TW-EA802 - Telewell
Contents
1. WAN Connection RFC 1483 Routed Description RFC 1453 routed mode VPI O VCI 35 ATM Class UBR NAT Enable Disable Encapsulation Method LLC Bridged v Obtain an IP address automatically via DHCP client O Use the following IP address IP Assignment IP Address Netmask Gateway RIP C RIP vi C RIP v2 C RIP v2 Multicast MTU 1500 TCP MSS Clamp Enable Disable O Enable Disable r gt I I I e e le k J J MAC Address Spoofing 29 Chapter 4 Configuration TW EA802 Bridge Router Description User definable name for the connection VPI and VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account sharing the single IP address If users on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled Encapsulation method Selects the encapsulation format the default is LLC Bridged Select the one provided by your ISP IP Assignment O Obtain an IP address automatically via DHCP client specify if the Router can get an IP address from the ISP Internet Service Provider automatically O Usethe following IP Address Specify the IP address manually the IP should be given by you our ISP RIP RIP v1 RIP v2 and RIP v2 Mult2. El QoS Packet Scheduler Internet Protocol TCP IP Install Description Transmission Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected Figure 3 3 TCP IP Internet Protocol TCP IP Properties General Alternate Configuration You can get IP settings assigned automatically if vour network supports this capability Otherwise vou need to ask vour network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address Obtain DNS server address automatically O Use the following DNS server addresses Figure 3 4 IP Address amp DNS Configuration TW EA802 Bridge Router Configuring PCs in Windows 2000 1 Goto Start Settings Control Panel In the Control Panel double click Network and Dial up Connections 2 Double click Local Area LAN Connection See Figure 3 5 Figure 3 5 LAN Area Connection 3 In the LAN Area Connection Status window click Properties See Figure 3 6 Figure 3 6 LAN Connection Status 4 Select Internet Protocol TCP IP and click Properties See Figure 3 7 Figure 3 7 TCP IP 5 Select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons See Figure 3 8 6 Click OK t
3. Its default setting is set to High you may adjust this setting to fit your policy application Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or range of packets to be monitored DSCP Marking Differentiated Services Code Point DSCP it is the first 6 bits in the ToS byte DSCP Marking allows users to assign specific application traffic to be executed in priority by the next Router based on the DSCP value Chapter 4 Configuration See Table 4 The DSCP Mapping Table O 2 TW EA802 Bridge Router Note To be sure the router s in the backbones network have the capability in executing and checking the DSCP through out the QoS network Table 4 DSCP Mapping Table 63 Chapter 4 Configuration Outbound IP Throttling LAN to WAN TW EA802 Bridge Router IP Throttling allows you to limit the speed of IP traffic The value entered will limit the speed of the application that you set to the specified value s multiple of 32kbps Outbound IP Throttling Configuration from LAN to WAN packet Application Time Schedule Protocol t famays On any y W famays On any I ih aways On v any y th famays on any I th Always On v any
4. TCP ee UDP DstPort Back Orifice Scan Orifice Port 31337 SrcIP SYN FIN RST ACK No Existing session Max TCP Open Net Bus Scan Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes SYN Flood Handshaking Count Default 100 c sec Max ICMP Count kkk Default 100 c sec KNN Max PING Count N Default 15 c sec NN ves Src IP Source IP Src Port Source Port Dst Port Destination Port Dst IP Destination IP 5 N Chapter 4 Configuration TW EA802 Bridge Router URL Filter URL Uniform Resource Locator e g an address in the form of http www abcde com or http www example com filter rules allow you to prevent users on your network from accessing particular websites by their URL There are no pre defined URL filter rules you can add filter rules to meet your reguirements URL Filter Configuration URL Filtering Enable Disable Block Mode ays On y Keywords Filtering Enable Details O Enable Details O Domains Filtering Disable all WEB traffic except for Trusted Domains I Block Java Applet Restrict URL Features I Block surfing by IP address Apply Cancel Exception List Name IP Address Add Enable Disable To enable or disable URL Filter feature Block Mode A list of the modes that you can choose to check the URL filter rules Disabled No action will be performed by the Block Mode Always On Action is enabled URL filter rules will be monitoring and checking
5. The settings below help you to limit bandwidth for the restricted application as 7 Throt AS und IP Throttling laa h Inboun mestat y av ja fo E ja imesio an a 192 168 1 100 192 168 1 100 68 Chapter 4 Configuration TW EA802 Bridge Router Virtual Server Port Forwarding In TCP IP and UDP networks a port is a 16 bit number used to identify which application program usually a server incoming connections should be delivered to Some ports have numbers that are pre assigned to them by the IANA the Internet Assigned Numbers Authority and these are referred to as well known ports Servers follow the well known port assignments so clients can locate them If you wish to run a server on your network that can be accessed from the WAN i e from other machines on the Internet that are outside your local network or any application that can accept incoming connections e g Peer to peer P2P software such as instant messaging applications and P2P file sharing applications and are using NAT Network Address Translation then you will usually need to configure your router to forward these incoming connection attempts using specific ports to the PC on your network running the application You will also need to use port forwarding if you want to host an online game server The reason for this is that when using NAT your publicly accessible IP address will be used by and point to your router which then n
6. UOKV OSUA N SNES TUNSI 3 INTRODUCTION TOY OUR ROUTER misesta osa 3 I Ae Sata a kelasi atelec duet oaedeeastesnuetanetuasnleaiuee bars tasta us etait tvanetentues bind E AEA 3 CHAPTER 2 INSTALLING THE ROUTER sscsccsccssscccsssscssscccsssssscccccssccccccccccscccssssccsssssscssccssccceees 5 IMPORTANT NOTE FOR USING THIS ROUTER cccssssscsscccccccceccccecesssessssssssnssccccceceseeccccesesssesessssssssnnaseeececeeeeecs 5 PACKAGE ONTENTS uskaasamamt sak doin 5 TEE OIE LE AMA A II A A M nt kotaviste 6 PHE INE ARO OR O NS 7 CARLIN a A dada A A AE 7 CHAPTER 3 BASICINS TALLATION uni A 8 CONNECTING YOUR ROUTER ASA 8 FACTORY DEFAULT SETTINGS dde ade 13 Web Interface Username and PasswOrd ccccuuuususss enne 13 DEC LANAS AOS odon old aed canine 13 LSL SETA TI HAN SE e label 13 JETT SOL o EEN PUTER ORE TET 13 INFORMATION PROM YOUR IS Eur ita etodicliiiieiclacids 14 CONFIGURING WITH Y GUR WEB BROWSER ado 15 CHAPTER 4 CONFIGURATION csusissaip nina dai ii 16 S PATU O OOO CO A O a at O eet A TA R E M EN Sa Sd 16 DEVKEINPORMATION i smsamtakmes te m ytt ss k tdelse stt e i y i kd v st vt tt y ts r v l ys t 16 AO ITP CCT Reve N 16 HOUSE LA DIA A ES LT AS A een ee ere ere 17 ES O 18 EVEN LOO AA A aa e a ni K tt RL nt Ke 19 AAN E N 19 NAAA II KOIN aE ASS etua rs a t 20 AP a E asda 0 OS nus A Zi CINE EON EAE EEE te esta Saa Anne GTE TTS tA ahace EEEE AE E EET 2
7. VC LLC based multiplexing Username Password Service Name and Domain Name System DNS IP address it ca be automatically assigned by your ISP when you connect or be set manually VPI VCI VC LLC based multiplexing Username Password Service Name PPPoE PPPoE with and Domain Name System DNS IP address it ca be automatically assigned Pass through by your ISP when you connect or be set manually In addition additional WAN address can be assigned using PPPoE dialer VPI VCI VC LLC based multiplexing Username Password and Domain Name System DNS IP address it ca be automatically assigned by your ISP when you connect or be set manually RFC 1483 Bridged VPI VCI VC LLC based multiplexing to use Bridged Mode VPI VCI VC LLC based multiplexing IP address Subnet mask Gateway RFC 1483 Routed address and Domain Name System DNS IP address it is a fixed IP address IPOA Routed VPI VCI VC LLC based multiplexing IP address Subnet mask Gateway IP over ATM address and Domain Name System DNS IP address it is a fixed IP address 14 Chapter 3 Basic Installation TW EA802 Bridge Router Configuring with your Web Browser Open your web browser enter the IP address of your router which by default is 192 168 0 254 and click Go a user name and password window prompt will appear The default username and password are admin and admin respectively See Figure 3 14 Enter Network
8. outbound allowed will let HTTPS data go through Firewall Block WAN Request O Enable Disable L N Enable for preventing any ping test from Internet such as hacker attack NOTE Any remote user who is attempting to perform this action may result in blocking all the accesses to configure and manage of the device from the Internet 48 Chapter 4 Configuration TW EA802 Bridge Router Packet Filter This function is only available when the Firewall is enabled and one of these four security levels is chosen All blocked High Medium and Low The predefined port filter rules in the Packet Filter must modify accordingly to the level of Firewall which is selected See Table1 Predefined Port Filter for more detailed information 49 Chapter 4 Configuration TW EA802 Bridge Router Example Predefined Port Filters Rules The predefined port filter rules for High Medium and Low security levels are listed See Table 1 Note Firewall All Blocked User defined you must define and create the port filter rules yourself No predefined rule is being preconfigured Table 1 Predefined Port Filter Firewall Low Firewall Medium Firewall High Application Protocol HTTP 80 TC r r NNTP 119 UI TCP 6 119 119 NO YES NO YES NO NO ransfer Protocol RealAudio RealVideo UDP 17 7070 7070 7070 P 6 P 6 P 6 P 6 NTP reza UDP 17 HTTP HTTP Proxy TCP 6 8080 8080 HTTPS 443
9. pressing Restore will load those settings into the router 45 Chapter 4 Configuration TW EA802 Bridge Router Restart Router Click Restart with option Current Settings to reboot your router and restore your last saved configuration Restart Router After restarting Please wait for several seconds to let the system Current Settings Restart Router with O Factory Default Settings If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings You may also hardware reset your router to factory settings by holding the RESET pinhole button on the back panel of the router for more than 6 seconds whilst the router is turned on User Management User Management Current Defined Users Valid User Comment true admin Default admin user Edit Create In order to prevent unauthorized access to your router s configuration interface it requires all users to login with a password You can set up multiple user accounts each with their own password You are able to Edit existing users and Create new users who are able to access the device s configuration interface Once you have clicked on Edit you are shown the following options User Management Edit Username admin Password ceecee Confirm prm valid true v Comment Default adm
10. 443 TCP on Boao or 100 ele ves we wm wm wm 50 Chapter 4 Configuration TW EA802 Bridge Router MSN 7001 UDP 17 7001 7001 YES YES MSN VEDIO 9000 TCP 6 9000 9000 no YES Inbound Internet to LAN Outbound LAN to Internet YES Allowed NO Blocked N A Not Applicable Packet Filter Add TCP UDP Filter Packet Filter Add TCP UDP Filter Rule Name Helper O Time Schedule Always On source IP Address es 0 0 0 0 Netmask 0 0 0 0 Destination IP Address es 4 0 0 0 Metmask 0 0 0 0 Type source Port Destination Port Al Dy wY Inbound Outbound Return Rule Name Users define description to identify this entry or click Helper O to select existing predefined rules The maximum name length is 32 characters Time Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Source IP Address es Destination IP Address es This is the Address Filter used to allow or block traffic to from particular IP address es Selecting the Subnet Mask of the IP address range you wish to allow block the traffic to or form set IP address and Subnet Mask to 0 0 0 0 to inactive the Address Filter rule Tip To block access to from a single IP address enter that IP address as the Host IP Address and use a Host Subnet Mask of 255 255 255 255 Type It is the packet protocol
11. Better to use fixed IP address for catching VoIP packets as high priority 192 168 1 1 192 168 1 1 VolP Always On v High Y any v Gold service L 0 0 0 0 0 0 0 0 Above settings will help to improve guality of your VolP service when traffic is full loading Restricted Application Some of companies will setup FTP server for customer downloading or home user sharing their files by using FTP N i 192 168 1 100 192 168 1 100 Restricted TimeSlott w Low m any Gold service L v all n 0 0 0 0 0 0 0 0 With above settings that help to limit utilization of upstream of FTP Time schedule also help you to only limit utilization at daytime Advanced setting by using IP throttling With IP throttling you can specify more detail for allocating bandwidth even the applications are located in the same level Upstream 928kbps 29 32kbps Mission critical Application 192kbps 6 32kbps Voice Application 128kbps 4 32kbps Restricted Application 160kbps 5 32kbps Other Applications 448kbps 14 32kbps 6 4 14 5 29 29 32kbps 928kbps 67 Chapter 4 Configuration TW EA802 Bridge Router EI 000 000 J H CC CC Kuun Ean 192 168 1 100 192168 1 100 Gennes Tes L o CC CT 192 168 1 2 aes on En CU Sometime your customers or friends may upload their files to your FTP server and that will saturate your downstream bandwidth
12. Mbps VolP User 192 168 1 1 Normal Users 192 168 1 2 192 168 1 5 Restricted User 192 168 1 100 Prioritization Configuration from LAN to WAN packet Source Port Application Time Schedule Priority Protocol Destination Port none PPTP Always On High m GRE Ea E none VolP Always On High any v Restricted TimeSlot1 wm Low w any NORMAL Chapter 4 Configuration TW EA802 Bridge Router Source IP Address Range 0 0 0 0 means Any Destination IP Address Range Tamm 0 0 0 0 means Any 0 0 0 0 0 0 0 0 Gold service L 0 0 0 0 0 0 0 0 192 168 1 1 0 0 0 0 192 168 1 100 0 0 0 0 Restricted LOW 192 168 1 1 Gold service L 0 0 0 0 l 192 168 1 100 Gold service L 0 0 0 0 m VolP VPN HIGH m Others NORMAL m Restricted LOW 66 TW EA802 Bridge Router Mission critical application Mostly the VPN connection is mission critical application for doing data exchange between head and branch office PPTP Always On GRE The mission critical application must be sent out smoothly without any dropping Set priority as high level for preventing any other applications to saturate the bandwidth none 0 0 0 0 0 0 0 0 none 0 0 0 0 0 0 0 0 Voice application Voice is latency sensitive application Most VoIP devices are use SIP protocol and the port number will be assigned by SIP module automatically
