Netopia 4541 - Manual

1-2 User’s Reference Guide How to use this guide In addition to the simple documentation contained in the accompanying Getting Star ted Guide , this guide is designed to be your single source for information about your Netopia 4541/4542 ADSL Router. It is intended to be viewed on-line, using the pow...

Making the Physical Connections 2-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 2 2 2 2 M M M M aa a a kk k k iiii n n n n g g g g tttt h h h h ee e e P P P P h h h h yyy y ssss iiii cccc aa a a llll C C C C o o o o n n n n n n n n ee e e cccc tttt iiii o o o o n n n n ssss This section tells yo...

2-2 User’s Reference Guide You will need: ■ A Windows 95 or 98–based PC or a Macintosh computer with Ethernet connectivity for configuring the Netopia 4541/4542. This may be built-in Ethernet or an add-on card, with TCP/IP installed and configured. See “Sharing the Connection” on page 3-1 . ■ An ADS...

Sharing the Connection 3-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 3 3 3 3 S S S S h h h h aa a a rrrr iiii n n n n g g g g tttt h h h h ee e e C C C C o o o o n n n n n n n n ee e e cccc tttt iiii o o o o n n n n Once you have set up your physical local area network, you will need to config...

3-4 User’s Reference Guide 4. Click OK in this window and the next window. When prompted, reboot the computer. Note: You can also use these instructions to configure other computers on your network with manual or static IP addresses. Be sure each computer on your network has its own IP address. Clic...

Sharing the Connection 3-5 Configuring TCP/IP on Macintosh Computers The following is a quick guide to configuring TCP/IP for MacOS computers. Configuring TCP/IP in a Macintosh computer requires the following: ■ You must have either Open Transpor t or Classic Networking (MacTCP) installed. Note: If ...

3-6 User’s Reference Guide Static configuration (optional) 3. In the TCP/IP window or in the MacTCP/More window, select or type information into the fields as shown in the following table. 4. Close the TCP/IP or MacTCP control panel and save the settings. 5. If you are using MacTCP, you must restar ...

Sharing the Connection 3-7 Note: You can also use these instructions to configure other computers on your network with manual or static IP addresses. Be sure each computer on your network has its own IP address. More information about configuring your Macintosh computer for TCP/IP connectivity throu...

Connecting to Your Local Area Network 4-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 4 4 4 4 C C C C o o o o n n n n n n n n ee e e cccc tttt iiii n n n n g g g g tttt o o o o Y Y Y Y o o o o u u u u rrrr LLL L o o o o cccc aa a a llll A A A A rrrr ee e e aa a a N N N N ee e e tttt w w w w o o ...

4-2 User’s Reference Guide Once the Netopia 4541/4542 is properly configured and connected to your LAN, PC and Macintosh computers that have their required components in place will be able to connect to the Internet or other remote IP networks. Connecting to an Ethernet network The Netopia 4541/4542...

5-2 User’s Reference Guide may be using the router to connect to more than one ser vice provider or remote site. ■ The System Configuration menus display and permit changing: ■ IP setup. See “IP Setup” on page 8-1 . ■ Filter sets (firewalls). See “Security” on page 11-1 . ■ IP address ser ving. See ...

5-4 User’s Reference Guide Launch your terminal emulation software and configure the communications software for the values shown in the table below. These are the default communication parameters that the Netopia 4541/4542 uses. Navigating through the console screens Use your keyboard to navigate t...

Easy Setup 6-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 6 6 6 6 E E E E aa a a ssss yyy y S S S S ee e e tttt u u u u p p p p This chapter describes how to use the Easy Setup console screens on your Netopia 4541/4542. After completing the Easy Setup console screens, your router will be ready ...

6-2 User’s Reference Guide If you do not see the Main Menu, verify that: ■ If you are using a serial connection, that your serial por t speed is the same as the Netopia 4541/4542’s default 9600 baud, for first use. ■ The computer used to view the console screen has its serial por t connected to the ...

