™ Netopia R5000 Series Routers R5100 Serial Router R5200 DDS Router R5300 T1 Router User’s Reference Guide
Copyright ©2000, Netopia, Inc., All rights reserved. Printed in the U.S.A. This manual and any associated artwork, software, and product designs are copyrighted with all rights reserved. Under the copyright laws such materials may not be copied, in whole or part, without the prior written consent of Netopia, Inc. Under the law, copying includes translation to another language or format. Netopia, Inc. 2470 Mariner Square Loop Alameda, CA 94501-1010 U.S.A.
Contents Welcome to the Netopia R5000 Series Router User’s Reference Guide. This guide is designed to be your single source for information about your Netopia R5000 Series Router. It is intended to be viewed on-line, using the powerful features of the Adobe Acrobat Reader. The information display has been designed to present the maximum information in the minimum space on your screen.
iv User’s Reference Guide Readying computers on your local network....................... Connecting to an Ethernet network.................................. 10Base-T............................................................. Adding an external modem ............................................. Connecting to a LocalTalk network ................................. 4-1 4-3 4-3 4-4 4-5 Chapter 5 — Setting up your Router with the SmartStart Wizard 5-1 Before running SmartStart .............................
Contents v Part II: Advanced Configuration Chapter 8 — WAN and System Configuration .............................8-1 WAN configuration.......................................................... 8-1 Line configuration for a Serial line ......................... 8-2 Line configuration for a DDS line ........................... 8-3 Line configuration for a T1 line .............................. 8-4 Configuring Frame Relay ................................................. 8-6 Easy Setup Frame Relay screens....
vi User’s Reference Guide Security ............................................................. Upgrade feature set ........................................... Logging ............................................................. Installing the Syslog client .................................. 8-36 8-36 8-36 8-37 Chapter 9 — IP Setup and Network Address Translation ............9-1 Network Address Translation features ............................. 9-1 Using Network Address Translation ...................
Contents vii Chapter 11 — AppleTalk Setup................................................11-1 AppleTalk networks ...................................................... 11-1 AppleTalk protocol .............................................. 11-1 MacIP................................................................ 11-3 AURP................................................................. 11-3 Routers and seeding .......................................... 11-3 Installing AppleTalk ...........................
viii User’s Reference Guide Router Budget Configuration page ..................... Connection Budgets page ................................. Connection Budget Configuration page............... Budget Statistics page ..................................... Event History pages ......................................... 12-25 12-26 12-27 12-28 12-29 Chapter 13 — Security ...........................................................13-1 Suggested security measures .......................................
Contents ix Firewall design rules......................................... 13-32 Filter basics ..................................................... 13-35 Example filters ................................................. 13-36 Chapter 14 — Utilities and Diagnostics ...................................14-1 Ping ............................................................................ 14-2 Trace Route................................................................. 14-5 Telnet client......................
x User’s Reference Guide Subnets and subnet masks .................................. B-2 Example: Using subnets on a Class C IP internet.... B-3 Example: Working with a Class C subnet ................ B-5 Distributing IP addresses ............................................... B-5 Technical note on subnet masking......................... B-6 Configuration ....................................................... B-7 Manually distributing IP addresses ........................ B-8 Using address serving .....
Contents xi Index ..................................................................................Index-1 Limited Warranty and Limitation of Remedies ................................
xii User’s Reference Guide
Part I: Getting Started
User’s Reference Guide
Introduction 1-1 Chapter 1 Introduction Overview The Netopia R5000 Series Router line consists of the R5100 Serial Router, the R5200 DDS Router, and the R5300 T1 Router. Each is a full-featured, stand-alone, multiprotocol router for connecting diverse local area networks (LANs) to the Internet and other remote networks.
1-2 User’s Reference Guide costs ■ Status lights (LEDs) for easy monitoring and troubleshooting ■ Support for console-based management over Telnet or serial cable connection ■ Support for remote configuration by your reseller, your network administrator, or technicians at Netopia, Inc.
Setting Up Internet Services 2-1 Chapter 2 Setting Up Internet Services This chapter describes how to obtain and set up Internet services. This section covers the following topics: ■ “Finding an Internet service provider” on page 2-1 ■ “Deciding on an ISP account” on page 2-2 ■ “Obtaining information from the ISP” on page 2-3 Note: Some companies act as their own ISP. For example, some organizations have branch offices that can use the Netopia R5000 Series to access the Internet via the main office.
2-2 User’s Reference Guide Unique requirements Make sure the ISP can meet any unique requirements you may have, such as: ■ Dynamic or static IP addressing ■ IP address range ■ Custom domain name ■ Multiple e-mail addresses ■ Web site hosting ■ E-commerce ■ VPN support Pricing and support Compare pricing, service, and technical support service among various ISPs. Endorsements Consider recommendations from colleagues and reviews in publications.
Setting Up Internet Services 2-3 Obtaining information from the ISP After your account is set up, the ISP should send you the IP parameter information that will help you configure the Netopia R5000 Series.
2-4 User’s Reference Guide
Making the Physical Connections 3-1 Chapter 3 Making the Physical Connections This section tells you how to make the physical connections to your Netopia R5000 Series Router.
3-2 User’s Reference Guide What you need Locate all items that you need for the installation. Included in your router package are: ■ The Netopia R5000 Series Router ■ A power adapter and cord with a mini-DIN8 connector ■ One RJ-45 Ethernet cable ■ One RJ-45 Telco (or Line) cable ■ A dual DB-9 and mini-DIN8 to DB-9 console cable (for a PC or a Macintosh) ■ An X.21 DTE cable or a V.
Making the Physical Connections 3-3 Connect the router Identify the connectors and switches on the back panel and attach the necessary Netopia Router cables. R5100 Serial The figure below displays the back of the Netopia R5100 Serial Router.
3-4 User’s Reference Guide Identify the connectors The following table describes all of the Netopia R5000 Series Router back panel ports. Port Description Power port Serial Line 1 port (R5100 Serial router only) Line ports A mini-DIN8 power adapter cable connection. A DB-15 serial port labelled Line 1 - Serial for your external CSU/DSU or modem connection. A telephone-style jack labeled “Line 1” for your T1 or DDS WAN connection. Use the “Line 1" port, NOT “Line 2.
Making the Physical Connections 3-5 Netopia R5000 Series Router status lights The figure below represents the Netopia R5000 Series Router status light (LED) panel.
3-6 User’s Reference Guide
Connecting to Your Local Area Network 4-1 Chapter 4 Connecting to Your Local Area Network This chapter describes how to physically connect the Netopia R5000 Series to your local area network (LAN). Before you proceed, make sure the Netopia R5000 Series is properly configured. You can customize the router’s configuration for your particular LAN requirements using console-based management (see “Console-Based Management” on page 6-1).
4-2 User’s Reference Guide Application software TCP/IP stack Ethernet/EtherTalk/LocalTalk Driver Your PC or Macintosh computer To the Netopia R5000 Series Application software: This is the software you use to send e-mail, browse the World Wide Web, read newsgroups, etc. These applications may require some configuration. Examples include the Eudora e-mail client and the Web browsers Microsoft Internet Explorer and Netscape Navigator.
Connecting to Your Local Area Network 4-3 Connecting to an Ethernet network The Netopia R5000 Series supports Ethernet connections through its eight Ethernet ports. The router automatically detects which Ethernet port is in use. You can connect 10Base-T or 10/100 Ethernet devices to the Netopia R5000 Series Router. 10Base-T You can connect a standard 10Base-T Ethernet network to the Netopia R5000 Series Router using any of its available Ethernet ports.
4-4 User’s Reference Guide If you add devices connected through a hub, connect the hub to Ethernet port number 1 on the Netopia R5000 Series Router and set the Normal/Uplink switch to Uplink. 8 Ethernet 1 Nor- PC Macintosh PC 10Base-T Hub Adding an external modem You may want to add an external modem to your Auxiliary port so that you can manage it even if the Internet connectyion isn’t functioning.
Connecting to Your Local Area Network 4-5 Connecting to a LocalTalk network If you have purchased the AppleTalk feature expansion kit, you can also connect the router to an AppleTalk network that uses either Ethernet or LocalTalk. Refer to the sheet of optional feature set add-ons in your Netopia R5000 Series documentation folio. The AppleTalk feature expansion kit includes a special dual RJ-11 PhoneNET connector that attaches to the Auxiliary port on the Netopia R5000 Series.
4-6 User’s Reference Guide
Setting up your Router with the SmartStart Wizard 5-1 Chapter 5 Setting up your Router with the SmartStart Wizard Once you’ve connected your router to your computer and your telecommunications line and installed a web browser, you’re ready to run the Netopia SmartStart™ Wizard. The SmartStart Wizard will help you set up the router and share the connection.
5-2 User’s Reference Guide Before running SmartStart Be sure you have connected the cables and power source as described in Step 1 “Connect the Router” guide contained in your Netopia folio. Before you launch the SmartStart application, make sure your computer meets the following requirements: PC Macintosh System software Windows 95, 98, or NT operating system MacOS 7.5 or later Connectivity software TCP/IP must be installed and properly configured.
Setting up your Router with the SmartStart Wizard 5-3 Setting up your Router with the SmartStart Wizard The SmartStart Wizard is tailored for your platform, but it works the same way on either a PC or a Macintosh. Insert the Netopia CD, and in the desktop navigation screen that appears, launch the SmartStart Wizard application. SmartStart Wizard configuration screens The screens described in this section are the default screens shipped on the Netopia CD. They derive from two initialization (.
5-4 User’s Reference Guide Setup options screen. You can choose either Easy or Advanced setup. ■ If you choose Easy, SmartStart automatically uses the preconfigured IP addressing setup built into your router. This is the best choice if you are creating a new network or don’t already have an IP addressing scheme on your network. If you choose Easy, you will see a “Connection Test screen,” like the one shown below while SmartStart checks the connection to your router.
Setting up your Router with the SmartStart Wizard 5-5 When the test is successful, SmartStart presents you with the “Additional Configuration screen,” shown below. Additional Configuration screen. If you have a router that has a permanent unswitched connection to your ISP, such as a Netopia R5000 Series Router, the Additional Configuration screen appears. You may want to do additional configuration to customize your network environment.
5-6 User’s Reference Guide Known IP Address screen. SmartStart displays a recommended address for the router based on the IP address of the computer. If you know the router has an IP address different from the default value, enter it now. Otherwise, accept the recommended address. When you have done this, click Next. SmartStart tests the connection to your router. SmartStart then returns you to an “Additional Configuration screen” on page 5-5. New IP Address screen.
Setting up your Router with the SmartStart Wizard 5-7 Dynamic configuration (recommended) If you configure your Netopia R5000 Series using SmartStart, you can accept the dynamic IP address assigned by your router. The Dynamic Host Configuration Protocol (DHCP) server, which enables dynamic addressing, is enabled by default in the router. If your PC is not set for dynamic addressing, SmartStart will offer to do this for you if you select the Easy setup option.
5-8 User’s Reference Guide Static configuration (optional) If you are manually configuring for a fixed or static IP address, perform the following: 1. Go to Start Menu/Settings/Control Panels and double click the Network icon. From the Network components list, select the Configuration tab. 2. Select TCP/IP-->Your Network Card. Then select Properties. In the TCP/IP Properties screen (shown below), select the IP Address tab. Click “Specify an IP Address.” Enter the following: IP Address: 192.168.1.
Setting up your Router with the SmartStart Wizard 5-9 3. Click on the Gateway tab (shown below). Under “New gateway,” enter 192.168.1.1. Click Add. This is the Netopia R5000 Series’s pre-assigned IP address. Click on the DNS Configuration tab. Click Enable DNS. Enter the following information: Host: Type the name you want to give to this computer. Domain: Type your domain name. If you don't have a domain name, type your ISP's domain name; for example, netopia.com.
5-10 User’s Reference Guide Configuring TCP/IP on Macintosh computers The following is a quick guide to configuring TCP/IP for MacOS computers. Configuring TCP/IP in a Macintosh computer requires the following: You must have either Open Transport or Classic Networking (MacTCP) installed.
Setting up your Router with the SmartStart Wizard 5-11 Static configuration (optional) If you are manually configuring for a fixed or static IP address, perform the following: 1. Go to the Apple menu. Select Control Panels and then TCP/IP or MacTCP. 2. With the TCP/IP window open, go to the Edit menu and select User Mode. Choose Advanced and click OK. Or, in the MacTCP window, select Ethernet and click the More button. 3.