13. None of the LEDs are Check the connection between the adapter and the router If the error on when you turn on persists you may have a hardware problem In this case you should the router contact technical support You have forgotten Try the default login and password refer to Chapter 3 If this fails you can your router login restore your router to its factory settings by holding the Reset button on and or password the back of your router more than 6 seconds Problems with the WAN Interface Problem Corrective Action Initialization of the Ensure that the telephone cable is connected properly from the SHDSL PVC connection port to the wall jack The SHDSL LED on the front panel of the router linesync failed should be on Check that your VPI VCI encapsulation type and type of multiplexing settings are the same as those provided by your ISP Reboot the router GE If you still have problems you may need to verify these settings with your ISP Freguent loss of Ensure that all other devices connected to the same telephone line as SHDSL linesync your router e g telephones fax machines analogue modems have a line disconnections filter connected between them and the wall socket unless you are using a Central Splitter or Central Filter installed by a qualified and licensed electrician and ensure that all line filters are correctly installed and the right way around Missing line filters or line filters in
14. YY WAN p change the router name 217 30 182 230 System Up Time Records systems up time Current time Set the current time See the Time Zone section for more information Hardware Version Chipset version Software Version Firmware version LAN MAC Address The LAN MAC address WAN MAC Address The WAN MAC address Home URL Connects to the home Website IP Address LAN port IP address Sub Net Mask LAN port IP subnet mask DHCP server LAN port DHCP role server relay or none IP WAN Name of the WAN connection ARP Table This section displays the router s ARP Address Resolution Protocol Table which shows the mapping of Internet IP addresses to Ethernet MAC addresses This is useful as a guick way of determining the MAC address of the network interface of your PCs to use with the router s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature Chapte r 4 Configuration 16 TW EA802 Bridge Router ARP Table IP lt gt MAC List IP Address MAC Address Interface static 192 165 0 100 00 10 73 60 b1 aa Iplan no IP Address A list of IP addresses of devices on your LAN Local Area Network MAC Address The MAC Media Access Control addresses for each device on your LAN Interface The interface name on the router that this IP Address connects to Static Static status of the ARP table entry no for dynamically generated ARP table entrie
15. a static hostname This dynamic IP address is the WAN IP address For example to use the service you must first apply for an account from a DDNS service like http www dyndns org More than 5 DDNS servers are supported Quality of Service QoS QoS gives you full control over which types of outgoing data traffic should be given priority by the router ensuring important data like gaming packets customer information or management information move through the router ay lightning speed even under heavy load The QoS features are configurable by source IP address destination IP address protocol and port You can throttle the speed at which different types of outgoing data pass through the router to ensure P2P users don t saturate upload bandwidth or office browsing doesn t bring client web serving to a halt In addition or alternatively you can simply change the priority of different types of upload data and let the router sort out the actual speeds Virtual Server port forwarding Users can specify some services to be visible from outside users The router can detect incoming service reguests and forward either a single port or a range of ports to the specific local computer to handle it For example a user can assign a PC in the LAN acting as a WEB server inside and expose it to the outside network Outside users can browse inside web servers directly while it is protected by NAT A DMZ host setting is also provided to a local comput
16. an incoming access reguest to the router for a specified port is received it will be forwarded to the corresponding internal server Virtual Server Port Forwarding Edit DMZ Host O Edit One to one NAT O Virtual Server Table Application Time Schedule Protocol External Pot Redirect Port IP Address Add Virtual Server in ipwan IP Interface Virtual Server Entry Time Schedule Always On gt Application Helper O Protocol pa External Port from 0 m Redirect Port rom O mc Internal IP Address Candidates Return O Time Schedule A self defined time period to enable your virtual server You may specify a time schedule or Always on for the usage of this Virtual Server Entry For setup and detail refer to Time Schedule section Help Application Users define description to identify this entry or click er O to select existing predefined rules Helper O 20 predefined rules are available Click the Radio button to select the rule Application Protocol and External Redirect Ports will be filled after the selection Protocol It is the supported protocol for the virtual server In addition to specifying the port number to be used you will also need to specify the protocol used The protocol used is determined by the particular application Most applications will use TCP or UDP External Port The Port number on the Remote WAN side used when accessing the virtual server Redirect Port The Port number used b
17. are 6 bytes long they are presented only in hexadecimal characters The number 0 9 and letters a f are acceptable Note Follow the MAC Address Format xx xx xx xx xx xx Semicolon must be included Candidates automatically detects devices connected to the router through the Ethernet candidates O Active PC in LAN A http 192 168 0 254 Active PC in LAN Micro Active PC in LAN IP Address MAC Address 192 168 0 100 00 10 7a 60 b1 aa 26 Chapter 4 Configuration TW EA802 Bridge Router Active PC in LAN displays a list of individual Ethernet device s IP Address amp MAC Address which connecting to the router You can easily by checking the box next to the IP address to be blocked or allowed Then Add to insert to the Ethernet Client Filter table The maximum Ethernet client is 16 Port Setting This section allows you to configure the settings for the router s Ethernet ports to solve some of the compatibility problems that may be encountered while connecting to the Internet as well allowing users to tweak the performance of their network Port Setting Parameters Port Connection Type Auto y Port2 Connection Type Auto vw Port3 Connection Type Auto vw Port4 Connection Type Auto y IPv4 TOS Priority Control Enable Disable set High Priority TOS 116312621 1617 603 591 5851 671 6561 551 1547 531 521 151 1504 491 45 471 461 451 44 431 421 411 401 391 Sel 371 1369 351 341 33
18. are items within the System section Time Zone Remote Access Firmware Upgrade Backup Restore Restart and User Management Time Zone Time Zone Parameters Time Zone Enable Disable Time Zone List By City O By Time Difference Local Time Zone GMT Time GMT Greenwich Mean Time v 0 EE 1 carl css gov 2 india colorado edu 3 time nist gov 4 time bnist gov Daylight Saving Automatic Resync Period 1440 minutes The router does not have areal time clock on board instead it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server outside your network Choose your local time zone click Enable and click the Apply button After successful connection to the Internet the router will retrieve the correct local time from the SNTP server you have specified If you prefer to specify an SNTP server other than those in the list simply enter its IP address as shown above Your ISP may provide an SNTP server for you to use Daylight Saving is also known as Summer Time Period Many places in the world adapt it during summer time to move one hour of daylight from morning to the evening in local standard time Check Automatic box to auto set your local time Resync Period in minutes is the periodic interval the router will wait before it re synchronizes the router s time with that of the specified SNTP server In order to avoid unnecessarily increasing the load on your specified SNTP server you should keep the p
19. automatically DHCP Server Configuration Disable DHCP Server Mode O DHCP Server O DHCP Relay Agent DHCP Server Status Allow Bootp true Allow Unknown Clients true Enable true Subnet Definitions subnet Value 192 165 0 0 subnet Mask a Pena n T N Maximum Lease Time 06400 seconds Default Lease Time 43200 seconds Use local host address as DNS server true Use local host address as default gateway true Get subnet from IP interface iplan IP Range 192 158 0 100 192 168 0 199 Option domain name servers 0 0 0 0 The factory default is disabled When the DHCP Server is disabled you will need to manually assign a fixed IP address to each PCs on your network and set the default gateway for each PCs to the IP address of the router by default this is 192 168 0 254 To enable the router s DHCP Server check DHCP server and click Next You can then configure parameters of the DHCP Server including the IP pool starting IP address and ending IP address to be allocated to PCs on your network lease time for each assigned IP address the period of time the IP address assigned will be valid DNS IP address and the gateway IP address These details are sent to the DHCP client i e your PC when it requests an IP address from the DHCP server Click Apply to enable this function If you check Use Router as a DNS Server the Router will perform the domain name lookup find the IP address from the outside network automatically and forw
20. default meaning that all inbound Internet to LAN and outbound LAN to Internet packets will be blocked Users have to add their own filter rules for further access to the Internet High Medium Low security level the predefined port filter rules for High Medium and Low security are displayed in Port Filters of Packet Filter Select either High Medium or Low security level to enable the Firewall The only difference between these three security levels is the preset port filter rules in the Packet Filter Firewall functionality is the same for all levels it is only the list of preset port filters that changes between each setting For more detailed on level of preset port filter information refer to Table 1 Predefined Port Filter Note The changes or added custom filters on a previous security level will be remembered whenever newer security level is selected There is no need to reconfigure all settings again if switching back to the previous level The Block WAN Request is a stand alone function and not relate to whether security enable or disable Mostly it is for preventing any scan tools from WAN site by hacker General Settings Firewall Security Security O Enable Disable All blocked User defined l High security level Policy Medium security level Low security level DN some applications cannot work after enabling Firewall please check the Packet Filter especially Port Filter rules For example adding TCP 443
21. disconnect the broadband firewall gateway when there is no activity on the line for a predetermined period of time O Detail You can define the destination port and packet type TCP UDP without checking by timer It allows you to set which outgoing traffic will not trigger and reset the idle timer RIP RIP v1 RIP v2 and RIP v2 Multicast Check to enable RIP function MTU Maximum Transmission Unit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface TCP MSS Clamp It is enabled by default All TCP traffic routed through the interface will be examined If a TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU Maximum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation MAC Address Spoofing Some ISP Internet Access Provider validates the SHDSL connection by checking the MAC address of given router or your PC Ethernet adapter If you replace a new router or PC or PC Ethernet adapter your ISP may drop the SHDSL connection because of false MAC address You can spoof the MAC address in order to get the SHDSL connection Advanced Options PPPoE LLC Header Selects encapsulation mode true for using LLC or false for using VC Mux Create Route This setting specifies whether a route is added to the system after IPCP Internet Protoco
22. offered by your ISP If the scan is successful you will then be presented with a list of supported options 22 Chapter 4 Configuration status Quick Start Configuration save Config to FLASH Language 1 found PPPoE PVC on 0 33 Auto Scan TW EA802 Bridge Router Cancel Select the desired option from the list and click Apply to return to the Ouick Start interface to continue configuring your ISP connection Please note that the contents of this list will vary depending on what is supported by your ISP Chapter 4 Configuration 23 TW EA802 Bridge Router Configuration When you click this item you get following sub items to configure your router LAN WAN System Firewall OoS Virtual Server Time Schedule and Advanced These functions are described below in the following sections LAN Local Area Network Here are the items within LAN section Bridge Interface Ethernet IP Alias Ethernet Client Filter Port Settings and DHCP Server Bridge Interface Bridge Interface Parameters Bridge Interface VLAN Port Ethernet O MP1 P2 P3 P4 Ethernet O P1 v P2 v P3 v P4 Ethernet2 PT a Ra RS Ethernet3 Pl F2 JPS JPA Device Management Management Interface Ethernet You can setup member ports for each VLAN group under Bridge Interface section From the example two VLAN groups need to be created Ethernet P1 Port 1 Ethernet1 P2 P3 and P4 Port 2 3 4 Uncheck P2 P3 P4 fr
23. simple and affordable for users UPnP architecture leverages TCP IP and the Web to enable seamless proximity networking in addition to control and data transfer among networked devices With this feature enabled users can now connect to Net meeting or MSN Messenger seamlessly O Network Address Translation NAT Allows multi users to access outside resources such as the Internet simultaneously with one IP address one Internet access account Many application layer gateway ALG are supported such as web browser ICO FTP Telnet E mail News Net2phone Ping NetMeeting IP phone and others SOHO Firewall Security with DoS and SPI Along with the built in NAT natural firewall feature the router also provides advanced hacker pattern filtering protection It can automatically detect and block Denial of Service DoS attacks The router is built with Stateful Packet Inspection SPI to determine if a data packet is allowed through the firewall to the private LAN Chapter 1 Introduction TW EA802 Bridge Router Domain Name System DNS relay It provides an easy way to map the domain name a friendly name for users such as www yahoo com and IP address When a local machine sets its DNS server with this router s IP address every DNS conversion reguest packet from the PC to this router will be forwarded to the real DNS in the outside network Dynamic Domain Name System DDNS The Dynamic DNS service allows you to alias a dynamic IP address to
24. since router does not have a real time clock on board it uses the Simple Network Time Protocol SNTP to get the current time from an SNTP server from the Internet Refer to Time Zone for details You router time should correspond with your local time If the time is not set correctly your Time Schedule will not function properly T O Chapter 4 Configuration TW EA802 Bridge Router Configuration of Time Schedule Edit a Time Slot 1 Choose any Time Slot ID 1 to ID 16 to edit click Edit Time Schedule Click Edit Time Slot ID Name Day in a week Start Time End Time 1 TimeSlot1 sMTWTFs 08 00 18 00 Edit Clear 2 TimeSlot2 sMTWTFs 08 00 18 00 Edit Clear Note Watch it carefully the days you have selected will present in capital letter Lower case letter shows the day s is not selected and no rule will apply on this day s 2 A detailed setting of this Time Slot will be shown Time Schedule Edit Time Slot ID 1 Name TimeSlot1 Day Sun v Mon v Tue v Wed v Thu v Fri Sat Start Time 08 a 00 End Time 18 00 ID This is the index of the time slot Name A user define description to identify this time portfolio Day The default is set from Monday through Friday You may specify the days for the schedule to be applied Start Time The default is set at 8 00 AM You may specify the start time of the schedule End Time The default is set at 18 00 6 00PM You may specify the end