Easy Setup 6-3 The Main Menu appears. 2. Select the first item on the Main Menu list, Easy Setup . Press Return to bring up the ADSL Line Configuration menu screen. DSL Line Configuration 1. Select Circuit Type and, from the pop-up menu, choose the type of circuit to which you will be connecting: Mu...

6-4 User’s Reference Guide Routed 1483. If you select Bridged 1483, a new option PPP over Ethernet (PPPoE) appears. You can then toggle PPPoE On or Of f. Choosing Routed 1483 hides the PPPoE option. ■ If you selected PPP, the next pop-up menu PPP Mode of fers the choice of VC Multiplexed or LLC SNAP...

Easy Setup 6-5 If you selected Numbered, the following fields appear. ■ Select the editable field labeled Local WAN IP Address . The default address is 0.0.0.0, which allows for dynamic addressing, when your ISP assigns an address each time you connect. However, you can enter another specific addres...

Easy Setup 6-7 7. Toggle IP Address Serving to On or Of f, depending on whether you want the device’s IP address ser ver to supply dynamic IP addresses to your client workstations. Normally, you would accept the default On so that workstations on your LAN can have IP addresses assigned dynamically f...

WAN and System Configuration 7-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 7 7 7 7 W W W W A A A A N N N N aa a a n n n n d d d d S S S S yyy y ssss tttt ee e e m m m m C C C C o o o o n n n n ffff iiii g g g g u u u u rrrr aa a a tttt iiii o o o o n n n n This chapter describes how to use the...

7-2 User’s Reference Guide 1. Select Circuit Type and from the pop-up menu choose the type of circuit to which you will be connecting. ■ Model 4541 of fers Multimode, T1.413, G.dmt, G.lite, or ADI. ■ Model 4542 of fers Multimode, ADI ETDI, ITU Standard, UR2, ADI Legacy, TI Legacy and Alcatel ETSI. 2...

WAN and System Configuration 7-3 ■ Enter a name for the circuit in the Circuit Name field. ■ Toggle Circuit Enabled to Yes. ■ Enter the Vir tual Path Identifier and the Vir tual Channel Identifier in the Circuit VPI and Circuit VCI fields, respectively. ■ Then, select a Connection Profile for the Ci...

7-4 User’s Reference Guide Creating a new Connection Profile For a Netopia 4541/4542, connection profiles are useful for configuring the connection and authentication settings for negotiating a PPP connection on the ADSL link. If you are using the PPP data link encapsulation method, you can store yo...

WAN and System Configuration 7-5 3. Select Data Link Encapsulation and press Return. The pop-up menu of fers the possible data link encapsulation methods for connection profiles used for a variety of purposes: PPP, RFC1483, ATMP, PPTP, or IPsec. If you select any data link encapsulation method other...

WAN and System Configuration 7-7 The default profile If you are using RFC1483 datalink encapsulation, the Default Profile screen controls whether or not the ADSL link will come up without an explicitly configured connection profile. (PPP datalink encapsulation does not suppor t a default profile, an...

7-8 User’s Reference Guide IP parameters (default profile) screen If you are using RFC1483 datalink encapsulation, the IP Parameters (Default Profile) screen allows you to configure various IP parameters for ADSL connections established without an explicitly configured connection profile: For an ADS...

WAN and System Configuration 7-9 Viewing scheduled connections To display a table of scheduled connections, select Display/Change Scheduled Connection in the Scheduled Connections screen. Each scheduled connection occupies one row of the table. The first column in the table shows a one-letter repres...

7-10 User’s Reference Guide The other columns show: ■ The time of day that the connection will Begin At ■ The duration of the connection ( HH:MM ) ■ Whether it’s a recurring Weekly connection or used Once Only ■ Which connection profile ( Conn. Prof. ) is used to connect ■ Whether the scheduled conn...

WAN and System Configuration 7-11 demand call on the line. ■ Demand-Allowed , meaning that this schedule will permit a demand call on the line. ■ Demand-Blocked , meaning that this schedule will prevent a demand call on the line. ■ Periodic , meaning that the connection is retried several times duri...