5-12 User’s Reference Guide Dynamic configuration using MacIP (optional) If you want to use MacIP to dynamically assign IP addresses to the Macintosh computers on your network you must install the optional AppleTalk feature set kit. Note: You cannot use MacIP dynamic configuration to configure your Netopia R5000 Series Router because you must first configure the router in order to enable AppleTalk. Once the AppleTalk kit is installed, you can configure your Macintoshes for MacIP.
Setting up your Router with the SmartStart Wizard 5-13 Using Classic Networking (MacTCP) 1. Go to the Apple Menu. Select Control Panels and then Network. 2. In the Network window, select EtherTalk. 3. Go back to the Apple menu. Select Control Panels and then MacTCP. 4. Select EtherTalk. From the pull-down menu under EtherTalk, select an available zone; then click the More button. In the MacTCP/More window select the Server radio button.
5-14 User’s Reference Guide
Console-Based Management 6-1 Chapter 6 Console-Based Management Console-based management is a menu-driven interface for the capabilities built into the Netopia R5000 Series routers. Console-based management provides access to the full range of features that the router supports. You can customize these features for your individual setup. This chapter describes how to access the console-based management screens.
6-2 User’s Reference Guide may be using the router to connect to more than one service provider or remote site. ■ The System Configuration menus display and permit changing: ■ Network protocols setup. See “IP Setup and Network Address Translation” on page 9-1, “IPX Setup” on page 10-1, and “AppleTalk Setup” on page 11-1. ■ Filter sets (firewalls). See “Security” on page 13-1. ■ IP address serving. See “IP address serving” on page 9-22. ■ Date and time. See “Date and time” on page 8-34.
Console-Based Management 6-3 Configuring Telnet software If you are configuring your router using a Telnet session, your computer must be running a Telnet software program. ■ If you connect a PC with Microsoft Windows, you can use a Windows Telnet application or simply run Telnet from the Start menu. ■ If you connect a Macintosh computer, you can use the NCSA Telnet program supplied on the Netopia R5000 Series CD. You install NCSA Telnet by simply dragging the application from the CD to your hard disk.
6-4 User’s Reference Guide Launch your terminal emulation software and configure the communications software for the values shown in the table below. These are the default communication parameters that the Netopia R5000 Series uses. Parameter Suggested Value Terminal type PC: ANSI-BBS Mac: ANSI, VT-100, or VT-200 Data bits 8 Parity None Stop bits 1 Speed 57600 bits per second * Flow Control None * Note: The router firmware contains an autobaud detection feature.
Easy Setup 7-1 Chapter 7 Easy Setup This chapter describes how to use the Easy Setup console screens on your Netopia R5000 Series Router. After completing the Easy Setup console screens, your router will be ready to connect to the Internet or another remote site.
7-2 User’s Reference Guide A screen similar to the following Main Menu appears: Netopia R5300 v4.3.3 Easy Setup... WAN Configuration... System Configuration... Utilities & Diagnostics... Statistics & Logs... Quick Menus... Quick View... Return/Enter goes to Easy Setup -- minimal configuration. You always start from this main screen.
Easy Setup 7-3 The Serial Line Easy Setup configuration screen The Serial Line Easy Setup screen appears. Serial Line Easy Setup Circuit Type... Permanent Sync Data Rate (kbps)... Auto Data Link Encapsulation... Frame Relay TO MAIN MENU NEXT SCREEN Enter Information supplied to you by your telephone company. 1. Select Circuit Type and press Return. From the pop-up menu, select your circuit type: Permanent Sync (the default) or Switched Async.
7-4 User’s Reference Guide The T1 Line configuration screen The T1 Line Configuration screen appears. T1 Line Configuration Line Encoding... B8ZS Framing Mode... ESF Number of DS0 Channels: First DS0 Channel: 1 1 Channel Data Rate... Nx64k Data Link Encapsulation... Frame Relay TO MAIN MENU NEXT SCREEN Enter Information supplied to you by your telephone company. 1. Select Line Encoding and press Return.
Easy Setup 7-5 6. Select Data Link Encapsulation and highlight the method of encapsulation that you want to use from the pop-up menu. The choices offered are PPP, HDLC, and Frame Relay. The default setting is Frame Relay. Press Return. 7. Select NEXT SCREEN and press Return. The Easy Setup Profile screen appears. See page 7-6. The DDS Line configuration screen The DDS Line Configuration screen appears. DDS Line Configuration Data Rate (kbps)... Automatic Data Link Encapsulation...
7-6 User’s Reference Guide Easy Setup Profile screen The Easy Setup Profile screen appears. Connection Profile 1: Easy Setup Profile Connection Profile Name: Easy Setup Profile Address Translation Enabled: IP Addressing... Yes Unnumbered Remote IP Address: Remote IP Mask: 127.0.0.2 255.255.255.255 Frame Relay Management Type... ANSI (Annex D) PREVIOUS SCREEN NEXT SCREEN Enter basic information about your WAN connection with this screen.
Easy Setup 7-7 If you chose PPP as your datalink encapsulation method, select PPP Authentication and from the pop-up menu choose: None (the default), PAP, CHAP, PAP-TOKEN, or CACHE-TOKEN. Selecting any authentication method other than the default None will display fields for you to enter your authentication information, such as User Name and Password. 5. Select NEXT SCREEN and press Return. The IP Easy Setup screen appears. Note: For more Easy Setup options, see the next section.
7-8 User’s Reference Guide Because this is a private network address, it should never be directly connected to the Internet. Using NAT for all your connection profiles will ensure this restriction. See “IP Setup and Network Address Translation” on page 9-1 of this guide for more information. 2. Select Ethernet Subnet Mask and enter the subnet mask your ISP has given you.
Easy Setup 7-9 The final step in configuring the Easy Setup console screens is to restart the Netopia R5000 Series, so that the configuration settings take effect. 1. Select RESTART DEVICE. A prompt asks you to confirm your choice. 2. Select CONTINUE to restart the Netopia Router and have your selections take effect. Additional security features are available. See “Security” on page 13-1.
7-10 User’s Reference Guide
Part II: Advanced Configuration
User’s Reference Guide
WAN and System Configuration 8-1 Chapter 8 WAN and System Configuration This chapter describes how to use the console-based management screens to access and configure advanced features of your Netopia R5000 Series Router. You can customize these features for your individual setup. These menus provide a powerful method for experienced users to set up their router’s connection profiles and system configuration.
8-2 User’s Reference Guide Line configuration for a Serial line The Serial Line Configuration screen is where you enter the configuration parameters for your leased line, in order for the Netopia Router to communicate with the physical connection. Serial Line Configuration Circuit Type... Permanent Sync Data Rate (kbps)... Auto Invert Tx Clock: Circuit Activation Requires... No DCD and DSR Data Link Encapsulation... Frame Relay Enter Information supplied to you by your telephone company. 1.
WAN and System Configuration 8-3 5. Select Data Link Encapsulation and highlight the method of encapsulation that you want to use from the pop-up menu. The choices offered are PPP, HDLC, and Frame Relay. The default setting is Frame Relay. Press Return. Note: If you used Easy Setup to configure your router, you have already created a connection profile called Easy Setup Profile.
8-4 User’s Reference Guide Note: If you used Easy Setup to configure your router, you have already created a connection profile called Easy Setup Profile. If you return to the Easy Setup menus and change the Data Link Encapsulation method you set up in this step, the Easy Setup Data Link Encapsulation method will override this one and change the default data link encapsulation method in use. You are now finished configuring the Line Configuration screen.
WAN and System Configuration 8-5 For fractional T1, you can also specify in the check box whether the DS0 channels are contiguous or alternating. 5. Select First DS0 Channel and enter the number of the first active DS0 channel you will be using. The default setting is 1 (one). Press Return. Note: You can change the First DS0 Channel number, which has a valid range from one to the maximum number minus the number of active channels.
8-6 User’s Reference Guide Configuring Frame Relay Frame Relay is an alternative data link encapsulation method for use over unswitched connections. If this does not apply to your connection, you can skip the corresponding sections.
WAN and System Configuration 8-7 WAN Configuration Frame Relay screens The Line Configuration menu also offers the options of either PPP, HDLC, or Frame Relay as your data link encapsulation method. Main Menu WAN Configuration WAN Setup T1 Line Configuration Line Encoding... B8ZS Framing Mode... Transmit ANSI PRMs: ESF No Number of DS0 Channels: First DS0 Channel: 1 1 Buildout (-dB)... Auto Channel Data Rate... Clock Source... Data Link Encapsulation...
8-8 User’s Reference Guide Frame Relay configuration If you chose Frame Relay as your data link encapsulation type you can now configure the Frame Relay options from the WAN Configuration menu. WAN Configuration WAN (Wide Area Network) Setup... Display/Change Connection Profile... Add Connection Profile... Delete Connection Profile... Default Profile... Frame Relay Configuration... Frame Relay DLCI Configuration... Return/Enter for WAN line configuration.
WAN and System Configuration 8-9 See “Frame Relay DLCI configuration” on page 8-10 for instructions. Specifying the Link Management Type is the first step in configuring Frame Relay. 2. ■ If you select an LMI Type (Link Management Type) other than None, the T391 option specifies the number of seconds between the Status Enquiry messages. The default setting is 10. ■ The N391 option specifies the frequency of full status polls, in increments of the basic (T391) polling cycle. The default setting is 6.
8-10 User’s Reference Guide Note: The Congestion Management Enabled field will only appear if Standard or Buffered is selected as the option from the Tx Injection Management field. 4. Select Maximum Tx Frame Size and press Return. The default is automatically set to a value suitable for encapsulating a full Ethernet packet’s transmission load; however you can change the Maximum Frame Size to suit your network’s transmission load. Press Return.
WAN and System Configuration 8-11 Frame Relay DLCI Configuration +-DLCI Name----------DLCI Number-+ +--------------------------------+ | | | DLCI 16 16 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | +--------------------------------+ Up/Down Arrow Keys to select, ESC to dismiss, Return/Enter to Edit. Changing a Frame Relay DLCI configuration To modify a Frame Relay DLCI configuration, select Display/Change DLCIs in the Frame Relay DLCI Configuration screen.
8-12 User’s Reference Guide Adding a Frame Relay DLCI configuration To add a new Frame Relay DLCI, select Add DLCI in the Frame Relay DLCI Configuration screen and press Return. The Add DLCI screen appears. Add DLCI DLCI Name: DLCI 16 DLCI Enabled: Yes DLCI Number (16-991): 16 Remote IP Address: 0.0.0.0 Data Flow Parameters---------------Use Default---------Value---CIR: Yes Bc: Yes Be: Yes ADD DLCI NOW CANCEL Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes.
WAN and System Configuration 8-13 provider agrees to transfer from a given PVC (Permanent Virtual Circuit) or DLCI (Data Link Connection Identifier). The setting defaults to 64000, but you may modify the committed burst size by toggling the selection in the Use Default field to No. You can then enter a different committed burst size in the Value field.
8-14 User’s Reference Guide Creating a new Connection Profile Connection Profiles define the telco and networking protocols necessary for the router to make a remote connection. A Connection Profile is like an address book entry describing how the router is to get to a remote site, or how to recognize and authenticate a remote user dialing in to the router. For example, to create a new Connection Profile, you navigate to the WAN Configuration screen from the Main Menu, and select Add Connection Profile.
WAN and System Configuration 8-15 IP Profile Parameters Address Translation Enabled: Yes Local WAN IP Address: 0.0.0.0 Remote IP Address: Remote IP Mask: 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Off Toggle to Yes if this is a single IP address ISP account. Configure IP requirements for a remote network connection here. 4. Toggle or enter any IP Parameters you require and return to the Add Connection Profile screen by pressing Escape.
8-16 User’s Reference Guide 6. Toggle or enter any IPX Parameters you require and return to the Add Connection Profile screen by pressing Escape. For more information, see “IPX Setup” on page 10-1. 7. Select Datalink Options and press Return. The Datalink Options screen appears. The Datalink Options screen will vary depending on the data link encapsulation method you are using.
WAN and System Configuration 8-17 The PPP options screen for a switched interface appears as follows: Datalink (PPP/MP) Options Data Compression... Standard LZS Send Authentication... PAP Send User Name: Send Password: Receive User Name: Receive Password: Maximum Packet Size: 1500 In this Screen you will configure the PPP/MP specific connection params. You can accept the defaults, or change them if you wish. You can also specify user name and password for both outgoing and incoming calls.
