™ Netopia R7200 SDSL Router Nokia Speedlink™ certified User’s Reference Guide
Copyright ©2000, Netopia, Inc., v.0300 All rights reserved. Printed in the U.S.A. This manual and any associated artwork, software, and product designs are copyrighted with all rights reserved. Under the copyright laws such materials may not be copied, in whole or part, without the prior written consent of Netopia, Inc. Under the law, copying includes translation to another language or format. Netopia, Inc. 2470 Mariner Square Loop Alameda, CA 94501-1010 U.S.A.
Contents Welcome to the Netopia R7200 SDSL Router User’s Reference Guide. This guide is designed to be your single source for information about your Netopia R7200 SDSL Router. It is intended to be viewed on-line, using the powerful features of the Adobe Acrobat Reader. The information display has been designed to present the maximum information in the minimum space on your screen.
iv User’s Reference Guide Adding an external modem ............................................. 4-5 Connecting to a LocalTalk network ................................. 4-6 Chapter 5 — Setting up your Router with the SmartStart Wizard 5-1 Before running SmartStart ............................................. 5-2 Setting up your Router with the SmartStart Wizard ........... 5-3 SmartStart Wizard configuration screens ............... 5-3 Easy option..........................................................
Contents v IP parameters (default profile) screen .................... 8-8 IPX parameters (default profile) screen .................. 8-9 System configuration screens ........................................ 8-9 Navigating through the system configuration screens...... 8-10 System configuration features ............................. 8-11 Network protocols setup ..................................... 8-12 Filter sets (firewalls) ........................................... 8-12 IP address serving ...........
vi User’s Reference Guide IP setup .................................................................... IP subnets ....................................................... Static routes.................................................... IP address serving ..................................................... IP Address Pools .............................................. DHCP NetBIOS Options..................................... MacIP (KIP forwarding) setup ............................
Contents vii Chapter 13 — Monitoring Tools ...............................................13-1 Quick View status overview .......................................... 13-1 General status ................................................... 13-2 Current status ................................................... 13-3 Status lights ...................................................... 13-3 Statistics & Logs ......................................................... 13-4 General Statistics ......................
viii User’s Reference Guide Deleting a filter set........................................... A sample IP filter set ........................................ IPX filters .................................................................. IPX packet filters .............................................. IPX packet filter sets ........................................ IPX SAP filters .................................................. IPX SAP filter sets ............................................
Contents ix Part III: Appendixes Appendix A — Troubleshooting..................................................A-1 Configuration problems .................................................. A-1 Console connection problems ............................... A-2 Network problems ................................................ A-2 How to reset the router to factory defaults ...................... A-3 Power outages............................................................... A-3 Technical support .............
x User’s Reference Guide Appendix D — Binary Conversion Table......................................D-1 Appendix E — Further Reading.................................................. E-1 Appendix F — Technical Specifications and Safety Information... F-1 Pinouts for Auxiliary port modem cable............................ F-1 Description.................................................................... F-2 Power requirements ............................................. F-2 Environment ....................
Part I: Getting Started
User’s Reference Guide
Introduction 1-1 Chapter 1 Introduction Overview The Netopia R7200 SDSL Router is a full-featured, stand-alone, multiprotocol router for connecting diverse local area networks (LANs) to the Internet and other remote networks.
1-2 User’s Reference Guide tunneling for connectivity between remote AppleTalk networks ■ Web-based management pages aid in managing your router. Internet browsers such as Netscape Navigator and Microsoft’s Internet Explorer can be used for the web-based management pages. How to use this guide This guide is designed to be your single source for information about your Netopia R7200 SDSL Router. It is intended to be viewed on-line, using the powerful features of the Adobe Acrobat Reader.
Setting Up Internet Services 2-1 Chapter 2 Setting Up Internet Services This chapter describes how to obtain and set up Internet services. This section covers the following topics: ■ “Finding an Internet service provider” on page 2-1 ■ “Deciding on an ISP account” on page 2-2 ■ “Obtaining information from the ISP” on page 2-3 Note: Some companies act as their own ISP.
2-2 User’s Reference Guide Unique requirements Make sure the ISP can meet any unique requirements you may have, such as: ■ Dynamic or static IP addressing ■ Class C IP address ■ Custom domain name ■ Multiple e-mail addresses ■ Web site hosting Pricing and support Compare pricing, service, and technical support service among various ISPs. Endorsements Consider recommendations from colleagues and reviews in publications. Netopia lists Netopia Certified ISPs on our Web site at http://www.netopia.
Setting Up Internet Services 2-3 For more information on Network Address Translation, see Chapter 10, “IP Setup and Network Address Translation.” Obtaining information from the ISP After your account is set up, the ISP should send you the IP parameter information that will help you configure the Netopia R7200.
2-4 User’s Reference Guide
Making the Physical Connections 3-1 Chapter 3 Making the Physical Connections This section tells you how to make the physical connections to your Netopia R7200 SDSL Router.
3-2 User’s Reference Guide What you need Locate all items that you need for the installation.
Making the Physical Connections 3-3 3. Connect the Ethernet cable to any of the Ethernet ports on the router. (If you are connecting the router to an existing Ethernet hub, use Ethernet port #1 on the router and set the crossover switch to the Uplink position.) You should now have: the power adapter plugged in; the Ethernet cable connected between the router and your computer; and the SDSL cable connected between the router and the SDSL wall outlet.
3-4 User’s Reference Guide Netopia R7200 SDSL Router status lights The figure below represents the Netopia R7200 status light (LED) panel.
Connecting to Your Local Area Network 4-1 Chapter 4 Connecting to Your Local Area Network This chapter describes how to physically connect the Netopia R7200 to your local area network (LAN). Before you proceed, make sure the Netopia R7200 is properly configured. You can customize the router’s configuration for your particular LAN requirements using console-based management (see “Console-Based Management” on page 6-1).
4-2 User’s Reference Guide Application software TCP/IP stack Ethernet/EtherTalk/LocalTalk Driver Your PC or Macintosh computer To the Netopia R7200 Application software: This is the software you use to send e-mail, browse the World Wide Web, read newsgroups, etc. These applications may require some configuration. Examples include the Eudora e-mail client and the Web browsers Microsoft Internet Explorer and Netscape Navigator.
Connecting to Your Local Area Network 4-3 Connecting to an Ethernet network The Netopia R7200 supports Ethernet connections through its eight Ethernet ports. The router automatically detects which Ethernet port is in use. You can connect either 10Base-T or EtherWave Ethernet networks to the Netopia R7200. The following table displays some important attributes of these types of Ethernet. Attribute EtherWave 10Base-T Max.
4-4 User’s Reference Guide 10Base-T You can connect a standard 10Base-T Ethernet network to the Netopia R7200 using any of its available Ethernet ports. Netopia R7200 back panel 8 Ethernet 1 Auxiliary Normal 1 Console Power Line Uplink The Netopia R7200 in a 10Base-T network To connect your 10Base-T network to the Netopia R7200 through an Ethernet port, use a 10Base-T cable with RJ-45 connectors.
Connecting to Your Local Area Network 4-5 If you add devices connected through a hub, connect the hub to Ethernet port number 1 on the Netopia R7200 SDSL Router and set the Normal/Uplink crossover switch to Uplink. 8 Ethernet 1 Nor- PC Macintosh PC 10Base-T Hub Adding an external modem You may want to add an external modem to your Auxiliary port. Obtain the special DB-25 external modem cable (TE6/DB25) either from your reseller or directly from Netopia.
4-6 User’s Reference Guide Connecting to a LocalTalk network If you have purchased the AppleTalk feature expansion kit, you can also connect the router to an AppleTalk network that uses either Ethernet or LocalTalk. Refer to the sheet of optional feature set add-ons in your Netopia R7200 documentation folio. The AppleTalk feature expansion kit includes a dual RJ-11 PhoneNET connector that attaches to the Auxiliary port on the Netopia R7200.
Setting up your Router with the SmartStart Wizard 5-1 Chapter 5 Setting up your Router with the SmartStart Wizard Once you’ve connected your router to your computer and your telecommunications line and installed a web browser, you’re ready to run the Netopia SmartStart™ Wizard. The SmartStart Wizard will help you set up the router and share the connection.
5-2 User’s Reference Guide Before running SmartStart Be sure you have connected the cables and power source as described in Step 1 “Connect the Router” guide contained in your Netopia folio. Before you launch the SmartStart application, make sure your computer meets the following requirements: PC System software Connectivity software Windows 95, 98, or NT operating system Macintosh MacOS 7.5 or later MacTCP or Open Transport TCP/IP must be installed and properly configured.
Setting up your Router with the SmartStart Wizard 5-3 Setting up your Router with the SmartStart Wizard The SmartStart Wizard is tailored for your platform, but it works the same way on either a PC or a Macintosh. Insert the Netopia CD, and in the desktop navigation screen that appears, launch the SmartStart Wizard application. SmartStart Wizard configuration screens The screens described in this section are the default screens shipped on the Netopia CD. They derive from two initialization (.
5-4 User’s Reference Guide Setup Options screen. You can choose either Easy or Advanced setup. ■ If you choose Easy, SmartStart automatically uses the preconfigured IP addressing setup built into your router. This is the best choice if you are creating a new network or don’t already have an IP addressing scheme on your new network. If you choose Easy, you will see a “Connection Test screen,” like the one shown below while SmartStart checks the connection to your router.
Setting up your Router with the SmartStart Wizard 5-5 When the test is successful, SmartStart presents you with the “Additional Configuration screen,” shown below. Additional Configuration screen. If you have a router that has a permanent unswitched connection to your ISP, such as an IDSL, SDSL, or Ethernet WAN interface router attached to a cable modem, the Additional Configuration screen appears. You may want to do additional configuration to customize your network environment.
5-6 User’s Reference Guide Known IP Address screen. SmartStart displays a recommended address for the router based on the IP address of the computer. If you know the router has an IP address different from the default value, enter it now. Otherwise, accept the recommended address. When you have done this, click Next. SmartStart tests the connection to your router. SmartStart then returns you to an “Additional Configuration screen” on page 5-5. New IP Address screen.
Setting up your Router with the SmartStart Wizard 5-7 Dynamic configuration (recommended) If you configure your Netopia R7200 using SmartStart, you can accept the dynamic IP address assigned by your router. The Dynamic Host Configuration Protocol (DHCP) server, which enables dynamic addressing, is enabled by default in the router. If your PC is not set for dynamic addressing, SmartStart will offer to do this for you when you launch it. In that case, you will have to restart your PC and relaunch SmartStart.
5-8 User’s Reference Guide Static configuration (optional) If you are manually configuring for a fixed or static IP address, perform the following: 1. Go to Start Menu/Settings/Control Panels and double click the Network icon. From the Network components list, select the Configuration tab. 2. Select TCP/IP-->Your Network Card. Then select Properties. In the TCP/IP Properties screen (shown below), select the IP Address tab. Click “Specify an IP Address.” Enter the following: IP Address: 192.168.1.
Setting up your Router with the SmartStart Wizard 5-9 3. Click on the Gateway tab (shown below). Under “New gateway,” enter 192.168.1.1. Click Add. This is the Netopia R7200’s pre-assigned IP address. Click on the DNS Configuration tab. Click Enable DNS. Enter the following information: Host: Type the name you want to give to this computer. Domain: Type your domain name. If you don't have a domain name, type your ISP's domain name; for example, netopia.com.
