola Netopia® Gateway clears IP routing settings set ip ip-ppp [vccn] address ip_address Assigns an IP address to the virtual PPP interface. If you specify an IP address other than 0.0.0.0, your Motorola Netopia® Gateway will not negotiate its IP address with the remote peer.
Administrator’s Handbook larly, selecting PPPoE/PPPoA causes the Gateway to attempt to connect by trying these protocols in parallel, and using the first one that is successful. set ip ip-ppp [vccn] rip-send { off | v1 | v2 | v1-compat | v2-MD5 } Specifies whether the Motorola Netopia® Gateway unit should use Routing Information Protocol (RIP) broadcasts to advertise its routing tables to Gateways on the other side of the PPP link.
Static ARP Settings Your Motorola Netopia® Gateway maintains a dynamic Address Resolution Protocol (ARP) table to map IP addresses to Ethernet (MAC) addresses. Your Motorola Netopia® Gateway populates this ARP table dynamically, by retrieving IP address/MAC address pairs only when it needs them. Optionally, you can define static ARP entries to map IP addresses to their corresponding Ethernet MAC addresses. Unlike dynamic ARP table entries, static ARP table entries do not time out.
Administrator’s Handbook SIP Passthrough set ip sip-passthrough [ on | off ] Turns Session Initiation Protocol application layer gateway client passthrough on or off. The default is on. Session Initiation Protocol, is a signaling protocol for Internet conferencing, telephony, presence, events notification and instant messaging. RTSP Passthrough set ip rtsp-passthrough [ off | on ] Turns Real Time Streaming Protocol application layer gateway client passthrough on or off.
Differentiated Services (DiffServ) set diffserv option [ off | on ] Turns the DiffServ option off (default) or on. on enables the service and IP TOS bits are used, even if no flows are defined. Consequently, if the end-point nodes provide TOS settings from an application that can be interpreted as one of the supported states, the Gateway will handle it as if it actively marked the TOS field itself. ☛ NOTE: The Gateway itself will not override TOS bit settings made by the endpoints.
Administrator’s Handbook set diffserv custom-flows name name protocol [ TCP | UDP | ICMP | other ] direction [ outbound | inbound | both ] start-port [ 0 - 65535 ] end-port [ 0 - 65535 ] inside-ip inside-ip-addr inside-ip-mask inside-ip-netmask outside-ip outside-ip-addr outside-ip-mask outside-ip-netmask qos [ off | assure | expedite | network-control ] Defines or edits a custom flow. Select a name for the custom-flow from the set command.
Packet Mapping Configuration set diffserv qos [ network-control-queue | expedite-queue | assured-queue | best-effort-queue ] queue_name Specifies the Diffserv QoS queue mapping associations. ❑ queue_name - the basic queue name to which classified packets are directed.
Administrator’s Handbook set set set set set set set set set 176 diffserv diffserv diffserv diffserv diffserv diffserv diffserv diffserv diffserv qos qos qos qos qos qos qos qos qos dscp-map-23 dscp-map-24 dscp-map-25 dscp-map-26 dscp-map-27 dscp-map-28 dscp-map-29 dscp-map-30 dscp-map-31 expedite network-control network-control network-control network-control network-control network-control network-control network-control
Queue Configuration The Gateway’s WAN interface can now be configured for: ❑ strict priority queuing (as currently) ❑ weighted fair queuing ❑ rate-limiting funnel ☛ Note: The configuration mechanism is designed to be flexible enough to accommodate complex queuing requirements. Configurations not supported by the Gateway will be flagged during configuration verification.
Administrator’s Handbook set queue name queue_name option [ on | off ] type [ basic | wfq | priority | funnel ] Creates a queue named queue_name and assigns a type: ❑ ❑ ❑ ❑ basic – Basic Queue wfq – Weighted Fair Queue priority – Priority Queue funnel – Funnel Queue Basic Queue set queue name basic_queue_name option [ on | off ] set queue name basic_queue_name type basic Specifies the Basic Queue named basic_queue_name attributes. Basic queues have one input and one output.
Weighted Fair Queue set queue name wfq option [ on | off ] set queue name wf_queue_name type wfq set queue name wf_queue_name weight-type [ relative | bps ] set queue name wf_queue_name default-input queue_name Specifies the attributes of the Weighted Fair Queue named wf_queue_name. ❑ wf_queue_name – name of weighted fair queue ❑ weight-type – the weighted fair queue configuration allows you to set the rate in bits per second (bps) or percentage of the line rate (relative). bps is the default.