8-18 User’s Reference Guide 8. For a switched connection only, select Telco Options and press return. the Telco Options screen appears. Note: For IDSL routers, which do not initiate dial-up connections, this option does not appear. Telco Options Dial... Dial In/Out Number to Dial: Alternate Site to Dial: Dial on Demand: Idle Timeout (seconds): Yes 300 Callback: No In this Screen you configure options for the ways you will establish a link. Select Dial and press Return. A pop-up menu appears.
WAN and System Configuration 8-19 If you want to view the Connection Profiles in your router, return to the WAN Configuration screen, and select Display/Change Connection Profile. The list of Connection Profiles is displayed in a scrolling pop-up screen. WAN Configuration +-Profile Name---------------------IP Address----IPX Network-+ +------------------------------------------------------------+ | Easy Setup Profile 127.0.0.2 | | Profile 02 0.0.0.
8-20 User’s Reference Guide The default profile For R5100 SA and R5300 T1 models the Default Profile screen controls whether or not the communication link will come up without an explicitly configured connection profile. If you have an R5200 DDS model, you can skip this section. See “Connection Profiles” on page 9-8 for more information. You access the Default Profile screen from the Main Menu by selecting WAN Configuration and then selecting Default Profile.
WAN and System Configuration 8-21 If Must Match a Defined Profile is set to No, then an IPX Enabled item is visible. Toggling this item to Yes or No (the default) controls whether or not IPX will be supported on the communication link. If IPX Enabled is set to Yes, an IPX Parameters item becomes visible. If you select IPX Parameters, the IPX Parameters screen appears (see “IPX parameters (default profile) screen” on page 8-22).
8-22 User’s Reference Guide IPX parameters (default profile) screen The IPX Parameters (Default Profile) screen allows you to configure various IPX parameters for connections established without an explicitly configured connection profile: IPX Parameters (Default Profile) NetBios Packet Forwarding: Path Delay: Off 10 Incoming Outgoing Incoming Outgoing <> <> <> <> Packet Filter Set... Packet Filter Set... SAP Filter Set... SAP Filter Set...
WAN and System Configuration 8-23 Scheduled connections ( s w i t c h e d a s y n c o n l y ) To go to the Scheduled Connections screen, select Scheduled Connections in the WAN Configuration screen. Main Menu WAN Configuration Scheduled Connections Scheduled Connections Display/Change Scheduled Connection... Add Scheduled Connection... Delete Scheduled Connection... Navigate from here to add/modify/change/delete Scheduled Connections.
8-24 User’s Reference Guide Viewing scheduled connections To display a table of view-only scheduled connections, select Display/Change Scheduled Connection in the Scheduled Connections screen. Each scheduled connection occupies one row of the table. Scheduled Connections +-Days----Begin At---HH:MM---When----Conn. Prof.
WAN and System Configuration 8-25 Adding a scheduled connection To add a new scheduled connection, select Add Scheduled Connection in the Scheduled Connections screen and press Return. The Add Scheduled Connection screen appears. Add Scheduled Connection Scheduled Connection Enable: On How Often... Weekly Schedule Type... Forced Set Weekly Schedule... Use Connection Profile... ADD SCHEDULED CONNECTION CANCEL Scheduled Connections dial remote Networks on a Weekly or Once-Only basis.
8-26 User’s Reference Guide Set Weekly Schedule If you set How Often to Weekly, select Set Weekly Schedule and go to the Set Weekly Schedule screen. ■ Select the days for the scheduled connection to occur and toggle them to Yes.
WAN and System Configuration 8-27 Set Once-Only Schedule If you set How Often to Once Only, select Set Once-Only Schedule and go to the Set Once-Only Schedule screen. Set Once-Only Schedule ■ Place Call on (MM/DD/YY): 05/07/1998 Scheduled Window Start Time: AM or PM: 11:50 AM Scheduled Window Duration: 00:00 Select Place Call On (Date) and enter a date in the format MM/DD/YY or MM/DD/YYYY (month, day, year). Note: You must enter the date in the format specified. The slashes are mandatory.
8-28 User’s Reference Guide Modifying a scheduled connection To modify a scheduled connection, select Change Scheduled Connection in the Scheduled Connections screen to display a table of scheduled connections. Select a scheduled connection from the table and go to the Change Scheduled Connection screen. The parameters in this screen are the same as the ones in the Add Scheduled Connection screen (except that ADD SCHEDULED CONNECTION and CANCEL do not appear).
WAN and System Configuration 8-29 Connection accounting screens (switched async only) For an R5100 Serial router connected to an asynchronous modem, you can enable system-wide and per connection profile connection accounting and budgeting. You use this feature to track first minutes and additional minutes per time period for initiated data calls. Connection accounting is available either through the console-based management screens or through the web-based management screens.
8-30 User’s Reference Guide The Budget Setup screen appears. Connection Budget Setup Name: Budget 1 Use Connection Profile... Easy Setup Profile Enforced: Override: Off Off Units: Limit: Minutes 300 Time Period... 1st Day of Week... Week Sunday Choose the Connection Profile this budget is for. Configuration is similar to the web-based management configuration screens. ■ Selecting Use Connection Profile displays a pop-up list of all of your connection profiles.
WAN and System Configuration 8-31 You can monitor your usage against your budget by reviewing the Connection Budget Statistics screen in the Accounting Statistics. From the Main Menu select Statistics & Logs and then Accounting Statistics and then Connection Budget Statistics. Main Menu Statistics & Logs Accounting Statistics Connection Budget Statistics The Budget Statistics screen appears.
8-32 User’s Reference Guide System configuration screens You can connect to the Netopia R5000 Series Router’s system configuration screens in either of two ways: ■ By using Telnet with the Router’s Ethernet port IP address ■ Through the console port, using a local terminal (see “Connecting a console cable to your router” on page 6-3) You can also retrieve the Netopia R5000 Series Router’s configuration information and remotely set its parameters using the Simple Network Management Protocol (see “SNMP”
WAN and System Configuration 8-33 2. Select Network Protocols and press Return. The Network Protocols screen appears. 3. Select IP Setup and press Return. The IP Setup screen appears. To go back in this sequence of screens, use the Escape key. System configuration features The Netopia R5000 Series Router’s default settings may be all you need to configure your Netopia R5000 Series Router. Some users, however, require advanced settings or prefer manual control over the default selections.
8-34 User’s Reference Guide Network protocols setup These screens allow you to configure your network’s use of the standard networking protocols: ■ IP: Details are given in “IP Setup and Network Address Translation” on page 9-1. ■ IPX: Details are given in “IPX Setup” on page 10-1. ■ AppleTalk: Details are given in “AppleTalk Setup” on page 11-1. Note: AppleTalk requires the optional AppleTalk feature expansion kit.
WAN and System Configuration 8-35 1. Select Current Date and enter the date in the appropriate format. Use one- or two-digit numbers for the month and day, and the last two digits of the current year. The date’s numbers must be separated by forward slashes (/). 2. Select Current Time and enter the time in the format HH:MM, where HH is the hour (using either the 12-hour or 24-hour clock) and MM is the minutes. 3. Select AM or PM and choose AM or PM.
8-36 User’s Reference Guide SNMP (Simple Network Management Protocol) These screens allow you to monitor and configure your network by means of a standard Simple Network Management Protocol (SNMP) agent. ■ Details are given in “SNMP” on page 12-13. Security These screens allow you to add users and define passwords on your network. ■ Details are given in “Security” on page 13-1.
WAN and System Configuration 8-37 By default, all events are logged in the event history. ■ By toggling each event descriptor to either Yes or No, you can determine which ones are logged and which are ignored. ■ You can enable or disable the syslog client dynamically. When enabled, it will report any appropriate and previously unreported events. ■ You can specify the syslog server’s address either in dotted decimal format or as a DNS name up to 63 characters.
8-38 User’s Reference Guide
IP Setup and Network Address Translation 9-1 Chapter 9 IP Setup and Network Address Translation The Netopia R5000 Series Router uses Internet Protocol (IP) to communicate both locally and with remote networks. This chapter shows you how to configure the router to route IP traffic. You also learn how to configure the router to serve IP addresses to hosts on your local network and to configure Network Address Translation.
9-2 User’s Reference Guide NAT works by remapping the source IP address of traffic from the LAN to a single static or dynamically assigned IP address shown to the remote side of the router. HOW NAT WORKS With NAT 192.168.1.100 ISP* 192.168.1.102 192.168.1.103 163.167.132.1 192.168.1.104 192.168.1.105 192.168.1.106 Without NAT 163.167.132.1 163.167.132.1 163.167.132.2 163.167.132.3 163.167.132.4 163.167.132.5 163.167.132.6 163.167.132.2 163.167.132.3 163.167.132.4 163.167.132.5 163.167.132.
IP Setup and Network Address Translation 9-3 Using Network Address Translation The following procedure describes how to use Network Address Translation. 1. Pick a network number for your local network (referred to as the internal network). This can be any IP address range you want. The Netopia R5000 Series Router has a default IP address of 192.168.1.1. You may choose to change this address to match a pre-existing addressing scheme. For this example, we will use 10.0.0.0.
9-4 User’s Reference Guide ■ Alternatively, from the WAN Configuration menu in the Main Menu screen, select Display/Change Connection Profile. When that screen appears, select IP Profile Parameters. You can now access the Address Translation option from the IP Profile Parameters menu. IP Profile Parameters Address Translation Enabled: Yes IP Addressing... Local WAN IP Address: Unnumbered 0.0.0.0 Remote IP Address: Remote IP Mask: 0.0.0.0 0.0.0.0 Filter Set...
IP Setup and Network Address Translation 9-5 5. If your ISP uses numbered (interface-based) routing, select Local WAN IP Address and enter the local WAN address your ISP gave you. Then select Local WAN IP Mask and enter the WAN subnet mask of the remote site you will connect to. The default address is 0.0.0.0, which allows for dynamic addressing, meaning that your ISP assigns an address via DHCP when you connect.
9-6 User’s Reference Guide IP Profile Parameters Address Translation Enabled: Yes IP Addressing... Unnumbered Remote IP Address: Remote IP Mask: 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Transmit RIP: Off Off Return/Enter to select ... Configure IP requirements for a remote network connection here. When using numbered interfaces, the Netopia Router will use its local WAN IP address and subnet mask to send packets to the remote router.
IP Setup and Network Address Translation 9-7 Quick View Default IP Gateway: 0.0.0.0 Domain Name Server: 0.0.0.0 Domain Name: None Provided CPU Load: 2% 12/11/1998 12:45:44 PM Unused Memory: 952 KB LocalTalk Address: 34448:149 ----------------MAC Address--------IP Address-------IPX Address---EtherTalk--Ethernet Hub: 00-00-c5-70-03-48 192.168.1.1 34449:150 SDSL WAN1: 00-00-c5-70-03-4a 0.0.0.0 Current DSL Status Profile Name----------Rate--%Use-Remote Address-----Est.
9-8 User’s Reference Guide Advanced IP/IPX router configuration options Advanced users can optionally use connection profiles to configure the IP and IPX protocol stack interfaces on the WAN link. You need not explicitly define these parameters, however. The following information is provided as reference to the possible router configurations advanced users may desire. The IP router interface on the WAN link: ■ may be numbered or unnumbered. ■ may or may not use Network Address Translation (NAT).
IP Setup and Network Address Translation 9-9 Main Menu WAN Configuration Add Connection Profile The Add Connection Profile screen appears. Add Connection Profile Profile Name: Profile Enabled: Profile 02 Yes IP Enabled: IP Profile Parameters... Yes IPX Enabled: No Data Link Encapsulation... ATM FUNI ADD PROFILE NOW CANCEL Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes. Configure a new Conn. Profile. Finished? ADD or CANCEL to exit.
9-10 User’s Reference Guide IP Profile Parameters Address Translation Enabled: Yes IP Addressing... Local WAN IP Address: Local WAN IP Mask: Remote IP Address: Remote IP Mask: Unnumbered 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Transmit RIP: Both v2 (multicast) Configure IP requirements for a remote network connection here. 4. Toggle or enter any IP parameters you require and return to the Add Connection Profile screen by pressing Escape.
IP Setup and Network Address Translation 9-11 7. Select ADD PROFILE NOW and press Return. Your new connection profile will be added. If you want to view the connection profiles in your router, return to the WAN Configuration screen, and select Display/Change Connection Profile. The list of connection profiles is displayed in a scrolling pop-up screen.
9-12 User’s Reference Guide IP setup Main Menu System Configuration Network Protocols Setup IP Setup The IP Setup options screen is where you configure the Ethernet side of the Netopia R5000 Series Router. The information you enter here controls how the router routes IP traffic.