5-10 User’s Reference Guide Configuring TCP/IP on Macintosh computers The following is a quick guide to configuring TCP/IP for MacOS computers. Configuring TCP/IP in a Macintosh computer requires the following: You must have either Open Transport or Classic Networking (MacTCP) installed.
Setting up your Router with the SmartStart Wizard 5-11 Static configuration (optional) If you are manually configuring for a fixed or static IP address, perform the following: 1. Go to the Apple menu. Select Control Panels and then TCP/IP or MacTCP. 2. With the TCP/IP window open, go to the Edit menu and select User Mode. Choose Advanced and click OK. Or, in the MacTCP window, select Ethernet and click the More button. 3.
5-12 User’s Reference Guide Dynamic configuration using MacIP (optional) If you want to use MacIP to dynamically assign IP addresses to the Macintosh computers on your network you must install the optional AppleTalk feature set kit. Note: You cannot use MacIP dynamic configuration to configure your Netopia R7200 SDSL Router because you must first configure the router in order to enable AppleTalk. Once the AppleTalk kit is installed, you can configure your Macintoshes for MacIP.
Setting up your Router with the SmartStart Wizard 5-13 Using Classic Networking (MacTCP) 1. Go to the Apple Menu. Select Control Panels and then Network. 2. In the Network window, select EtherTalk. 3. Go back to the Apple menu. Select Control Panels and then MacTCP. 4. Select EtherTalk. From the pull-down menu under EtherTalk, select an available zone; then click the More button. In the MacTCP/More window select the Server radio button.
5-14 User’s Reference Guide
Console-Based Management 6-1 Chapter 6 Console-Based Management Console-based management is a menu-driven interface for the capabilities built into the Netopia R7200. Console-based management provides access to a wide variety of features that the router supports. You can customize these features for your individual setup. This chapter describes how to access the console-based management screens.
6-2 User’s Reference Guide may be using the router to connect to more than one service provider or remote site. ■ The System Configuration menus display and permit changing: ■ Network protocols setup. See “IP Setup and Network Address Translation” on page 10-1, “IPX Setup” on page 11-1, and “AppleTalk Setup” on page 12-1. ■ Filter sets (firewalls). See “Security” on page 14-1. ■ IP address serving. See “IP address serving” on page 10-21. ■ Date and time. See “Date and time” on page 8-12.
Console-Based Management 6-3 Configuring Telnet software If you are configuring your router using a Telnet session, your computer must be running a Telnet software program. ■ If you connect a PC with Microsoft Windows, you can use a Windows Telnet application or simply run Telnet from the Start menu. ■ If you connect a Macintosh computer, you can use the NCSA Telnet program supplied on the Netopia R7200 CD. You install NCSA Telnet by simply dragging the application from the CD to your hard disk.
6-4 User’s Reference Guide Launch your terminal emulation software and configure the communications software for the values shown in the table below. These are the default communication parameters that the Netopia R7200 uses. Parameter Suggested Value Terminal type PC: ANSI-BBS Mac: ANSI, VT-100, or VT-200 Data bits 8 Parity None Stop bits 1 Speed 57600 bits per second Flow Control None Note: The router firmware contains an autobaud detection feature.
Easy Setup 7-1 Chapter 7 Easy Setup This chapter describes how to use the Easy Setup console screens on your Netopia R7200 SDSL Router. After completing the Easy Setup console screens, your router will be ready to connect to the Internet or another remote site.
7-2 User’s Reference Guide A screen similar to the following Main Menu appears: Netopia R7200 v4.3.5 Easy Setup... WAN Configuration... System Configuration... Utilities & Diagnostics... Statistics & Logs... Quick Menus... Quick View... Return/Enter goes to Easy Setup -- minimal configuration. You always start from this main screen.
Easy Setup 7-3 Quick Easy Setup connection path This section may be all you need to do to configure your Netopia R7200 SDSL Router to connect to the Internet. Most ISPs will supply you with several parameter values for you to enter in the router.
7-4 User’s Reference Guide The Main Menu appears. Netopia R7200 v4.3.5 Easy Setup... WAN Configuration... System Configuration... Utilities & Diagnostics... Statistics & Logs... Quick Menus... Quick View... 2. Select the first item on the Main Menu list, Easy Setup. Press Return to bring up the SDSL Line Configuration menu screen. SDSL Line Configuration SDSL Line Configuration Data Link Encapsulation... RFC1483 TO MAIN MENU NEXT SCREEN Enter Information supplied to you by your telephone company.
Easy Setup 7-5 Easy Setup Profile The Easy Setup Profile screen is where you configure the parameters that control the Netopia R7200’s connection to a specific remote destination, usually your ISP or a corporate site. On a Netopia R7200 SDSL Router you can add up to 15 more connection profiles, for a total of 16, although you can only use one at a time. Connection Profile 1: Easy Setup Profile Address Translation Enabled: Yes Local WAN IP Address: 0.0.0.0 Remote IP Address: Remote IP Mask: 127.0.0.
7-6 User’s Reference Guide 4. ■ CHAP requires you to enter a Host Name and Secret in the next two fields. ■ PAP-TOKEN requires you to enter a User Name in the next field. ■ CACHE-TOKEN requires you to enter a User Name and Password in the next two fields. Press the Down arrow key until you reach NEXT SCREEN. Press Return to bring up the next screen.
Easy Setup 7-7 2. Select Ethernet Subnet Mask and enter the subnet mask your ISP has given you. The Ethernet Subnet Mask defaults to a standard class mask derived from the class of the Ethernet IP address you entered in the previous step. 3. Press the Down arrow key until the editable field labeled Domain Name is highlighted. 4. Type the Domain Name your ISP gave you. Press Return. The next field Primary Domain Name Server will be highlighted. 5.
7-8 User’s Reference Guide Easy Setup Security Configuration It is strongly suggested that you password-protect configuration access to your Netopia. By entering a Name and Password pair here, access via serial, Telnet, SNMP and Web Server will be password-protected. Be sure to remember what you have typed here, because you will be prompted for it each time you configure this Netopia. You can remove an existing Name and Password by clearing both fields below.
Part II: Advanced Configuration
User’s Reference Guide
WAN and System Configuration 8-1 Chapter 8 WAN and System Configuration This chapter describes how to use the console-based management screens to access and configure advanced features of your Netopia R7200 SDSL Router. You can customize these features for your individual setup. These menus provide a powerful method for experienced users to set up their router’s connection profiles and system configuration.
8-2 User’s Reference Guide SDSL Line Configuration Data Rate Mode... Data Rate... Hunt 384 ATM VPI: ATM VCI: 0 38 Data Link Encapsulation... RFC1483 Aux Serial Port... Data Rate (kbps)... Aux Modem Init String: Async Modem 57.6 AT&F&C1&D2E0S0=1 Enter Information supplied to you by your telephone company. ■ The Data Rate Mode pop-up menu offers the choice of Hunt or Locked mode.
WAN and System Configuration 8-3 feature, the modem options are hidden. Creating a new Connection Profile For a Netopia R7200, connection profiles are useful for configuring the connection and authentication settings for negotiating a PPP connection on the SDSL link or on an asynchronous modem attached to the Auxiliary port.
8-4 User’s Reference Guide 3. Select IP Profile Parameters and press Return. The IP Profile Parameters screen appears. IP Profile Parameters Address Translation Enabled: Yes Local WAN IP Address: 0.0.0.0 Remote IP Address: Remote IP Mask: 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Off Toggle to Yes if this is a single IP address ISP account. Configure IP requirements for a remote network connection here. 4.
WAN and System Configuration 8-5 6. Toggle or enter any IPX Parameters you require and return to the Add Connection Profile screen by pressing Escape. For more information, see “IPX Setup” on page 11-1. 7. Select Data Link Encapsulation and press Return. From the pop-up menu select either PPP or RFC1483. If you select PPP, the Data Link Options menu item is displayed; if you select RFC1483, the Data Link Options item is hidden. 8.
8-6 User’s Reference Guide 10. Select Interface Group and press Return. From the pop-up menu select either Primary or Backup. If you select Primary, the profile is applied to your primary WAN interface (the SDSL link). This would be desirable if you were creating a profile to store your authentication information for a PPP connection over the SDSL link. If you select Backup, the profile is applied to your backup interface. 11. Select ADD PROFILE NOW and press Return.
WAN and System Configuration 8-7 Main Menu WAN Configuration Default Profile The Default Profile screen appears. Default Profile Must Match a Defined Profile: No IP Enabled: IP Parameters... Yes IPX Enabled: IPX Parameters... Yes Return/Enter accepts * Tab toggles * ESC cancels. Configure Default WAN Connection Parameters here. ■ You can set Must Match a Defined Profile item to Yes or No (the default).
8-8 User’s Reference Guide IP parameters (default profile) screen If you are using RFC1483 datalink encapsulation, the IP Parameters (Default Profile) screen allows you to configure various IP parameters for SDSL connections established without an explicitly configured connection profile: IP Parameters (Default Profile) Address Translation Enabled: No Filter Set (Firewall)... Remove Filter Set Receive RIP: Transmit RIP: Both Off Return/Enter accepts * Tab toggles * ESC cancels.
WAN and System Configuration 8-9 IPX parameters (default profile) screen If you are using RFC1483 datalink encapsulation, the IPX Parameters (Default Profile) screen allows you to configure various IPX parameters for SDSL connections established without an explicitly configured connection profile: IPX Parameters (Default Profile) NetBios Packet Forwarding: Path Delay: Off 10 Incoming Outgoing Incoming Outgoing <> <> <> <> Packet Filter Set... Packet Filter Set...
8-10 User’s Reference Guide The console screen will open to the Main Menu, similar to the screen shown below: Netopia R7200 v4.3.5 Easy Setup... WAN Configuration... System Configuration... Utilities & Diagnostics... Statistics & Logs... Quick Menus... Quick View... Return/Enter goes to Easy Setup -- minimal configuration. You always start from this main screen.
WAN and System Configuration 8-11 System configuration features The Netopia R7200 SDSL Router’s default settings may be all you need to configure your Netopia R7200. Some users, however, require advanced settings or prefer manual control over the default selections. For these users, the Netopia R7200 provides system configuration options. To help you determine whether you need to use the system configuration options, review the following requirements.
8-12 User’s Reference Guide Network protocols setup These screens allow you to configure your network’s use of the standard networking protocols: ■ IP: Details are given in “IP Setup and Network Address Translation” on page 10-1. ■ IPX: Details are given in “IPX Setup” on page 11-1. ■ AppleTalk: Details are given in “AppleTalk Setup” on page 12-1. Note: AppleTalk requires the optional AppleTalk feature expansion kit.
WAN and System Configuration 8-13 1. Select Current Date and enter the date in the appropriate format. Use one- or two-digit numbers for the month and day, and the last two digits of the current year. The date’s numbers must be separated by forward slashes (/). 2. Select Current Time and enter the time in the format HH:MM, where HH is the hour (using either the 12-hour or 24-hour clock) and MM is the minutes. 3. Select AM or PM and choose AM or PM.