25. this computer If your network does not automatically assign IP addresses ask your network administrator for an address and then type it in the space below Specify an IP address 11 1 CY Pry lPAddress SubHet vast ca Figure 3 10 IP Address TCP IP Properties 21 Bindings Advanced NetBIOS DNS Configuration Gateway WINS Configuration IP Address NeeeTeecsesensccsecssecsesnseed Cancel Figure 3 11 DNS Configuration 11 Configuring PC in Windows NT4 0 1 Go to Start Settings Control Panel In the Panel double click Network and choose the Protocols tab 2 Select TCP IP Protocol and click Properties See Figure 3 12 3 Select the Obtain an IP address from a DHCP server radio button and click OK See Figure 3 13 Chapter 3 Basic Installation Control TW EA802 Bridge Router Network lx Identification Services Protocols Adapters Bindings Network Protocols Y NetBEUI Protocol Y NwLink IPX SPX Compatible Transport Y NwLink NetBIOS ig TCP IP Protocol Add Remove Description Transport Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks Cancel Figure 3 12 TCP IP Microsoft TCP IP Properties IP Address ONS WINS Address Routing An IP address can be automatically assigned to this networ
26. type used by the application select among from TCP or UDP or both of TCP UDP Source Port This Port or Port Ranges defines the port allowed to be used by the Remote WAN to connect to the application Default is set from range O 65535 It is recommended that this option be configured by an advanced user Destination Port This is the Port or Port Ranges that defines the application Inbound Outbound Select Allow or Block the access to the Internet Outbound or from the Internet Inbound Click Apply button to apply your changes 91 Chapter 4 Configuration TW EA802 Bridge Router Packet Filter Add Raw IP Filter Packet Filter Add Raw IP Filter Rule Name Helper O Time Schedule Protocol Number Alyy S N Inbound Outbound Apply Return O Rule Name Users define description to identify this entry or click Helper O to select existing predefined rules Time Schedule It is self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol Number Insert the port number i e GRE 47 Inbound Outbound Select Allow or Block the access to the Internet Outbound or from the Internet Inbound Click Apply button to apply your changes 92 Chapter 4 Configuration TW EA802 Bridge Router Example Configuring your firewall to allow for a publicly accessible web server on your L
27. will be examined If a TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU Maximum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation Advanced Options PPPoE LLC Header Selects encapsulation mode true for using LLC or false for using VC Mux Create Route This setting specifies whether a route is added to the system after IPCP Internet Protocol Control Protocol negotiation is completed If set to enabled a route will be created which directs packets to the remote end of the PPP link Specific Route Specifies whether the route created when a PPP link comes up is a specific or default route If set to enabled the route created will only apply to packets for the subnet at the remote end of the PPP link The address of this subnet is obtained during IPCP negotiation Subnet Mask sets the subnet mask used for the local IP interface connected to the PPP transport If the value 0 0 0 0 is supplied the netmask will be calculated from the class of the IP address obtained during IPCP negotiation Route Mask Sets the subnet mask used by the route that is created when a PPP link comes up If it is set to 0 0 0 0 the subnet mask is determined by the IP address of the remote end of the link The class of the IP address is obtained during IPCP Internet Protocol Control Protocol negotiation MRU Maxim
28. 4 QUIER PAR auteta ee eee Oe a Ree 22 CONFIGURATION ido 24 LAN Local ALCAN CO WO iia E 24 Bra MEA el ea 24 A cht as Se ents inated einstellen octet wiles idan salsa dean sea Akaatin O 25 RNA A A A MIE AINI TEK TA TIPS A HIILET YRTIT 25 Geet Hent FIET AAA A A 26 POIS CI S scuttle tak tukena dess haa ttn ad halen dt hata ado Oulart Jos addi ichdnlgal hada bites e 2 DECE S ai odios 28 WAN Wide Area Network os 29 JIEN O O A A 29 ANO 39 SPP ON 40 POR AL Sa cee ee esc E setae E E S E EEN reac T S A KIN T Iain Jaa 43 Table of Contents MINSA sms O RUSS missa cl aki aasta Taman nein usva Essun mik MENET 43 ICO IOC CSS sahat Sotaa samastaa Str i o mite A imone 44 a A A hoat kamasta 44 Backup RESTON aamut datas Sussa daci n 45 KESK KO E E ET 46 User Mana A E dead 46 Firewall and Access Control ci ccccccccccccccccccuccucccnccscceccucccsecsccuscasecsscascascacceseeseascenseateas 47 General SC HIS i n 48 EA AAA E A s e Posa NSN Sata E vaa 49 ERIS 10 19 SIC A SSS kaka n ae ea E a OIT 56 CREE I ssa ee Esa Sea geist E yi E VSK SE neces sete nate A E ta 58 JNE PP TS OC As sere Saas ttc L sanasen O 60 Py AU TOG ce reese asa es tse ec ct caer ad a A nas usa 61 OOS OMASI AAA santaa maassa malainen oloi aaos A 61 POO Moussa saan vaik k Naiset wea e EO s n aidesuik aidat E eT yee eI mn TE mee ete one ere ten 61 Outbound IP Throttling LAN to WAN Dirt aia 64 Inbound IP Throtthns WAN to LAN aint A ees 65 Virtualaserver POorkPor
29. 51 32 N No nUOLUA t NU 00 8B Ff ei h sa m s mo N ms mom s o goaoot a t amp aisniioni nin is ee tai so Apply Port Connection Type Six options to choose from Auto 10M half duplex 10M full duplex 100M half duplex 100M full duplex and Disable Sometimes there are Ethernet compatibility problems with legacy Ethernet devices and you can configure different types to solve compatibility issues The default is Auto which users should keep unless there are specific problems with PCs not being able to access your LAN IPv4 TOS priority Control Advanced users TOS Type of Services is the 2 octet of an IP packet Bits 6 7 of this octet are reserved and bit 0 5 are used to specify the priority of the packet This feature uses bits 0 5 to classify the packet s priority If the packet is high priority it will flow first and will not be constrained by the Rate Limit Therefore when this feature is enabled the router s Ethernet switch will check the 2 octet of each IP packet If the value in the TOS field matches the checked values in the table O to 63 this packet will be treated as high priority 21 Chapter 4 Configuration TW EA802 Bridge Router DHCP Server You can disable or enable the DHCP Dynamic Host Configuration Protocol server or enable the router s DHCP relay functions The DHCP protocol allows your router to dynamically assign IP addresses to PCs on your network if they are configured to obtain IP addresses
30. 6400 seconds O DoS Attack Block Duration This is the duration for blocking hosts that attempt a possible Denial of Service DoS attack Possible DoS attacks this attempts to block include Ascend Kill and WinNuke Default value is 1800 seconds Max TCP Open Handshaking Count This is a threshold value to decide whether a SYN Flood attempt is occurring or not Default value is 100 TCP SYN per seconds Max PING Count This is a threshold value to decide whether an ICMP Echo Storm is occurring or not Default value is 15 ICMP Echo Reguests PING per second Max ICMP Count This is a threshold to decide whether an ICMP flood is occurring or not Default value is 100 ICMP packets per seconds except ICMP Echo Requests PING For SYN Flood ICMP Echo Storm and ICMP flood IDS will just warn the user in the Event Log It cannot protect against such attacks 56 Chapter 4 Configuration TW EA802 Bridge Router Table 2 Hacker attack types recognized by the IDS Intrusion Name Detect Parameter Blacklist PS 2 LOCK Drop Packet Show Log Duration Ascend Kill Ascend Kill data Src IP Src IP DoS Flag URG Echo CharGen Scan KNN Echo Scan Src IP CharGen Scan pening Src IP X mas Tree Scan TCP Flag X mas Src IP TCP Flag SYN FIN TCP Port 135 137 139 WinNuke Scan And Scan Hosts more than five TCP No Existing session DstPort IMAP 143 SYN FIN Scan SrcPort 0 or 65535 DstPort Net Bus er 12345 12346 3456
31. AN The predefined port filter rule for HTTP TCP port 80 is the same no matter whether the firewall is set to a high medium or low security level To setup a web server located on the local network when the firewall is enabled you have to configure the Port Filters setting for HTTP As you can see from the diagram below when the firewall is enabled with one of the three presets Low Medium High inbound HTTP access is not allowed which means remote access through HTTP to your router is not allowed Note Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet Packet Filter Rules Source IP Rule Time Metmask ESSA Source port s mboung Name Schedule Destination IP PET Destination portis Outbound Netmask 0 0 0 0 0 0 0 0 0 65535 mei dns Always On UDP Edit O Delete D 0000 0000 NN Allow 0000 0000 0 65535 Block mei tdns Always On TCP Edit O Delete O 0000 0000 a oa Allow 0 0 0 0 0 0 0 0 0 65535 Block mei ftp Always On TCP Edit O Delete 0000 0000 a kal Allow 0000 0000 0 65535 Block mei tnet Always On TCP Edit O Delete 0000 0000 aN Allow 0000 0000 0 65535 Block mei_smtp Always On TCP Edit O Delete O 0000 0000 e Allow 0 0 0 0 0 0 0 0 0 65535 Block l mei_pop3 Always On TCP Edit O Delete O 0000 0000 110 110 Allow 0000 0000 0 65535 Block mei nntp Always On TCP Edit O Delete O 0000 0000 e N Allow Chapter 4 Configuration 53 TW EA802 Bridge Route
32. Annex Type Fixed Bit Rate Activate Line DSP Firmware Version Connected state Bit Rate standard Y CO v Annex 6 ANFF 2312kbps v true Y 325 false Handshake O False 4 wired connection This mode is used when 4 wired connection is disabled SHDSL Parameters 4 VWired Connection false v Port Port 1 Mode CO v Fixed Bit Rate 2312kbps v Activate Line true v W Connected false state HandShake Bit Rate H Chapter 4 Configuration Port 2 CO v 2312kbps true v 325 false Handshake 0 40 TW EA802 Bridge Router Enhanced 4 wired connection Conexant enhanced 4 wired mode and compliant with Conexant Legacy codes Annex B ANFP true Y true v 41 Chapter 4 Configuration TW EA802 Bridge Router e 4 Wired Connection Device supports 3 types of SHDSL bis connection Standard False amp Enahnced Select the type of SHDSL bis connection from the 4 wired connection drop down menu then select Apply to activate the configuration page Note When select 2 wire mode only Port 1 settings need to be configured and the SHDSL RJ 11 cable must be connected to LINE 1 on the back of the device e Mode The SHDSL bis device can function as a CPE Customer Premises Eguipment or CO Central Office Select CPE mode when the TW EA802 is connected to your ISP e Back to back it is a direct connection between two SHDSL bis devices with one being set to CPE and the other is set to CO by us
33. ESET 1 3 seconds reset the device 6 seconds above and power off power on the device restore to factory default settings this is used when you can not login to the router e g forgot the password WR LAN 1X 4X the four LAN ports when connecting to a PC or an RJ 45 connector office home network of 10Mbps or 100Mbps CONSOLE Connect a PS2 RS 232 cable to this port when connecting to a PC s RS 232 port 9 pin serial port Connect the supplied RJ 11 telephone cable to this LINE and LINEZ port when connecting to the A SHDSL line Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of Cabling One of the most common causes of problems is bad cabling or SHDSL line s Make sure that all connected devices are turned on On the front of the product is a bank of LEDs Verify that the LAN Link and SHDSL line LEDs are lit If they are not verify that you are using the proper cables Chapter 2 Installing the Router TW EA802 Bridge Router Chapter 3 Basic Installation The router can be configured with your web browser A web browser is included as a standard application in the following operating systems Linux Mac OS Windows 98 NT 2000 XP Me Vista etc The product provides an easy and user friendly interface for configuration Please check your PC s network components The TCP IP protocol stack and Ethernet network adapter must be installed If not please refer to your Windows related or other operating system man
34. ISP does not assign them a static IP address to use a domain name This is especially useful for hosting servers via your SHDSL connection so that anyone wishing to connect to you may use your domain name rather than having to use your dynamic IP address which changes from time to time This dynamic IP address is the WAN IP address of the router which is assigned to you by your ISP Dynamic DNS Parameters Dynamic DNS Enable Disable Dynamic DNS Server Wildcard Enable Domain Name Username Password Period 25 Apply Cancel You will first need to register and establish an account with the Dynamic DNS provider using their website for example http www dyndns org There are more than 5 DDNS services supported O Disable Check to disable the Dynamic DNS function O Enable Check to enable the Dynamic DNS function The following fields will be activated and reguired Dynamic DNS Server Select the DDNS service you have established an account with Domain Name Username and Password Enter your registered domain name and your username and password for this service Period Set the time period between updates for the Router to exchange information with the DDNS server In addition to updating periodically as per your settings the router will perform an update when your dynamic IP address changes 19 Chapter 4 Configuration TW EA802 Bridge Router Check Email This function allows you to have th
35. P in the LAN network which will be providing the virtual server application Candidates Q List all the connecting PCs on the network You may assign specific PC with its IP address and MAC from the list Select the Apply button to apply your changes 14 Chapter 4 Configuration TW EA802 Bridge Router Example List of some well known and registered port numbers The Internet Assigned Numbers Authority IANA is the central coordinator for the assignment of unique parameter values for Internet protocols Port numbers range from O to 65535 but only ports numbers 0 to 1023 are reserved for privileged services and are designated as well known ports Please refer to Table 5 The registered ports are numbered from 1024 through 49151 The remaining ports referred to as dynamic or private ports are numbered from 49152 through 65535 For further information please see IANA s website at http www iana org assignments port numbers Table 5 Well known and registered Ports o eo uo TFTP trivial File Transfer Protoco oo ore WorldWide Web HTTP 79 Chapter 4 Configuration TW EA802 Bridge Router Time Schedule The Time Schedule supports up to 16 time slots which helps you to manage your Internet connection In each time profile you may schedule specific day s i e Monday through Sunday to restrict or allowing the usage of the Internet by users or applications This Time Schedule correlates closely with router s time