IP Setup and Network Address Translation 9-13 The Netopia R5000 Series Router supports multiple IP subnets on the Ethernet interface. You may want to configure multiple IP subnets to service more hosts than are possible with your primary subnet. It is not always possible to obtain a larger subnet from your ISP. For example, if you already have a full Class C subnet, your only option is multiple Class C subnets, since it is virtually impossible to justify a Class A or Class B assignment.
9-14 User’s Reference Guide Exported Services (Local Port to IP Address Remapping) Show/Change Exports... Add Export... Delete Export... Return/Enter to configure UDP/TCP Port-to-IP Address redirection. ■ Select Add Export. The Add Exported Service screen appears. Add Exported Service Service... Local Server's IP Address: ADD EXPORT NOW 0.0.0.
IP Setup and Network Address Translation 9-15 ■ Select Service. A pop-up menu of services and ports appears. Add Exported Service +-Type------Port--+ +-----------------+ Service... | ftp 21 | | telnet 23 | | smtp 25 | Local Server's IP Address: | tftp 69 | | gopher 70 | | finger 79 | | www-http 80 | | pop2 109 | | pop3 110 | | snmp 161 | | timbuktu 407 | | pptp 1723 | | irc 6667 | | Other... | +-----------------+ ADD EXPORT NOW 8.
9-16 User’s Reference Guide Press Escape when you are finished configuring exported services. You are returned to the IP Setup screen. IP Setup Ethernet IP Address: Ethernet Subnet Mask: Define Additional Subnets... 192.128.117.162 255.255.255.0 Default IP Gateway: 192.128.117.163 Primary Domain Name Server: Secondary Domain Name Server: Domain Name: 0.0.0.0 0.0.0.0 Receive RIP: Transmit RIP: Static Routes... Both v2 (multicast) Address Serving Setup... Exported Services... Filter Sets...
IP Setup and Network Address Translation 9-17 Note: You need not use this screen if you have only a single Ethernet IP subnet. In that case, you can continue to enter or edit the IP address and subnet mask for the single subnet on the IP Setup screen. This screen displays up to eight rows of two editable columns, preceded by a row number between one and eight. If you have eight subnets configured, there will be eight rows on this screen.
9-18 User’s Reference Guide If you have configured multiple Ethernet IP subnets, the IP Setup screen changes slightly: IP Setup Subnet Configuration... Default IP Gateway: 192.128.117.163 Primary Domain Name Server: Secondary Domain Name Server: Domain Name: 0.0.0.0 0.0.0.0 Receive RIP: Transmit RIP: Static Routes... Both v2 (multicast) Address Serving Setup... Exported Services... Filter Sets... The IP address and Subnet mask items are hidden, and “Define Additional Subnets...
IP Setup and Network Address Translation 9-19 The Static Routes screen will appear. Static Routes Display/Change Static Route... Add Static Route... Delete Static Route... Configure/View/Delete Static Routes from this and the following Screens. Viewing static routes To display a view-only table of static routes, select Display/Change Static Route. The table shown below will appear. +-Dest.
9-20 User’s Reference Guide Subnet Mask: The subnet mask associated with the destination network. Next Gateway: The IP address of the router that will be used to reach the destination network. Priority: An indication of whether the Netopia R5000 Series Router will use the static route when it conflicts with information received from RIP packets. Enabled: An indication of whether the static route should be installed in the IP routing table. To return to the Static Routes screen, press Escape.
IP Setup and Network Address Translation 9-21 information; Low means that the RIP information takes precedence over the static route. ■ If the static route conflicts with a connection profile, the connection profile will always take precedence. ■ To make sure that the static route is known only to the Netopia R5000 Series Router, select Advertise Route Via RIP and toggle it to No. To allow other RIP-capable routers to know about the static route, select Advertise Route Via RIP and toggle it to Yes.
9-22 User’s Reference Guide A static route that is already installed in the IP routing table will be removed if any of the conditions listed above become true for that static route. However, an enabled static route is automatically reinstalled once the conditions listed above are no longer true for that static route.
IP Setup and Network Address Translation 9-23 Go to the System Configuration screen. Select IP Address Serving and press Return. The IP Address Serving screen will appear. IP Address Serving Number of Client IP Addresses: 1st Client Address: Client Default Gateway... 5 176.163.222.10 176.163.222.1 Serve DHCP Clients: DHCP NetBios Options... Yes Serve BOOTP Clients: Yes Serve MacIP/KIP Clients: MacIP/KIP Static Options...
9-24 User’s Reference Guide If you have configured multiple Ethernet IP subnets, the appearance of the IP Address Serving screen is altered slightly: IP Address Serving Configure Address Pools... Serve DHCP Clients: DHCP NetBios Options... Yes Serve BOOTP Clients: Yes Serve Dynamic WAN Clients: Yes Serve MacIP/KIP Clients: MacIP/KIP Static Options... Yes The first three menu items are hidden, and Configure Address Pools... appears instead. If you select Configure Address Pools...
IP Setup and Network Address Translation 9-25 IP Address Pools The IP Address Pools screen allows you to configure a separate IP address serving pool for each of up to eight configured Ethernet IP subnets: IP Address Pools Subnet (# host addrs) --------------------192.128.117.0 (253) 1st Client Addr --------------192.128.117.196 Clients ------16 Client Gateway -------------192.128.117.162 192.129.117.0 192.129.117.110 8 192.129.117.
9-26 User’s Reference Guide Numerous factors influence the choice of served address. It is difficult to specify the address that will be served to a particular client in all circumstances. However, when the address server has been configured, and the clients involved have no prior address serving interactions, the Netopia R5000 Series Router will generally serve the first unused address from the first address pool with an available address.
IP Setup and Network Address Translation 9-27 DHCP NetBIOS Options If your network uses NetBIOS, you can enable the Netopia R5000 Series Router to use DHCP to distribute NetBIOS information. NetBIOS stands for Network Basic Input/Output System. It is a layer of software originally developed by IBM and Sytek to link a network operating system with specific hardware. NetBIOS has been adopted as an industry standard.
9-28 User’s Reference Guide ■ From the NetBios Type pop-up menu, select the type of NetBIOS used on your network. DHCP NetBios Options Serve NetBios Type: NetBios Type... Serve NetBios Scope: NetBios Scope: Serve NetBios Name Server: NetBios Name Server IP Addr: ■ +--------+ +--------+ | Type B | | Type P | | Type M | | Type H | +--------+ No 0.0.0.0 To serve DHCP clients with the NetBIOS scope, select Serve NetBios Scope and toggle it to Yes. Select NetBios Scope and enter the scope.
IP Setup and Network Address Translation 9-29 IP Address Lease Management Reset All Leases Release BootP Leases Reclaim Declined Addresses Hit RETURN/ENTER, you will return to the previous screen. Select Release BootP Leases and press Return. MacIP (KIP forwarding) setup When hosts using AppleTalk (typically those using LocalTalk) are not directly connected to an IP network (usually an Ethernet), they must use a MacIP (AppleTalk–IP) gateway.
9-30 User’s Reference Guide The MacIP (KIP) Forwarding Setup screen tells the Router how many static addresses to allocate for MacIP/KIP clients. The addresses must fall within the address pool from the previous screen. ■ Enter the number of static MacIP addresses to reserve. Note that the address pool IP range is listed for your referral in this screen. MacIP (KIP) Forwarding Setup This screen tells the Netopia how many static addresses to allocate for MacIP/KIP clients.
IPX Setup 10-1 Chapter 10 IPX Setup Internetwork Packet Exchange (IPX) is the network protocol used by Novell NetWare networks. This chapter shows you how to configure the Netopia R5000 Series Router for routing data using IPX. You also learn how to configure the router to serve IPX network addresses.
10-2 User’s Reference Guide IPX address An IPX address consists of a network number, a node number, and a socket number. An IPX network number is composed of eight hexadecimal digits. The network number must be the same for all nodes on a particular physical network segment. The node number is composed of twelve hexadecimal digits and is usually the hardware address of the interface card. The node number must be unique inside the particular IPX network.
IPX Setup 10-3 The following is a list of common SAP server types: Unknown 0000h Print Queue 0003h File Server 0004h Job Server 0005h Print Server 0007h Archive Server 0009h Remote Bridge Server 0024h Advertising Print Server 0047h Reserved Up To 8000h NetBIOS NetBIOS is a protocol that performs tasks related to the Transport and Session layers of the OSI model. It can operate over IPX using a special broadcast packet known as “IPX Packet type 20” to communicate with IPX NetBIOS servers.
10-4 User’s Reference Guide Before changing any of the settings in this screen, consult your network administrator for the IPX setup information you will need. Changes made in this screen will take effect only after the Netopia R5000 Series Router is reset. To go to the IPX Setup screen, from the Main Menu select System Configuration and then select Network Protocols Setup and then select IPX Setup.
IPX Setup 10-5 To attach a SAP filter set, first define the filter set using the Filters and Filter Sets option (see step 8 below). Then select the filter set from the Ethernet Incoming SAP Filter Set pop-up menu. To detach the filter set, select Detach Filter Set. 7. Select Default Gateway Address and enter the network address of the IPX network to which all packets of unknown destination address should be routed.
10-6 User’s Reference Guide
AppleTalk Setup 11-1 Chapter 11 AppleTalk Setup This chapter discusses the concept of AppleTalk routing and how to configure AppleTalk setup for a Netopia R5000 Series Router with the AppleTalk kit installed. AppleTalk support is available as a separate kit for the Netopia R5000 Series Router. Skip this chapter if you do not have the AppleTalk kit.
11-2 User’s Reference Guide If the cabling of your network were a street system, then a node address would correspond to a building’s street address. But node addresses are not permanent. Each AppleTalk device determines its node address at startup. Although a Macintosh that is starting up will try to use its previous address, the address will often be different upon restart.
AppleTalk Setup 11-3 MacIP When Macintosh computers encapsulate TCP/IP packets in AppleTalk, because they are either on LocalTalk or EtherTalk, they must use the services of a MacIP gateway. This gateway converts network traffic into the correct format for AppleTalk or IP, depending on the traffic’s destination. Setting up MacIP involves enabling the feature and optionally setting up a range of addresses to be static.
11-4 User’s Reference Guide It is important to set the Netopia R5000 Series Router’s seeding action to work best in your particular network environment. These scenarios may guide you in deciding how to set the router’s seeding: ■ If the Netopia R5000 Series Router is the only router on your network, you must set it to either hard seeding or soft seeding. The default is soft seeding.
AppleTalk Setup 11-5 To install the AppleTalk features from the Main Menu, go to System Configuration and select Upgrade Feature Set. Main Menu System Configuration Upgrade Feature Set The Netopia Feature Set Upgrade screen appears. Netopia Feature Set Upgrade You may be able to extend the features of your Netopia by purchasing a 'Software Upgrade'. For a list of available upgrades, please see the release notes that came with your Netopia or visit the Netopia Communications web site at www.netopia.com.
11-6 User’s Reference Guide Configuring AppleTalk AppleTalk setup for Netopia R5000 Series Routers consists of configuring EtherTalk, LocalTalk, and AURP. EtherTalk setup In the System Configuration screen, select Network Protocols Setup and then select AppleTalk Setup. Select EtherTalk Phase ll Setup and press Return. EtherTalk Phase II Setup EtherTalk Phase II Enabled: Show Zones... Enter New Zone Name: Delete Zone Name... Set Default Zone... Net Low: Net Hi: Seeding...
AppleTalk Setup 11-7 Series Router’s EtherTalk Phase II port is visible to other AppleTalk nodes. The default zone is also where new AppleTalk nodes will appear. If you do not set a default zone, the first zone you create will be the default zone. ■ You can also set the range of EtherTalk Phase II network numbers. Select Net Low and enter the lower limit of the network number range. Select Net High and enter the upper limit of the range.
11-8 User’s Reference Guide If another router is already present on the LocalTalk network that you will be connecting to the Netopia R5000 Series Router, use the zone name and network number used by that router for that LocalTalk network. Otherwise, your LocalTalk network may experience routing conflicts. As an alternative, you can set LocalTalk seeding to soft seeding and let the Netopia R5000 Series Router receive the zone name and network number from the other router.
AppleTalk Setup 11-9 Example: Site A has an AURP tunnel to site B. Both sites have multiple zones defined on the EtherTalk port and a unique zone on their LocalTalk ports. If side A has indicated that one of its EtherTalk zones is the Free Trade Zone and has opted to use the Free Trade Zone option for its tunnel to B, then only this Free Trade Zone will show up on side B and only those machines or services in the Free Trade Zone will be accessible to side B. All of side A will be able to see all of side B.