8-14 User’s Reference Guide SNMP (Simple Network Management Protocol) These screens allow you to monitor and configure your network by means of a standard Simple Network Management Protocol (SNMP) agent. ■ Details are given in “SNMP” on page 13-12. Security These screens allow you to add users and define passwords on your network. ■ Details are given in “Security” on page 14-1. Upgrade feature set You can upgrade your Netopia R7200 by adding new feature sets through the Upgrade Feature Set utility.
WAN and System Configuration 8-15 By default, all events are logged in the event history. ■ By toggling each event descriptor to either Yes or No, you can determine which ones are logged and which are ignored. ■ You can enable or disable the syslog client dynamically. When enabled, it will report any appropriate and previously unreported events. ■ You can specify the syslog server’s address either in dotted decimal format or as a DNS name up to 63 characters.
8-16 User’s Reference Guide
Line Backup 9-1 Chapter 9 Line Backup The Netopia R7200 SDSL Router offers line backup functionality in the event of a line failure on your primary WAN link.
9-2 User’s Reference Guide WAN Configuration To configure Line Backup, from the Main Menu select WAN Configuration and then Backup Configuration. Main Menu WAN Configuration Backup Configuration WAN Configuration WAN (Wide Area Network) Setup... Display/Change Connection Profile... Add Connection Profile... Delete Connection Profile... WAN Default Answer Profile... Scheduled Connections... Backup Configuration... Establish WAN Connection... Disconnect WAN Connection...
Line Backup 9-3 Backup Configuration screen This screen is used to configure the conditions under which backup will occur, if it will recover, and how the auxiliary port is configured. The circuit type is Switched Asynchronous. Backup Configuration Backup Parameters: Backup to Auxiliary Port... Requires Data Link Failure of... Ping Host Name or IP Address: Automatic 30 Sec Recovery to DLC SDSL... Manual Auxiliary Port Setup: Data Rate (kbps)... 57.
9-4 User’s Reference Guide the router should try to Auto-Recover when the backup is invoked because of a Layer 2 loss. (Layer 1 is still available, and this is what recovery checks.) Use this setting with caution. Setting it to Yes may induce alternate switching back and forth between Backup and Recovery Mode. This setting also determines the recovery behavior of a Manual backup and Ping failure backup. These two failures are treated as Layer 2 failures. ■ Select Data Rate (kbps)...
Line Backup 9-5 Connection Profiles The line backup feature allows you to configure a complete connection profile for the backup port, just as you do for your primary WAN connection. In this way profiles are associated with a particular interface. The profile should reflect the port it is associated with. It should have switched characteristics for the backup port. Add Connection Profile Profile Name: Profile Enabled: Backup Yes Data Link Encapsulation is Data Link Options...
9-6 User’s Reference Guide The Scheduled Connections screen appears. Scheduled Connections Display/Change Scheduled Connection... Add Scheduled Connection... Delete Scheduled Connection... Return/Enter to add a Scheduled Connection. Navigate from here to add/modify/change/delete Scheduled Connections. ■ Select Add Scheduled Connection and press Return. The Add Scheduled Connection screen appears. Add Scheduled Connection Scheduled Connection Enable: On How Often... Weekly Schedule Type...
Line Backup 9-7 Set Weekly Schedule Monday: Tuesday: Wednesday: Thursday: Friday: Saturday: Sunday: Yes Yes Yes Yes Yes Yes Yes Scheduled Window Start Time: AM or PM: 11:27 AM Scheduled Window Duration Per Day: 24:00 Return/Enter accepts * Tab toggles * ESC cancels. ■ Toggle all the days of the week to Yes, and set the Scheduled Window Duration Per Day to 24:00. This guarantees a permanent connection. Press Escape to return to the Add Scheduled Connection screen.
9-8 User’s Reference Guide Statistics & Logs WAN Event History... Device Event History... IP Routing Table... IPX Routing Table... IPX SAP Bindery Table... ! Served IP Addresses... Backup Management/Statistics... General Statistics... System Information... Select Backup Management/Statistics and press Return. Note: This option is only visible if backup is not Disabled. The Backup Management/Statistics screen appears.
Line Backup 9-9 connection. ■ The FORCE BACKUP/FORCE RECOVERY option is a selectable option that depending on the current state of backup will force the switching of ports. If you are currently in backup mode, the option will be FORCE RECOVERY. If you are currently in normal WAN link mode, the option will be FORCE BACKUP. Selecting either one and pressing Return will force the link to switch to the other mode. QuickView QuickView now has an information element to indicate which port is in use.
9-10 User’s Reference Guide
IP Setup and Network Address Translation 10-1 Chapter 10 IP Setup and Network Address Translation The Netopia R7200 uses Internet Protocol (IP) to communicate both locally and with remote networks. This chapter shows you how to configure the router to route IP traffic. You also learn how to configure the router to serve IP addresses to hosts on your local network. Netopia’s SmartIP features Network Address Translation and IP address serving.
10-2 User’s Reference Guide NAT works by remapping the source IP address of traffic from the LAN to a single static or dynamically assigned IP address shown to the remote side of the router. HOW NAT WORKS With NAT 192.168.1.100 ISP* 192.168.1.102 192.168.1.103 163.167.132.1 192.168.1.104 192.168.1.105 192.168.1.106 Without NAT 163.167.132.1 163.167.132.1 163.167.132.2 163.167.132.3 163.167.132.4 163.167.132.5 163.167.132.6 163.167.132.2 163.167.132.3 163.167.132.4 163.167.132.5 163.167.132.
IP Setup and Network Address Translation 10-3 Using Network Address Translation The following procedure describes how to use Network Address Translation. 1. Pick a network number for your local network (referred to as the internal network). This can be any IP address range you want. The Netopia R7200 SDSL Router has a default IP address of 192.168.1.1. You may choose to change this address to match a pre-existing addressing scheme. For this example, we will use 10.0.0.0.
10-4 User’s Reference Guide Address Translation option from the IP Profile Parameters menu. IP Profile Parameters Address Translation Enabled: Yes IP Addressing... Local WAN IP Address: Unnumbered 0.0.0.0 Remote IP Address: Remote IP Mask: 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Transmit RIP: Both v2 (multicast) Configure IP requirements for a remote network connection here. 4.
IP Setup and Network Address Translation 10-5 5. If your ISP uses numbered (interface-based) routing, select Local WAN IP Address and enter the local WAN address your ISP gave you. Then select Local WAN IP Mask and enter the WAN subnet mask of the remote site you will connect to. The default address is 0.0.0.0, which allows for dynamic addressing, meaning that your ISP assigns an address via DHCP each time you connect. However, if you want to use static addressing, enter a specific address.
10-6 User’s Reference Guide When using numbered interfaces, the Netopia Router will use its local WAN IP address and subnet mask to send packets to the remote router. Both routers have WAN IP addresses and subnet masks associated with the connection. 6. If your ISP uses unnumbered (system-based) routing, select Remote IP Address and enter the IP address your ISP gave you. Then select Remote IP Mask and enter the IP subnet mask of the remote site you will connect to.
IP Setup and Network Address Translation 10-7 Just as an IP address specifies a particular computer on a network, ports are addresses that specify a particular service in a computer. There are many universally agreed-upon ports assigned to various services.
10-8 User’s Reference Guide Connection Profiles Since you will probably only have a single connection to your ISP over the SDSL link, you may not need to create multiple connection profiles. Multiple connection profiles are useful on leased (unswitched) interfaces such as SDSL only to support meshed WAN connections. If you do not intend to set up meshed WAN connections, you do not need to create multiple connection profiles.
IP Setup and Network Address Translation 10-9 IP Profile Parameters Address Translation Enabled: Yes IP Addressing... Local WAN IP Address: Local WAN IP Mask: Remote IP Address: Remote IP Mask: Unnumbered 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Filter Set... Remove Filter Set Receive RIP: Transmit RIP: Both v2 (multicast) Configure IP requirements for a remote network connection here. 4. Toggle or enter any IP parameters you require and return to the Add Connection Profile screen by pressing Escape.
10-10 User’s Reference Guide 7. Select ADD PROFILE NOW and press Return. Your new connection profile will be added. If you want to view the connection profiles in your router, return to the WAN Configuration screen, and select Display/Change Connection Profile. The list of connection profiles is displayed in a scrolling pop-up screen. WAN Configuration +-Profile Name---------------------IP Address----IPX Network-+ +------------------------------------------------------------+ | Easy Setup Profile 127.0.0.
IP Setup and Network Address Translation 10-11 IP setup Main Menu Network Protocols Setup System Configuration IP Setup The IP Setup options screen is where you configure the Ethernet side of the Netopia R7200. The information you enter here controls how the router routes IP traffic.
10-12 User’s Reference Guide The Netopia R7200 SDSL Router supports multiple IP subnets on the Ethernet interface. You may want to configure multiple IP subnets to service more hosts than are possible with your primary subnet. It is not always possible to obtain a larger subnet from your ISP. For example, if you already have a full Class C subnet, your only option is multiple Class C subnets, since it is virtually impossible to justify a Class A or Class B assignment.
IP Setup and Network Address Translation 10-13 Exported Services (Local Port to IP Address Remapping) Show/Change Exports... Add Export... Delete Export... Return/Enter to configure UDP/TCP Port-to-IP Address redirection. ■ Select Add Export. The Add Exported Service screen appears. Add Exported Service Service... Local Server's IP Address: ADD EXPORT NOW 0.0.0.
10-14 User’s Reference Guide ■ Select Service. A pop-up menu of services and ports appears. Add Exported Service +-Type------Port--+ +-----------------+ Service... | ftp 21 | | telnet 23 | | smtp 25 | Local Server's IP Address: | tftp 69 | | gopher 70 | | finger 79 | | www-http 80 | | pop2 109 | | pop3 110 | | snmp 161 | | timbuktu 407 | | pptp 1723 | | irc 6667 | | Other... | +-----------------+ ADD EXPORT NOW 8.
IP Setup and Network Address Translation 10-15 Press Escape when you are finished configuring exported services. You are returned to the IP Setup screen. IP Setup Ethernet IP Address: Ethernet Subnet Mask: Define Additional Subnets... 192.128.117.162 255.255.255.0 Default IP Gateway: 192.128.117.163 Primary Domain Name Server: Secondary Domain Name Server: Domain Name: 0.0.0.0 0.0.0.0 Receive RIP: Transmit RIP: Static Routes... Both v2 (multicast) Address Serving Setup... Exported Services...
10-16 User’s Reference Guide Note: You need not use this screen if you have only a single Ethernet IP subnet. In that case, you can continue to enter or edit the IP address and subnet mask for the single subnet on the IP Setup screen. This screen displays up to eight rows of two editable columns, preceded by a row number between one and eight. If you have eight subnets configured, there will be eight rows on this screen. Otherwise, there will be one more row than the number of configured subnets.
IP Setup and Network Address Translation 10-17 If you have configured multiple Ethernet IP subnets, the IP Setup screen changes slightly: IP Setup Subnet Configuration... Default IP Gateway: 192.128.117.163 Primary Domain Name Server: Secondary Domain Name Server: Domain Name: 0.0.0.0 0.0.0.0 Receive RIP: Transmit RIP: Static Routes... Both v2 (multicast) Address Serving Setup... Exported Services... Filter Sets... The IP address and Subnet mask items are hidden, and the Define Additional Subnets..