36. Password 2 x Y gt Please type your user name and password Site 192 168 0254 Realm User Name admin Password admin Save this password in your password list Cancel Figure 3 14 User name amp Password Prompt Window Congratulation You are now successfully logon to the SHDSL bis Router 15 Chapter 3 Basic Installation TW EA802 Bridge Router Chapter 4 Configuration Status 9 G SHDSL 4 port Access Bridge Mozilla Firefox Tiedosto Muokkaa N yt Sivuhistoria Kirjanmerkit Ty kalut Ohje dar http 192 168 0 254 Y IQ lt LA Useimmin avatut E Aloitussivu S Uutisotsikot Status Quick Start Cahana Status Configuration Model Name Save Config to FLASH Language Host Name o System Up Time Current Time Hardware Wersion Software Version G SHDSL 4 port Access Bridge Device Information TW EASD2 home gateway 14 days 3 hours Tue 11 Nov 2008 16 34 06 Helium 210 80 SHDSL bis OrionPlus v1 00 5 60c dr1 MAC Address 00 1E A6 00 E7 5D Home URL TeleWVell Oy http Awww telewell fi LAN IP Address p 192 168 0 254 Subnet Mask 255 255 255 0 DHCP Server q Enabled WAN ipwan IP Address 83 150 91 125 Subnet Mask 255 255 255 0 Primary DNS 217 30 180 230 secondary DNS Device information Host name Provide a name for the router for identification purpose Host name lets you p TYY YYYY FY LAN
37. Protocol External Port Redirect Port IP Address Edit DMZ Host DMZ Host for ipwan IP Interface O Enabled Disabled Internal IP Address Candidates Return O O Disabled As set in default setting it disables the DMZ function O Enabled It activates your DMZ function Internal IP Address Give a static IP address to the DMZ Host when Enabled radio button is checked Be aware that this IP will be exposed to the WAN Internet Candidates List all the connecting PCs on the network You may assign specific PC with its IP address and MAC from the list Select the Apply button to apply your changes 12 Chapter 4 Configuration TW EA802 Bridge Router Edit One to One NAT Network Address Translation One to One NAT maps a specific private local IP address to a global public IP address If you have multiple public WAN IP addresses from you ISP you are eligible for One to One NAT to utilize these IP addresses Global IP Pool in ip NAT Type Select desired NAT type As set in default setting it disables the One to One NAT function Global IP Address Subnet The subnet of the public WAN IP address given by your ISP If your ISP has provided this information you may insert it here Otherwise use IP Range method IP Range The IP address range of your public WAN IP addresses For example IP 192 168 1 1 end IP 192 168 1 10 Select the Apply button to apply your changes Check Add Entry O to c
38. S contains a mapping table for domain name and IP addresses On the Internet every host has a unigue and user friendly name domain name such as www helloworld com and an IP address An IP address is a 32 bit number in the form of xxx xxx xxx xxx for example 192 168 0 254 You can think of an IP address as a telephone number for devices on the Internet and the DNS will allow you to find the telephone number for any particular domain name As an IP Address is hard to remember the DNS converts the friendly name into its eguivalent IP Address You can obtain a Domain Name System DNS IP address automatically if your ISP has provided it when you logon check the Enable box Usually when you choose PPPoE or PPPoA as your WAN ISP protocol the ISP will provide the DNS IP address automatically You may leave the configuration field blank Alternatively your ISP may provide you with an IP address of their DNS If this is the case you must enter the DNS IP address manually If you choose one of the other three protocols RFC1483 Routed Bridged and IPoA check with your ISP it may provide you with an IP address for their DNS server You must enter the DNS IP address if you set the DNS of your PC to the LAN IP address of this router 39 Chapter 4 Configuration SHDSL TW EA802 Bridge Router Standard 4 wired connection the 4 wired handshaking procedure that is compliant with ITU T standard SHDSL Parameters 4 VVired Connection Mode
39. Source Part Destination Port JII NUNN MUNAAN NAMN E 0 00 OOO Source IP Address Range 0 0 0 0 means Any Destination IP Address Range 0 0 0 0 means Any boo0 bado Booo aooo poda wooo pooo wooo pooo bado Booo bado Booo wooo pooo wooo pooo ooo pooo ooo poda wooo poda wooo pooo wooo poda bado TN Rate Lirnit Click Clear You can click Clear to delete the existing Application Application A user define description to identify this new policy application Time Schedule Scheduling your prioritization policy Refer to Time Schedule for more information Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or range of packets to be monitored Outbound Rate Limit To limit the speed of outbound traffic Chapter 4 Configuration 1 32 kbps 32 kbps 32 kbps 32 kbps 1 32 kbps 1 32 kbps 1 92 kbps 1 32 kbps 64 Inbound IP Throttling WAN to LAN TW EA802 Bridge Router IP Throttling allows you to limit the speed of IP traffic The value entered will limit the speed of the application that you set to the specified value s multiple of 32kbps Inbound IP Throttling Configuration
40. TW EA802 G SHDSL bis modeemi Ohjekirja CE Copyright TeleWell Oy 1 Tietoa laitteesta 1 1 Toiminta Laite toimii reitittimen Ethernet verkkojen v lill normaalin puhelinverkon kautta Laite toimii 2 tai 4 johdin yhteydell tilaajap n laitteena 1 2 Laitteen tekniset tiedot Modeemi k ytt G SHDSL bis standardia Yhteensopiva G 991 2 ja G 991 2 bis standardien kanssa Toimintaet isyys riippuu linjan laadusta Nopeus maksimissaan riippuvainen linjan laadusta ja pituudesta o 4 wire tekniikalla jopa 11 4 Mbps 2 x 2 wire 4 kpl RJ45 Ethernet portteja 10 100 Mbps 2 kpl RJ11 puhelinportti G SHDSL liikenteelle 1 3 Oletusasetukset Reititt v tila DHCP p ll NAT p ll VPI VCI 0 100 IP osoite 192 168 0 254 K ytt j tunnus admin salasana admin Laitteen hallinta tapahtuu www selaimella 1 4 Pakkauksen sis lt TW EA802 modeemi RJ11 puhelinjohto RJ45 Ethernet kaapeli Konsolikaapeli AC DC s hk verkon muuntaja 12 V DC 1A Ohjekirja 2 Laitteen asennus 2 1 Etupanelin valot PWR Palaa kun laitteessa on virrat p ll SYS Palaa kun j rjestelm on valmis LAN Port Palaa kun laite on yhdistettyn tietokoneelle 1X 4X Vihre 100Mbps Oranssi 10Mbps RJ 45 connector Vilkkuu kun tietoa vastaanotetaan l hetet n EN LINE1 ja LINE2 Palaa kun SHDSL yhteys on muodostunut 2 2 Takapanelin portit Aa Puma oS RAR Virtakytkin Virta p lle poi
41. TW EA802 Bridge Router Service Name IP Address Authentication Protocol WAN Connection PPPoE Routed Description PPPoE with Pass through VPI 0 VCI 33 ATM Class UBR ov NAT O Enable Disable Username EH Password 0 0 0 0 means Obtain an IP address automatically Chap Auto Y Connection Always On v Idle Timeout 0 minutes RIP J RIP vi C RIP v2 J RIP v2 Multicast MTU 1492 TCP MSS Clamp Enable Disable Description User definable name for this connection VPI VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single ISP account sharing a single IP address If users on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive Service Name This item is for identification purposes If it is required your ISP will provide you the information Maximum input is 20 alphanumeric characters IP Address specify if the Router can get an IP address from the Intern
42. all This masks LAN users IP addresses which is invisible to outside users on the Internet making it much more difficult for a hacker to target a machine on your network This natural firewall is on when NAT function is enabled Firewall Security and Policy General Settings Inbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing your local network from the Internet Intrusion Detection Enable Intrusion Detection to detect prevent and log malicious attacks Access Control Prevents access from PCs on your local network Firewall Security and Policy General Settings Outbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing the Internet URL Filter To block PCs on your local network from unwanted websites Here are items under the Firewall section General Settings Packet Filter Intrusion Detection URL Filter IM P2P Blocking and Firewall Log 47 Chapter 4 Configuration TW EA802 Bridge Router General Settings You can choose not to enable Firewall you will not able to add filter rules by yourself in the Packet Filter or enable the Firewall using preset filter rules and modify the packet filter rules as reguired The Packet Filter is used to filter packets based on Applications Port or IP addresses There are four options when you enable the Firewall they are All blocked User defined no pre defined port or address filter rules by
43. ard it back to the requesting PC in the LAN your Local Area Network If you check DHCP Relay Agent and click Next then you will have to enter the IP address of the DHCP server which will assign an IP address back to the DHCP client in the LAN Use this function only if advised to do so by your network administrator or ISP Click Apply to enable this function 28 Chapter 4 Configuration TW EA802 Bridge Router WAN Wide Area Network WAN refers to your Wide Area Network connection i e your router s connection to your ISP and the Internet Here are the items within the WAN section ISP DNS and SHDSL ISP WAN Connection WAN Services Table Name Description Creator VPI VCI wanlink RFC1483 WAN Link Factory Defaults 0 100 Edit Change Create y The factory default is Pure Bridge If your ISP uses this access protocol click Edit to input other parameters as below If your ISP does not use this you can change the default WAN connection entry by clicking Change Some of ISP may provide more service via different WAN connection In case you can create more connections by clicking Create The device can support maximum up to 8 WAN connections Note The application of multiple WAN connections is depend on your Service Provider A simpler alternative is to select Ouick Start from the main menu on the left Please see the Ouick Start section of the manual for more information RFC 1483 Routed Connections
44. are advised to use specific Virtual Server entries just for the ports your application reguires instead of using DMZ As doing so will result in all connections from the WAN attempt to access to your public IP of the DMZ PC specified If you have disabled the NAT option in the WAN ISP section the Virtual Server function will hence be invalid If the DHCP server option is enabled you have to be very careful in assigning the IP addresses of the virtual servers in order to avoid conflicts The easiest Attention way of configuring Virtual Servers is to manually assign static IP address to each virtual server PC with an address that does not fall into the range of IP addresses that are to be issued by the DHCP server You can configure the virtual server IP address manually but it must still be in the same subnet as the router 11 Chapter 4 Configuration TW EA802 Bridge Router Edit DMZ Host The DMZ Host is a local computer exposed to the Internet When setting a particular internal IP address as the DMZ Host all incoming packets will be checked by the Firewall and NAT algorithms then passed to the DMZ host when a packet received does not use a port number used by any other Virtual Server entries Cautious This Local computer exposing to the Internet may face varies of security risks Virtual Server Port Forwarding Add Virtual Server Edit DMZ Host O Edit One to one NAT O Virtual Server Table Application Time Schedule
45. at all hours of the day TimeSlot1 TimeSlot16 It is self defined time period You may specify the time period to check the URL filter rules i e during working hours For setup and detail refer to Time Schedule section Keywords Filtering Allows blocking by specific keywords within a particular URL rather than having to specify a complete URL e g to block any image called advertisement gif When enabled your specified keywords list will be checked to see if any keywords are present in URLs accessed to determine if the connection attempt should be blocked Please note that the URL filter blocks web browser HTTP connection attempts using port 80 only For example if the URL is http www abc com abcde html it will be dropped as the keyword abcde occurs in the URL Domains Filtering This function checks the whole URL not the IP address in URLs accessed against your list of domains to block or allow If it is matched the URL request will be sent Trusted or dropped Forbidden For this function to be activated both check boxes must be checked Here is the checking procedure 1 Check the domain in the URL to determine if it is in the trusted list If yes the connection attempt is sent to the remote web server 2 If not check if it is listed in the forbidden list If yes then the connection attempt will be dropped 59 Chapter 4 Configuration TW EA802 Bridge Router 3 If the packet does not match eith
46. ce is arranged in this order VLAN Port Always starts with Bridge Interface Parameters Bridge Interface VLAN Port Ethernet O MP1 P2 P3 P4 Ethernet O P1 v P2 v P3 v P4 Ethernet2 P1 Fe IP3 JPA Ethernet3 P1 Pe PIT PA Device Management Management Interface Ethernet Apply Step 2 Create WAN Interface Go to Configuration gt WAN gt ISP wanlink is the factory default WAN interface which in service for data internet access If your ISP uses this access protocol click Edit to input other parameters if needed If your ISP does not use PPPoE you can change the default WAN connection entry by clicking Change From the example 0 40 is used for data internet and assumes PPPoE is used click the Edit to change the VPI VCI to 0 40 Click Create to setup up additional WAN interface for video applications Total of 8 VLAN is support therefore only 8 WAN interfaces can be created in the table WAN Connection WAN Services Table Name Description Creator VPI VCI wanlink PPPoE WAN Link QuickStart D 40 Edit O Change O Create D 85 Chapter 5 Troubleshooting TW EA802 Bridge Router From the example PVC 0 33 to 0 39 is assigned for video using 1483 Bridged mode Check RFC 1483 Bridged and click Next to continue the setup ISP Please select the type of service you wish to create O RFC 1483 Routed O RFC 1483 Bridged ATM O PPPoA Routed IPoA Routed O PPPoE Routed Quick start O Spaces next to VPI and VCI typ
47. d Table IP Address MAC Address Client Host Name Expiry Please refer the Leased Table Permanent Table Permanent Table Mame IP Address MAC Address Maximum Lease Time Name The name you assigned to the Permanent configuration IP Address The fixed IP address for the specify client MAC Address The MAC Address that you want to assign the fixed IP address Maximum Lease Time The maximum lease time interval you allow to clients Email Status Details and status for the Email Account you have configured the router to check Please see the Advanced section of this manual for details on this function 18 Chapter 4 Configuration TW EA802 Bridge Router Email Status Email Account Account Name Username POPS Mail Server pop3 mail com Email Status No mail Event Log This page displays the router s Event Log entries Major events are logged to this window such as when the router s SHDSL connection is disconnected as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration Firewall section of the interface Please see the Firewall section of this manual for more details on how to enable Firewall logging EventLog system log buffer head Jan 01 00 00 10 home gateway im none Changed iplan IP address to 192 168 0 254 Jan 01 00 00 11 home gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 74 02 01 interval 21 Jan 01 04 00 18 home gateway im none Reset SNMP community to factory
48. default settings Jan 01 04 00 21 home gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 74 02 01 interval 21 Jan 01 04 00 42 home gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 7 4 02 01 interval 40 Jan 01 04 01 52 home gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 74 02 01 interval 22 Jan 01 04 02 14 home gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 74 02 01 interval 26 Jan 01 04 02 40 hone gateway dhcpclient none send DHCPDISCOVER from 00 04 ed 74 02 01 interval 13 Jan 01 04 02 53 home gateway 1802 lx none 00 12 f0 3b 0c 8d associated Error Log Any errors encountered by the router e g invalid names given to entries are logged to this window 19 Chapter 4 Configuration TW EA802 Bridge Router NAT Sessions This section lists all current NAT sessions between interface of types external WAN and internal LAN 20 Chapter 4 Configuration TW EA802 Bridge Router Diagnostic It tests the connection to computer s which is connected to LAN ports and also the WAN Internet connection If PING www google com is shown FAIL and the rest is PASS you ought to check your PC s DNS settings is set correctly Diagnostic LAN Connection Testing Ethernet LAN connection PASS WAN Connection FAIL Testing VVAN connection FAIL Ping Primary Domain Name Server FAIL PING www google com FAIL UPnP Portmap The section lists all port mapping established using UPnP Universal P