7-12 User’s Reference Guide Set Once-Only Schedule If you set How Often to Once Only , select Set Once-Only Schedule and go to the Set Once-Only Schedule screen. ■ Select Place Call On (Date) and enter a date in the format MM/DD/YY or MM/DD/YYYY (month, day, year). Note: You must enter the date in t...

WAN and System Configuration 7-13 Modifying a scheduled connection To modify a scheduled connection, select Display/Change Scheduled Connection in the Scheduled Connections screen to display a table of scheduled connections. Select a scheduled connection from the table and press Return. The Change S...

7-14 User’s Reference Guide The console screen will open to the Main Menu, similar to the screen shown below: Navigating through the system configuration screens To help you find your way to par ticular screens, some sections in this guide begin with a graphical path guide similar to the following e...

WAN and System Configuration 7-15 System configuration features The Netopia 4541/4542 ADSL Router’s default settings may be all you need to configure your Netopia 4541/4542. Some users, however, require advanced settings or prefer manual control over the default selections. For these users, the Neto...

7-16 User’s Reference Guide IP setup These screens allow you to configure your network’s use of the IP networking protocol. ■ Details are given in “IP Setup” on page 8-2 . Filter sets (firewalls) These screens allow you to configure security on your network by means of filter sets and a basic firewa...

WAN and System Configuration 7-17 3. Select the Router’s time zone from the Time Zone pop-up menu and press Return. 4. In the NTP Update Interval field, enter how often to synchronize with the time ser ver, using the format HHHH:MM where H is hours and M is minutes. 5. Select a System Date Format ; ...

7-18 User’s Reference Guide Security These screens allow you to add users and define passwords on your network. ■ Details are given in “Security” on page 11-1 . Upgrade feature set You can upgrade your Netopia 4541/4542 by adding new feature sets through the Upgrade Feature Set utility. See the rele...

WAN and System Configuration 7-19 ■ You can specify the UNIX syslog Facility to use by selecting the Facility pop-up. ■ Erase the log by selecting DUMP WAN LOG Installing the Syslog client The Goodies folder on the Netopia CD contains a Syslog client daemon program that can be configured to repor t ...

8-2 User’s Reference Guide IP Setup The IP Setup options screen is where you configure the Ethernet side of the Netopia 4541/4542. The information you enter here controls how the router routes IP traf fic. Consult your network administrator or ISP to obtain the IP setup information (such as the Ethe...

8-4 User’s Reference Guide IP subnets The IP Subnets screen allows you to configure up to eight Ethernet IP subnets on unlimited-user models, one “primar y” subnet and up to seven secondar y subnets, by entering IP address/subnet mask pairs: Note: You need not use this screen if you have only a sing...

8-6 User’s Reference Guide If you have configured multiple Ethernet IP subnets, the IP Setup screen changes slightly: The IP address and Subnet mask items are hidden, and the Define Additional Subnets... item becomes Subnet Configuration... . If you select Subnet Configuration , you will return to t...

8-10 User’s Reference Guide IP Address Serving In addition to being a router, the Netopia 4541/4542 is also an IP address ser ver. There are three protocols it can use to distribute IP addresses. ■ The first, called Dynamic Host Configuration Protocol (DHCP), is widely suppor ted on PC networks, as ...

IP Setup 8-13 IP Address Pools The IP Address Pools screen allows you to configure a separate IP address ser ving pool for each of up to eight configured Ethernet IP subnets: This screen consists of between two and eight rows of four columns each. There are exactly as many rows as there are Ethernet...

8-14 User’s Reference Guide Numerous factors influence the choice of ser ved address. It is dif ficult to specify the address that will be ser ved to a par ticular client in all circumstances. However, when the address ser ver has been configured, and the clients involved have no prior address ser v...

IP Setup 8-15 DHCP NetBIOS Options If your network uses NetBIOS, you can enable the Netopia 4541/4542 to use DHCP to distribute NetBIOS information. NetBIOS stands for Network Basic Input/Output System. It is a layer of software originally developed by IBM and Sytek to link a network operating syste...