Administrator’s Handbook set set set set 180 queue queue queue queue name name name name "wfq" "wfq" "wfq" "wfq" entry 4 weight 40000 entry 4 share-bw off entry 4 limit-bw off default-input "basic_q0"
Priority Queue set queue name priority_queue_name option [ off | on ] set queue name priority_queue_name type priority set queue name priority_queue_name default-input queue_name A priority queue can contain up to 8 input queues. For each input queue, the following is configured: set queue name priority_queue_name entry n input input_queue_name set queue name priority_queue_name entry n priority priority_value Specifies the Priority Queue named priority_queue_name attributes.
Administrator’s Handbook Funnel Queue A funnel queue is used to limit the rate of the transmission below the actual line rate: set queue name funnel_queue_name option [ on | off ] set queue name funnel_queue_name type funnel set queue name funnel_queue_name input input_queue_name set queue name funnel_queue_name bps bps Specifies the Funnel Queue named funnel_queue_name attributes.
set ip static-routes destination-network net_address Specifies the network address for the static route. Enter a network address in the net_address argument in dotted decimal format. The net_address argument cannot be 0.0.0.0. set ip static-routes destination-network net_address netmask netmask Specifies the subnet mask for the IP network at the other end of the static route. Enter the netmask argument in dotted decimal format.
Administrator’s Handbook IPMaps Settings set ip-maps name name internal-ip ip_address Specifies the name and static ip address of the LAN device to be mapped. set ip-maps name name external-ip ip_address Specifies the name and static ip address of the WAN device to be mapped. Up to 8 mapped static IP addresses are supported.
Network Address Translation (NAT) Default Settings NAT default settings let you specify whether you want your Motorola Netopia® Gateway to forward NAT traffic to a default server when it doesn’t know what else to do with it. The NAT default host function is useful in situations where you cannot create a specific NAT pinhole for a traffic stream because you cannot anticipate what port number an application might use.
Administrator’s Handbook Network Address Translation (NAT) Pinhole Settings NAT pinholes let you pass specific types of network traffic through the NAT interfaces on the Motorola Netopia® Gateway. NAT pinholes allow you to route selected types of network traffic, such as FTP requests or HTTP (Web) connections, to a specific host behind the Motorola Netopia® Gateway transparently.
PPPoE /PPPoA Settings You can use the following commands to configure basic settings, port authentication settings, and peer authentication settings for PPP interfaces on your Motorola Netopia® Gateway. Configuring Basic PPP Settings. ☛ NOTE: For the DSL platform you must identify the virtual PPP interface [vccn], a number from 1 to 8. set ppp module [vccn] option { on | off } Enables or disables PPP on the Motorola Netopia® Gateway.
Administrator’s Handbook set ppp module [vccn] lost-echoes-max integer Specifies the maximum number of lost echoes the Motorola Netopia® Gateway should tolerate before bringing down the PPP connection. The integer argument can be any number from between 1 and 20. set ppp module [vccn] failures-max integer Specifies the maximum number of Configure-NAK messages the PPP module can send without having sent a Configure-ACK message. The integer argument can be any number between 1 and 20.
option [ off | on | pap-only | chap-only ] Specifying on turns both PAP and CHAP on, or you can select PAP or CHAP. Specify the username and password when port authentication is turned on (both CHAP and PAP, CHAP or PAP.) Authentication must be enabled before you can enter other information. set ppp module [vccn] port-authentication username username The username argument is 1 – 255 alphanumeric characters.
Administrator’s Handbook PPPoE with IPoE Settings Ethernet WAN platforms set wan-over-ether pppoe [ on | off ] Enables or disables PPPoE on the Ethernet WAN interface. set wan-over-ether pppoe-with-ipoe [ on | off ] Enables or disables the PPPoE with IPoE support on Ethernet WAN, including VDSL, platforms when pppoe option is set to on. When pppoe-with-ipoe is set to on, an additional interface, “ethernet C,” becomes available.
ADSL platforms You must configure two VCCs with the same VPI/VCI to enable concurrent PPPoE and IPoE support, and you will need to configure the individual settings for each interface for proper operation. set atm vcc n encap pppoe-llc Specifies that the VCC will allow a second VCC with the same VPI/VCI values as the first. pppoe-llc denotes this special case.