49. der ISP or network administrator will be able to supply you with this Save Configuration to Flash After changing the router s configuration settings you must save all of the configuration parameters to FLASH to avoid them being lost after turning off or resetting your router Click Save to write your new configuration to FLASH Save Config to FLASH Please confirm that you wish to save the configuration There will be a delay while saving as configuration information is written to FLASH chips Logout To exit the router s web interface choose Logout Please ensure that you have saved the configuration settings before you logout Be aware that the router is restricted to only one PC accessing the configuration web pages at a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If the previous PC forgets to logout the second PC can access the page after a user defined period by default 3 minutes You can modify this value using the Advanced Device Management section of the web interface Please see the Advanced section of this manual for more information 89 Chapter 5 Troubleshooting TW EA802 Bridge Router Chapter 5 Troubleshooting If the router is not functioning properly first check this chapter for simple troubleshooting before contacting your service provider support Problems starting up the router Problem Corrective Action
50. dress to 0 0 0 0 will disable IP address restrictions allowing users to login from any IP address Expire to auto logout Specify a time frame for the system to auto logout the user s configuration session For Example User A changes HTTP port number to 100 specifies their own IP address of 192 168 0 55 and sets the logout time to be 100 seconds The router will only allow User A access from the IP address 192 168 0 55 to logon to the Web GUI by typing http 192 168 0 254 100 in 81 Chapter 5 Troubleshooting TW EA802 Bridge Router their web browser After 100 seconds the device will automatically logout User A Universal Plug and Play UPnP UPnP offers peer to peer network connectivity for PCs and other network devices along with control and data transfer between devices UPnP offers many advantages for users running NAT routers through UPnP NAT Traversal and on supported systems makes tasks such as port forwarding much easier by letting the application control the reguired settings removing the need for the user to control advanced configuration of their device Both the user s Operating System and the relevant application must support UPnP in addition to the router Windows XP and Windows Me natively support UPnP when the component is installed and Windows 98 users may install the Internet Connection Sharing client from Windows XP in order to support UPnP Windows 2000 does not support UPnP Disable Check to disable t
51. e 0 and 33 in respectively Select appropriate ATM Class Encapsulation Method Acceptable Frame Type Filter Type and PVID for Untagged Frames WAN Connection RFC 1483 Bridged Description RFC 1483 bridged mode VPI 0 VCI 34 ATM Class UBR Encapsulation Method LLO Bridged v Acceptable Frame Type ALL he Filter Type All w PYID for Untagged Frames 1 N VPI and VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer Encapsulation method Select the encapsulation format this is provided by your ISP Acceptable Frame Type Specify what kind of traffic can through this connection all traffic or only VLAN tagged Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allows all types of ethernet packets through the port ap Allows only IP ARP types of ethernet packets through the port Allows only PPPoE types of ethernet packets through the port PVID for Untagged Frames PVID is known as Port VLAN Identifier When an untagged packet is received by input port s this packet will be tagged with specified PVID From the example VPI and VCI only section need to be filled in and just leave the rest as is Repeat the same procedure by clicking Create gt select RFC1483 Bridged gt fill in the rest of PVC 0 34 to 0 39 O lt 6 Chapter 5 Troubleshooting TW EA802 Bridge Router WAN Connection WAN Services Table Name Description Cr
52. e router check your POP3 mailbox for new Email messages The Mail LED on your router will light when it detects new messages waiting for download You may also view the status of this function using the Status Email Checking section of the web interface which also provides details on the number of new messages waiting See the Status section of this manual for more information Check Email Parameters Check Email O Enable Disable Account Name Password POPS Mail Server Period 60 minutes Dial out for Checking Emails Automatic Disable Check to disable the router s Email checking function O Enable Check to enable the routers Email checking function The following fields will be activated and reguired Account Name Enter the name login of the POP3 account you wish to check Normally it is the text in your email address before the e symbol If you have trouble with it please contact your ISP Password Enter the accounts password POP3 Mail Server Enter your POP mail server name You Internet Service Provider ISP or network administrator will be able to supply you with this Interval Enter the value in minutes between periodic mail checks Automatically dial out for checking emails When the function is enabled your router will connect to your ISP automatically to check emails if your Internet connection dropped Please be careful when using this feature if your SHDSL se
53. e subnet mask used by the route that is created when a PPP link comes up If it is set to 0 0 0 0 the subnet mask is determined by the IP address of the remote end of the link The class of the IP address is obtained during IPCP Internet Protocol Control Protocol negotiation MRU Maximum Receive Unit This is negotiated during the LCP protocol stage Discover Primary Secondary DNS This setting enables disables whether the primary secondary DNS server address is reguested from a remote PPP peer using IPCP The default setting for this command is enabled 32 Chapter 4 Configuration TW EA802 Bridge Router Give DNS to Relay Controls whether the PPP Internet Protocol Control Protocol IPCP can reguest the DNS server IP address for a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS relay so that a connection can be established Give DNS to Client Controls whether the PPP Internet Protocol Control Protocol IPCP can eguest a DNS server IP address for a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS client so that a connection can be established Give DNS to DHCP Server Similar to the above but gives the DNS server address to the DHCP server Discover Primary NBNS Discover Secondary NBNS This setting enables disables whether the primary secondary NBNS server address is reguested from a remo
54. eator VPI VCI wanlink PPPoE WAN Link QuickStart 40 Edit O Change O 33 Edit O Delete D 34 Edit D Delete O iat Edit Delete O 36 Edit Delete O 37 Edit O Delete D 38 Edit D Delete O 39 Edit O Delete O rftc1403 0 RFC 1463 bridged mode WebAdmin rfc1453 1 RFC 1463 bridged mode WebAdmin rfc 1483 2 RFC 1463 bridged mode WebAdmin rfc1483 3 RFC 1453 bridged mode WebAdmin rfc1483 4 RFC 1453 bridged mode WebAdmin rftc1403 5 RFC 1463 bridged mode WebAdmin rfc 1483 6 RFC 1453 bridged mode WebAdmin ma REA IS IS AE EA E JAKEN Step 3 Setup VLAN Service Go to Configuration gt Advanced gt VLAN Bridge DefaultVlan lists all member ports It is necessary to group specific member ports for each VLAN From the example two VLAN groups are requested Data and Video To create another VLAN group for Video by clicking Create VLAN VLAN Bridge Parameters VLAN Tagged Name ID Ports Untagged Ports Edit Delete ethernet wireless wireless wds ethernet ifc1453 Defaultvlan None O rfc1483 1 rfc1483 2 rfc1483 3 rfc1483 4 rfc1483 Edit 5 fc1453 6 Create VLANO Given a name and ID PVID to identify the Video group and the valid value range for PVID is 1 4094 From the example VLAN untagged ports for Data Internet ethernet wireless and wireless wds VLAN untagged ports for Video ethernet1 rfc 1483 0 rfc 1483 6 Click Apply to made change effective immediately 87 Chapter 5 Troubleshooting TW EA802 Bridge Router Crea
55. ection Block Duration 600 seconds Scan Attack Block Duration 86400 seconds DOS Attack Block Duration 1800 seconds Maximum TCP Open Handshaking Count 100 per second Maximum Ping Count 15 per second Maximum ICMP Count 100 per second Apply Clear Blacklist The router s Intrusion Detection System IDS is used to detect hacker attacks and intrusion attempts from the Internet If the IDS function of the firewall is enabled inbound packets are filtered and blocked depending on whether they are detected as possible hacker attacks intrusion attempts or other connections that the router determines to be suspicious Blacklist If the router detects a possible attack the source IP or destination IP address will be added to the Blacklist Any further attempts using this IP address will be blocked for the time period specified as the Block Duration The default setting for this function is false disabled Some attack types are denied immediately without using the Blacklist function such as Land attack and Echo CharGen scan Intrusion Detection If enabled IDS will block Smurf attack attempts Default is false Block Duration O Victim Protection Block Duration This is the duration for blocking Smurf attacks Default value is 600 seconds O Scan Attack Block Duration This is the duration for blocking hosts that attempt a possible Scan attack Scan attack types include X mas scan IMAP SYN FIN scan and similar attempts Default value is 8
56. eeds to deliver all traffic to the private IP addresses used by your PCs Please see the WAN configuration section of this manual for more information on NAT The device can be configured as a virtual server so that remote users accessing services such as Web or FTP services via the public WAN IP address can be automatically redirected to local servers in the LAN network Depending on the reguested service TCP UDP port number the device redirects the external service reguest to the appropriate server within the LAN network Virtual Server Port Forwarding Add Virtual Server D Edit DMZ Host O Edit One to one NAT D Virtual Server Table Application Time Schedule Protocol External Port Redirect Port IP Address 69 Chapter 4 Configuration TW EA802 Bridge Router Add Virtual Server Because NAT can act as a natural Internet firewall your router protects your network from being accessed by outside users when using NAT as all incoming connection attempts will point to your router unless you specifically create Virtual Server entries to forward those ports to a PC on your network When your router needs to allow outside users to access internal servers e g a web server FTP server Email server or game server the router can act as a virtual server You can set up a local server with a specific port number for the service to use e g web HTTP port 80 FTP port 21 Telnet port 23 SMTP port 25 or POP3 port 110 When
57. eptable Frame Type Specify what kind of traffic can through this connection all traffic or only VLAN tagged Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allows all types of ethernet packets through the port Ip Allows only IP ARP types of ethernet packets through the port Allows only PPPoE types of ethernet packets through the port PVID for Untagged Frames PVID is known as Port VLAN Identifier When an untagged packet is received by input port s this packet will be tagged with specified PVID The valid value range for PVID is 1 4094 PPPoA Routed Connections Authentication Protocol Connection Idle Timeout RIP MTU TCP MSS Clamp WAN Connection PPPoA Routed Description PPPoA Routed gt VPI 8 VCI 35 ATM Class UBR v NAT Enable O Disable Username Password M N IP Address 0 0 0 0 means Obtain an IP address automatically Chap uto Y 1500 Always On Y D minutes C RIP vi O RIP v2 CJ RIP v2 Multicast Enable Disable Description User definable name for the connection VPI VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account sharing a single IP address If users on your LAN have public IP addresses and can access the Internet direc
58. er exposed to the outside network Internet Rich Packet Filtering Not only filters the packet based on IP address but also based on Port numbers It will filter packets from and to the Internet and also provides a higher level of security control Dynamic Host Configuration Protocol DHCP client and server In the WAN site the DHCP client can get an IP address from the Internet Service Provider ISP automatically In the LAN site the DHCP server can allocate a range of client IP addresses and distribute them including IP address subnet mask as well as DNS IP address to local computers It provides an easy way to manage the local IP network Static and RIP1 2 Routing It has routing capability and supports easy static routing table or RIP1 2 routing protocol Simple Network Management Protocol SNMP It is an easy way to remotely manage the router via SNMP Web based GUI It supports web based GUI for configuration and management It is user friendly and comes with on line help It also supports remote management capability for remote users to configure and manage this product Firmware Upgradeable Device can be upgraded to the latest firmware through the WEB based GUI Rich Management Interfaces It supports flexible management interfaces with local console port LAN port and WAN port Users can use terminal applications through the console port to configure and manage the device or Telnet WEB GUI and SNMP through LAN or WAN por
59. er of the above two items it is sent to the remote web server 4 Please be note that the completed URL www domain name shall be specified For example to block traffic to www google com au enter www google or www google com In the example below the URL request for www abc com will be sent to the remote web server because it is listed in the trusted list whilst the URL request for www google or www google com will be dropped because www google is in the forbidden list Domains Filtering Domain Name Domain Name www google Type Forbidden Domain v Apply Trusted Domain Name LI Boman as L L SSA NE n tard el lolas temi 0 www abc Delete O ma YS A SR Name Domain oer item me ww google Delete O U Return O Po Example Andy wishes to disable all WEB traffic except for ones listed in the trusted domain which would prevent Bobby from accessing other web sites Andy selects both functions in the Domain Filtering and thinks that it will stop Bobby But Bobby knows this function Domain Filtering ONLY disables all WEB traffic except for Trusted Domain BUT not its IP address If this is the situation Block surfing by IP address function can be handy and helpful to Andy Now Andy can prevent Bobby from accessing other sites Restrict URL Features This function enhances the restriction to your URL rules Block Java Applet This function can block Web content that includes the Java Applet It is to prevent s