8-16 User’s Reference Guide ■ From the NetBios Type pop-up menu, select the type of NetBIOS used on your network. ■ To ser ve DHCP clients with the NetBIOS scope, select Serve NetBios Scope and toggle it to Yes . Select NetBios Scope and enter the scope. ■ To ser ve DHCP clients with the IP address ...

IP Setup 8-17 Select Release BootP Leases and press Return. ■ Back in IP Address Ser ving, the Ser ve Dynamic WAN Clients toggle More Address Serving Options The Netopia 4541/4542 includes a number of enhancements in the built-in DHCP IP address ser ver. These enhancements include: ■ The ability to ...

8-18 User’s Reference Guide Configuring the IP Address Server options To access the enhanced DHCP ser ver functions, from the Main Menu navigate to Statistics & Logs and then Served IP Addresses . The following example shows the Ser ved IP Addresses screen after three clients have leased IP addr...

8-22 User’s Reference Guide The router’s Ethernet IP address(es) will be automatically excluded from the address ser ving pool(s) on star tup. Entries in the ser ved IP address list corresponding to the router’s Ethernet IP address(es) that have been automatically excluded on star tup are not select...

IP Setup 8-25 Note: The remote DHCP ser ver(s) to which the Netopia Router is relaying DHCP requests must be capable of ser vicing relayed requests. Not all DHCP ser vers suppor t this feature. For example, the DHCP ser ver in the Netopia Router does not . The DHCP ser ver(s) to which the Netopia Ro...

Multiple Network Address Translation 9-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 9 9 9 9 M M M M u u u u llll tttt iiii p p p p llll ee e e N N N N ee e e tttt w w w w o o o o rrrr kk k k A A A A d d d d d d d d rrrr ee e e ssss ssss TT T T rrrr aa a a n n n n ssss llll aa a a tttt iiii o o ...

Multiple Network Address Translation 9-3 When addresses are returned to the group of available addresses, they are returned to the head of the group, being the most recently used. If that same host requests a connection an hour later, and the same public address is still available, then it will be m...

Multiple Network Address Translation 9-5 In order to suppor t this type of mapping, you define two address ranges. First, you define a public range which contains the first and last public address to be used and the way in which these addresses should be used (PAT, static, or dynamic). You then conf...

9-6 User’s Reference Guide Easy Setup Profile configuration The screen below is an example. Depending on the type of router you are using, fields displayed in this screen may var y. The Local WAN IP Address is used to configure a NAT public address range consisting of the Local WAN IP Address and al...

9-10 User’s Reference Guide ■ Select Map List Name and enter a descriptive name for this map list. A new menu item, Add Map , appears. ■ Select Add Map and press Return. The Add NAT Map screen appears. ■ Select First and Last Private Address and enter the first and last interior IP addresses you wan...

9-12 User’s Reference Guide Modifying map lists You can make changes to an existing map list after you have created it. Since there may be more than one map list you must select which one you are modifying. From the Network Address Translation screen select Show/Change Map List and press Return. ■ S...

9-14 User’s Reference Guide Adding Server Lists Ser ver lists, also known as Expor ts, are handled similarly to map lists. If you want to make a par ticular ser ver’s por t accessible (and it isn’t accessible through other means, such as a static mapping), you must create a ser ver list. Select Add ...

Multiple Network Address Translation 9-17 Modifying server lists Once a ser ver list exists, you can select it for modification or deletion. ■ Select Show/Change Server List from the Network Address Translation screen. ■ Select the Ser ver List Name you want to modify from the pop-up menu and press ...

Multiple Network Address Translation 9-19 Deleting a server To delete a ser ver from the list, select Delete Server from the Show/Change NAT Ser ver List menu and press Return. A pop-up menu lists your configured ser vers. Select the one you want to delete and press Return. A dialog box asks you to ...

9-20 User’s Reference Guide Binding Map Lists and Server Lists Once you have created your map lists and ser ver lists, for most Netopia Router models you must bind them to a profile, either a Connection Profile or the Default Profile. You do this in one of the following screens: ■ the IP profile par...

9-24 User’s Reference Guide NAT Associations Configuration of map and ser ver lists alone is not suf ficient to enable NAT for a WAN connection because map and ser ver lists must be linked to a profile that controls the WAN inter face. This can be a Connection Profile, a WAN Ethernet inter face, a d...