Administrator’s Handbook 802.3ah Ethernet OAM Settings 802.3ah Ethernet in the First Mile (EFM) Operations Administration and Maintenance (OAM) is a group of network management functions that provide network fault indication, performance information, and diagnosis using special-purpose Ethernet OAM frames. These are exchanged between your Gateway and service provider Access Node (AN) devices for network fault management, performance analysis and fault isolation.
Command Line Interface Preference Settings You can set command line interface preferences to customize your environment. set preference verbose { on | off } Specifies whether you want command help and prompting information displayed. By default, the command line interface verbose preference is turned off. If you turn it on, the command line interface displays help for a node when you navigate to that node.
Administrator’s Handbook Port Renumbering Settings If you use NAT pinholes to forward HTTP or telnet traffic through your Motorola Netopia® Gateway to an internal host, you must change the port numbers the Motorola Netopia® Gateway uses for its own configuration traffic.
Security Settings Security settings include the Firewall, Packet Filtering, Stateful Inspection, and IPSec parameters. Some of the security functionality is keyed. Firewall Settings set security firewall option [ high | medium | low | off ] The firewall settings are discussed on page page 23. SafeHarbour IPSec Settings SafeHarbour VPN is a tunnel between the local network and another geographically dispersed network that is interconnected over the Internet.
Administrator’s Handbook set security ipsec tunnels name "123" dest-int-netmask netmask Specifies the subnet mask of the destination computer or internal network. The subnet mask specifies which bits of the 32-bit IP address represents network information. The default subnet mask for most networks is 255.255.255.0 (class C subnet mask). set security ipsec tunnels name "123" encrypt-protocol { ESP | none } See page 201 for details about SafeHarbour IPsec tunnel capability.
set security ipsec tunnels name "123" IKE-mode isakmp-SA-encrypt { DES | 3DES } See page 201 for details about SafeHarbour IPsec tunnel capability. set security ipsec tunnels name "123" IKE-mode ipsec-mtu mtu_value The Maximum Transmission Unit is a link layer restriction on the maximum number of bytes of data in a single transmission. The maximum allowable value (also the default) is 1500, and the minimum is 100.
Administrator’s Handbook set security ipsec tunnels name "123" local-id-type { IP-address | Subnet | Hostname | ASCII } Specifies the NAT local ID type for the specified IPsec tunnel, when Aggressive Mode is set. set security ipsec tunnels name "123" local-id id_value Specifies the NAT local ID value as specified in the local-id-type for the specified IPsec tunnel, when Aggressive Mode is set.
Internet Key Exchange (IKE) Settings The following four IPsec parameters configure the rekeying event.
Administrator’s Handbook Table 1: IPSec Tunnel Details Parameter Setup Worksheet Parameter Name Peer Internal Network Peer Internal Netmask NAT Enable PAT Address Negotiation Method Local ID Type Local ID Address/Value Local ID Mask Remote ID Type Remote ID Address/Value Remote ID Mask Pre-Shared Key Type Pre-Shared Key DH Group PFS Enable SA Encrypt Type SA Hash Type Invalid SPI Recovery Soft MBytes Soft Seconds Hard MBytes Hard Seconds IPSec MTU Xauth Enable Xauth Username Xauth Password 200 Motorola
Parameter Descriptions The following tables describe SafeHarbour’s parameters that are used for an IPSec VPN tunnel configuration: Table 2: IPSec Configuration page parameters Field Description Name The Name parameter refers to the name of the configured tunnel. This is mainly used as an identifier for the administrator. The Name parameter is an ASCII value and is limited to 31 characters. The tunnel name does not need to match the peer gateway.
Administrator’s Handbook Table 3: IPSec Tunnel Details page parameters 202 Remote ID Mask If Aggressive mode is selected as the Negotiation Method, and Subnet as the Remote ID Type, this field appears. This is the remote (central-office-side) subnet mask. Pre-Shared Key Type The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour supports ASCII or HEX types Pre-Shared Key The Pre-Shared Key is a parameter used for authenticating each side.
Table 3: IPSec Tunnel Details page parameters Xauth Enable Extended Authentication (XAuth), an extension to the Internet Key Exchange (IKE) protocol. The Xauth extension provides dual authentication for a remote user’s Motorola Netopia® Gateway to establish a VPN, authorizing network access to the user’s central office. IKE establishes the tunnel, and Xauth authenticates the specific remote user's Gateway.