60. et Server Provider ISP automatically or not Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to disable the DHCP client function and specify the IP address manually The setting of this item is specified by your ISP Authentication Protocol Default is Chap Auto Your ISP will advise you whether to use Chap or Pap 37 Chapter 4 Configuration TW EA802 Bridge Router Connection O Always on If you want the router to establish a PPPoE session when starting up and to automatically re establish the PPPoE session when disconnected by the ISP O Connect on Demand If you want to establish a PPPoE session only when there is a packet reguesting access to the Internet i e when a program on your computer attempts to access the Internet Idle Timeout Auto disconnect the broadband firewall gateway when there is no activity on the line for a predetermined period of time O Detail You can define the destination port and packet type TCP UDP without checking by timer It allows you to set which outgoing traffic will not trigger and reset the idle timer RIP RIP v1 RIP v2 and RIP v2 Multicast Check to enable RIP function MTU Maximum Transmission Unit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface TCP MSS Clamp It is enabled by default All TCP traffic routed through the interface
61. from WAN to LAN packet Application Time Schedule Protocol Aways On y fany y Aways On fany y O Aways On y fany O Aways On y fany Aways On fany y O Aways On fany y O Aways On y fany y Aways On fany y Source Port Destination Port dello JILL LEI 1111 1 source IP Address Range 0 0 0 0 means Any Destination IP Address Range 0 0 0 0 means Any Rate Limit fi 32 kbps fi 532 kbps 1 32 kbps fi 532 kbps f 32 kbps f 32 kbps fi 532 kbps fi 32 kbps Click Clear You can click Clear to delete the existing Application Application A user define description to identify this new policy application Time Schedule Scheduling your prioritization policy Refer to Time Schedule for more information Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be monitored Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or range of packets to be monitored Inbound Rate Limit To limit the speed of for inbound traffic Chapter 4 Configuration 65 Example QoS for your Network Connection Diagram A A ET Normal PCs o 0 Restricted PC Information and Settings Upstream 928 kbps Downstream 8
62. he router s UPnP functionality Enable Check to enable the router s UPnP functionality UPnP Port Its default setting is 2800 It is highly recommended for users to use this port value If this value conflicts with other ports already being used you may wish to change the port SNMP Access Control Software on a PC within the LAN is reguired in order to utilize this function Simple Network Management Protocol SNMP V1 and V2 Read Community Specify a name to be identified as the Read Community and an IP address This community string will be checked against the string entered in the configuration file Once the string name is matched user obtains this IP address will be able to view the data Write Community Specify a name to be identified as the Write Community and an IP address This community string will be checked against the string entered in the configuration file Once the string name is matched users from this IP address will be able to view and modify the data Trap Community Specify a name to be identified as the Trap Community and an IP address This community string will be checked against the string entered in the configuration file Once the string name is matched users from this IP address will be sent SNMP Traps SNMP V3 Specify a name and password for authentication And define the access right from identified IP address Once the authentication has succeeded users from this IP address will be able to
63. icast Check to enable RIP function MTU Maximum Transmission Unit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface TCP MSS Clamp It is enabled by default All TCP traffic routed through the interface will be examined If a TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU Maximum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation MAC Address Spoofing Some ISP Internet Access Provider validates the SHDSL connection by checking the MAC address of given router or your PC Ethernet adapter If you replace a new router or PC or PC Ethernet adapter your ISP may drop the SHDSL connection because of false MAC address You can spoof the MAC address in order to get the SHDSL connection RFC 1483 Bridged Connections WAN Connection RFC 1483 Bridged Description RFC 1463 bridged mode VPI 8 VCI 35 ATM Class UBR v Encapsulation Method LLC Bridged v Acceptable Frame Type acceptall v Filter Type All ho PYID for Utagged Frames 1 30 Chapter 4 Configuration TW EA802 Bridge Router Description User definable name for the connection VPI and VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer Encapsulation method Select the encapsulation format this is provided by your ISP Acc
64. in user 46 Chapter 4 Configuration TW EA802 Bridge Router You can change the user s password whether their account is active and Valid as well as add a comment to each user account These options are the same when creating a user account with the exception that once created you cannot change the username You cannot delete the default admin account however you can delete any other created accounts by clicking Delete when editing the user You are strongly advised to change the password on the default admin account when you receive your router and any time you reset your configuration to Factory Defaults Firewall and Access Control Your router includes a full SPI Stateful Packet Inspection firewall for controlling Internet access from your LAN as well as helping to prevent attacks from hackers In addition to this when using NAT the router acts as a natural Internet firewall as all PCs on your LAN will use private IP addresses that cannot be directly accessed from the Internet x D D JW lt gt T lt Router Firewall Access Control NAT Unauthorized users ciated F Packet filter Unauthorized users 8 applications 5 URL filter Ea Intrusion Detection applications Unwanted website Blacklisting Malicious attacks access Firewall amp Filter Firewall Prevents access from outside your network The router provides three levels of security support NAT natural firew
65. ing a standard RJ 11 telephone cable e Annex Type It is the DSL operating mode standard Select Annex A or Annex B to support up to 5 7 Mpbs for 2 wired mode and 11 4Mpbs for 4 wired mode Select other annex such as Annex B_ANFP Annex A B ANFP you may consult with your ISP first e Back to back to be sure the Annex type is the same on the TW EA802 and the remote router e Bit Rate Mode The mode selections are Adaptive and Fixed Selecting the Adaptive mode the best connection rate will be automatically negotiated with the CO ISP Selecting the Fixed mode the connection rate will be fixed to the specific fixed bit rate selected with the CO ISP e Fixed Bit Rate Specify the fix transfer rate when Fixed Mode is selected Specify the maximum transfer rate when Adaptive Mode is selected Bit Rate range is from 200kbps 5704kbps e Activate Line Line active true is set by default Select false to disable and true to enable SHDSL bis connection Note Once Active Line is selected as false you must enable the Active Line to true again and click the Apply button to reactivate SHDSL bis connection e DSP FirmwareVersion Display the SHDSL line code firmware version e Connected Display current SHDSL line sync status e State Display current SHDSL line status e Bit Rate Display SHDSL line synch speed rate Click Apply button to apply your changes 42 Chapter 4 Configuration TW EA802 Bridge Router System Here
66. iring advanced features and control over their Internet connection and network Features SHDSL Multi Mode Standard The SHDSL bis supports downstream and upstream transmission rates of up to 5 7Mbps on 2 wire and 11 4Mbps on 4 wire It also supports rate management that allows SHDSL subscribers to select an Internet access speed suiting their needs and budgets It is ITU standard PAM16 and 32 Line Code complies with G 991 2 and G 991 2 bis standards and supports Annex A and B operating mode O Fast Ethernet Switch A 4 port 10 100Mbps fast Ethernet switch is built in with automatic switching between MDI and MDI X for 10Base T and 100Base TX ports An Ethernet straight or crossover cable can be used directly for auto detection Multi Protocol to establish a connection It supports PPPoA RFC 2364 PPP over ATM Adaptation Layer 5 RFC 1483 encapsulation over ATM bridged or routed PPP over Ethernet RFC 2516 and IPoA RFC1577 to establish a connection with the ISP The product also supports VC based and LLC based multiplexing I Ouick Installation Wizard It supports a WEB GUI page to install this device guickly With this wizard end users can enter the information easily which they get from their ISP then surf the Internet immediately Universal Plug and Play UPnP and UPnP NAT Traversal This protocol is used to enable simple and robust connectivity among stand alone devices and PCs from many different vendors It makes network
67. k card by a DHCP server If your network does not have a DHCP server ask pour network administrator for an address and then type it in the space below Oban an IP address from a DHCP server Specily an IP address ip Baden Figure 3 13 IP Address 12 TW EA802 Bridge Router Factory Default Settings Before configuring your router you need to know the following default settings Web Interface Username and Password P Username admin p Password admin The default username and password are admin and admin respectively If you ever forget the username password to login to the router you may press the RESET button up to 6 seconds to restore the factory default settings Caution After pressing the RESET button for more than 6 seconds to be sure you power Attention cycle the device again Device LAN IP settings P IP Address 192 168 0 254 BP Subnet Mask 255 255 255 0 ISP setting in WAN site RFC 1483 Bridged VPI VCI 0 100 DHCP server P DHCP server is enabled 13 Chapter 3 Basic Installation TW EA802 Bridge Router Information from your ISP Before configuring this device you have to check with your ISP Internet Service Provider to find out what kind of service is provided such as DHCP Obtain an IP Address Automatically Static IP Fixed IP Address and PPPoE Gather the information as illustrated in the following table and keep it for reference VPI VCI
68. l Control Protocol negotiation is completed If set to enabled a route will be created which directs packets to the remote end of the PPP link Specific Route Specifies whether the route created when a PPP link comes up is a specific or default route If set to enabled the route created will only apply to packets for the subnet at the remote end of the PPP link The address of this subnet is obtained during IPCP negotiation Subnet Mask sets the subnet mask used for the local IP interface connected to the PPP transport If the value 0 0 0 0 is supplied the netmask will be calculated from the class of the IP address obtained during IPCP negotiation 35 Chapter 4 Configuration TW EA802 Bridge Router Route Mask Sets the subnet mask used by the route that is created when a PPP link comes up If it is set to 0 0 0 0 the subnet mask is determined by the IP address of the remote end of the link The class of the IP address is obtained during IPCP Internet Protocol Control Protocol negotiation MRU Maximum Receive Unit This is negotiated during the LCP protocol stage Discover Primary Secondary DNS This setting enables disables whether the primary secondary DNS server address is reguested from a remote PPP peer using IPCP The default setting for this command is enabled Give DNS to Relay Controls whether the PPP Internet Protocol Control Protocol IPCP can reguest the DNS server IP address for a remote PPP peer Once IPCP has disc
69. lug and Play Please see the Advanced section of this manual for more details on UPnP and the router s UPnP configuration options UPnP Portmap UPnP Portmap Table Name Protocol External Port Redirect Port IP Address emwebigd1024 udp 35324 35324 g a a ee 192 165 1 205 emwebigd1025 tcp 45986 45555 14511 14511 192 165 1 205 emwebigd1063 udp LELU 3210 15169 15169 192 165 1 202 emwebigd1064 tcp SET e SE 14500 14500 192 165 1 202 Chapter 4 Configuration 21 TW EA802 Bridge Router Ouick Start Quick Start Connection Encapsulation Pure Bridged LLC 3 Auto Scan VPI 0 VCI 100 NAT Enable Disable Optional Settings IP Address 0 0 0 0 means Obtain an IP address automatically Subnet Mask Default Gateway DNS Obtain DNS automatically Y Enable Primary DNS Secondary DNS PPP Username Password Apply Cancel For detailed instructions on configuring your WAN settings please see the WAN section of this manual Your ISP will be able to supply all the details you need alternatively if you have deleted the current WAN Connection in the WAN ISP section of the interface you can use the router s PVC Scan feature to attempt to determine the Encapsulation types offered by your ISP Auto Scan Before you scan the PYCs please DELETE all the WAN interfaces IP Address if provided by ISP Gateway if provided by ISP Click Start to begin scanning for encapsulation types
70. nd RIP v2 Multicast Check to enable RIP function MTU Maximum Transmission Unit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface TCP MSS Clamp It is enabled by default All TCP traffic routed through the interface will be examined If a TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU Maximum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation Advanced Options PPPoA LLC Header Selects encapsulation mode true for using LLC or false for using VC Mux Create Route This setting specifies whether a route is added to the system after IPCP Internet Protocol Control Protocol negotiation is completed If set to enabled a route will be created which directs packets to the remote end of the PPP link Specific Route Specifies whether the route created when a PPP link comes up is a specific or default route If set to enabled the route created will only apply to packets for the subnet at the remote end of the PPP link The address of this subnet is obtained during IPCP negotiation Subnet Mask sets the subnet mask used for the local IP interface connected to the PPP transport If the value 0 0 0 0 is supplied the netmask will be calculated from the class of the IP address obtained during IPCP negotiation Route Mask Sets th
71. o finish the configuration Figure 3 8 IP Address amp DNS Configuration 10 Chapter 3 Basic Installation Configuring PC in Windows 95 98 ME 1 Goto Start Settings Control Panel In the Control Panel double click Network and choose the Configuration tab 2 Select TCP IP gt NE2000 Compatible or the name of any Network Interface Card NIC in your PC See Figure 3 9 3 Click Properties 4 Select the IP Address tab In this page click the Obtain an IP address automatically radio button See Figure 3 10 5 Then select the DNS Configuration tab See Figure 3 11 6 Select the Disable DNS radio button and click OK to finish the configuration Chapter 3 Basic Installation TW EA802 Bridge Router Network 20 xi Configuration Identification Access Control The following network components are installed Microsoft Family Logon a ASUSTeK Broadcom 440x 10 100 Integrated Controller 2 Dial Up Adapter Y TCP IP gt ASUSTeK Broadcom 440x 10 100 Integrated 4 TCP IP gt Dial Up Adapter Add Remove i Primary Network Logon Microsoft Family Logon File and Print Sharina Description TCP IP is the protocol you use to connect to the Internet and wide area networks Figure 3 9 TCP IP TCP IP Properties x Bindings Advanced NetBIOS DNS Configuration Gateway WINS Configuration IP Address An IP address can be automatically assigned to