11-10 User’s Reference Guide Change AURP Partner Partner IP Address or Domain Name: 176.163.8.134 Initiate Connection: No Restrict to Free Trade Zone: No The Change AURP Partner screen has all the values you entered when you added that partner. All of these values may be modified in this screen. Deleting an AURP partner ■ To delete an AURP partner, in the AURP Setup screen select Delete Partner and press Return. A table of existing partners appears.
AppleTalk Setup 11-11 AURP Options Tickle Interval (HH:MM:SS): Update Interval (HH:MM:SS): 00:00:00 00:00:30 Enable Network Number Remapping: Yes Remap into Range From: To: 4096 32768 Cluster Remote Networks: No Enable Hop-Count Reduction: No Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes. ■ Select Tickle Interval (HH:MM:SS) and set the timer to indicate how often a tickle or “Are you still there” packet will be sent to the remote AppleTalk network.
11-12 User’s Reference Guide When network number remapping is enabled, you must choose a safe range of network numbers as a destination for the remapping. A safe range of network numbers does not intersect your local AppleTalk network’s range of network numbers. ■ To choose a destination range for the remapping, select From under Remap into Range and enter a starting value. Then select To and enter an ending value.
Monitoring Tools 12-1 Chapter 12 Monitoring Tools This chapter discusses the Netopia R5000 Series Router’s device and network monitoring tools. These tools can provide statistical information, report on current network status, record events, and help in diagnosing and locating problems.
12-2 User’s Reference Guide General status Quick View Default IP Gateway: 0.0.0.0 Domain Name Server: 0.0.0.0 Domain Name: None Provided CPU Load: 3% 4/13/1999 12:50:51 PM Unused Memory: 529 KB ----------------MAC Address--------IP Address-------IPX Address--------------Ethernet Hub: 00-00-c5-70-03-48 192.168.1.
Monitoring Tools 12-3 Current status The current status section is a table showing the current status of the WAN. For example, for a Frame Relay configuration: Current Frame Relay Status --DLCIs In Use--Bytes Rx----Bytes Tx---Frames Rx---Frames Tx---FECNs+BECNs---0 0 0 0 0 0 DLCIs In Use: Shows the number of Frame Relay DLCIs being used, if any. Bytes Rx: Shows the number of bytes received. Bytes Tx: Shows the number of bytes transmitted. Frames Rx: Shows the number of frames received.
12-4 User’s Reference Guide -PWR-+-----WAN1------+--CON--AUX--+-----WAN2------+--EN--+--------LEDS--------LNK RDY CH1 Ch2 LNK LNK LNK RDY CH1 CH2 DATA | '-'= Off 'G'= Green G G Y | 'R'= Red 'Y'= Yellow Each LED representation can report one of four states: –: The LED is off. R: The LED is red. G: The LED is green. Y: The LED is yellow. The section Netopia R5000 Series Router status lights on page 3-5 describes the meanings of the colors for each LED.
Monitoring Tools 12-5 General Statistics To go to the General Statistics screen, select General Statistics and press Return. The General Statistics screen appears.
12-6 User’s Reference Guide ■ LT (LocalTalk on the PhoneNET) if the optional AppleTalk feature set is installed The right side of the table lists the total number of occurrences of each of six types of communication statistics: Rx Bytes: The number of bytes received Tx Bytes: The number of bytes transmitted Rx Packets: The number of packets received Tx Pkts: The number of packets transmitted Rx Err : The number of bad Ethernet packets received Tx Err: The number of errors occurring when Ethernet packets a
Monitoring Tools 12-7 WAN Event History The WAN Event History screen lists a total of 128 events on the WAN. The most recent events appear at the top. WAN Event History Current Date -- 12/3/98 03:02:23 PM -Date-----Time-----Event---------------------------------------------------------------------------------------SCROLL UP----------------------------------07/03/98 13:59:06 DSL: IP up, channel 1, gateway: 173.166.107.
12-8 User’s Reference Guide Device Event History The Device Event History screen lists a total of 128 port and system events, giving the time and date for each event, as well as a brief description. The most recent events appear at the top. In the Statistics & Logs screen, select Device Event History. The Device Event History screen appears.
Monitoring Tools 12-9 Statistics & Logs WAN Event History... Device Event History... IP Routing Table... IPX Routing Table... IPX SAP Bindery Table... AppleTalk Routing Table... Served IP Addresses... General Statistics... System Information... IP routing table In the Statistics & Logs screen, select IP Routing Table and press Return. The IP routing table displays all of the IP routes currently known to the Netopia R5000 Series Router.
12-10 User’s Reference Guide IPX Sap Bindery table In the Statistics & Logs screen, select IPX Sap Bindery Table and press Return. The IPX Sap Bindery table displays all of the IPX Sap Bindery routes currently known to the Netopia R5000 Series Router. AppleTalk routing table In the Statistics & Logs screen, select AppleTalk Routing Table and press Return. An AT Routing Table similar to the one shown below will appear.
Monitoring Tools 12-11 Next Rtr Addr.: Displays the DDP or IP address of the next hop for the specified route. A DDP address is displayed if the router shown is on the local AppleTalk network. DDP address means that a connection to the next-hop router is by a native AppleTalk network (e.g., LocalTalk or EtherTalk Phase II). An IP address is displayed if the Netopia R5000 Series Router is connected to the router shown using AURP. IP address means a connection transports over AURP (AppleTalk encapsulated IP).
12-12 User’s Reference Guide The IP Address Lease Management screen appears. IP Address Lease Management Reset All Leases Release BootP Leases Reclaim Declined Addresses Hit RETURN/ENTER, you will return to the previous screen. This screen has three options: ■ Reset All Leases: Resets all current IP addresses leased through DHCP without waiting for the default one–hour lease period to elapse ■ Release BootP Leases: Releases any BootP leases that may be in place and which may no longer be required.
Monitoring Tools 12-13 System Information The System Information screen gives a summary view of the general system level values in the Netopia R5000 Series Router. From the Statistics & Logs menu select System Information. The System Information screen appears. System Information Serial Number Firmware Version 70-03-48 (7340872) 4.3.
12-14 User’s Reference Guide The SNMP Setup screen From the Main Menu, select SNMP in the System Configuration screen and press Return. The SNMP Setup screen appears. Main Menu System Configuration SNMP SNMP Setup System Name: System Location: System Contact: Read-Only Community String: Read/Write Community String: public private Authentication Traps Enable: Off IP Trap Receivers... Configure optional SNMP parameters from here.
Monitoring Tools 12-15 By default, the read-only and read/write community strings are set to public and private, respectively. You should change both of the default community strings to values known only to you and trusted system administrators. To change a community string, select it and enter a new value. Starting with the version 4.3 firmware, setting the Read-Only and Read-Write community strings to the empty string will block all SNMP requests to the router.
12-16 User’s Reference Guide IP Trap Receivers Display/Change IP Trap Receiver... Add IP Trap Receiver... Delete IP Trap Receiver... Return/Enter to modify an existing Trap Receiver. Navigate from here to view, add, modify and delete IP Trap Receivers. Setting the IP trap receivers 1. Select Add IP Trap Receiver. 2. Select Receiver IP Address or Domain Name. Enter the IP address or domain name of the SNMP manager you want to receive the trap. 3.
Monitoring Tools 12-17 T1 Diagnostics The Utilities and Diagnostics menu includes an option for displaying T1 line statistics. T1 Line Statistics and Diagnostics screen You access the Utilities and Diagnostics menu from the Main Menu. Main Menu Utilities & Diagnostics T1 Line Statistics/ Diagnostics Utilities & Diagnostics Ping... Trace Route... Telnet... Trivial File Transfer Protocol (TFTP)... X-Modem File Transfer... Revert to Factory Defaults... Restart System... T1 Line Statistics / Diagnostics.
12-18 User’s Reference Guide The T1 Line Statistics / Diagnostics screen appears.
Monitoring Tools 12-19 the remote CSU). ■ Remote Payload Loopback sends an ANSI BPM payload loopback request to the remote CSU. This pattern tells the remote device (usually the CSU at the other end of the circuit) that it should go into a looped state. Use this pattern for putting up a loop to do testing from a remote portion of the circuit, either by the Telco or by the CPE equipment at the remote end of the circuit.
12-20 User’s Reference Guide Web-based monitoring This section discusses the Netopia R5000 Series Router’s device and network web-based monitoring tool. This tool can provide statistical information, report on current network status, record events, and help in diagnosing and locating problems. You can view connection profile information and event histories in the web-based monitoring pages, as well as configure and track budgets for switched connections.
Monitoring Tools 12-21 IP Address: The router’s internal IP address IPX Network Address: The router’s IPX network address, if you have it enabled and are on an IPX network The display contains two frames, a navigation frame on the left and the information and configuration page on the right. The left frame permits you to navigate to: ■ System ■ ■ ■ Information: displays the router’s hardware (MAC) address, the model number and firmware version currently installed, the current date and time.
12-22 User’s Reference Guide Frame Relay Statistics page For leased line connections, the Frame Relay Statistics page displays a snapshot of the activity for your Frame relay DLCIs. The table gives the following information: DLCIs In Use: The number of Frame Relay DLCIs being used, if any. DLCI #: The DLCI number as you have configured it. Rem. IP Net. The remote IP network address. Rem. IPX Net. The remote IPX network address, if any. Frames Tx: Shows the number of frames transmitted.
Monitoring Tools 12-23 Connection Status page For switched interface connections, the Connection Status page displays information for your active connection profile and, if applicable, any POTS calls currently active. The table gives the following information: Profile name: The name you have assigned to the connection profile that is currently connected. Rate: The data rate of this connection. % Usage: The average percent utilization of the maximum capacity of the channels in use for the connection.
12-24 User’s Reference Guide Connect/Disconnect page The Connect/Disconnect page displays a list of your configured connection profiles and allows you to connect or disconnect any of them. To initiate a connection using any of the displayed connection profiles, simply click the Connect link. To disconnect from an active connection profile, click the Disconnect link.
Monitoring Tools 12-25 Router Budget Configuration page The Router Budget Configuration page allows you to modify the parameters for your overall connection accounting policy. From this page you can: ■ turn Router Budget either On or Off from the pull-down menu ■ change the Reset Date (day) on which the counters begin counting again ■ change the total aggregate Time Limit in minutes covered by all of your budgets. If you make any changes in this screen, click the Submit button.
12-26 User’s Reference Guide Connection Budgets page The Connection Budgets page displays information for three budgets or connection profiles for tracking and controlling connection usage on a per-connection profile basis. You configure your budgets in the Budget Configuration page. To configure a Budget. click the Edit link for that Budget. The Connection Budget Configuration page on page 12-27 appears. To view the statistics for each budget, click the Show Statistics link.
Monitoring Tools 12-27 Connection Budget Configuration page You can configure budgets to be: ■ Enforced, meaning that when you reach the usage limit for the assigned time period, the connection profile will allow no more connections. If the budget is not enforced, the system will merely keep track of its usage. To enforce this budget, check the Enforced checkbox. ■ in Override mode.
12-28 User’s Reference Guide Click the Submit button to enable your entries and be returned to the Connection Budgets page or click the Cancel button to discard all your entries. Click the Reset button to reset all counters and archives to zero. Budget Statistics page You can view statistics for all of your budgets at once or one at a time. ■ To view the statistics for a single budget or all enforced budgets, select the budget you want to view from the Budget Account pull-down menu.
Monitoring Tools 12-29 Event History pages The Netopia R5000 Series Router records certain relevant occurrences in event histories. Event histories are useful for diagnosing problems because they list what happened before, during, and after a problem occurs. You can view two different event histories: one for the router’s system and one for the WAN. The Netopia R5000 Series Router’s built-in battery backup prevents loss of event history from a shutdown or reset.
12-30 User’s Reference Guide Device Event History page You can refresh the Device Event History log by clicking the update this page link.
Security 13-1 Chapter 13 Security The Netopia R5000 Series Router provides a number of security features to help protect its configuration screens and your local network from unauthorized access. Although these features are optional, it is strongly recommended that you use them.
13-2 User’s Reference Guide Caution! You are strongly encouraged to add protection to the configuration screens. Unprotected screens could allow an unauthorized user to compromise the operation of your entire network. Once user accounts are created, users who attempt to access protected screens will be challenged. Users who enter an incorrect name or password are returned to a screen requesting a name/password combination to access the Main Menu.
Security 13-3 To add a new user account, select Add User in the Security Options screen and press Return. The Add Name With Write Access screen appears. Add Name With Write Access Enter Name: Enter Password (11 characters max): ADD NAME/PASSWORD NOW CANCEL Follow these steps to configure the new account: 1. Select Enter Name and enter a descriptive name (for example, the user’s first name). 2. Select Enter Password and enter a password. 3.