Administrator’s Handbook Stateful Inspection Stateful inspection options are accessed by the security state-insp tag. set security state-insp [ ip-ppp | dsl ] vccn option [ off | on ] set security state-insp ethernet [ A | B ] option [ off | on ] Sets the stateful inspection option off or on on the specified interface. This option is disabled by default. Stateful inspection prevents unsolicited inbound access when NAT is disabled.
Sets the exposed list address number. set security state-insp xposed-addr exposed-address# "n" start-ip ip_address Sets the exposed list range starting IP address, in dotted quad format. set security state-insp xposed-addr exposed-address# "n" end-ip ip_address Sets the exposed list range ending IP address, in dotted quad format. 32 exposed addresses can be created. The range for exposed address numbers are from 1 through 32.
Administrator’s Handbook Packet Filtering Settings Packet Filtering has two parts: ❑ Create/Edit/Delete Filter Sets, create/edit/delete rules to a Filter Set. ❑ Associate a created Filter Set with a WAN or LAN interface set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index forward [ on | off ] Creates or edits a filter rule, specifying whether packets will be forwarded or not.
set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dest-ip ip_addr Specifies the destination IP address to match packets (where the packet is going). set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dest-mask mask Specifies the destination IP mask to match packets (where the packet is going).
Administrator’s Handbook set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dst-compare [ nc | ne | lt | le | eq | gt | ge ] Sets the destination compare operator action for the specified filter rule. dst-compare only displays when the protocol is TCP or UDP.
SNMP Settings The Simple Network Management Protocol (SNMP) lets a network administrator monitor problems on a network by retrieving settings on remote network devices. The network administrator typically runs an SNMP management station program on a local host to obtain information from an SNMP agent such as the Motorola Netopia® Gateway. set snmp community read name Adds the specified name to the list of communities associated with the Motorola Netopia® Gateway.
Administrator’s Handbook System Settings You can configure system settings to assign a name to your Motorola Netopia® Gateway and to specify what types of messages you want the diagnostic log to record. set system name name Specifies the name of your Motorola Netopia® Gateway. Each Motorola Netopia® Gateway is assigned a name as part of its factory initialization.
set system ftp-server option [ off | on ] Enables or disables a simple FTP server in the Gateway. If enabled, the Gateway will accept binary embedded software images (‘.bin’) files or command line configuration files.
Administrator’s Handbook set system heartbeat option { on | off } protocol [ udp | tcp ] port-client [ 1 - 65535 ] ip-server [ ip_address | dns_name ] port-server [ 1 - 65535 ] url-server ("server_name") number [ 1 – 1073741823 ] interval (00:00:00:20) sleep (00:00:30:00) contact-email ("string@domain_name") location ("string"): The heartbeat setting is used in conjunction with the configuration server to broadcast contact and location information about your Gateway.
clock. auto-daylight-savings specifies whether daylight savings time is in effect; it defaults to on if the time-zone is one that honors Daylight Savings Time; otherwise, it defaults to off. To manually override auto-daylight-savings options, the auto-daylight-savings override option may be set to on, and the corresponding parameters set for start and end year, month, day, and hour. Otherwise, this defaults to off. set system zerotouch option [ on | off ] Enables or disables the Zero Touch option.
Administrator’s Handbook Syslog set system syslog option [ off | on ] Enables or disables system syslog feature. If syslog option is on, the following commands are available: set system syslog host-nameip [ ip_address | hostname ] Specifies the syslog server’s address either in dotted decimal format or as a DNS name up to 64 characters. set system syslog log-facility [ local0 ... local7 ] Sets the UNIX syslog Facility. Acceptable values are local0 through local7.
Default syslog installation procedure 1. Access the Gateway via telnet from the private LAN. DHCP server is enabled on the LAN by default. 2. The product’s stateful inspection feature must be enabled in order to examine TCP, UDP and ICMP packets destined for the Gateway or the private hosts. This can be done by entering the CONFIG interface.