72. oll interval as high as possible at the absolute minimum every few hours or even days 43 Chapter 4 Configuration TW EA802 Bridge Router Remote Access Remote Access You may temporarily permit remote administration of this network device Allow Access for 30 minutes To temporarily permit remote administration of the router i e from outside your LAN select a time period the router will permit remote access for and click Enable You may change other configuration options for the web administration interface using Device Management options in the Advanced section of the GUI If you wish to permanently enable remote access choose a time period of 0 minutes Firmware Upgrade Firmware Upgrade You may upgrade the system software on your network device New Firmware Image Browse Your router s firmware is the software that allows it to operate and provides all its functionality Think of your router as a dedicated computer and the firmware as the software it runs Over time this software may be improved and modified and your router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse will allow you to select the new firmware image file you have downloaded to your PC Once the correct file is selected click Upgrade to update the firmware in your router DO NOT power down the router or interrupt the firmware upgrading while It is still in process Im
73. om Ethernet VLAN port first Note You should setup each VLAN group with caution Each Bridge Interface is arranged in this order Bridge Interface VLAN Port Always starts with Ethernet P1 P2 P3 P4 Ethernet1 P2 P3 P4 Ethernet2 P3 P4 Ethernet3 Management Interface To specify which VLAN group has possibility to do device management like doing web management Note NAT NAPT can be applied to management interface only aa Chapter 4 Configuration TW EA802 Bridge Router Ethernet Ethernet Primary IP Address IP Address 192 168 JO 254 SubNetmask 255 255 255 0 RIP O RIPvi C RIPv2 O RIP v2 Multicast Primary IP Address IP Address The default IP on this router SubNetmask The default subnet mask on this router RIP RIP v1 RIP v2 and RIP v2 Multicast Check to enable RIP function IP Alias This function supports to create multiple virtual IP interfaces on this router It helps to connect two or more local networks to the ISP or remote node In this case an internal router is not required IP Alias Parameters IP Address subNetmask Security Interface Internal O External DMZ IP Address Specify an IP address on this virtual interface SubNetmask Specify a subnet mask on this virtual interface Security Interface Specify the firewall setting on this virtual interface Internal The network is behind NAT All traffic will do network address translati
74. omeone who wants to damage your system via standard HTTP protocol Block surfing by IP address Preventing someone who uses the IP address as URL for skipping Domains Filtering function Activates only and if Domain Filtering enabled 59 Chapter 4 Configuration TW EA802 Bridge Router IM P2P Blocking IM short for Instant Message is reguired to use client program software that allows users to communicate in exchanging text message with other IM users in real time over the Internet A P2P application known as Peer to peer is group of computer users who share file to specific groups of people across the Internet Both Instant Message and Peer to peer applications make communication faster and easier but your network can become increasingly insecure at the same time IM and P2P blocking helps users to restrict LAN PCs to access to the commonly used IM Yahoo and MSN and P2P BitTorrent and eDonkey applications over the Internet IM P2P Blocking Configuration Instant Message Blocking Disabled v Yahoo Messenger Block MSN Messenger Block Peer to Peer Blocking Disabled v BitTorrent BitTorrent BitComet _ Block eDonkey eDonkey eMule C Block Instant Message Blocking The default is set to Disabled O Disabled Instant Message blocking is not triggered No action will be performed O Always On Action is enabled TimeSlot1 TimeSlot16 This is the self defined time period You may specify the time period
75. on when sending out to Internet if NAT is enabled External There is no NAT on this IP interface and connected to the Internet directly Mostly it will be used when providing multiple public IP addresses by ISP In this case you can use public IP address in local network which gateway IP address point to the IP address on this interface DMZ Specify this network to DMZ area There is no NAT on this interface 25 Chapter 4 Configuration TW EA802 Bridge Router Ethernet Client Filter The Ethernet Client Filter supports up to 16 Ethernet network machines that helps you to manage your network control to accept traffic from specific authorized machines or can restrict unwanted machine s to access your LAN There are no pre define Ethernet MAC address filter rules you can add the filter rules to meet your reguirements Ethernet Client Filter Filtering Rules Ethernet Client Filter Disable Allowed Blocked MAC Address List Candidates MAC Address Format is Xx xx xx xx xx xx Ethernet Client Filter Default setting is set to Disable O Allowed check to authorize specific device accessing your LAN by insert the MAC Address in the space provided or click 94 48835 Make sure your PC s MAC is listed O Blocked check to prevent unwanted device accessing your LAN by insert the MAC Address in the space provided or click 94 4983 O Make sure your PC s MAC is not listed The maximum client is 16 The MAC addresses
76. on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive Service Name This item is for identification purposes If it is required your ISP will provide you the information Maximum input is 20 alphanumeric characters IP Address specify if the Router can get an IP address from the Internet Server Provider ISP automatically or not Please click Obtain an IP address automatically via DHCP client to enable the DHCP client function or click Specify an IP address to disable the DHCP client function and specify the IP address manually The setting of this item is specified by your ISP Authentication Protocol Default is Chap Auto Your ISP will advise you whether to use Chap or Pap Connection O Always on If you want the router to establish a PPPoE session when starting up and to automatically re establish the PPPoE session when disconnected by the ISP O Connect on Demand If you want to establish a PPPoE session only when there is a packet reguesting access to the Internet i e when a program on your computer attempts to access the Internet Idle Timeout Auto
77. osts from multicast group IGMP Parameters IGMP Forwarding Enable Disable IGMP Snooping Enable Disable IGMP Forwarding Accepting multicast packet Default is set to Enable IGMP Snooping Allowing switched Ethernet to check and make correct forwarding decisions Default is set to Enable VLAN Bridge This section allows you to create VLAN group and specify the member VLAN Bridge Parameters Name VLAN ID Tagged Ports Untagged Ports Edit Delete DefaultVlan 1 None ethernet wireless wireless wds Edit O Create VLAN O Edit Edit your member ports in selected VLAN group Create VLAN To create another VLAN group Advanced VLAN Setup Example Triply Play VLAN data Ethernet Port 1 Wireless and Wireless WDS are reserving for Internet On Ethernet port 1 also need VC 0 40 bridged VLAN Vedio Ethernet ports 2 3 and 4 0 33 Bi directional IP 0 34 Video 0 35 Video 0 36 Video Subscriber Services EPG EAS etc 0 37 Video 0 38 Video 0 39 Spare 84 Chapter 5 Troubleshooting TW EA802 Bridge Router Step 1 Setup Member Ports Go to Configuration gt LAN gt Bridge Interface You can setup member ports for each VLAN group under Bridge Interface section From the example two VLAN groups need to be created Ethernet P1 Port 1 Ethernet1 P2 P3 and P4 Port 2 3 4 Please uncheck P2 P3 P4 from Ethernet VLAN Port first Note You should setup each VLAN group with caution Each Bridge Interfa
78. overed the DNS server IP address it automatically gives the address to the local DNS relay so that a connection can be established Give DNS to Client Controls whether the PPP Internet Protocol Control Protocol IPCP can reguest a DNS server IP address for a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS client so that a connection can be established Give DNS to DHCP Server Similar to the above but gives the DNS server address to the DHCP server Discover Primary NBNS Discover Secondary NBNS This setting enables disables whether the primary secondary NBNS server address is reguested from a remote PPP peer using IPCP The default setting for this command is disabled Discover Subnet Mask Specifies if the subnet mask given by IPCP negotiation process is to be used Give Subnet Mask To DHCP Server Enable to change your DHCP Server settings by using the given information in IPCP negotiation process PPPoE with Pass through Connections PPPoE with pass through adapts the following method PPPoE Routed mode 1483 Bridge Mode With pure PPPoE connection the router can get one WAN address to the router With the PPPoE and PPPoE pass through concurrently it allows user to have a WAN address assigned to the router but also able to get another WAN IP from ISP using PPPoE dialer e g WinPoETor Windows XP PPPoE Dialer at the same time 36 Chapter 4 Configuration
79. ow XP 1 2 3 4 5 6 Go to Start Control Panel in Classic View In the Control Panel double click Network Connections Double click Local Area Connection See Figure 3 1 In the LAN Area Connection Properties See Figure 3 2 Status window click Select Internet Protocol TCP IP and click Properties See Figure 3 3 Select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons See Figure 3 4 Click OK to finish the configuration Chapter 3 Basic Installation TW EA802 Bridge Router amp Control Panel File Edit view Favorites Tools Help O j amp y Search gt Folders 222 Address Je Control Panel m Control Panel Phone and Power Options Modem 5 2 See Also eS 5 Printers and Regional and Scanners and L Windows Update Faxes Language Cameras O Help and Support LA O p CI A Scheduled Sounds and Speech Tas Audio Devices Network Connections E Switch to Category View Figure 3 1 LAN Area Connection Local Area Connection Status General Support Connection Connected 00 05 34 100 0 Mbps Status Duration Speed Activity Sent 4 Received Bytes 1 403 1 749 upiopetien Dee General Authentication Advanced Connect using This connection uses the following items 185 Client for Microsoft Networks NO File and Printer Sharing for Microsoft Networks
80. pplication when the system is running with full loading of upstream Here are items within the OoS section Prioritization and Outbound Inbound IP Throttling bandwidth management Prioritization There are three priority settings to be provided in the Router O High O Normal The default is normal priority for all of traffic without setting O Low And the balances of utilization for each priority are High 60 Normal 30 and Low 10 61 Chapter 4 Configuration Prioritization Configuration from LAN to WAN packet Application Time Schedule Priority Protocol PPIP Disabled High w GRE SOD Always On High any y PB favays on ah lay E Source Port Destination Port none none AULA z 1111111111 i IN TW EA802 Bridge Router Disabled v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Disabled 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Disabled 0 0 0 0 0000 0000 0 0 0 0 Disabled 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Disabled 0 0 0 0 0 0 0 0 0 0 0 0 0000 Disabled 0 0 0 0 0000 0 0 0 0 0 0 0 0 Disabled 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Disabled 0 0 0 0 0 0 0 0 You can click Clear to delete the existing Application Click Clear Application A user define description to identify this new policy application Time Schedule Scheduling your prioritization policy Priority The priority given to each policy application
81. proper operation could damage the router Warning 44 Chapter 4 Configuration TW EA802 Bridge Router Backup Restore Backup Restore Allows you to backup the configuration settings to your computer or restore configuration from your computer Backup Configuration Backup configuration to your computer Restore Configuration Configuration File Browse Restore will overwrite the current configuration and restart the device If you want to keep the current configuration please use Backup first to save current configuration These functions allow you to save and backup your router s current settings to a file on your PC or to restore a previously saved backup This is useful if you wish to experiment with different settings knowing that you have a backup handy in the case of any mistakes It is advisable to backup your router s settings before making any significant changes to your router s configuration Press Backup to select where on your local PC to save the settings file You may also change the name of the file when saving if you wish to keep multiple backups Press Browse to select a file from your PC to restore You should only restore settings files that have been generated by the Backup function and that were created when using the current version of the router s firmware Settings files saved to your PC should not be manually edited in any way After selecting the settings file you wish to use
82. r Configuring Packet Filter 1 Click Port Filters You will then be presented with the predefined port filter rules screen in this case for the low security level shown below Note You may click Edit the predefined rule instead of Delete it This is an example to show to how you add a filter on your own Packet Filter Add TCP UDP Filter Add Raw IP Filter Packet Filter Rules Source IP T N Rule Time Netmask aan naomi Click Delete EENE Protocol Name Schedule Destination IP ERA ret Destination portis Outbound Netmask 0000 0000 0 65535 Block mei http Always On TCP Edit O Delete 0000 0000 90 50 Allow 0000 0000 0 65535 Block mei_dns Always On UDP Edit O Delete 0 0 0 0 0 0 0 0 53 53 Allow 0000 0000 0 65535 Block meitdns Always On TCP Edit O Delete 0000 0000 PIT Allow 0000 0000 0 65535 Block mei ftp Always On TCP Edit O Delete 0000 0000 21 21 Allow 0000 0000 0 65535 Block mei tnet Always On TCP Edit O Delete O 0000 0000 Ter Allow 2 Click Delete to delete the existing HTTP rule 3 Click Add TCP UDP Filter Packet Filter 1 Add TCP UDP Filter Add TCP UDP Filter O Add Raw IP Filter O 4 Input the Rule Name Time Schedule Source Destination IP Type Source Destination Port Inbound and Outbound Example Application Cindy HTTP Time Schedule Always On Source Destination IP Address es 0 0 0 0 I do not wish to active the address filter instead u
83. reate a new One to One NAI rule 73 Chapter 4 Configuration TW EA802 Bridge Router Add Virtual Server in ipwan IP interface Virtual Server Entry Time Schedule Always On Application Helper Protocol tcp i Global IP External Port from 0 to 0 Redirect Port from 0 to 0 Internal IP Address Candidates Return O Time Schedule A self defined time period to enable your virtual server You may specify a time schedule or Always on for the usage of this Virtual Server Entry For setup and detail refer to Time Schedule section Application Users defined description to identify this entry or click Helper O to select existing predefined rules Helper O 20 predefined rules are available Click the Radio button to select the rule Application Protocol and External Redirect Ports will be filled after the selection Protocol It is the supported protocol for the virtual server In addition to specifying the port number to be used you will also need to specify the protocol used The protocol used is determined by the particular application Most applications will use TCP or UDP Global IP Define a public WAN IP address for this Application to use This Global IP address must be defined in the Global IP Address External Port The Port number on the Remote WAN side used when accessing the virtual server Redirect Port The Port number used by the Local server in the LAN network Internal IP Address The private I