10-18 User’s Reference Guide The Static Routes screen will appear. Static Routes Display/Change Static Route... Add Static Route... Delete Static Route... Configure/View/Delete Static Routes from this and the following Screens. Viewing static routes To display a view-only table of static routes, select Display/Change Static Route. The table shown below will appear. +-Dest.
IP Setup and Network Address Translation 10-19 Subnet Mask: The subnet mask associated with the destination network. Next Gateway: The IP address of the router that will be used to reach the destination network. Priority: An indication of whether the Netopia R7200 will use the static route when it conflicts with information received from RIP packets. Enabled: An indication of whether the static route should be installed in the IP routing table. To return to the Static Routes screen, press Escape.
10-20 User’s Reference Guide information; Low means that the RIP information takes precedence over the static route. ■ If the static route conflicts with a connection profile, the connection profile will always take precedence. ■ To make sure that the static route is known only to the Netopia R7200, select Advertise Route Via RIP and toggle it to No. To allow other RIP-capable routers to know about the static route, select Advertise Route Via RIP and toggle it to Yes.
IP Setup and Network Address Translation 10-21 IP address serving Main Menu System Configuration IP Address Serving • • • • Serve Serve Serve Serve DHCP Clients BootP Clients Dynamic WAN Clients MacIP/KIP Clients In addition to being a router, the Netopia R7200 is also an IP address server. There are four protocols it can use to distribute IP addresses.
10-22 User’s Reference Guide Go to the System Configuration screen. Select IP Address Serving and press Return. The IP Address Serving screen will appear. IP Address Serving Number of Client IP Addresses: 1st Client Address: Client Default Gateway... 5 176.163.222.10 176.163.222.1 Serve DHCP Clients: DHCP NetBios Options... Yes Serve BOOTP Clients: Yes Serve MacIP/KIP Clients: MacIP/KIP Static Options...
IP Setup and Network Address Translation 10-23 If you have configured multiple Ethernet IP subnets, the appearance of the IP Address Serving screen is altered slightly: IP Address Serving Configure Address Pools... Serve DHCP Clients: DHCP NetBios Options... Yes Serve BOOTP Clients: Yes Serve Dynamic WAN Clients: Yes Serve MacIP/KIP Clients: MacIP/KIP Static Options... Yes The first three menu items are hidden, and Configure Address Pools... appears instead. If you select Configure Address Pools..
10-24 User’s Reference Guide IP Address Pools The IP Address Pools screen allows you to configure a separate IP address serving pool for each of up to eight configured Ethernet IP subnets: IP Address Pools Subnet (# host addrs) --------------------192.128.117.0 (253) 1st Client Addr --------------192.128.117.196 Clients ------16 Client Gateway -------------192.128.117.162 192.129.117.0 192.129.117.110 8 192.129.117.4 (253) This screen consists of between two and eight rows of four columns each.
IP Setup and Network Address Translation 10-25 Numerous factors influence the choice of served address. It is difficult to specify the address that will be served to a particular client in all circumstances. However, when the address server has been configured, and the clients involved have no prior address serving interactions, the Netopia R7200 will generally serve the first unused address from the first address pool with an available address.
10-26 User’s Reference Guide DHCP NetBIOS Options If your network uses NetBIOS, you can enable the Netopia R7200 to use DHCP to distribute NetBIOS information. NetBIOS stands for Network Basic Input/Output System. It is a layer of software originally developed by IBM and Sytek to link a network operating system with specific hardware. NetBIOS has been adopted as an industry standard. It offers LAN applications a variety of “hooks” to carry out inter-application communications and data transfer.
IP Setup and Network Address Translation 10-27 ■ From the NetBios Type pop-up menu, select the type of NetBIOS used on your network. DHCP NetBios Options Serve NetBios Type: NetBios Type... Serve NetBios Scope: NetBios Scope: Serve NetBios Name Server: NetBios Name Server IP Addr: ■ +--------+ +--------+ | Type B | | Type P | | Type M | | Type H | +--------+ No 0.0.0.0 To serve DHCP clients with the NetBIOS scope, select Serve NetBios Scope and toggle it to Yes.
10-28 User’s Reference Guide IP Address Lease Management Reset All Leases Release BootP Leases Reclaim Declined Addresses Hit RETURN/ENTER, you will return to the previous screen. Select Release BootP Leases and press Return. MacIP (KIP forwarding) setup When hosts using AppleTalk (typically those using LocalTalk) are not directly connected to an IP network (usually an Ethernet), they must use a MacIP (AppleTalk–IP) gateway.
IP Setup and Network Address Translation 10-29 The MacIP (KIP) Forwarding Setup screen tells the Netopia R7200 how many static addresses to allocate for MacIP/KIP clients. The addresses must fall within the address pool from the previous screen. ■ Enter the number of static MacIP addresses to reserve. Note that the address pool IP range is listed for your referral in this screen. MacIP (KIP) Forwarding Setup This screen tells the Netopia how many static addresses to allocate for MacIP/KIP clients.
10-30 User’s Reference Guide
IPX Setup 11-1 Chapter 11 IPX Setup Internetwork Packet Exchange (IPX) is the network protocol used by Novell NetWare networks. This chapter shows you how to configure the Netopia R7200 for routing data using IPX. You also learn how to configure the router to serve IPX network addresses.
11-2 User’s Reference Guide IPX address An IPX address consists of a network number, a node number, and a socket number. An IPX network number is composed of eight hexadecimal digits. The network number must be the same for all nodes on a particular physical network segment. The node number is composed of twelve hexadecimal digits and is usually the hardware address of the interface card. The node number must be unique inside the particular IPX network.
IPX Setup 11-3 The following is a list of common SAP server types: Unknown 0000h Print Queue 0003h File Server 0004h Job Server 0005h Print Server 0007h Archive Server 0009h Remote Bridge Server 0024h Advertising Print Server 0047h Reserved Up To 8000h NetBIOS NetBIOS is a protocol that performs tasks related to the Transport and Session layers of the OSI model. It can operate over IPX using a special broadcast packet known as “IPX Packet type 20” to communicate with IPX NetBIOS servers.
11-4 User’s Reference Guide To go to the IPX Setup screen, from the Main Menu select System Configuration and then select Network Protocols Setup and then select IPX Setup. Note: If you have completed Easy Setup, the information you have already entered will appear in the IP Setup options screen. IPX Setup IPX Routing: On Ethernet Encapsulation... Ethernet Network Address: 802.3 00000000 Ethernet Path Delay: Ethernet NetBios Forwarding: Ethernet Inbound SAP Filter Set...
IPX Setup 11-5 7. Select Default Gateway Address and enter the network address of the IPX network to which all packets of unknown destination address should be routed. Note: The default gateway address is usually set up to match the IPX Address in your network connection profile. 8. To configure filters and filter sets, select Filters and Filter Sets and go to the IPX filters and filter sets screens. For information on how to configure IPX filters and filter sets, see “IPX filters” on page 14-21. 9.
11-6 User’s Reference Guide
AppleTalk Setup 12-1 Chapter 12 AppleTalk Setup This chapter discusses the concept of AppleTalk routing and how to configure AppleTalk setup for a Netopia R7200 with the AppleTalk kit installed. AppleTalk support is available as a separate kit for the Netopia R7200 SDSL Router. Skip this chapter if you do not have the AppleTalk kit.
12-2 User’s Reference Guide If the cabling of your network were a street system, then a node address would correspond to a building’s street address. But node addresses are not permanent. Each AppleTalk device determines its node address at startup. Although a Macintosh that is starting up will try to use its previous address, the address will often be different upon restart.
AppleTalk Setup 12-3 MacIP When Macintosh computers encapsulate TCP/IP packets in AppleTalk, because they are either on LocalTalk or EtherTalk, they must use the services of a MacIP gateway. This gateway converts network traffic into the correct format for AppleTalk or IP, depending on the traffic’s destination. Setting up MacIP involves enabling the feature and optionally setting up a range of addresses to be static.
12-4 User’s Reference Guide It is important to set the Netopia R7200’s seeding action to work best in your particular network environment. These scenarios may guide you in deciding how to set the router’s seeding: ■ If the Netopia R7200 is the only router on your network, you must set it to either hard seeding or soft seeding. The default is soft seeding.
AppleTalk Setup 12-5 Main Menu System Configuration Upgrade Feature Set The Netopia Feature Set Upgrade screen appears. Netopia Feature Set Upgrade You may be able to extend the features of your Netopia by purchasing a 'Software Upgrade'. For a list of available upgrades, please see the release notes that came with your Netopia or visit the Netopia Communications web site at www.netopia.com.
12-6 User’s Reference Guide Configuring AppleTalk AppleTalk setup for Netopia R7200s consists of configuring EtherTalk, LocalTalk, and AURP. EtherTalk setup In the System Configuration screen, select Network Protocols Setup and then select AppleTalk Setup. Select EtherTalk Phase ll Setup and press Return. EtherTalk Phase II Setup EtherTalk Phase II Enabled: Show Zones... Enter New Zone Name: Delete Zone Name... Set Default Zone... Net Low: Net Hi: Seeding...
AppleTalk Setup 12-7 EtherTalk Phase II port is visible to other AppleTalk nodes. The default zone is also where new AppleTalk nodes will appear. If you do not set a default zone, the first zone you create will be the default zone. ■ You can also set the range of EtherTalk Phase II network numbers. Select Net Low and enter the lower limit of the network number range. Select Net High and enter the upper limit of the range.
12-8 User’s Reference Guide As an alternative, you can set LocalTalk seeding to soft seeding and let the Netopia R7200 receive the zone name and network number from the other router. ■ Select LocalTalk Net Number and enter the desired network number. ■ Select Seeding. From the pop-up menu, choose the type of seeding for the Netopia R7200’s LocalTalk port to use (see “Routers and seeding” on page 12-3). You have finished configuring LocalTalk.
AppleTalk Setup 12-9 Example: Site A has an AURP tunnel to site B. Both sites have multiple zones defined on the EtherTalk port and a unique zone on their LocalTalk ports. If side A has indicated that one of its EtherTalk zones is the Free Trade Zone and has opted to use the Free Trade Zone option for its tunnel to B, then only this Free Trade Zone will show up on side B and only those machines or services in the Free Trade Zone will be accessible to side B. All of side A will be able to see all of side B.
12-10 User’s Reference Guide Change AURP Partner Partner IP Address or Domain Name: 176.163.8.134 Initiate Connection: No Restrict to Free Trade Zone: No The Change AURP Partner screen has all the values you entered when you added that partner. All of these values may be modified in this screen. Deleting an AURP partner ■ To delete an AURP partner, in the AURP Setup screen select Delete Partner and press Return. A table of existing partners appears.
AppleTalk Setup 12-11 AURP Options Tickle Interval (HH:MM:SS): Update Interval (HH:MM:SS): 00:00:00 00:00:30 Enable Network Number Remapping: Yes Remap into Range From: To: 4096 32768 Cluster Remote Networks: No Enable Hop-Count Reduction: No Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes. ■ Select Tickle Interval (HH:MM:SS) and set the timer to indicate how often a tickle or “Are you still there” packet will be sent to the remote AppleTalk network.