Multiple Network Address Translation 9-25 keys. Select the item by pressing Return to display a pop-up menu of all of your configured lists. ■ Select the list name you want to assign and press Return again. Your selection will then be associated with the corresponding profile or inter face. NAT Asso...

9-26 User’s Reference Guide MultiNAT Configuration Example To help you understand a typical MultiNAT configuration, this section describes an example of the type of configuration you may want to implement on your site. The values shown are for example purposes only. Make your own appropriate substit...

9-30 User’s Reference Guide To make these changes, first limit the range of remapped addresses on the Static Map and then edit the default ser ver list called Easy-Ser vers. ■ First, navigate to the Show/Change Map List screen, select Easy-PAT List and then Show/Change Maps . Choose the Static Map y...

Virtual Private Networks (VPNs) 10-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 1111 0 0 0 0 V V V V iiii rrrr tttt u u u u aa a a llll P P P P rrrr iiii vvv v aa a a tttt ee e e N N N N ee e e tttt w w w w o o o o rrrr kk k k ssss (((( V V V V P P P P N N N N ssss )))) The Netopia 4541/4542 of...

10-2 User’s Reference Guide Tunneling is a process of creating a private path between a remote user or private network and another private network over some intermediate network, such as the IP-based Internet. A VPN allows remote of fices or employees access to your internal business LAN through mea...

Virtual Private Networks (VPNs) 10-3 the receiving side, an IPsec-compliant device decr ypts each packet. The Netopia 4541/4542 suppor ts the more secure Tunnel mode. DES stands for Data Encr yption Standard, a popular symmetric-key encr yption method. DES uses a 56-bit key. The Netopia 4541/4542 of...

10-4 User’s Reference Guide PPTP configuration To set up the router as a PPTP Network Ser ver (PNS) capable of answering PPTP tunnel requests you must also configure the VPN Default Answer Profile. See "ATMP/PPTP Default Profile" on page 10-16 for more information. PPTP is a Datalink Encapsu...

Virtual Private Networks (VPNs) 10-7 The IP Profile Parameters screen appears. ■ Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel. About IPsec Tunnels IPsec stands for IP Security, a set of protocols that suppor ts secure exchange of IP packets at the IP layer....

10-8 User’s Reference Guide The Add Connection Profile screen appears. ■ From the Data Link Encapsulation pop-up menu select IPsec . ■ Then select Data Link Options . The IPsec Encr yption & Authentication Options screen appears. ■ You must specify an Encryption Transform . The choices are DES o...

10-10 User’s Reference Guide IP Profile Parameters The following IP Profile Options screen is displayed for an IPsec Connection Profile. ■ You must specify an SPI (Security Parameters Index) , which is the ESP receive side SPI and the default SPI for ESP transmit, AH receive, and AH transmit. It mus...

10-12 User’s Reference Guide If you do not specify the Remote Tunnel Endpoint Address, the router will use the default gateway to reach the par tner. If the par tner should be reached via an alternate por t (for example, the LAN instead of the WAN), the Next Hop Gateway field allows this path to be ...

10-14 User’s Reference Guide the gateway par tner is reached. If you do not specify the ATMP Par tner IP Address, the router will use the default gateway to reach the par tner and the Tunnel Via Gateway field is hidden. If the par tner should be reached via an alternate por t (i.e., the LAN instead ...

Virtual Private Networks (VPNs) 10-15 ■ Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel. Encryption Support Encr yption is a method for altering user data into a form that is unusable by anyone other than the intended recipient. The recipient must have the mea...

10-16 User’s Reference Guide and transparently. ATMP/PPTP Default Profile The WAN Configuration menu of fers a ATMP/PPTP Default Profile option. Use this selection when your router is acting as the ser ver for VPN connections, that is, when you are on the answering end of the tunnel establishment. T...

Virtual Private Networks (VPNs) 10-17 If you chose MS-CHAP authentication, the Data Compression option is not required, and this menu item becomes hidden. VPN QuickView You can view the status of your VPN connections in the VPN QuickView screen. From the Main Menu select QuickView and then VPN Quick...