Administrator’s Handbook Wireless Settings (supported models) set wireless option ( on | off ) Administratively enables or disables the wireless interface. set wireless network-id ssid { network_name } Specifies the wireless network id for the Gateway. A unique ssid is generated for each Gateway. You must set your wireless clients to connect to this exact id, which can be changed to any 32-character string.
set wireless scheduler end-time hh:min Specifies the time to turn the wireless radio off, when wireless scheduler option is set to on. set wireless multi-ssid option { on | off } Enables or disables the multi-ssid feature which allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. When enabled, you can specify up to three additional SSIDs with separate privacy settings for each. See below.
Administrator’s Handbook set wireless multi-ssid second-ssid-psk { string } set wireless multi-ssid third-ssid-psk { string } set wireless multi-ssid fourth-ssid-psk { string } Specifies a WPA passphrase for the multiple SSIDs, when second-, third-, or fourth-ssid-privacy is set to WPA-PSK. The Pre Shared Key is a passphrase shared between the Gateway and the clients and is used to generate dynamically changing keys. The passphrase can be 8 – 63 characters.
Wireless Multi-media (WMM) Settings Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. set wireless wmm option [ off | on ] Enables or disables wireless multi-media settings option, which allows you to fine tune WiFi Multimedia Quality of Service (QoS) by transmitting data depending on Diffserv priority settings.
Administrator’s Handbook set wireless wmm router-edca background { aifs 1... 255 } set wireless wmm router-edca background { cwmin value } set wireless wmm router-edca background { cwmax value } Sets values for Gateway WMM background parameters. set wireless wmm client-edca voice { aifs 1... 255 } set wireless wmm client-edca voice { cwmin value } set wireless wmm client-edca voice { cwmax value } set wireless wmm client-edca voice { txoplimit 0... 9999 } Sets values for client WMM voice parameters.
Wireless Privacy Settings set wireless network-id wps [ off | on ] Enables or disables Wireless Protected Setup. See “Wireless Protected Setup” on page 26. set wireless network-id privacy option { off | WEP | WPA-PSK | WPA-802.1x } Specifies the type of privacy enabled on the wireless LAN. off = no privacy; WEP = WEP encryption; WPA-PSK = Wireless Protected Access/Pre-Shared Key; WPA-802.1x = Wireless Protected Access/ 802.1x authentication. See “Wireless” on page 53 for a discussion of these options.
Administrator’s Handbook set wireless network-id privacy encryption-key1-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key2-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key3-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key4-length {40/64bit, 128bit, 256bit} Selects the length of each encryption key. 40bit encryption is equivalent to 64bit encryption.
set wireless mac-auth wrlss-MAC-list mac-address “MAC-address_string” allow-access-ssid2 { on | off } set wireless mac-auth wrlss-MAC-list mac-address “MAC-address_string” allow-access-ssid3 { on | off } set wireless mac-auth wrlss-MAC-list mac-address “MAC-address_string” allow-access-ssid4 { on | off } Designates whether the MAC address is enabled or not for the specified multiple SSID access. Disabled MAC addresses cannot be used for access until enabled.
Administrator’s Handbook VLAN Settings You can create up to 8 VLANs, and you can also restrict any VLAN, and the computers on it, from administering the Gateway. See “VLAN” on page 78 for more information. set vlan name name Sets the descriptive name for the VLAN. If no name is specified, displays a selection list of node names to select for editing. Once a new VLAN name is specified, presents the list of VLAN characteristics to define.
802.1p priority bit field for tagged IP packets transmitted from this port for this VLAN. All mappings between Ethernet 802.1p and IP-TOS are made via diffserv dscp-map settings. set vlan name name ports port port-pbits [ 0 - 7 ] Specifies the 802.1p priority bit for this port associated with the specified VLAN. If you set this to a value greater than 0, all packets of this port with unmarked priority bits (pbits) will be re-marked to this priority.
Administrator’s Handbook ❑ Assign an IP interface: ip-vcc1 option (off) [ off | on ]: ip-eth-a option (off) [ off | on ]: on ipsec-mgmt1 option (off) [ off | on ]: Netopia-3000/9437188 (vlan)>> Example 2: ❑ An example of a “Triple-Play” setup: set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set 226 vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vla
set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set set vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan vlan v
Administrator’s Handbook set set set set vlan vlan vlan vlan name name name name "Video_31" "Video_31" "Video_31" "Video_31" inter-vlan-routing inter-vlan-routing inter-vlan-routing inter-vlan-routing group-1 group-2 group-3 group-4 off off off off You must save the changes, exit from configuration mode, and restart the Gateway for the changes to take effect.