12-12 User’s Reference Guide When network number remapping is enabled, you must choose a safe range of network numbers as a destination for the remapping. A safe range of network numbers does not intersect your local AppleTalk network’s range of network numbers. ■ To choose a destination range for the remapping, select From under Remap into Range and enter a starting value. Then select To and enter an ending value.
Monitoring Tools 13-1 Chapter 13 Monitoring Tools This chapter discusses the Netopia R7200’s device and network monitoring tools. These tools can provide statistical information, report on current network status, record events, and help in diagnosing and locating problems.
13-2 User’s Reference Guide General status Quick View Default IP Gateway: 0.0.0.0 Domain Name Server: 0.0.0.0 Domain Name: netopia.com CPU Load: 5% 12/3/1998 02:41:39 PM Unused Memory: 602 KB ----------------MAC Address--------IP Address-------IPX Address--------------Ethernet Hub: 00-00-c5-70-03-48 192.168.1.1 SDSL WAN1: 00-00-c5-70-03-4a 0.0.0.0 Current DSL Status Profile Name----------Rate--%Use-Remote Address-----Est.-More Info-----------ISP Port1 10 IP 92.163.4.1 Lcl NAT 192.163.100.
Monitoring Tools 13-3 Current status The current status section is a table showing the current status of the WAN. For example: Current DSL Status ---Profile Name------State---%Use-Remote Address----Est.-More Info---------ISP P1 10 IP 92.163.4.1 Lcl NAT 192.163.100.6 Profile Name: Lists the name of the connection profile being used, if any. State: Lists the ports in use for this connection. %Use: Indicates the average percent utilization of the maximum capacity of the channels in use for the connection.
13-4 User’s Reference Guide Statistics & Logs Main Menu Statistics & Logs • General Statistics When you are troubleshooting your Netopia R7200, the Statistics & Logs screens provide insight into the recent event activities of the router. From the Main Menu go to Statistics & Logs and select one of the options described in the sections below. General Statistics To go to the General Statistics screen, select General Statistics and press Return. The General Statistics screen appears.
Monitoring Tools 13-5 Physical Interface The top left side of the screen lists total packets received and total packets transmitted for the following data ports: ■ Ethernet Hub ■ Aux Async or LocalTalk (if the optional AppleTalk feature set is installed) ■ SDSL 1 Network Interface The bottom left side of the screen lists total packets received and total packets transmitted for the following protocols: ■ IP (IP packets on the Ethernet) ■ IPX (IPX packets on the Ethernet) if IPX is enabled ■ AppleT
13-6 User’s Reference Guide Main Menu Statistics & Logs • WAN Event History • Device Event History WAN Event History The WAN Event History screen lists a total of 128 events on the WAN. The most recent events appear at the top. WAN Event History Current Date -- 12/3/98 03:02:23 PM -Date-----Time-----Event---------------------------------------------------------------------------------------SCROLL UP----------------------------------07/03/98 13:59:06 DSL: IP up, channel 1, gateway: 173.166.107.
Monitoring Tools 13-7 To get more information about any event listed in the WAN Event History, select the event and then press Return. A dialog box containing more information about the selected event will appear. Press Return or Escape to dismiss the dialog box. To clear the event history, select Clear History at the bottom of the history screen and press Return.
13-8 User’s Reference Guide Each of the routing table screens represents a snapshot of the routing table information at the time the screen is first invoked. To take a new snapshot, select Update at the bottom of the screen and press Return. Statistics & Logs WAN Event History... Device Event History... IP Routing Table... IPX Routing Table... IPX SAP Bindery Table... AppleTalk Routing Table... Served IP Addresses... General Statistics... System Information...
Monitoring Tools 13-9 IPX routing table In the Statistics & Logs screen, select IPX Routing Table and press Return. The IPX routing table displays all of the IPX routes currently known to the Netopia R7200. IPX Sap Bindery table In the Statistics & Logs screen, select IPX Sap Bindery Table and press Return. The IPX Sap Bindery table displays all of the IPX Sap Bindery routes currently known to the Netopia R7200.
13-10 User’s Reference Guide State: Displays the state of the specified route, based on the frequency of Routing Table Maintenance Protocol (RTMP) packets received for the route. The state can be Good, Suspect, or Bad. AppleTalk routers regularly exchange RTMP packets to update AppleTalk routing information. Next Rtr Addr.: Displays the DDP or IP address of the next hop for the specified route. A DDP address is displayed if the router shown is on the local AppleTalk network.
Monitoring Tools 13-11 The IP Address Lease Management screen appears. IP Address Lease Management Reset All Leases Release BootP Leases Reclaim Declined Addresses Hit RETURN/ENTER, you will return to the previous screen. This screen has three options: ■ Reset All Leases: Resets all current IP addresses leased through DHCP without waiting for the default one–hour lease period to elapse ■ Release BootP Leases: Releases any BootP leases that may be in place and which may no longer be required.
13-12 User’s Reference Guide System Information The System Information screen gives a summary view of the general system level values in the Netopia R7200 SDSL Router. From the Statistics & Logs menu select System Information. The System Information screen appears. System Information Serial Number Firmware Version 70-02-ec (7340780) 4.
Monitoring Tools 13-13 The SNMP Setup screen From the Main Menu, select SNMP in the System Configuration screen and press Return. The SNMP Setup screen appears. Main Menu System Configuration SNMP SNMP Setup System Name: System Location: System Contact: Read-Only Community String: Read/Write Community String: public private Authentication Traps Enable: Off IP Trap Receivers... Configure optional SNMP parameters from here. Follow these steps to configure the first three items in the screen: 1.
13-14 User’s Reference Guide By default, the read-only and read/write community strings are set to public and private, respectively. You should change both of the default community strings to values known only to you and trusted system administrators. To change a community string, select it and enter a new value. Starting with the version 4.3 firmware, setting the Read-Only and Read-Write community strings to the empty string will block all SNMP requests to the router.
Monitoring Tools 13-15 IP Trap Receivers Display/Change IP Trap Receiver... Add IP Trap Receiver... Delete IP Trap Receiver... Return/Enter to modify an existing Trap Receiver. Navigate from here to view, add, modify and delete IP Trap Receivers. Setting the IP trap receivers 1. Select Add IP Trap Receiver. 2. Select Receiver IP Address or Domain Name. Enter the IP address or domain name of the SNMP manager you want to receive the trap. 3.
13-16 User’s Reference Guide Web-based management pages The web-based management pages add significant new features for monitoring your router. You access the web-based management pages by launching your web browser and entering the URL: http://router_IP_address where router_IP_address is the address of your router. The default address is 198.162.1.1. The System Information page appears. System Information page This is the initial page you link to when you connect to the web-based management pages.
Monitoring Tools 13-17 The display contains two frames, a navigation frame on the left and the information and configuration page on the right. The left frame permits you to navigate to: ■ System ■ ■ Information: displays the router’s hardware (MAC) address, the model number and firmware version currently installed, the current date and time, the router’s IP address, and the IPX address, if any.
13-18 User’s Reference Guide WAN Event History page You can refresh the WAN Event History log by clicking the update this page link.
Monitoring Tools 13-19 Device Event History page You can refresh the Device Event History log by clicking the update this page link.
13-20 User’s Reference Guide
Security 14-1 Chapter 14 Security The Netopia R7200 provides a number of security features to help protect its configuration screens and your local network from unauthorized access. Although these features are optional, it is strongly recommended that you use them.
14-2 User’s Reference Guide Caution! You are strongly encouraged to add protection to the configuration screens. Unprotected screens could allow an unauthorized user to compromise the operation of your entire network. Once user accounts are created, users who attempt to access protected screens will be challenged. Users who enter an incorrect name or password are returned to a screen requesting a name/password combination to access the Main Menu.
Security 14-3 To add a new user account, select Add User in the Security Options screen and press Return. The Add Name With Write Access screen appears. Add Name With Write Access Enter Name: Enter Password (11 characters max): ADD NAME/PASSWORD NOW CANCEL Follow these steps to configure the new account: 1. Select Enter Name and enter a descriptive name (for example, the user’s first name). 2. Select Enter Password and enter a password. 3.
14-4 User’s Reference Guide Enable SmartStart/SmartView/Web server You may want to restrict access to the Web-based screens to prevent inadvertent switching or connecting and disconnecting of connection profiles. Since SmartStart can be used to reconfigure the router, you may want to block inadvertent damage resulting from unauthorized use of SmartStart. To prevent access to these features toggle this option to No.
Security 14-5 A filter set is a group of filters that work together to check incoming or outgoing data. A filter set can consist of a combination of input and output filters. How filter sets work A filter set acts like a team of customs inspectors. Each filter is an inspector through which incoming and outgoing packages must pass. The inspectors work as a team, but each inspects every package individually. Each inspector has a specific task.
14-6 User’s Reference Guide packet first filter match? no send to next filter yes forward or discard? discard (delete) forward to network If the package does not match the first inspector’s criteria, it goes to the second inspector, and so on. You can see that the order of the inspectors in the line is very important.
Security 14-7 A filtering rule The criteria are based on information contained in the packets. A filter is simply a rule that prescribes certain actions based on certain conditions. For example, the following rule qualifies as a filter: Block all Telnet attempts that originate from the remote host 199.211.211.17. This rule applies to Telnet packets that come from a host with the IP address 199.211.211.17. If a match occurs, the packet is blocked.
14-8 User’s Reference Guide Internet service UDP port Internet service UDP port Who Is 43 AppleTalk Routing Maintenance (at-rtmp) 202 World Wide Web 80 AppleTalk Name Binding (at-nbp) 202 SNMP 161 AURP (AppleTalk) 387 TFTP 69 who 513 Port number comparisons A filter can also use a comparison option to evaluate a packet’s source or destination port number. The comparison options are: No Compare: No comparison of the port number specified in the filter with the packet’s port number.
Security 14-9 Putting the parts together When you display a filter set, its filters are displayed as rows in a table: +-#---Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.Port--On?-Fwd-+ +----------------------------------------------------------------------+ | 1 192.211.211.17 0.0.0.0 TCP 0 23 Yes No | | 2 0.0.0.0 0.0.0.0 TCP NC =6000 Yes No | | 3 0.0.0.0 0.0.0.0 ICMP --Yes Yes | | 4 0.0.0.0 0.0.0.0 TCP NC >1023 Yes Yes | | 5 0.0.0.0 0.0.0.
14-10 User’s Reference Guide Filtering example #1 Returning to our filtering rule example from above (see page 14-7), look at how a rule is translated into a filter. Start with the rule, then fill in the filter’s attributes: 1. The rule you want to implement as a filter is: Block all Telnet attempts that originate from the remote host 199.211.211.17. 2. The host 199.211.211.17 is the source of the Telnet packets you want to block, while the destination address is any IP address.
Security 14-11 +-#---Source IP Addr---Dest IP Addr-----Proto-Src.Port-D.Port--On?-Fwd-+ +----------------------------------------------------------------------+ | 1 200.233.14.0 0.0.0.0 0 Yes No | | | +----------------------------------------------------------------------+ This filter blocks any packets coming from a remote network with the IP network address 200.233.14.0. The 0 at the end of the address signifies any host on the class C IP network 200.233.14.0.