10-18 User’s Reference Guide Dial-Up Networking for VPN Microsoft Windows Dial-Up Networking software permits a remote standalone workstation to establish a VPN tunnel to a PPTP ser ver such as a Netopia Router located at a central site. Dial-Up Networking also allows a mobile user who may not be co...

Virtual Private Networks (VPNs) 10-19 The Communications window appears. 5. In the Communications window, select Dial-Up Networking and click the OK button. This returns you to the Windows Setup screen. Click the OK button. 6. Respond to the prompts to install Dial-Up Networking from the system disk...

10-20 User’s Reference Guide Configuring a Dial-Up Networking profile Once you have created your Dial-Up Networking profile, you configure it for TCP/IP networking to allow you to connect to the Internet through your Internet connection device. Do the following: 1. Double-click the My Computer (or w...

10-22 User’s Reference Guide This displays a list of possible selections for the communications option. Active components will have a check in the checkboxes to their left. 6. Check Dial Up Networking at the top of the list and Vir tual Private Networking at the bottom of the list. 7. Click OK at th...

10-24 User’s Reference Guide PPTP example To enable a firewall to allow PPTP traf fic, you must provision the firewall to allow inbound and outbound TCP packets specifically destined for por t 1723. The source por t may be dynamic, so often it is not useful to apply a compare function upon this por ...

10-26 User’s Reference Guide Select Output Filter 2 and press Return. In the Change Output Filter 2 screen, set the Protocol Type to allow GRE as shown below. ATMP example To enable a firewall to allow ATMP traf fic, you must provision the firewall to allow inbound and outbound UDP packets specifica...

Security 11-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 1111 1111 S S S S ee e e cccc u u u u rrrr iiii tttt yyy y The Netopia 4541/4542 provides a number of security features to help protect its configuration screens and your local network from unauthorized access. Although these features are...

Security 11-3 To add a new user account, select Add User in the Security Options screen and press Return. The Add Name With Write Access screen appears. Follow these steps to configure the new account: 1. Select Enter Name and enter a descriptive name (for example, the user’s first name). 2. Select ...

11-4 User’s Reference Guide To restrict Telnet access, select Security in the Advanced Configuration menu. The Security Options screen will appear. There are two levels of Telnet restriction available: ■ To restrict Telnet access to the SNMP screens, select Enable Telnet Access to SNMP Screens and t...

Security 11-5 Each inspector has a specific task. One inspector’s task may be to examine the destination address of all outgoing packages. That inspector looks for a cer tain destination—which could be as specific as a street address or as broad as an entire countr y—and checks each package’s destin...

11-6 User’s Reference Guide If the package does not match the first inspector’s criteria, it goes to the second inspector, and so on. You can see that the order of the inspectors in the line is ver y impor tant. For example, let’s say the first inspector’s orders are to send along all packages that ...

Security 11-11 This filter blocks any packets coming from a remote network with the IP network address 200.233.14.0. The 0 at the end of the address signifies any host on the class C IP network 200.233.14.0. If, for example, the filter is applied to a packet with the source IP address 200.233.14.5, ...

11-12 User’s Reference Guide An approach to using filters The ultimate goal of network security is to prevent unauthorized access to the network without compromising authorized access. Using filter sets is par t of reaching that goal. Each filter set you design will be based on one of the following ...

Security 11-17 Deleting filters To delete a filter, select Delete Input Filter or Delete Output Filter in the Display/Change Filter Set screen to display a table of filters. Select the filter from the table and press Return to delete it. Press Escape to exit the table without deleting the filter. Mo...

11-18 User’s Reference Guide Basic Firewall blocks undesirable traf fic originating from the WAN (in most cases, the Internet), but for wards all traf fic originating from the LAN. It follows the conser vative “that which is not expressly permitted is prohibited” approach: unless an incoming packet ...