VoIP settings (supported models) Voice-over-IP (VoIP) refers to the ability to make voice telephone calls over the Internet. This differs from traditional phone calls that use the Public Switched Telephone Network (PSTN). VoIP calls use an Internet protocol, Session Initiation Protocol (SIP), to transmit sound over a network or the Internet in the form of data packets. Certain Motorola Netopia® Gateway models have two separate voice ports for connecting telephone handsets. These models support VoIP.
Administrator’s Handbook set voip phone [ 1 | 2 ] sip-out-proxy-server [ server_name | ip_address ] Specifies the SIP outbound proxy server for the specified phone by fully qualified server name or IP address. set voip phone [ 1 | 2 ] sip-user-display-name name Specifies the user name that is displayed on the web UI Home page, or other caller-id displays for the specified phone.
set voip phone [ 1 | 2 ] codec G726_32 priority [ 1 | 2 | 3 | 4 | 5 | 6 | 7 | none ] Assigns a priority to the G726-32 codec, a common audio media type implementation at 32 kbit/s. set voip phone [ 1 | 2 ] codec G726_40 priority [ 1 | 2 | 3 | 4 | 5 | 6 | 7 | none ] Assigns a priority to the G726-40 codec, a common audio media type implementation at 40 kbit/s.
Administrator’s Handbook set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-forwarding-all-number phone_number call-forwarding-all-number – specifies the number to which calls are to be forwarded when call-forwarding-all-option is on. set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-forwarding-on-busy-option [ off | on ] call-forwarding-on-busy-option – turns call forwarding when the line is busy on or off.
set voip phone [ 1 | 2 ] sip-advanced-setting call-feature anonymous-call-block-option [ off | on ] anonymous-call-block-option – if set to on, blocks calls from unidentified sources, such as those with caller-ID blocking. set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-transfer-option [ off | on ] call-transfer-option – if set to on, permits call transfer to another phone.
Administrator’s Handbook Example set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip "1234" set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip set voip 234 phone phone phone phone phone phone phone phone phone phone phone phone phone phone pho
UPnP settings set upnp option [ on | off ] PCs using UPnP can retrieve the Gateway’s WAN IP address, and automatically create NAT port maps. This means that applications that support UPnP, and are used with a UPnP-enabled Motorola Netopia® Gateway, will not need application layer gateway support on the Motorola Netopia® Gateway to work through NAT. The default is on. You can disable UPnP, if you are not using any UPnP devices or applications. set upnp log [ off | on ] Enables or disables UPnP logging.
Administrator’s Handbook TR-069 DSL Forum CPE WAN Management Protocol (TR-069) provides services similar to UPnP and TR-064. The communication between the Motorola Netopia® Gateway and management agent in UPnP and TR064 is strictly over the LAN, whereas the communication in TR-069 is over the WAN link for some features and over the LAN for others. TR-069 allows a remote Auto-Config Server (ACS) to provision and manage the Motorola Netopia® Gateway.
Remote Management settings set remote-mgmt telnet-enable [ on | off ] Enables or disables remote management via telnet of the network specified by network-n/netmask-n. Up to 10 networks may be specified. set remote-mgmt web-enable [ on | off ] Enables or disables remote management via web UI of the network specified by network-n/netmask-n. set remote-mgmt snmp-enable [ on | off ] Enables or disables remote management via SNMP of the network specified by network-n/netmask-n. set remote-mgmt [ network-1...
Administrator’s Handbook Backup IP Gateway Settings The purpose of Backup is to provide a recovery mechanism in the event that the primary connection fails. A failure can be either line loss, for example by central site switch failure or physical cable breakage, or loss of end-to-end connectivity. Detection of one of these failures causes the Gateway to switch from using the primary DSL WAN connection to an alternate gateway on the Ethernet LAN.
set ip backup-gateway option [ on | off ] Turns the backup gateway option on or off. Default is off. set ip backup-gateway interface [ ip-address | ppp-vccn ] Specifies the backup gateway interface ip address to which you want to direct the backup connection. set ip backup-gateway default ip_address Specifies the ip address of the default gateway.
Administrator’s Handbook VDSL Settings ☛ CAUTION! These settings are for very advanced users and lab technicians. Exercise extreme caution when modifying any of these settings.