13-4 User’s Reference Guide Enable SmartStart/SmartView/Web server You may want to restrict access to the Web-based screens to prevent inadvertent switching or connecting and disconnecting of connection profiles. Since SmartStart can be used to reconfigure the router, you may want to block inadvertent damage resulting from unauthorized use of SmartStart. To prevent access to these features toggle this option to No.
Security 13-5 A filter set is a group of filters that work together to check incoming or outgoing data. A filter set can consist of a combination of input and output filters. How filter sets work A filter set acts like a team of customs inspectors. Each filter is an inspector through which incoming and outgoing packages must pass. The inspectors work as a team, but each inspects every package individually. Each inspector has a specific task.
13-6 User’s Reference Guide packet first filter match? no send to next filter yes forward or discard? discard (delete) forward to network If the package does not match the first inspector’s criteria, it goes to the second inspector, and so on. You can see that the order of the inspectors in the line is very important.
Security 13-7 How individual filters work As described above, a filter applies criteria to an IP packet and then takes one of three actions A filter’s actions ■ forwards the packet to the local or remote network ■ Blocks (discards) the packet ■ Ignores the packet A filter forwards or blocks a packet only if it finds a match after applying its criteria. When no match occurs, the filter ignores the packet. A filtering rule The criteria are based on information contained in the packets.
13-8 User’s Reference Guide By matching on a port number, a filter can be applied to selected TCP or UDP services, such as Telnet, FTP, and World Wide Web. The following tables show a few common services and their associated port numbers.
Security 13-9 Other filter attributes There are three other attributes to each filter: ■ The filter’s order (i.e., priority) in the filter set ■ Whether the filter is currently active ■ Whether the filter is set to forward packets or to block (discard) packets Putting the parts together When you display a filter set, its filters are displayed as rows in a table: +-#---Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.
13-10 User’s Reference Guide Src. Port: The source port to match. This is the port on the sending host that originated the packet. D. Port: The destination port to match. This is the port on the receiving host for which the packet is intended. On?: Displays Yes when the filter is in effect or No when it is not. Fwd: Shows whether the filter forwards (Yes) a packet or discards (No) it when there’s a match.
Security 13-11 Filtering example #2 Suppose a filter is configured to block all incoming IP packets with the source IP address of 200.233.14.0, regardless of the type of connection or its destination. The filter would look like this: +-#---Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.Port--On?-Fwd-+ +----------------------------------------------------------------------+ | 1 200.233.14.0 0.0.0.
13-12 User’s Reference Guide option in the answer profile, PAP or CHAP in connection profiles, callback, and general awareness of how your network may be vulnerable. An approach to using filters The ultimate goal of network security is to prevent unauthorized access to the network without compromising authorized access. Using filter sets is part of reaching that goal. Each filter set you design will be based on one of the following approaches: ■ That which is not expressly prohibited is permitted.
Security 13-13 The procedure for creating and maintaining filter sets is as follows: 1. Add a new filter set. 2. Create the filters for the new filter set. 3. View, change, or delete individual filters and filter sets. The following sections explain how to execute these steps. Adding a filter set You can create up to 255 filter rules. You can use them in any combination of input or output in up to eight filter sets.
13-14 User’s Reference Guide Input and output filters—source and destination There are two kinds of filters you can add to a filter set: input and output. Input filters check packets received from the Internet, destined for your network. Output filters check packets transmitted from your network to the Internet.
Security 13-15 Select the one you want to edit. The Display/Change Filter Set screen appears. Display/Change Filter Set... Filter Set Name: Filter Set 1 Add Input Filter to Filter Set... Display/Change Input Filter... Delete Input Filter... Move Input Filter... Add Output Filter to Filter Set... Display/Change Output Filter... Delete Output Filter... Move Output Filter... To add an input filter, select Add Input Filter to Filter Set. The Add Filter screen appears.
13-16 User’s Reference Guide 2. If you want the filter to forward packets that match its criteria to the destination IP address, select Forward and toggle it to Yes. If Forward is toggled to No, packets matching the filter’s criteria will be discarded. 3. Select Source IP Address and enter the source IP address this filter will match on. You can enter a subnet or a host address. 4. Select Source IP Address Mask and enter a mask for the source IP address.
Security 13-17 Moving filters The Move Input/Output Filter permits reordering of rules in a filter set. +#----Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.Port--On?-Fwd-+ +----------------------------------------------------------------------+ | 1 1.1.1.1 0.0.0.0 ANY --Yes No | | 2 000000000000 000000000000 0 = No Yes No | | 3 4.4.4.4 0.0.0.0 ANY --Yes No | | 4 3.3.3.3 0.0.0.0 ANY --Yes No | | 5 5.5.5.5 0.0.0.
13-18 User’s Reference Guide Change Filter Enabled: Forward: No No Source IP Address: Source IP Address Mask: 0.0.0.0 0.0.0.0 Dest. IP Address: Dest. IP Address Mask: 0.0.0.0 0.0.0.0 Protocol Type: 0 Source Port Compare... Source Port ID: Dest. Port Compare... Dest. Port ID: No Compare 0 No Compare 0 Enter the IP specific information for this filter. Deleting filters To delete a filter, select Delete Input Filter or Delete Output Filter in the Add Filter Set screen to display a table of filters.
Security 13-19 Modifying filter sets To modify a filter set, select Display/Change Filter Set in the Filter Sets screen to display a list of filter sets. Select a filter set from the list and press Return. The Change Filter Set screen appears. The items in this screen are the same as the ones in the Add Filter screen (see “Adding filters to a filter set” on page 13-14). Display/Change Filter Set... Filter Set Name: Filter Set 1 Add Input Filter to Filter Set... Display/Change Input Filter...
13-20 User’s Reference Guide The five input filters and one output filter that make up Basic Firewall are shown in the table below. Input filter 1 Input filter 2 Input filter 3 Input filter 4 Input filter 5 Enabled Yes Yes Yes Yes Yes Yes Forward No No Yes Yes Yes Yes Source IP address 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Source IP address mask 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Dest. IP address 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.
Security 13-21 A more complicated filter set would be required to provide WAN access to a LAN-based server. See the next section, “Possible modifications,” for ways to allow remote hosts to use services provided by servers on the LAN. Possible modifications You can modify the sample filter set Basic Firewall to allow incoming traffic using the examples below. These modifications are not intended to be combined. Each modification is to be the only one used with Basic Firewall.
13-22 User’s Reference Guide FTP sessions. To allow WAN-originated FTP sessions to a LAN-based FTP server with the IP address a.b.c.d (corresponding to a numbered IP address such as 163.176.8.243), insert the following input filter ahead of the current input filter 1: ■ Enabled: Yes ■ Forward: Yes ■ Source IP Address: 0.0.0.0 ■ Source IP Address Mask: 0.0.0.0 ■ Dest. IP Address: a.b.c.d ■ Dest. IP Address Mask: 255.255.255.
Security 13-23 IPX filters Main Menu System Configuration Filter Sets (Firewalls) IPX Filters and Filter Sets IPX packet filters work very similarly to IP packet filters. They filter data traffic coming from or going to remote IPX networks. IPX filters can be set up to forward or discard IPX packets based on a number of user-defined criteria. Like IP filters, IPX filters must be grouped in sets that are applied to the answer profile or to connection profiles.
13-24 User’s Reference Guide The items in the IPX Filters and Filter Sets screen are grouped into four areas: ■ IPX packet filters ■ IPX packet filter sets ■ IPX SAP filters ■ IPX SAP filter sets The following sections explain the items in each of these areas. IPX packet filters For each IPX packet filter, you can configure a set of parameters to match on the source or destination attributes of IPX data packets coming from or going to the WAN.
Security 13-25 1. Select Filter Name and enter a descriptive name for the filter. 2. To specify a source network for the filter to match on, select Source Network and enter an IPX network address. 3. To specify a source node for the filter to match on, select Source Node Address and enter an IPX node address. 4. To specify a source socket for the filter to match on, select Source Socket and enter an IPX source socket number. 5.
13-26 User’s Reference Guide Add Packet Filter Set Filter Set Name: Show Filters/Change Action on Match... Append Filter... Remove Filter... ADD FILTER SET NOW CANCEL Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes. Configure an IPX Filter Set here. You must ADD FILTER SET NOW to save. Follow these steps to configure the new packet filter set: 1. Select Filter Set Name and enter a descriptive name for the filter set. 2.
Security 13-27 3. To add a filter to the filter set, select Append Filter to display a table of filters. Select a filter from the table and press Return to add it to the filter set. The default action of newly added filters is to not forward packets that match their criteria. To exit the table without adding the filter, press Escape. 4. To remove a filter from the filter set, select Remove Filter to display a table of appended filters.
13-28 User’s Reference Guide Adding a SAP filter To add a new IPX SAP filter, select Add IPX SAP Filter in the IPX Filters and Filter Sets screen and press Return. The Add SAP Filter screen appears. Add Sap Filter Filter Name: Server Name: Socket: 0000 Type: 0000 IPX Network: IPX Node Address: 00000000 000000000000 ADD FILTER NOW CANCEL Configure a new IPX SAP Filter. Finished? ADD or CANCEL to exit.
Security 13-29 IPX SAP filter sets Before IPX SAP filters can be used, they must be grouped into sets. A SAP filter can be part of more than one filter set. Viewing and modifying SAP filter sets To display a table of IPX SAP filter sets, select Display/Change IPX SAP Filter Sets in the IPX Filters and Filter Sets screen to display a list of filter sets. To modify any of the filter sets in the list, select the desired filter set and go to the Change SAP Filter Set screen.
13-30 User’s Reference Guide Show Filters/Change Actions on Match Filter Name---------------------Forward Filter 1 No Filter 2 No <> Yes Set whether filters forward or drop matching packets here. Select a filter and toggle the entry forwarding action to Yes (forward) or No (discard). 3. To add a filter to the filter set, select Append Filter in the Add SAP Filter Set screen to display a table of filters. Select a filter from the table and press Return to add it to the filter set.
Security 13-31 Firewall tutorial General firewall terms Filter rule: A filter set is comprised of individual filter rules. Filter set: A grouping of individual filter rules. Firewall: A component or set of components that restrict access between a protected network and the Internet, or between two networks. Host: A workstation on the network. Packet: Unit of communication on the Internet.
13-32 User’s Reference Guide Example TCP/UDP Ports TCP Port Service 20/21 FTP 23 Telnet 25 SMTP 80 WWW 144 News UDP Port Service 161 SNMP 69 TFTP 387 AURP Firewall design rules There are two basic rules to firewall design: ■ “What is not explicitly allowed is denied.” and ■ “What is not explicitly denied is allowed.” The first rule is far more secure and is the best approach to firewall design.
Security 13-33 and a packet goes through these rules destined for FTP, the packet would forward through the first rule (WWW), go through the second rule (FTP), and match this rule; the packet is allowed through. If you had this filter set for example.... Allow WWW access; Allow FTP access; Deny FTP access; Deny all other packets.
13-34 User’s Reference Guide Implied rules With a given set of filter rules, there is an implied rule that may or may not be shown to the user. The implied rule tells the filter set what to do with a packet that does not match any of the filter rules. An example of implied rules is as follows: Implied Meaning Y+Y+Y=N If all filter rules are YES, the implied rule is NO. N+N+N=Y If all filter rules are NO, the implied rule is YES. Y+N+Y=N If a mix of YES and NO filters, the implied rule is NO.
Security 13-35 Filter basics In the source or destination IP address fields, the IP address that is entered must be the network address of the subnet. A host address can be entered, but the applied subnet mask must be 32 bits (255.255.255.255). The Netopia R5000 Series Router has the ability to compare source and destination TCP or UDP ports.
13-36 User’s Reference Guide Example filters Example 1 Filter Rule: 200.1.1.0 (Source IP Network Address) 255.255.255.128 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.28 IP Address Binary Representation 200.1.1.28 00011100 (Source address in incoming IP packet) 10000000 (Perform the logical AND) 00000000 (Logical AND result) AND 255.255.255.
Security 13-37 This incoming IP packet (10000000) has a source IP address that does not match the network address in the Source IP Address field (00000000) in the Netopia R5000 Series Router. This rule will forward this packet because the packet does not match. Example 3 Filter Rule: 200.1.1.96 (Source IP Network Address) 255.255.255.240 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.184. IP Address Binary Representation 200.1.1.