14-12 User’s Reference Guide An approach to using filters The ultimate goal of network security is to prevent unauthorized access to the network without compromising authorized access. Using filter sets is part of reaching that goal. Each filter set you design will be based on one of the following approaches: ■ That which is not expressly prohibited is permitted. ■ That which is not expressly permitted is prohibited.
Security 14-13 3. View, change, or delete individual filters and filter sets. The sections below explain how to execute these steps. Adding a filter set You can create up to eight different custom filter sets. Each filter set can contain up to 16 output filters and up to 16 input filters. To add a new filter set, select Add IP Filter Set in the IP Filter Sets screen and press Return. The Add Filter Set screen appears.
14-14 User’s Reference Guide Input and output filters—source and destination There are two kinds of filters you can add to a filter set: input and output. Input filters check packets received from the Internet, destined for your network. Output filters check packets transmitted from your network to the Internet.
Security 14-15 Add Filter Enabled: Forward: No No Source IP Address: Source IP Address Mask: 0.0.0.0 0.0.0.0 Dest. IP Address: Dest. IP Address Mask: 0.0.0.0 0.0.0.0 Protocol Type: 0 Source Port Compare... Source Port ID: Dest. Port Compare... Dest. Port ID: No Compare 0 No Compare 0 ADD THIS FILTER NOW CANCEL Enter the IP specific information for this filter. 1. To make the filter active in the filter set, select Enabled and toggle it to Yes.
14-16 User’s Reference Guide 10. When you are finished configuring the filter, select ADD THIS FILTER NOW to save the filter in the filter set. Select CANCEL to discard the filter and return to the Add IP Filter Set screen. Viewing filters To display a view-only table of input or output filters, select Display/Change Input Filter or Display/Change Output Filter in the Add IP Filter Set screen.
Security 14-17 Modifying filter sets To modify a filter set, select Display/Change IP Filter Set in the IP Filter Sets screen to display a list of filter sets. Select a filter set from the list and press Return. The Change IP Filter Set screen appears. The items in this screen are the same as the ones in the Add Filter screen (see “Adding filters to a filter set” on page 14-14). Change IP Filter Set Filter Set Name: Basic Firewall Display/Change Input Filter... Add Input Filter... Delete Input Filter...
14-18 User’s Reference Guide The five input filters and one output filter that make up Basic Firewall are shown in the table below. Input filter 1 Input filter 2 Input filter 3 Input filter 4 Input filter 5 Enabled Yes Yes Yes Yes Yes Yes Forward No No Yes Yes Yes Yes Source IP address 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Source IP address mask 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Dest. IP address 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.
Security 14-19 Basic Firewall is suitable for a LAN containing only client hosts that want to access servers on the WAN, but not for a LAN containing servers providing services to clients on the WAN. Basic Firewall’s general strategy is to explicitly forward WAN-originated TCP and UDP traffic to ports greater than 1023. Ports lower than 1024 are the service origination ports for various Internet services such as FTP, Telnet, and the World Wide Web (WWW).
14-20 User’s Reference Guide FTP sessions. To allow WAN-originated FTP sessions to a LAN-based FTP server with the IP address a.b.c.d (corresponding to a numbered IP address such as 163.176.8.243), insert the following input filter ahead of the current input filter 1: ■ Enabled: Yes ■ Forward: Yes ■ Source IP Address: 0.0.0.0 ■ Source IP Address Mask: 0.0.0.0 ■ Dest. IP Address: a.b.c.d ■ Dest. IP Address Mask: 255.255.255.
Security 14-21 IPX filters Main Menu System Configuration Filter Sets (Firewalls) IPX Filters and Filter Sets IPX packet filters work very similarly to IP packet filters. They filter data traffic coming from or going to remote IPX networks. IPX filters can be set up to forward or discard IPX packets based on a number of user-defined criteria. Like IP filters, IPX filters must be grouped in sets that are applied to the answer profile or to connection profiles.
14-22 User’s Reference Guide The items in the IPX Filters and Filter Sets screen are grouped into four areas: ■ IPX packet filters ■ IPX packet filter sets ■ IPX SAP filters ■ IPX SAP filter sets The following sections explain the items in each of these areas. IPX packet filters For each IPX packet filter, you can configure a set of parameters to match on the source or destination attributes of IPX data packets coming from or going to the WAN.
Security 14-23 1. Select Filter Name and enter a descriptive name for the filter. 2. To specify a source network for the filter to match on, select Source Network and enter an IPX network address. 3. To specify a source node for the filter to match on, select Source Node Address and enter an IPX node address. 4. To specify a source socket for the filter to match on, select Source Socket and enter an IPX source socket number. 5.
14-24 User’s Reference Guide Add Packet Filter Set Filter Set Name: Show Filters/Change Action on Match... Append Filter... Remove Filter... ADD FILTER SET NOW CANCEL Return accepts * ESC cancels * Left/Right moves insertion point * Del deletes. Configure an IPX Filter Set here. You must ADD FILTER SET NOW to save. Follow these steps to configure the new packet filter set: 1. Select Filter Set Name and enter a descriptive name for the filter set. 2.
Security 14-25 3. To add a filter to the filter set, select Append Filter to display a table of filters. Select a filter from the table and press Return to add it to the filter set. The default action of newly added filters is to not forward packets that match their criteria. To exit the table without adding the filter, press Escape. 4. To remove a filter from the filter set, select Remove Filter to display a table of appended filters.
14-26 User’s Reference Guide Adding a SAP filter To add a new IPX SAP filter, select Add IPX SAP Filter in the IPX Filters and Filter Sets screen and press Return. The Add SAP Filter screen appears. Add Sap Filter Filter Name: Server Name: Socket: 0000 Type: 0000 IPX Network: IPX Node Address: 00000000 000000000000 ADD FILTER NOW CANCEL Configure a new IPX SAP Filter. Finished? ADD or CANCEL to exit.
Security 14-27 IPX SAP filter sets Before IPX SAP filters can be used, they must be grouped into sets. A SAP filter can be part of more than one filter set. Viewing and modifying SAP filter sets To display a table of IPX SAP filter sets, select Display/Change IPX SAP Filter Sets in the IPX Filters and Filter Sets screen to display a list of filter sets. To modify any of the filter sets in the list, select the desired filter set and go to the Change SAP Filter Set screen.
14-28 User’s Reference Guide Show Filters/Change Actions on Match Filter Name---------------------Forward Filter 1 No Filter 2 No <> Yes Set whether filters forward or drop matching packets here. Select a filter and toggle the entry forwarding action to Yes (forward) or No (discard). 3. To add a filter to the filter set, select Append Filter in the Add SAP Filter Set screen to display a table of filters. Select a filter from the table and press Return to add it to the filter set.
Security 14-29 Firewall tutorial General firewall terms Filter rule: A filter set is comprised of individual filter rules. Filter set: A grouping of individual filter rules. Firewall: A component or set of components that restrict access between a protected network and the Internet, or between two networks. Host: A workstation on the network. Packet: Unit of communication on the Internet.
14-30 User’s Reference Guide Example TCP/UDP Ports TCP Port Service 20/21 FTP 23 Telnet 25 SMTP 80 WWW 144 News UDP Port Service 161 SNMP 69 TFTP 387 AURP Firewall design rules There are two basic rules to firewall design: ■ “What is not explicitly allowed is denied.” and ■ “What is not explicitly denied is allowed.” The first rule is far more secure, and is the best approach to firewall design.
Security 14-31 and a packet goes through these rules destined for FTP, the packet would forward through the first rule (WWW), go through the second rule (FTP), and match this rule; the packet is allowed through. If you had this filter set for example.... Allow WWW access; Allow FTP access; Deny FTP access; Deny all other packets.
14-32 User’s Reference Guide Implied rules With a given set of filter rules, there is an Implied rule that may or may not be shown to the user. The implied rule tells the filter set what to do with a packet that does not match any of the filter rules. An example of implied rules is as follows: Implied Meaning Y+Y+Y=N If all filter rules are YES, the implied rule is NO. N+N+N=Y If all filter rules are NO, the implied rule is YES. Y+N+Y=N If a mix of YES and NO filters, the implied rule is NO.
Security 14-33 Filter basics In the source or destination IP address fields, the IP address that is entered must be the network address of the subnet. A host address can be entered, but the applied subnet mask must be 32 bits (255.255.255.255). The Netopia R7200 has the ability to compare source and destination TCP or UDP ports.
14-34 User’s Reference Guide Example filters Example 1 Filter Rule: 200.1.1.0 (Source IP Network Address) 255.255.255.128 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.28 IP Address Binary Representation 200.1.1.28 00011100 (Source address in incoming IP packet) 10000000 (Perform the logical AND) 00000000 (Logical AND result) AND 255.255.255.
Security 14-35 This incoming IP packet (10000000) has a source IP address that does not match the network address in the Source IP Address field (00000000) in the Netopia R7200. This rule will forward this packet because the packet does not match. Example 3 Filter Rule: 200.1.1.96 (Source IP Network Address) 255.255.255.240 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.184. IP Address Binary Representation 200.1.1.
14-36 User’s Reference Guide Since the Source IP Network Address in the Netopia R7200 is 01100000, and the source IP address after the logical AND is 01100000, this rule does match and this packet will not be forwarded. Example 5 Filter Rule: 200.1.1.96 (Source IP Network Address) 255.255.255.255 (Source IP Mask) Forward = No (What happens on match) Incoming packet has the source address of 200.1.1.96. IP Address Binary Representation 200.1.1.
Utilities and Diagnostics 15-1 Chapter 15 Utilities and Diagnostics A number of utilities and tests are available for system diagnostic and control purposes.
15-2 User’s Reference Guide Ping The Netopia R7200 includes a standard Ping test utility. A Ping test generates IP packets destined for a particular (Ping-capable) IP host. Each time the target host receives a Ping packet, it returns a packet to the original sender. Ping allows you to see whether a particular IP destination is reachable from the Netopia R7200. You can also ascertain the quality and reliability of the connection to the desired destination by studying the Ping test’s statistics.
Utilities and Diagnostics 15-3 Status: The current status of the Ping test. This item can display the status messages shown in the able below: Message Description Resolving host name Finding the IP address for the domain name-style address Can’t resolve host name IP address can’t be found for the domain name–style address Pinging Ping test is in progress Complete Ping test was completed Cancelled by user Ping test was cancelled manually Destination unreachable from w.x.y.
15-4 User’s Reference Guide Packets Lost: The number of packets unaccounted for, shown in total and as a percentage of total packets sent. This statistic may be updated during the Ping test, and may not be accurate until after the test is over. However, if an escalating one-to-one correspondence is seen between Packets Out and Packets Lost, and Packets In is noticeably lagging behind Packets Out, the destination is probably unreachable. In this case, use STOP PING.
Utilities and Diagnostics 15-5 4. Select Use Reverse DNS to learn the names of the routers between the Netopia Router and the destination router. The default is Yes. 5. Select START TRACE ROUTE and press Return. A scrolling screen will appear that lists the destination, number of hops, IP addresses of each hop, and DNS names, if selected. 6. Cancel the trace by pressing Escape. Return to the Trace Route screen by pressing Escape twice.
15-6 User’s Reference Guide Disconnect Telnet console session If you want to close your Telnet console session, select Disconnect Telnet Console Session and press Return. A dialog box appears asking you to cancel or continue your selection.