VDSL Parameter Defaults Parameter Default Meaning line-type 0x81 VDSL port line type(auto=0x80, vdsl=0x81, vdsl_etsi=0x82) us-max-inter-delay 0x04 VDSL port upstream max inter delay ds-max-inter-delay 0x04 VDSL port downstream max inter delay us-target-noise-margin 0x0C VDSL port upstream target noise margin ds-target-noise-margin 0x0C VDSL port downstream target noise margin min-noise-margin 0x0A VDSL port minimum noise margin port-bandplan 0x02 VDSL port bandplan framing-mode 0x90
Administrator’s Handbook VDSL Parameters Accepted Values Parameter 242 Accepted Values sys-option Bit[0]: NTR_DISABLE Bit[1]: ALW_MARGIN_ADJUST. 1: the SNR margin for the optional band is reduced by up to 2.5 dB, but never below a minimum of 4 dB. Bit[2]: SUPPORT_INI Bit[4]: TLAN Enable Bit[5]: PBO Weak mode Enable (Applicable only when PBO Bit[3]=0. Bit[6]: ADSL_SAFE_MODE Enable Bit[7]: TLAN_SAFE_MODE Enable (Applicable only when TLAN Enable Bit[4] is set.
VDSL Parameters Accepted Values Parameter Accepted Values psd-mask-level 0x00 -- default mask (old gains from before) 0x01 -- ANSI M1 CAB 0x02 -- ANSI M2 CAB 0x03 -- ETSI M1 CAB 0x04 -- ETSI M2 CAB 0x05 -- ITU-T Annex F (Japan) 0x06 - ANSI M1 Ex 0x07 - ANSI M2 Ex 0x08 -- ETSI M1 Ex 0x09 - ETSI M2 Ex 0x0A - RESERVED 0x0B - PSD_K (Korean M1 FTTCab -59dBm/Hz) pbo-k1_1 K1 and K2 parameters allow the user more flexibility in using Upstream Power Back-Off (UPBO) on CPE modem.
Administrator’s Handbook VDSL Parameters Accepted Values Parameter 244 Accepted Values port-bandplan BP1_998_3 (0x00) BP2_998_3 (0x01) BP998_3B_8_5M (0x01) BP3_998_4 (0x02) BP998_4B_12M (0x02) BP4_997_3 (0x03) BP997_3B_7_1M (0x03) BP5_997_3 (0x04) BP6_997_4 (0x05) BP997_4B_7_1M (0x05) BP7_MXU_3 (0x06) FLEX_3B_8_5M (0x06) BP8_MXU_2 (0x07) BP9_998_2 (0x08) BP10_998_2 (0x09) BP998_2B_3_8M (0x09) BP11_998_2 (0x0A) BP12_998_2 (0x0B) BP13_MXU_3 (0x0C) BP14_MXU_3 (0x0D) BP15_MXU_3 (0x0E) BP16_997_4B_4P (0x0F)
VDSL Parameters Accepted Values Parameter Accepted Values band-mod Bit 0, 1: Tx Cfg band 1- All tones on 2- All tones below 640 Khz are turned off 3- All tones below 1.1 Mhz are turned off Bit 2,3: Not used Bit 4,5: Rx Cfg band 1- All tones on 2- All tones below 640 Khz are turned off 3- All tones below 1.1 Mhz are turned off Bit 6, 7:Optional band 0- No Optional band 1- ANNEX_A_6_32 ( ie. 25KHz to 138 KHz) 2- ANNEX_B_32_64 (ie. 138 KHz to 276 KHz) 3- ANNEX_B_6_64 (ie.
Administrator’s Handbook 246
CHAPTER 6 Technical Specifications and Safety Information Description Communications interfaces: The Motorola Netopia® Gateways have an RJ-11 jack for DSL line connections or an RJ-45 jack for cable/DSL modem connections and 1 or 4–port 10/100Base-T Ethernet switch for your LAN connections. Some models have a USB port that can be used to connect to your PC; in some cases, the USB port also serves as the power source. Some models contain an 802.11b or 802.11g wireless LAN transmitter.
Administrator’s Handbook Agency approvals North America Safety Approvals: ● United States – UL 60950, Third Edition ● Canada – CSA: CAN/CSA-C22.2 No. 60950-00 EMC: ● United States – FCC Part 15 Class B ● Canada – ICES-003 Telecom: ● United States – 47 CFR Part 68 ● Canada – CS-03 International Safety Approvals: ● Low Voltage (European directive) 73/23 ● EN60950 (Europe) EMI Compatibility: ● 89/336/EEC (European directive) ● EN55022:1994 ● EN300 386 V1.2.