13-38 User’s Reference Guide Since the Source IP Network Address in the Netopia R5000 Series Router is 01100000, and the source IP address after the logical AND is 01100000, this rule does match and this packet will not be forwarded. Example 5 Filter Rule: 200.1.1.96 (Source IP Network Address) 255.255.255.255 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.96. IP Address Binary Representation 200.1.1.
Utilities and Diagnostics 14-1 Chapter 14 Utilities and Diagnostics A number of utilities and tests are available for system diagnostic and control purposes.
14-2 User’s Reference Guide Ping The Netopia R5000 Series Router includes a standard Ping test utility. A Ping test generates IP packets destined for a particular (Ping-capable) IP host. Each time the target host receives a Ping packet, it returns a packet to the original sender. Ping allows you to see whether a particular IP destination is reachable from the Netopia R5000 Series Router.
Utilities and Diagnostics 14-3 Status: The current status of the Ping test. This item can display the status messages shown in the able below: Message Description Resolving host name Finding the IP address for the domain name-style address Can’t resolve host name IP address can’t be found for the domain name–style name Pinging Ping test is in progress Complete Ping test was completed Cancelled by user Ping test was cancelled manually Destination unreachable from w.x.y.
14-4 User’s Reference Guide time send Ping packet 1 Netopia receive Ping packet 1 send return Ping packet 1 Netopia Netopia send Ping packet 2 send return Ping packet 2 Netopia send Ping packet 3 host host receive return Ping packet 2 receive Ping packet 3 send return Ping packet 3 Netopia host receive return Ping packet 1 receive Ping packet 2 Netopia host host host receive return Ping packet 3 Packets Lost: The number of packets unaccounted for, shown in total and as a percentage of total
Utilities and Diagnostics 14-5 Trace Route You can count the number of routers between your Netopia Router and a given destination with the Trace Route utility. In the Statistics & Diagnostics screen, select Trace Route and press Return. The Trace Route screen appears. Trace Route Host Name or IP Address: Maximum Hops: Timeout (seconds): 30 5 Use Reverse DNS: Yes START TRACE ROUTE Enter the IP Address/Domain Name of a host. Trace route to a network host. To trace a route, follow these steps: 1.
14-6 User’s Reference Guide Telnet client The Telnet client mode replaces the normal menu mode. Telnet sessions can be cascaded, that is, you can initiate a Telnet client session when using a Telnet console session. To activate the Telnet client, select Telnet from the Utilities & Diagnostics menu. The Telnet client screen appears. Telnet Host Name or IP Address: Control Character to Suspend: Q START A TELNET SESSION Enter the IP Address/Domain Name of a host.
Utilities and Diagnostics 14-7 Disconnect Telnet console session If you want to close your Telnet console session, select Disconnect Telnet Console Session and press Return. A dialog box appears asking you to cancel or continue your selection.
14-8 User’s Reference Guide Transferring configuration and firmware files with TFTP Trivial File Transfer Protocol (TFTP) is a method of transferring data over an IP network. TFTP is a client-server application, with the router as the client. To use the Netopia R5000 Series Router as a TFTP client, a TFTP server must be available. Netopia, Inc. has a public access TFTP server on the Internet where you can obtain the latest firmware versions.
Utilities and Diagnostics 14-9 ■ Select GET ROUTER FIRMWARE FROM SERVER or GET WAN MODULE FIRMWARE FROM SERVER and press Return. You will see the following dialog box: +-----------------------------------------------------------+ +-----------------------------------------------------------+ | | | Are you sure you want to read the firmware now? | | The device will reset when the transfer is complete.
14-10 User’s Reference Guide ■ Select GET CONFIG FROM SERVER and press Return. You will see the following dialog box: +-----------------------------------------------------------+ +-----------------------------------------------------------+ | | | Are you sure you want to read the configuration now? | | The device will reset when the transfer is complete.
Utilities and Diagnostics 14-11 X-Modem File Transfer Send Firmware to Netopia... Send Config to Netopia... Receive Config from Netopia... Send Firmware to Netopia WAN module... WAN module Firmware Status: IDLE Updating firmware Firmware updates may be available periodically from Netopia or from a site maintained by your organization’s network administration. The procedure below applies whether you are using the console or the WAN interface module.
14-12 User’s Reference Guide The system will reset at the end of a successful file transfer to put the new firmware into effect. While the system resets, the LEDs will blink on and off. Caution! Do not manually power down or reset the Netopia R5000 Series Router while it is automatically resetting or it could be damaged. Downloading configuration files The Netopia R5000 Series Router can be configured by downloading a configuration file. The downloaded file reconfigures all of the Router’s parameters.
Utilities and Diagnostics 14-13 2. Select Receive Config from Netopia and press Return. The following dialog box appears: +--------------------------------------------------------------------+ | | | Are you sure you want to save your current Netopia configuration? | | If so, when you hit Return/Enter on the CONTINUE button, you will | | have 10 seconds to begin the transfer from your terminal program. | | | | CANCEL CONTINUE | | | +--------------------------------------------------------------------+ 3.
14-14 User’s Reference Guide
Part III: Appendixes
User’s Reference Guide
Troubleshooting A-1 Appendix A Troubleshooting This appendix is intended to help you troubleshoot problems you may encounter while setting up and using the Netopia R5000 Series Router. It also includes information on how to contact Netopia Technical Support. Important information on these problems can be found in the event histories kept by the Netopia R5000 Series Router. These event histories can be accessed in the Statistics & Logs screen.
A-2 User’s Reference Guide Note: If you are attempting to modify the IP address or subnet mask from a previous, successful configuration attempt, you will need to clear the IP address or reset your Netopia R5000 Series Router to the factory default before reinitiating the configuration process. For further information on resetting your Netopia R5000 Series Router to factory default, see “Factory defaults” on page 14-7.
Troubleshooting A-3 How to reset the router to factory defaults This section shows how to reset the router so that you can access the console screens once again, even if you lose your password. Keep in mind that all of your connection profiles and settings will need to be reconfigured. If you don't have a password, the only way to get back into the Netopia R5000 Series Router is the following: 1. Turn the router upside down. 2. Referring to the diagram below, find the paper clip-size Reset Switch slot.
A-4 User’s Reference Guide Technical support Netopia, Inc. is committed to providing its customers with reliable products and documentation, backed by excellent technical support. Before contacting Netopia Look in this guide for a solution to your problem. You may find a solution in this troubleshooting appendix or in other sections. Check the index for a reference to the topic of concern. If you cannot find a solution, complete the environment profile below before contacting Netopia Technical Support.
Troubleshooting A-5 Netopia Bulletin Board Service: 1 510-865-1321 Online product information Product information can be found in the following: Netopia World Wide Web server via http://www.netopia.com Internet via anonymous FTP to ftp.netopia.com/pub FAX-Back This service provides technical notes that answer the most commonly asked questions and offers solutions for many common problems encountered with Netopia products.
A-6 User’s Reference Guide
Understanding IP Addressing B-1 Appendix B Understanding IP Addressing This appendix is a brief general introduction to IP addressing. A basic understanding of IP will help you in configuring the Netopia R5000 Series Router and using some of its powerful features, such as static routes and packet filtering.
B-2 User’s Reference Guide IP addresses indicate both the identity of the network and the identity of the individual host on the network. The number of bits used for the network number and the number of bits used for the host number can vary, as long as certain rules are followed. The local network manager assigns IP host numbers to individual machines. IP addresses are maintained and assigned by the InterNIC, a quasi-governmental organization now increasingly under the auspices of private industry.
Understanding IP Addressing B-3 Subnet masks To create subnets, the network manager must define a subnet mask, a 32-bit number that indicates which bits in an IP address are used for network and subnetwork addresses and which are used for host addresses. One subnet mask should apply to all IP networks that are physically connected together and share a single assigned network number. Subnet masks are often written in decimal notation like IP addresses, but they are most easily understood in binary notation.
B-4 User’s Reference Guide Network configuration Below is a diagram of a simple network configuration. The ISP is providing a Class C address to the customer site, and both networks A and B want to gain Internet access through this address. Netopia R5000 Series Router B connects to Netopia R5000 Series Router A and is provided Internet access through Routers A and B. Customer Site A PC 1: IP Address: 192.168.1.3 Subnet Mask: 255.255.255.128 Gateway: 192.168.1.
Understanding IP Addressing B-5 Background The IP addresses and routing configurations for the devices shown in the diagram are outlined below. In addition, each individual field and its meaning are described. The IP Address and Subnet Mask fields define the IP address and subnet mask of the device's Ethernet connection to the network while the Remote IP and Remote Sub fields describe the IP address and subnet mask of the remote router.
B-6 User’s Reference Guide There are two schemes for distributing the remaining IP addresses: ■ Manually give each computer an address ■ Let the Netopia R5000 Series Router automatically distribute the addresses These two methods are not mutually exclusive; you can manually issue some of the addresses while the rest are distributed by the Netopia R5000 Series Router. Using the router in this way allows it to function as an address server.
Understanding IP Addressing B-7 Number of Devices (other than Netopia R5000 Series Router) on Local Network Largest Possible Ethernet Subnet Mask 14-29 255.255.255.224 30-61 255.255.255.192 62-125 255.255.255.128 125-259 255.255.255.0 Configuration This section describes the specific IP address lease, renew, and release mechanisms for both the Mac and PC, with either DHCP or MacIP address serving.
B-8 User’s Reference Guide global limits on the size of the address serving database, which is shared by all address serving functions active in the router. ■ The Netopia R5000 Series Router releases the DHCP address back to the available DHCP address pool exactly one hour after the last-heard lease request. Some other DHCP implementations may retain the lease for an additional time after the lease expired. This is intended to act as a buffer for variances in clocks between the client and server.
Understanding IP Addressing B-9 Serve dynamic WAN clients The correct term or protocol is a subset of the PPP suite call IPCP. Originally, this would apply only to switched WAN interface routers, and not to leased line routers. However, a new feature can give you Asynchronous PPP dial-in support on the Auxiliary port on any router including Netopia R5000 Series Routers. In any situation where a device is dialing into a Netopia router, the router may need to be configured to serve IP via the WAN interface.
B-10 User’s Reference Guide 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Block of IP host addresses (derived from network IP address + mask issued by ISP) 1 Distributed to the Netopia R5000 Series (Ethernet IP address) 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Manually distributed (static) Pool of addresses distributed by MacIP and DHCP The figure above shows an example of a block of IP addresses being distributed correctly.
Understanding IP Addressing B-11 Nested IP subnets Under certain circumstances, you may want to create remote subnets from the limited number of IP addresses issued by your ISP or other authority. You can do this using connection profiles. These subnets can be nested within the range of IP addresses available to your network. For example, suppose that you obtain the Class C network address a.b.c.0 to be distributed among three networks.
B-12 User’s Reference Guide Routers B and C (which could also be Netopia R5000 Series Routers) serve the two remote networks that are subnets of a.b.c.0. The subnetting is accomplished by configuring the Netopia R5000 Series Router with connection profiles for Routers B and C (see the following table). Connection profile Remote IP address Remote IP mask Bits available for host address For Router B a.b.c.128 255.255.255.192 7 For Router C a.b.c.248 255.255.255.
Understanding IP Addressing B-13 The following diagram illustrates the IP address space taken up by the two remote IP subnets. You can see from the diagram why the term nested is appropriate for describing these subnets. 1 Address range available to a.b.c.0, less the two nested subnets 129 valid addresses used by a.b.c.128 190 valid addresses used by a.b.c.248 249 254 Broadcasts As mentioned earlier, binary IP host or subnet addresses composed entirely of ones or zeros are reserved for broadcasting.
B-14 User’s Reference Guide
Understanding Netopia NAT Behavior C-1 Appendix C Understanding Netopia NAT Behavior The Netopia R5000 Series Router implements a powerful feature called NAT as specified in RFC 1631. NAT is used for IP address conservation and for security purposes since there will only be a single IP “presence” on the WAN. This appendix describes the NAT functionality within the Netopia R5000 Series Router and provides examples for setup and use.
C-2 User’s Reference Guide When the Netopia R5000 Series Router establishes a connection over its WAN interface with another router it uses the Point-to-Point Protocol (PPP). Within PPP there is a Network Control Protocol (NCP) called Internet Protocol Control Protocol (IPCP), which handles the negotiation of IP addresses between the two routers, in this case the Netopia R5000 Series Router at the customer site above and the router at the Internet service provider (ISP).
Understanding Netopia NAT Behavior C-3 With NAT enabled, the Netopia R5000 Series Router does something different. For example, suppose that Workstation A again wants to communicate with the WWW server on the Internet. Workstation A forms an IP packet with the source IP address of 192.168.5.2 and destination IP address of 163.176.4.32, and source port could be 400 while the destination port would be 80 (WWW server).