Utilities and Diagnostics 15-7 Transferring configuration and firmware files with TFTP Trivial File Transfer Protocol (TFTP) is a method of transferring data over an IP network. TFTP is a client-server application, with the router as the client. To use the Netopia R7200 as a TFTP client, a TFTP server must be available. Netopia, Inc., has a public access TFTP server on the Internet where you can obtain the latest firmware versions.
15-8 User’s Reference Guide ■ Select GET ROUTER FIRMWARE FROM SERVER or GET WAN MODULE FIRMWARE FROM SERVER and press Return. You will see the following dialog box: +-----------------------------------------------------------+ +-----------------------------------------------------------+ | | | Are you sure you want to read the firmware now? | | The device will reset when the transfer is complete.
Utilities and Diagnostics 15-9 ■ Select GET CONFIG FROM SERVER and press Return. You will see the following dialog box: +-----------------------------------------------------------+ +-----------------------------------------------------------+ | | | Are you sure you want to read the configuration now? | | The device will reset when the transfer is complete.
15-10 User’s Reference Guide X-Modem File Transfer Send Firmware to Netopia... Send Config to Netopia... Receive Config from Netopia... Send Firmware to Netopia WAN module... WAN module Firmware Status: IDLE Updating firmware Firmware updates may be available periodically from Netopia or from a site maintained by your organization’s network administration. The procedure below applies whether you are using the console or the WAN interface module.
Utilities and Diagnostics 15-11 The system will reset at the end of a successful file transfer to put the new firmware into effect. While the system resets, the LEDs will blink on and off. Caution! Do not manually power down or reset the Netopia R7200 while it is automatically resetting or it could be damaged. Downloading configuration files The Netopia R7200 can be configured by downloading a configuration file. The downloaded file reconfigures all of the Router’s parameters.
15-12 User’s Reference Guide 2. Select Receive Config from Netopia and press Return. The following dialog box appears: +--------------------------------------------------------------------+ | | | Are you sure you want to save your current Netopia configuration? | | If so, when you hit Return/Enter on the CONTINUE button, you will | | have 10 seconds to begin the transfer from your terminal program. | | | | CANCEL CONTINUE | | | +--------------------------------------------------------------------+ 3.
Part III: Appendixes
User’s Reference Guide
Troubleshooting A-1 Appendix A Troubleshooting This appendix is intended to help you troubleshoot problems you may encounter while setting up and using the Netopia R7200. It also includes information on how to contact Netopia Technical Support. Important information on these problems can be found in the event histories kept by the Netopia R7200. These event histories can be accessed in the Statistics & Logs screen.
A-2 User’s Reference Guide Note: If you are attempting to modify the IP address or subnet mask from a previous, successful configuration attempt, you will need to clear the IP address or reset your Netopia R7200 to the factory default before reinitiating the configuration process. For further information on resetting your Netopia R7200 to factory default, see “Factory defaults” on page 15-6.
Troubleshooting A-3 How to reset the router to factory defaults Lose your password? This section shows how to reset the router so that you can access the console screens once again. Keep in mind that all of your connection profiles and settings will need to be reconfigured. If you don't have a password, the only way to get back into the Netopia R7200 is the following: 1. Turn the router upside down. 2. Referring to the diagram below, find the paper clip-size Reset Switch slot. Reset Switch Slot 3.
A-4 User’s Reference Guide Technical support Netopia, Inc. is committed to providing its customers with reliable products and documentation, backed by excellent technical support. Before contacting Netopia Look in this guide for a solution to your problem. You may find a solution in this troubleshooting appendix or in other sections. Check the index for a reference to the topic of concern. If you cannot find a solution, complete the environment profile below before contacting Netopia Technical Support.
Troubleshooting A-5 Netopia Bulletin Board Service: 1 510-865-1321 Online product information Product information can be found in the following: Netopia World Wide Web server via http://www.netopia.com Internet via anonymous FTP to ftp.netopia.com/pub FAX-Back This service provides technical notes that answer the most commonly asked questions and offers solutions for many common problems encountered with Netopia products.
A-6 User’s Reference Guide
Understanding IP Addressing B-1 Appendix B Understanding IP Addressing This appendix is a brief general introduction to IP addressing. A basic understanding of IP will help you in configuring the Netopia R7200 and using some of its powerful features, such as static routes and packet filtering.
B-2 User’s Reference Guide IP addresses are maintained and assigned by the InterNIC, a quasi-governmental organization now increasingly under the auspices of private industry. Note: It’s very common for an organization to obtain an IP address from a third party, usually an Internet service provider (ISP). ISPs usually issue an IP address when they are contracted to provide Internet access services. The InterNIC (the NIC stands for Network Information Center) divides IP addresses into several classes.
Understanding IP Addressing B-3 Subnet masks To create subnets, the network manager must define a subnet mask, a 32-bit number that indicates which bits in an IP address are used for network and subnetwork addresses and which are used for host addresses. One subnet mask should apply to all IP networks that are physically connected together and share a single assigned network number. Subnet masks are often written in decimal notation like IP addresses, but they are most easily understood in binary notation.
B-4 User’s Reference Guide Network configuration Below is a diagram of a simple network configuration. The ISP is providing a Class C address to the customer site, and both networks A and B want to gain Internet access through this address. Netopia R7200 B connects to Netopia R7200 A and is provided Internet access through Routers A and B. Customer Site A PC 1: IP Address: 192.168.1.3 Subnet Mask: 255.255.255.128 Gateway: 192.168.1.1 Router B: ISP Network Router A: IP Address: 10.0.0.1 Subnet Mask: 255.
Understanding IP Addressing B-5 Background The IP addresses and routing configurations for the devices shown in the diagram are outlined below. In addition, each individual field and its meaning are described. The IP Address and Subnet Mask fields define the IP address and subnet mask of the device's Ethernet connection to the network while the Remote IP and Remote Sub fields describe the IP address and subnet mask of the remote router.
B-6 User’s Reference Guide There are two schemes for distributing the remaining IP addresses: ■ Manually give each computer an address ■ Let the Netopia R7200 automatically distribute the addresses These two methods are not mutually exclusive; you can manually issue some of the addresses while the rest are distributed by the Netopia R7200. Using the router in this way allows it to function as an address server.
Understanding IP Addressing B-7 Number of Devices (other than Netopia R7200) on Local Network Largest Possible Ethernet Subnet Mask 30-61 255.255.255.192 62-125 255.255.255.128 125-259 255.255.255.0 Configuration This section describes the specific IP address lease, renew, and release mechanisms for both the Mac and PC, with either DHCP or MacIP address serving. DHCP address serving Windows 95 workstation: ■ The Win95 workstation requests and renews its lease every half hour.
B-8 User’s Reference Guide ■ The Netopia R7200 releases the DHCP address back to the available DHCP address pool exactly one hour after the last-heard lease request. Some other DHCP implementations may hold on to the lease for an additional time after the lease expired to act as a buffer for variances in clocks between the client and server.
Understanding IP Addressing B-9 In any situation where a device is dialing into a Netopia router, the router may need to be configured to serve IP via the WAN interface. This is only a requirement if the calling device has not been configured locally to know what its address(es) are. So when a client, dialing into a Netopia router's WAN interface, is expecting addresses to be served by the answering router, you must set the answering Netopia router to serve IP via its WAN interface.
B-10 User’s Reference Guide 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Block of IP host addresses (derived from network IP address + mask issued by ISP) 1 Distributed to the Netopia R7200 (Ethernet IP address) 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Manually distributed (static) Pool of addresses distributed by MacIP and DHCP The figure above shows an example of a block of IP addresses being distributed correctly.
Understanding IP Addressing B-11 Nested IP subnets Under certain circumstances, you may want to create remote subnets from the limited number of IP addresses issued by your ISP or other authority. You can do this using connection profiles. These subnets can be nested within the range of IP addresses available to your network. For example, suppose that you obtain the Class C network address a.b.c.0 to be distributed among three networks.
B-12 User’s Reference Guide Routers B and C (which could also be Netopia R7200s) serve the two remote networks that are subnets of a.b.c.0. The subnetting is accomplished by configuring the Netopia R7200 with connection profiles for Routers B and C (see the following table). Connection profile Remote IP address Remote IP mask Bits available for host address For Router B a.b.c.128 255.255.255.192 7 For Router C a.b.c.248 255.255.255.
Understanding IP Addressing B-13 The following diagram illustrates the IP address space taken up by the two remote IP subnets. You can see from the diagram why the term nested is appropriate for describing these subnets. 1 Address range available to a.b.c.0, less the two nested subnets 129 valid addresses used by a.b.c.128 190 valid addresses used by a.b.c.248 249 254 Broadcasts As mentioned earlier, binary IP host or subnet addresses composed entirely of ones or zeros are reserved for broadcasting.
B-14 User’s Reference Guide
Understanding Netopia NAT Behavior C-1 Appendix C Understanding Netopia NAT Behavior The Netopia R7200 implements a powerful feature called Network Address Translation (NAT) as specified in RFC 1631. NAT is used for IP address conservation and for security purposes since there will only be a single IP “presence” on the WAN. This appendix describes the NAT functionality within the Netopia R7200 and provides examples for setup and use.
C-2 User’s Reference Guide When the Netopia R7200 establishes a connection over its WAN interface with another router it uses the Point-to-Point Protocol (PPP). Within PPP there is a Network Control Protocol (NCP) called Internet Protocol Control Protocol (IPCP), which handles the negotiation of IP addresses between the two routers, in this case the Netopia R7200 at the customer site above and the router at the Internet service provider (ISP).
Understanding Netopia NAT Behavior C-3 When the Netopia R7200 receives this IP packet, it cannot simply forward it to the WAN interface and the Internet since the IP addresses on the LAN interface are not valid or globally unique for the Internet. Instead, the Netopia R7200 has to change the IP packet to reflect the IP address that was acquired on the WAN interface from the ISP.
C-4 User’s Reference Guide The reasons for the IP address changes are obvious from the preceding diagram, but what is not so obvious is why the TCP or UDP source ports need to be changed as well. These are changed and maintained in an internal table so the Netopia R7200 can determine which host on the local LAN interface sent the IP packet and what host the response from the WAN interface is going to go to on the LAN interface.
Understanding Netopia NAT Behavior C-5 Now both IP packets have the exact same source IP address (200.1.1.40) and source ports (400). The Netopia R7200 is then able to distinguish between the two IP packets by changing the source TCP or UDP ports and keeping this information in an internal table. As seen above, the source port for Workstation A has been changed to 5001 and the source port for Workstation B has been changed to 5002.
C-6 User’s Reference Guide If the WWW server on the Internet then tries to open a connection to the IP address of 200.1.1.40 with the appropriate exported service defined, the Netopia R7200 will look at the destination port and will find that it is destined for port 21 (FTP). The Netopia R7200 then looks at the internal user-defined exported services table and finds that any incoming IP traffic from the WAN port with a destination of port 21 (FTP) should be redirected to the IP address of 192.168.5.