11-20 User’s Reference Guide FTP sessions. To allow WAN-originated FTP sessions to a LAN-based FTP ser ver with the IP address a.b.c.d (corresponding to a numbered IP address such as 163.176.8.243), inser t the following input filter ahead of the current input filter 1: ■ Enabled: Yes ■ For ward: Ye...

Security 11-21 Basic IP packet components All IP packets contain the same basic header information, as follows: This header information is what the packet filter uses to make filtering decisions. It is impor tant to note that a packet filter does not look into the IP data stream (the User Data from ...

11-22 User’s Reference Guide Firewall design rules There are two basic rules to firewall design: ■ “What is not explicitly allowed is denied.” and ■ “What is not explicitly denied is allowed.” The first rule is far more secure, and is the best approach to firewall design. It is far easier (and more ...

11-24 User’s Reference Guide Example filter set screen This is an example of the Netopia filter set screen: Filter basics In the source or destination IP address fields, the IP address that is entered must be the network address of the subnet. A host address can be entered, but the applied subnet ma...

Security 11-25 Example network Example filters Example 1 Incoming packet has the source address of 200.1.1.28 This incoming IP packet has a source IP address that matches the network address in the Source IP Address field (00000000) in the Netopia 4541/4542. This will not for ward this packet. Filte...

Monitoring Tools 12-1 C C C C h h h h aa a a p p p p tttt ee e e rrrr 1111 2 2 2 2 M M M M o o o o n n n n iiii tttt o o o o rrrr iiii n n n n g g g g TT T T o o o o o o o o llll ssss This chapter discusses the Netopia 4541/4542’s device and network monitoring tools. These tools can provide statisti...

12-2 User’s Reference Guide General status Current Date: The current date; this can be set with the Date and Time utility (see “Date and time” on page 7-16 ). Default IP Gateway: The router’s default gateway, which may be either manually configured or learned via DHCP. This is the value you assigned...

Monitoring Tools 12-3 Current status The current status section is a table showing the current status of the DSL connection. For example: Profile Name: Lists the name of the connection profile being used, if any. Rate: Shows the line rate for this connection. %Use: Indicates the average percent util...

12-4 User’s Reference Guide Statistics & Logs When you are troubleshooting your Netopia 4541/4542, the Statistics & Logs screens provide insight into the recent event activities of the router. From the Main Menu go to Statistics & Logs and select one of the options described in the secti...

Monitoring Tools 12-7 IP Routing Table The IP routing table displays all of the IP routes currently known to the Netopia 4541/4542. The routing table screen represents a snapshot of the routing table information at the time the screen is first invoked. To take a new snapshot, select Update at the bo...

Monitoring Tools 12-9 System Information The System Information screen gives a summar y view of the general system level values in the Netopia 4541/4542. From the Statistics & Logs menu select System Information . The System Information screen appears. The information display varies by model, fi...

12-10 User’s Reference Guide The SNMP Setup screen From the Main Menu, select SNMP in the System Configuration screen and press Return. The SNMP Setup screen appears. Follow these steps to configure the first three items in the screen: 1. Select System Name and enter a descriptive name for the Netop...

Monitoring Tools 12-11 By default, the read-only and read/write community strings are set to public and private, respectively. You should change both of the default community strings to values known only to you and trusted system adminis-trators. To change a community string, select it and enter a n...

13-2 User’s Reference Guide Ping The Netopia 4541/4542 Router includes a standard Ping test utility. A Ping test generates IP packets destined for a par ticular (Ping-capable) IP host. Each time the target host receives a Ping packet, it returns a packet to the original sender. Ping allows you to se...

13-4 User’s Reference Guide Packets Lost: The number of packets unaccounted for, shown in total and as a percentage of total packets sent. This statistic may be updated during the Ping test, and may not be accurate until after the test is over. However, if an escalating one-to-one correspondence is ...

Utilities and Diagnostics 13-5 To trace a route, follow these steps: 1. Select Host Name or IP Address and enter the name or address of the destination you want to trace. 2. Select Maximum Hops to set the maximum number of routers to count between the Netopia Router and the destination router, up to...