C-4 User’s Reference Guide When the Netopia R5000 Series Router receives this IP packet from the WWW server, the Netopia R5000 Series Router replaces the destination IP address with 192.168.5.2, the address for Workstation A. The port is changed back to 400, the IP packet checksum is recalculated, and the IP packet is sent to Workstation A on the Netopia R5000 Series Router’s LAN interface.
Understanding Netopia NAT Behavior C-5 As you can see, when Workstation A and Workstation B transmit an IP packet to the WWW server on the Internet, they have unique source IP addresses on the LAN interface but potentially the same source ports, which in this case is 400. When the Netopia R5000 Series Router receives these packets, the source IP addresses are substituted with the single globally unique IP address that was acquired on the WAN interface, which is 200.1.1.40.
C-6 User’s Reference Guide The WWW server on the Internet would then have to use the single valid IP address that was acquired on the Netopia R5000 Series Router's WAN interface to access any host on the Netopia R5000 Series Router's local LAN interface, since this is the only valid address for the Internet. But if the WWW server on the Internet opens a connection to 200.1.1.
Understanding Netopia NAT Behavior C-7 the Internet. If the address range of 192.168.X.X is not used and another range of addresses such as 100.1.1.X is used instead, this address space can potentially overlap an address space that is owned by a user attached to the Internet. Thus if a user on the Netopia R5000 Series Router’s LAN interface has an IP address of 100.1.1.2 while the Netopia R5000 Series Router’s LAN interface is 100.1.1.
C-8 User’s Reference Guide Add Exported Service +-Type------Port--+ +-----------------+ Service... | ftp 21 | | telnet 23 | | smtp 25 | Local Server's IP Address: | tftp 69 | | gopher 70 | | finger 79 | | www-http 80 | | pop2 109 | | pop3 110 | | snmp 161 | | timbuktu 407 | | pptp 1723 | | irc 6667 | | Other...
Binary Conversion Table D-1 Appendix D Binary Conversion Table This table is provided to help you choose subnet numbers and host numbers for IP and MacIP networks that use subnetting for IP addresses.
D-2 User’s Reference Guide Decimal Binary Decimal Binary Decimal Binary Decimal Binary 128 10000000 160 10100000 192 11000000 224 11100000 129 10000001 161 10100001 193 11000001 225 11100001 130 10000010 162 10100010 194 11000010 226 11100010 131 10000011 163 10100011 195 11000011 227 11100011 132 10000100 164 10100100 196 11000100 228 11100100 133 10000101 165 10100101 197 11000101 229 11100101 134 10000110 166 10100110 198 11000110 230 111001
Further Reading E-1 Appendix E Further Reading Alexander, S. and R. Droms, DHCP Options and BOOTP Vendor Extensions, RFC 2131, Silicon Graphics, Inc., Bucknell University, PA, 1997. Angell, David, ISDN for Dummies, IDG Books Worldwide, Foster City, CA, 1995. Thorough introduction to ISDN for beginners. Apple Computer, Inc., AppleTalk Network System Overview, Addison-Wesley Publishing Company, Inc., Reading, MA, 1989. Apple Computer, Inc.
E-2 User’s Reference Guide Garcia-Luna-Aceves, J.J., Loop-Free Routing Using Diffusing Computations, IEEE/ACM Transactions on Networking, Vol. 1, No. 1, 1993. Garfinkel, Simson., PGP: Pretty Good Privacy, O’Reilly & Associates, Sebastopol, CA, 1991. A guide to the free data encryption program PGP and the issues surrounding encryption. Green, J.K., Telecommunications, 2nd ed., Business One Irwin, Homewood, IL, 1992. Heinanen, J., Multiprotocol Encapsulation over ATM Adaptation Layer 5, RFC 1483, July 1993.
Further Reading E-3 Sidhu, G.S., R.F. Andrews, and A.B. Oppenheimer, Inside AppleTalk, 2nd ed., Addison-Wesley Publishing Company, Reading, MA, 1990. Siyan, Karanjit, Internet Firewall and Network Security, New Riders Publishing, Indianapolis, IN, 1995. Similar to the Chapman and Zwicky book. Smith, Philip, Frame Relay Principles and Applications, Addison-Wesley Publishing Company, Reading, MA, 1996.
E-4 User’s Reference Guide
Technical Specifications and Safety Information F-1 Appendix F Technical Specifications and Safety Information Pinouts for Auxiliary port modem cable 1300 ohms 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Shield 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Shield BRAID HD-15 DB-25 Pin 1 Ground Pin 1 (not used) Pin 2 TDA Pin 2 TD Pin 3 TDB Pin 3 RD Pin 4 RDA Pin 4 RTS Pin 5 RDB Pin 5 CTS Pin 6 (not used) Pin 6 DCE Ready Pin 7 DTR Pin 7 Ground
F-2 User’s Reference Guide HD-15 DB-25 Pin 8 CTS Pin 8 RLSD Pin 9 DSR Pin 9 -RSET (EIA-530) Pin 10 DCD Pin 10 (not used) Pin 11 (not used) Pin 11 -TSET (EIA-530) Pin 12 TCA Pin 12 (not used) Pin 13 TCB Pin 13 (not used) Pin 14 RCA Pin 14 -TD (EIA-530) STD (EIA-232) Pin 15 RCB Pin 15 (not used) Pin 16 -RD (EIA-530) SRD (EIA-232) Pin 17 RSET Pin 18 (not used) Pin 19 -RTS (EIA-530) SRTS (EIA-232) Pin 20 DTE Ready Pin 21 (not used) Pin 22 (not used) Pin 23 Ground
Technical Specifications and Safety Information F-3 Description Dimensions: 124.0 cm (w) x 20.0 cm (d) x 5.3 cm (h) 9.4” (w) x 7.9” (d) x 2.1” (h) Communications interfaces: The Netopia R5000 Series Router has an RJ-45 jack for WAN line connections; an 8–port 10Base-T Ethernet hub for your LAN connection; a DB-9 Console port; and an HD-15 Auxiliary port that can be used as either a serial or LocalTalk port. Power requirements ■ 12 VDC input ■ 1.
F-4 User’s Reference Guide Agency approvals North America (R5100, R5200, R5300) Safety Approvals: ■ United States – UL: 1950 Third Edition ■ Canada – CSA: CAN/CSA-C22.2 No.
Technical Specifications and Safety Information F-5 United States (R5100, R5200, R5300). This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
F-6 User’s Reference Guide Canada. This Class B digital apparatus meets all requirements of the Canadian Interference -Causing Equipment Regulations. Cet appareil numérique de la classe B respecte toutes les exigences du Réglement sur le matériel brouilleur du Canada. Declaration for Canadian users (R5200, R5300) The Canadian Industry Canada label identifies certified equipment.
Technical Specifications and Safety Information F-7 near the product for easy access. ■ For use only with CSA Certified Class 2 power supply, rated 12VDC, 1.5A. Telecommunication installation cautions ■ Never install telephone wiring during a lightning storm. ■ Never install telephone jacks in wet locations unless the jack is specifically designed for wet locations. ■ Never touch uninsulated telephone wires or terminals unless the telephone line has been disconnected at the network interface.
F-8 User’s Reference Guide
Glossary 1 Glossary access line: A telephone line reaching from the telephone company central office to a point usually on your premises. Beyond this point the wire is considered inside wiring. analog: In telecommunications, telephone transmission and/or switching that is not digital. An analog phone transmission is one that was originally intended to carry speech or voice, but may with appropriate modifications be used to carry data of other types.
2 User’s Reference Guide byte: A group of bits, normally eight, which represent one data character. CallerID: See CND. CCITT (Comite Consultatif International Telegraphique et Telephonique): International Consultative Committee for Telegraphy and Telephony, a standards organization that devises and proposes recommendations for international communications. See also ANSI (American National Standards Institute).
Glossary 3 DHCP (Dynamic Host Configuration Protocol): A service that lets clients on a LAN request configuration information, such as IP host addresses, from a server. DNS (Domain Name Service): A TCP/IP protocol for discovering and maintaining network resource information distributed among different servers. download: The process of transferring a file from a server to a client.
4 User’s Reference Guide hop count reduction: A feature of AURP supported by the Netopia Router. Tunnels and point-to-point links over WANs can often exceed the maximum allowable hop count of 15 routers. Network administrators can use the hop count reduction feature to set up tunnels and point-to-point links that exceed the 15-router limit. host: A single, addressable device on a network. Computers, networked printers, and routers are hosts.
Glossary 5 NAT (Network Address Translation): A feature that allows communication between the LAN connected to the Netopia Router and the Internet using a single IP address, instead of having a separate IP address for each computer on the network. NetBIOS: A network communications protocol used on PC LANs. network: A group of computer systems and other computer devices that communicate with one another. network administrator: A person who coordinates the design, installation, and management of a network.
6 User’s Reference Guide remapping: See network number remapping. RFC (Request for Comment): A series of documents used to exchange information and standards about the Internet. RIP (Routing Information Protocol): A protocol used for the transmission of IP routing information. RJ-11: A telephone-industry standard connector type, usually containing four pins. RJ-45: A telephone-industry standard connector type, usually containing eight pins. router: A device that supports network communications.
Glossary 7 TCP/IP (Transmission Control Protocol/Internet Protocol): An open network standard that defines how devices from different manufacturers communicate with each other over one or more interconnected networks. TCP/IP protocols are the foundation of the Internet, a worldwide network of networks connecting businesses, governments, researchers, and educators. telephone wall cable: 2-pair, 4-pair, or 8-pair, 22- or 24-gauge solid copper wire cable.
8 User’s Reference Guide
Index-1 Index Numerics 10Base-T 4-3 10Base-T, connecting 4-3 A add static route 9-20 advanced configuration features 8-33 AppleTalk 1-2 configuring LocalTalk 11-7 routing table 12-10 setup 11-1 tunneling (AURP) 11-3, 11-8 zones 11-6, 11-7 AppleTalk Update-Based Routing Protocol, see AURP application software 4-2 AURP adding a partner 11-9 configuration 11-10 connecting to a partner 11-9 hop-count reduction 11-12 network number remapping 11-11 receiving connections 11-10 setup 11-3, 11-8 tunnel 13-22 B back
Index-2 console configuration 8-35 console-based management configuring with 6-1, 7-1, 8-1 D D.
Index-3 Frame Relay configuring 8-6 FTP sessions 13-22 further reading E-1 G general statistics 12-5 Glossary GL-1 H hard seeding 11-3 hops 12-10 how to reach us A-4 I input filter 3 13-20 input filters 1 and 2 13-20 input filters 4 and 5 13-20 Internet addresses, see IP addresses Internet Protocol (IP) 9-1 Internet services, obtaining 2-1 Internetwork Packet Exchange (IPX) 10-1 IP address serving 9-22 IP addresses B-1 about B-1 distributing B-5 distribution rules B-10 static B-8 IP setup 9-12 IP trap rece
Index-4 monitoring 12-1 security 13-1 system utilities and diagnostics 14-1 network problems A-2 network status overview 12-1 next router address 12-11 non-seeding 11-3 O output filter 1 13-20 overview 1-1 P packet header B-13 packet filter deleting 13-25 packet filters viewing and modifying 13-25 packets forwarded 12-11 password to protect security screen 13-2 user accounts 13-1 ping 14-2 ping test, configuring and initiating 14-2 port number comparisons 13-8 port numbers 13-7 proxy addresses 9-1 Q Quick
Index-5 state 12-10 static IP addresses B-8 static route rules of installation 9-21 static routes 9-13, 9-18 statistics, WAN 12-5 subnet masks B-3 subnets B-2–B-5 multiple 9-16 nested B-11 subnets and subnet masks B-2 support technical A-4 T T1 diagnostics 12-17 TCP/IP configuring 5-6 stack 4-2 technical support A-4 telnet 6-2 access 8-32, 13-4 terminal emulation software configuring 6-3 default settings 6-4 TFTP defined 14-8 downloading configuration files 14-9 transferring files 14-8 updating firmware 14
Index-6
Limited Warranty and Limitation of Remedies 1 Limited Warranty and Limitation of Remedies Netopia warrants to you, the end user, that the Netopia R5000 Series Router (the “Product”) will be free from defects in materials and workmanship under normal use for a period of one (1) year from date of purchase. Netopia’s entire liability and your sole remedy under this warranty during the warranty period is that Netopia shall, at its sole option, either repair or replace the Product.
2 User’s Reference Guide