Understanding Netopia NAT Behavior C-7 Configuration NAT is enabled by default with the SmartStart configuration utility. You can toggle Enable Address Translation to No or Yes in the Connection Profile screen in System Configuration under the IP Profile Parameters section. NAT is enabled on a per-profile basis, so it is possible to have any combination of NAT and non-NAT profiles. An example of enabling NAT is as follows: IP Profile Parameters Remote IP Address: Remote IP Mask: 127.0.0.2 255.255.255.
C-8 User’s Reference Guide Add Exported Service +-Type------Port--+ +-----------------+ Service... | ftp 21 | | telnet 23 | | smtp 25 | Local Server's IP Address: | tftp 69 | | gopher 70 | | finger 79 | | www-http 80 | | pop2 109 | | pop3 110 | | snmp 161 | | timbuktu 407 | | pptp 1723 | | irc 6667 | | Other...
Binary Conversion Table D-1 Appendix D Binary Conversion Table This table is provided to help you choose subnet numbers and host numbers for IP and MacIP networks that use subnetting for IP addresses.
D-2 User’s Reference Guide Decimal Binary Decimal Binary Decimal Binary Decimal Binary 128 10000000 160 10100000 192 11000000 224 11100000 129 10000001 161 10100001 193 11000001 225 11100001 130 10000010 162 10100010 194 11000010 226 11100010 131 10000011 163 10100011 195 11000011 227 11100011 132 10000100 164 10100100 196 11000100 228 11100100 133 10000101 165 10100101 197 11000101 229 11100101 134 10000110 166 10100110 198 11000110 230 111001
Further Reading E-1 Appendix E Further Reading Alexander, S. and R. Droms, DHCP Options and BOOTP Vendor Extensions, RFC 2131, Silicon Graphics, Inc., Bucknell University, PA, 1997. Angell, David, ISDN for Dummies, IDG Books Worldwide, Foster City, CA, 1995. Thorough introduction to ISDN for beginners. Apple Computer, Inc., AppleTalk Network System Overview, Addison-Wesley Publishing Company, Inc., Reading, MA, 1989. Apple Computer, Inc.
E-2 User’s Reference Guide Garcia-Luna-Aceves, J.J., Loop-Free Routing Using Diffusing Computations, IEEE/ACM Transactions on Networking, Vol. 1, No. 1, 1993. Garfinkel, Simson., PGP: Pretty Good Privacy, O’Reilly & Associates, Sebastopol, CA, 1991. A guide to the free data encryption program PGP and the issues surrounding encryption. Green, J.K., Telecommunications, 2nd ed., Business One Irwin, Homewood, IL, 1992. Heinanen, J., Multiprotocol Encapsulation over ATM Adaptation Layer 5, RFC 1483, July 1993.
Further Reading E-3 Sidhu, G.S., R.F. Andrews, and A.B. Oppenheimer, Inside AppleTalk, 2nd ed., Addison-Wesley Publishing Company, Reading, MA, 1990. Siyan, Karanjit, Internet Firewall and Network Security, New Riders Publishing, Indianapolis, IN, 1995. Similar to the Chapman and Zwicky book. Smith, Philip, Frame Relay Principles and Applications, Addison-Wesley Publishing Company, Reading, MA, 1996.
E-4 User’s Reference Guide
Technical Specifications and Safety Information F-1 Appendix F Technical Specifications and Safety Information Pinouts for Auxiliary port modem cable 1300 ohms 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Shield 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Shield BRAID HD-15 DB-25 Pin 1 Ground Pin 1 (not used) Pin 2 TDA Pin 2 TD Pin 3 TDB Pin 3 RD Pin 4 RDA Pin 4 RTS Pin 5 RDB Pin 5 CTS Pin 6 (not used) Pin 6 DCE Ready Pin 7 DTR Pin 7 Ground Pin 8 CTS Pin 8
F-2 User’s Reference Guide HD-15 DB-25 Pin 9 DSR Pin 9 -RSET (EIA-530) Pin 10 DCD Pin 10 (not used) Pin 11 (not used) Pin 11 -TSET (EIA-530) Pin 12 TCA Pin 12 (not used) Pin 13 TCB Pin 13 (not used) Pin 14 RCA Pin 14 -TD (EIA-530) STD (EIA-232) Pin 15 RCB Pin 15 (not used) Pin 16 -RD (EIA-530) SRD (EIA-232) Pin 17 RSET Pin 18 (not used) Pin 19 -RTS (EIA-530) SRTS (EIA-232) Pin 20 DTE Ready Pin 21 (not used) Pin 22 (not used) Pin 23 Ground Pin 24 TSET Pin 25 (
Technical Specifications and Safety Information F-3 Software and protocols Software media: Software preloaded on internal flash memory; field upgrades done via download to internal flash memory via XMODEM or TFTP Routing: TCP/IP Internet Protocol Suite, RIP, AppleTalk*, LocalTalk-to-Ethernet routing*, AURP tunneling*, MacIP*, IPX * Optional add-on feature WAN support: SDSL Security: IP/IPX firewalls, UI password security, PAP, CHAP, PAP-TOKEN, CACHE-TOKEN SNMP network management: SNMPv1, MIB-II (RFC 1213),
F-4 User’s Reference Guide Agency approvals North America Safety Approvals: ■ United States – UL: 1950 Third Edition ■ Canada – CSA: CAN/CSA-C22.2 No.
Technical Specifications and Safety Information F-5 Service requirements. In the event of equipment malfunction, all repairs should be performed by our Company or an authorized agent. Under FCC rules, no customer is authorized to repair this equipment. This restriction applies regardless of whether the equipment is in or our of warranty. It is the responsibility of users requiring service to report the need for service to our Company or to one of our authorized agents.
F-6 User’s Reference Guide near the product for easy access. ■ For use only with CSA Certified Class 2 power supply, rated 12VDC, 1.5A. Telecommunication installation cautions ■ Never install telephone wiring during a lightning storm. ■ Never install telephone jacks in wet locations unless the jack is specifically designed for wet locations. ■ Never touch uninsulated telephone wires or terminals unless the telephone line has been disconnected at the network interface.
About SDSL G-1 Appendix G About SDSL The Netopia R7200 SDSL Router (Symmetric Digital Subscriber Line) technology uses standard copper phone lines to send a digital signal between two points. Because the signal stays digital and does not go through the public switched telephone network SDSL allows a much faster data connection.
G-2 User’s Reference Guide Because over 300,000 lines are already deployed using HDSL, service providers feel comfortable with SDSL since it uses the same technology as its predecessor and ISDN. The line coding employed by both HDSL and ISDN has not caused any interference with existing services like T1. This means service providers deploy SDSL solutions without worry about impact on other services in neighboring binder groups.
Glossary 1 Glossary access line: A telephone line reaching from the telephone company central office to a point usually on your premises. Beyond this point the wire is considered inside wiring. analog: In telecommunications, telephone transmission and/or switching that is not digital. An analog phone transmission is one that was originally intended to carry speech or voice, but may with appropriate modifications be used to carry data of other types.
2 User’s Reference Guide byte: A group of bits, normally eight, which represent one data character. CallerID: See CND. CCITT (Comite Consultatif International Telegraphique et Telephonique): International Consultative Committee for Telegraphy and Telephony, a standards organization that devises and proposes recommendations for international communications. See also ANSI (American National Standards Institute).
Glossary 3 DTE (Data Terminal Equipment): Term defined by standards committees, that applies to communications equipment, typically personal computers or data terminals, as distinct from other devices that attach to the network, typically modems or printers (DCE). The distinction generally refers to which pins in an RS-232-C connection transmit or receive data. Pins 2 and 3 are reversed. Also see DCE. EIA (Electronic Industry Association): A North American standards association.
4 User’s Reference Guide internet: A set of networks connected together by routers. This is a general term, not to be confused with the large, multi-organizational collection of IP networks known as the Internet. An internet is sometimes also known as an internetwork. internet address, IP address: Any computing device that uses the Internet Protocol (IP) must be assigned an internet or IP address.
Glossary 5 network log: A record of the names of devices, location of wire pairs, wall-jack numbers, and other information about the network. network number: A unique number for each network in an internet. AppleTalk network numbers are assigned by seed routers, to which the network is directly connected. An isolated AppleTalk network does not need a network number.
6 User’s Reference Guide router: A device that supports network communications. A router can connect identical network types, such as LocalTalk-to-LocalTalk, or dissimilar network types, such as LocalTalk-to-Ethernet. However—unless a gateway is available—a common protocol, such as TCP/IP, must be used over both networks. Routers may be equipped to provide WAN line support to the LAN devices they serve.
Glossary 7 TFTP (Trivial File Transfer Protocol): A protocol used to transfer files between IP nodes. TFTP is often used to transfer firmware and configuration information from a UNIX computer acting as a TFTP server to an IP networking device, such as the Netopia ISDN Router. thicknet: Industry jargon for 10Base5 coaxial cable, the original Ethernet cabling. thinnet: Industry jargon for 10Base2 coaxial cable, which is thinner (smaller in diameter) than the original Ethernet cabling.
8 User’s Reference Guide
Index-1 Index Numerics 10Base-T 4-4 10Base-T, connecting 4-4 BootP 10-21 clients 10-27 broadcasts B-13 A add static route 10-19 advanced configuration features 8-11 AppleTalk 1-1 configuring LocalTalk 12-7 routing table 13-9 setup 12-1 tunneling (AURP) 12-3, 12-8 zones 12-6, 12-7 AppleTalk Update-Based Routing Protocol, see AURP application software 4-2 AURP adding a partner 12-9 configuration 12-10 connecting to a partner 12-9 hop-count reduction 12-12 network number remapping 12-11 receiving connection
Index-2 console configuration 8-13 console-based management configuring with 6-1, 7-1, 8-1 D D.
Index-3 G general statistics 13-4 Glossary GL-1 H hard seeding 12-3 hops 13-9 how to reach us A-4 I input filter 3 14-18 input filters 1 and 2 14-18 input filters 4 and 5 14-18 Internet addresses, see IP addresses Internet Protocol (IP) 10-1 Internetwork Packet Exchange (IPX) 11-1 IP address serving 10-21 IP addresses B-1 about B-1 distributing B-5 distribution rules B-10 static B-8 IP setup 10-11 IP trap receivers deleting 13-15 modifying 13-15 setting 13-15 viewing 13-15 IPX packet filter sets 14-23 IPX
Index-4 IP setup 7-6 IPX setup 7-6 LocalTalk configuration 12-7 monitoring 13-1 security 14-1 system utilities and diagnostics 15-1 Network Address Translation see NAT 10-1 network problems A-2 network status overview 13-1 next router address 13-10 non-seeding 12-3 O output filter 1 14-18 overview 1-1 P packet header B-13 packet filter deleting 14-23 packet filters viewing and modifying 14-23 packets forwarded 13-10 password to protect security screen 14-2 user accounts 14-1 ping 15-2 ping test, configurin
Index-5 socket 11-2 soft seeding 12-3 src.
Index-6
Limited Warranty and Limitation of Remedies 1 Limited Warranty and Limitation of Remedies Netopia warrants to you, the end user, that the Netopia R7200 SDSL Router (the “Product”) will be free from defects in materials and workmanship under normal use for a period of one (1) year from date of purchase. Netopia’s entire liability and your sole remedy under this warranty during the warranty period is that Netopia shall, at its sole option, either repair or replace the Product.
2 User’s Reference Guide