13-6 User’s Reference Guide The Telnet client screen appears. ■ Enter the host name or the IP address in dotted decimal format of the machine you want to Telnet into and press Return. ■ Either accept the default control character “Q” used to suspend the Telnet session, or type a dif ferent one. ■ ST...

Utilities and Diagnostics 13-7 Transferring configuration and firmware files with TFTP Trivial File Transfer Protocol (TFTP) is a method of transferring data over an IP network. TFTP is a client-ser ver application, with the router as the client. To use the Netopia 4541/4542 as a TFTP client, a TFTP...

13-8 User’s Reference Guide ■ Select GET ROUTER FIRMWARE FROM SERVER and press Return. You will see the following dialog box: ■ Select CANCEL to exit without downloading the file, or select CONTINUE to download the file. The system will reset at the end of the file transfer to put the new firmware i...

Utilities and Diagnostics 13-9 ■ Select GET CONFIG FROM SERVER and press Return. You will see the following dialog box: ■ Select CANCEL to exit without downloading the file, or select CONTINUE to download the file. The system will reset at the end of the file transfer to put the new configuration in...

13-10 User’s Reference Guide Updating firmware Firmware updates may be available periodically from Netopia or from a site maintained by your organization’s network administration. Follow these steps to update the Netopia 4541/4542’s firmware: 1. Make sure you have the firmware file on disk and know ...

Utilities and Diagnostics 13-11 Caution! Do not manually power down or reset the Netopia 4541/4542 while it is automatically resetting or it could be damaged. Downloading configuration files The Netopia 4541/4542 can be configured by downloading a configuration file. The downloaded file reconfigures...

13-12 User’s Reference Guide 3. Select CANCEL to exit without uploading the file, or select CONTINUE to upload the file. If you choose CONTINUE, you will have ten seconds to use your terminal emulation software to initiate an XMODEM transfer of the configuration file. If you fail to initiate the tra...

Troubleshooting A-1 A A A A p p p p p p p p ee e e n n n n d d d d iiii xxxx A A A A T T T T rrrr o o o o u u u u b b b b llll ee e e ssss h h h h o o o o o o o o tttt iiii n n n n g g g g This appendix is intended to help you troubleshoot problems you may encounter while setting up and using the Ne...

A-2 User’s Reference Guide Console connection problems Can’t see the configuration screens (nothing appears) ■ Make sure the cable connection from the Netopia 4541/4542’s console por t to the computer being used as a console is securely connected. ■ Make sure the terminal emulation software is acces...

Troubleshooting A-3 How to reset the router to factory defaults Lose your password? This section shows how to reset the router so that you can access the console screens once again. Keep in mind that all of your connection profiles and settings will need to be reconfigured. If you don't have a passw...

A-4 User’s Reference Guide Technical support Netopia, Inc. is committed to providing its customers with reliable products and documentation, backed by excellent technical suppor t. Before contacting Netopia Look in this guide for a solution to your problem. You may find a solution in this troublesho...

Technical Specifications and Safety Information B-1 A A A A p p p p p p p p ee e e n n n n d d d d iiii xxxx B B B B T T T T ee e e cccc h h h h n n n n iiii cccc aa a a llll S S S S p p p p ee e e cccc iiii ffff iiii cccc aa a a tttt iiii o o o o n n n n ssss aa a a n n n n d d d d S S S S aa a a f...

B-2 User’s Reference Guide December 1, 2000 ■ Canada – CSA: CAN/CSA-C22.2 No. 950-95 EMI: ■ FCC Par t 15 Class B International Safety Approvals: ■ Low Voltage (European directive) 73/23/EEC ■ EN60950 1992 (Europe) ■ AS/NRZ 3260 (Australia) ■ TS001(Australia) EMI Compatibility: ■ European Directive 8...

B-4 User’s Reference Guide Caution Users should not attempt to make such connections themselves, but should contact the appropriate electric inspection authority, or electrician, as appropriate. The Load Number (LN) assigned to each terminal device denotes the percentage of the total load to be conn...

Technical Specifications and Safety Information B-5 Replace only with the same or equivalent type recommended by the manufacturer. Dispose of used batteries according to the manufacturer's instructions.