Manufacturer’s Declaration of Conformance ☛ Warnings: This is a Class B product. In a domestic environment this product may cause radio interference, in which case the user may be required to take adequate measures. Adequate measures include increasing the physical distance between this product and other electrical devices. Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment. United States.
Administrator’s Handbook Repairs to the certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may give the telecommunications company cause to request the user to disconnect the equipment.
47 CFR Part 68 Information FCC Requirements 1. The Federal Communications Commission (FCC) has established Rules which permit this device to be directly connected to the telephone network. Standardized jacks are used for these connections. This equipment should not be used on party lines or coin phones. 2.
Administrator’s Handbook i) Connection to party line service is subject to state tariffs. Contact the state public utility commission, public service commission or corporation commission for information. j) If your home has specially wired alarm equipment connected to the telephone line, ensure the installation of this Motorola Netopia® 2200, 3300 Series Gateway does not disable your alarm equipment.
regulations. ● Termination. Without limiting Motorola's other rights, Motorola may terminate this license upon notice if you fail to comply with the terms of the license. Upon termination, you agree to destroy all full and partial copies of the Software in your possession or control.
Administrator’s Handbook Copyright Acknowledgments Because Motorola has included certain software source code in this product, Motorola includes the following text required by the respective copyright holders: Portions of this software are based in part on the work of the following: Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3.
Administrator’s Handbook Caring for the Environment by Recycling When you see this symbol on a Motorola product, do not dispose of the product with residential or commercial waste. Recycling your Motorola Equipment Please do not dispose of this product with your residential or commercial waste. Some countries or regions, such as the European Union, have set up systems to collect and recycle electrical and electronic waste items.
Milieubewust recycleren Als u dit symbool op een Motorola-product ziet, gooi het dan niet bij het huishoudelijk afval of het bedrijfsafval. Uw Motorola-materiaal recycleren. Gooi dit product niet bij het huishoudelijk afval het of bedrijfsafval. In sommige landen of regio's zoals de Europese Unie, zijn er bepaalde systemen om elektrische of elektronische afvalproducten in te zamelen en te recycleren. Neem contact op met de plaatselijke overheid voor informatie over de geldende regels in uw regio.
Administrator’s Handbook Please visit www.motorola.com/recycle for instructions on recycling.
Index Symbols !! command 132 Numerics 3-D Reach Wireless Configuration 28, 89 A Address resolution table 139 Administrative restrictions 170 Administrator password 131 Arguments, CLI 146 ARP Command 133, 144 ATA configuration 149 ATM 55, 106 Authentication 187 Authentication trap 207 auto-channel mode 214 AutoChannel Setting 31, 92, 214 B Backup 236 Bridging 152 Broadcast address 166, 168 C CLI 127 !! command 132 Arguments 146 Command shortcuts 132 Command truncation 146 Configuration mode 145 Keywords
Administrator’s Handbook H N Hardware address 152 Home Page 20 Home Page - Expert Mode 60 Hop count 183 HTTP traffic 192 Nameserver 161 NAT 46, 71, 170, 184 Netmask 168 O set upnp option 233 Operating Mode Wireless 30, 91, 214 I ICMP Echo 135 IGMP 163 IGMP Snooping 163 IP 55, 107 IP address 166, 168 IP interfaces 139 IP Passthrough 70 IP routes 140 IPMap table 140 IPSec Tunnel 139 P Password Administrator 131 User 131 persistent-log 209 Ping command 135 Pinholes 184 Port authentication 187 Port Forwa
S safety instructions 9 Secondary nameserver 161 Session Initiation Protocol 85, 227 Set bncp command 151, 152 Set bridge commands 152 Set DMT commands 160 Set dns commands 161 Set ip static-routes commands 182 Set ppp module port authentication command 187 Set preference more command 191 Set preference verbose command 191 set security state-insp 202 Set servers command 192 Set servers telnet-tcp command 192 Set snmp sysgroup location command 207 Set snmp traps authentification-traps ipaddress command 207 S
Administrator’s Handbook Wired Equivalent Privacy 36, 96 Wireless Configuration 28, 89 Wireless ID (SSID) 28, 89 Z Zero Touch 211 260