84. rvice is charged by time online 80 Chapter 4 Configuration TW EA802 Bridge Router Device Management The Device Management advanced configuration settings allow you to control your router s security options and device monitoring features Device Management Device Host Name Host Name home gateway Embedded Web Server HTTP Port 80 80 is default HTTP port Management IP Address 0 0 0 0 0 0 0 0 means Any Management IP Netmask 255 255 255 255 Management IP Address 2 0 0 0 0 Management IP Netmask 2 255 205 205 205 Expire to auto logout 180 seconds Universal Plug and Play UPnP UPnP O Enable Disable UPnP Port 2800 SNMP Access Control SNMP Y1 and Y2 Read Community public IP Address 0000 Write Community password IP Address 0 0 0 0 Trap Community IP Address SNMP V3 Username Password Access Right ORead ORead Write IP Address This setting will become effective after you save to flash and restart the router Apply Embedded Web Server 2 Management IP accounts HTTP Port This is the port number the router s embedded web server for web based configuration will use The default value is the standard HTTP port 80 Users may specify an alternative if for example they are running a web server on a PC within their LAN Management IP Address You may specify an IP address allowed to logon and access the router s web server Setting the IP ad
85. s O yes for static ARP table entries added by the user Routing Table Routing Table Routing Table valid Destination Metmask Gateway Interface Cost Y 0 0 0 0 0 0 0 0 192 168 21 1 1 RIP Routing Table Destination Metmask Gateway Cost Routing Table Valid It indicates a successful routing status Destination The IP address of the destination network Netmask The destination netmask address Gateway Interface The IP address of the gateway or existing interface that this route will use Cost The number of hops counted as the cost of the route RIP Routing Table Destination The IP address of the destination network Netmask The destination netmask address Gateway The IP address of the gateway that this route will use Cost The number of hops counted as the cost of the route DHCP Table DHCP Table Type Leased D Expired O Permanent O Leased The DHCP assigned IP addresses information 17 Chapter 4 Configuration TW EA802 Bridge Router IP Address A list of IP addresses of devices on your LAN Local Area Network Expired The expired IP addresses information Permanent The fixed host mapping information Leased Table Leased Table IP Address MAC Address Client Host Name Expiry IP Address The IP address that assigned to client MAC Address The MAC address of client Client Host Name The Host Name Computer Name of client Expiry The current lease time of client Expired Table Expire
86. s p lt Liit nt s hk verkon muuntajalle LAN 1 4 Liit nt tietokoneeseen verkkokaapelille RJ 45 liitin CONSOLE Liit nt konsolikaapelille LINE1 ja LINE2 Liit nt SHDSL yhteydelle 2 3 Laitteen kytkent Reset painikkeesta laitteen voi k ynnist uudelleen tai palauttaa tehdasasetuksille 3 RESET 1 3 sekunttia laite k ynnistyy uudelleen yli 6 sekunttia ja virrat pois ja takaisin p lle laite palautuu tehdasasetuksille Kytket n Ethernet kaapeli tietokoneen ja laitteen v lille Kytket n puhelinjohto Line liittimeen Laitetaan virrat p lle laitteeseen PWR SYS ja LAN valojen pit j d palamaan kiinte sti My s Line valo j palamaan kiinte sti kun SHDSL yhteys on muodostunut 3 Asetusten muuttaminen 3 1 Laitteen ohjelmointi Laitteen asetuksia muutetaan www selaimella Tietokoneessa pit olla verkkokortti TCP IP protokolla sek Internet selain Asetusten tallennus Jos jotain asetuksia muutetaan pit jokainen asetuksen muutos tallentaa kullakin asetus sivulla olevasta apply tai continue painikkeesta Lopuksi kun kaikki asetukset on muutettu pit asetukset viel tallettaa laitteen muistiin valitsemalla vasemmalta valikosta save config to flash ja save 3 2 Laitteen IP osoitteen muuttaminen Laitteen IP osoitetta voi muuttaa kohdassa Configuration LAN Ethernet Kohtaan IP address sy tet n haluttu IP osoite Muu
87. se the port filter Type TCP Please refer to Table1 Predefined Port Filter Source Port 0 65535 I allow all ports to connect with the application Redirect Port 80 80 This is Port defined for HTTP Inbound Outbound Allow 54 Chapter 4 Configuration TW EA802 Bridge Router Packet Filter Add TCP UDP Filter Rule Name Cindy HTTP Time Schedule Always On M Source IP Address es 0000 Metmask 0 0 0 0 Destination IP Address es 0000 Netmask 0 0 0 0 Type TCP M Source Port 0 65535 Destination Port 00 50 Inbound Allow M Outbound Allow v Return O 5 The new port filter rule for HTTP is shown below l 0 0 0 0 0 0 0 0 0 65535 Allow Cindy HTTP Always On TCP Edt O Delete O 0000 0000 30 80 Allow 6 Configure your Virtual Server port forwarding settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server Note For how to configure the HTTP in Virtual Server go to Add Virtual Server in Virtual Server section for more details Virtual Server Port Forwarding Add Virtual Server D Edit DMZ Host O Edit One to one NAT O Virtual Server Table Application Time Schedule Protocol External Port Redirect Port IP Address HTTP Server Always On tcp 80 80 80 80 192 168 1254 Edt O Delete O 99 Chapter 4 Configuration TW EA802 Bridge Router Intrusion Detection Intrusion Detection Parameters Intrusion Detection O Enable Disable Victim Prot
88. stalled the wrong way around can cause problems with your SHDSL connection including causing freguent disconnections Problems with the LAN Interface Can t ping any PCs on Check the Ethernet LEDs on the front panel The LED should be on for a the LAN port that has a PC connected If it is off check the cables between your router and the PC Make sure you have uninstalled any software firewall for troubleshooting Verify that the IP address and the subnet mask are consistent between the router and the workstations 90 Chapter 5 Troubleshooting TW EA802 Bridge Router Declaration of Conformity Manufacturer s name TeleWell Oy Manufacturer s Address Alhotie 14 B 04430 Jarvenpaa FINLAND declares that the products Model Name TW EA802 Type of Product G SHDSL bis modem conforms to the following Product Specifications Applicable Standards EN 301 489 1 V1 6 1 2005 09 EN 301 489 17 V1 2 1 2002 08 EN 300 328 V1 6 1 2004 11 EN 60950 1 1EC 60950 1 EN55022 1998 A1 2000 A2 2003 Class B EN61000 3 2 2000 A2 2005 EN61000 3 3 1995 A1 2001 EN55024 1998 A1 2001 A2 2003 IEC 61000 4 2 1995 A1 1998 A2 2000 IEC 61000 4 3 1995 A1 1998 A2 2000 IEC 61000 4 4 2004 IEC 61000 4 5 1995 A1 2000 IEC 61000 4 6 1996 A1 2000 IEC 61000 4 8 1993 A1 2000 IEC 61000 4 11 2004 One sample of the designated product has been tested in our laboratory and found to be in compliance with the EMC standards cited above We therefore certif
89. te PPP peer using IPCP The default setting for this command is disabled Discover Subnet Mask Specifies if the subnet mask given by IPCP negotiation process is to be used Give Subnet Mask To DHCP Server Enable to change your DHCP Server settings by using the given information in IPCP negotiation process IPOA Routed Connections WAN Connection IPoA Routed Description IPoA routed VPI 8 VCI 6 ATM Class UBR v NAT Enable Disable Obtain an IP address automatically via DHCP client O Use the following IP address IP Assignment IP Address Netmask Gateway RIP C RIP vi C RIP v2 RIP v2 Multicast MTU 1500 TCP MSS Clamp Enable O Disable Apply Description User definable name for the connection VPI VCI Enter the information provided by your ISP ATM Class The Ouality of Service for ATM layer NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single IP account sharing a single IP address If users on your LAN have public IP addresses and can access the Internet directly the NAT function can be disabled 33 Chapter 4 Configuration TW EA802 Bridge Router IP Assignment O Obtain an IP address automatically via DHCP client specify if the Router can get an IP address from the ISP Internet Service Provider automatically O Usethefollowing IP Address Specify the IP address manually the IP should be given by you our ISP RIP RIP v1 RIP
90. te VLAN Parameters VLAN Name VLAN ID 2 4094 ethernet wireless wireless wds Tagged Member Port s ethernet rfc1483 0 rfc1483 1 rfe1483 2 rfc1483 3 rfc1453 4 rfc14583 5 rfc1453 6 C ethernet C wireless C wireless wds Untagged Member Port s ethernet rfc1483 0 v ric1483 1 v rfc1483 2 rfc1483 3 Y rfc1483 4 Y rfc1483 5 Y rfc1483 6 Retum O VLAN Bridge Parameters Mame VLANID Tagged Ports Untagged Ports Edit Delete DefaultWlan 1 None ethernet wireless wireless wds Edit D ethernet1 rfc1453 0 fc1453 Video VLAN 2 None 1 rfc1483 2 rfc1483 3 rfc1483 EdtO Delete 4 rfc1403 5 rfc1403 6 Create VLANO Mapping the VLAN Bridge with Bridge Interface created in Step1 you will see the conformable relationship in these two screenshots Step 4 IGMP Snooping Enable Go Configuration gt Advanced gt IGMP IGMP Snooping must be enabled in order to allow video stream forwarding correctly IGMP Parameters IGMP Forwarding Enable Disable IGMP Snooping Enable O Disable 88 Chapter 5 Troubleshooting TW EA802 Bridge Router Mail Alert for WAN IP Send a log via Email when WAN IP is changed Default is set to Disable Mail Alert for WAN IP Parameters To Email Address Smtp Server Send a log via Email when WAN IP is change Enable Disable Apply To Email Address Enter the email address you wish to send SMTP Mail Server Enter your SMTP mail server name You Internet Service Provi
91. time of the schedule Select the Apply button to apply your changes Delete a Time Slot Click Clear to delete the existing Time profile i e erase the Day and back to default setting of Start Time End Time Tf Chapter 4 Configuration TW EA802 Bridge Router Advanced Configuration options within the Advanced section are for users who wish to take advantage of the more advanced features of the router Users who do not understand the features should not attempt to reconfigure their router unless advised to do so by support staff Here are items within the Advanced section Static Route Dynamic DNS Check Email Device Management IGMP VLAN Bridge and Mail Alert for WAN IP Static Route Click on Routing Table and then choose Create Route add a routing table Static Route Create Destination Netmask via Gateway or Interface v Cost 1 Destination This is the destination subnet IP address Netmask Subnet mask of the destination IP addresses based on above destination subnet IP Gateway This is the gateway IP address to which packets are to be forwarded Interface Select the interface through which packets are to be forwarded Cost This is the same meaning as Hop This should usually be left at 1 78 Chapter 4 Configuration TW EA802 Bridge Router Dynamic DNS The Dynamic DNS function allows you to alias a dynamic IP address to a static hostname allowing users whose
92. tly the NAT function can be disabled 31 Chapter 4 Configuration TW EA802 Bridge Router Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sensitive IP Address Specify an IP address allowed to logon and access the router s web server Note IP 0 0 0 0 indicates all users who are connected to this router are allowed to logon the device and modify data Authentication Protocol Type Default is Chap Auto Your ISP will advise you whether to use Chap or Pap Connection O Always on If you want the router to establish a PPPoA session when starting up and to automatically re establish the PPPoA session when disconnected by the ISP O Connect on Demand If you want to establish a PPPoA session only when there is a packet reguesting access to the Internet i e when a program on your computer attempts to access the Internet Idle Timeout Auto disconnect the broadband firewall gateway when there is no activity on the line for a predetermined period of time O Detail You can define the destination port and packet type TCP UDP without checking by timer It allows you to set which outgoing traffic will not trigger and reset the idle timer RIP RIP v1 RIP v2 a
93. to trigger the blocking 1 e during working hours For setup and detail refer to Time Schedule section Yahoo MSN Messenger Check the box to block either or both Yahoo or and MSN Messenger To be sure you enabled the Instant Message Blocking first Peer to Peer Blocking The default is set to Disabled O Disabled Instant Message blocking is not triggered No action will be performed O Always On Action is enabled O TimeSlot1 TimeSlot16 This is the self defined time period You may specify the time period to trigger the blocking 1 e during working hours For setup and detail refer to Time Schedule section BitTorrent eDonkey Check the box to block either or both Bit Torrent or and eDonkey To be sure you enabled the Peer to Peer Blocking first 60 Chapter 4 Configuration TW EA802 Bridge Router Firewall Log Firewall Log Event will be shown in the Status Event Log Filtering Log Enable Disable Intrusion Log O Enable Disable URL Blocking Log Enable Disable Firewall Log display log information of any unexpected action with your firewall settings Check the Enable box to activate the logs Log information can be seen in the Status Event Log after enabling QoS Quality of Service QoS function helps you to control your network traffic for each application from LAN Ethernet and or Wireless to WAN Internet It facilitates you to control the different quality and speed of through put for each a
94. toksen j lkeen valitaan apply Ethernet Primary IP Address IP Address 192 hee lo 1254 SubNetmask 255 12585 1255 0 RIP C RIPvi RIPv2 O RIP v2 Multicast Mik li IP osoitetta muutetaan pit my s verkkokortin IP tiedot muuttaa vastaamaan aluetta jolle IP osoite on muutettu 3 3 Ulkoverkon asetukset SHDSL asetuksissa m ritell n k ytett v t G SHDSL asetukset Asetuksia muutetaan kohdassa Configuration WAN SHDSL Muutoksien j lkeen asetukset voidaan tallentaa painamalla Apply painiketta asetukset tallennetaan pysyv sti muistiin kohdasta Save Config To FLASH G SHDSL 4 port Access Bridge Mozilla Firefox Tiedosto Muokkaa N yt Sivuhistoria Kirjanmerkit Ty kalut Ohje a e dar 1 http f192 168 0 254 3 E P LA Useimmin avatut Mb Aloitussivu i Uutisotsikot A Tani G SHDSL 4 port Access Bridge Status SHDSL Quick Start Parameters Configuration 4 Wired Connection Enhanced Save Config to FLASH MAMMY PE Language Annex Type Annex B x Bit Rate Mode Fixed vw Fixed Bit Rate 4488kbps Activate Line true v DSP Firmware Version G45 Connected true state Showtime Bit Rate 8976 Valmis Lis tietoa asetuksista l ytyy englanninkielisest ohjekirjasta TW EA802 G SHDSL bis Bridge Router User s Manual Table of Contents CHAPTER INTRODUCTION csi vels e v essa T Nt aTaaDelese DIASeaIKANKIOTONAA DAN U
95. ts to configure and manage the device Chapter 1 Introduction TW EA802 Bridge Router Chapter 2 Installing the Router Important note for using this router Do not use this router in high humidity or high temperatures Do not use the same power source for this router as other eguipment Do not open or repair the case yourself If this router is too hot Warning turn off the power immediately and have it repaired at a gualified service center Avoid using this product and all accessories outdoors Y Place this router on a stable surface Y Only use the power adapter that comes with the package Using a different voltage rating power adaptor may damage this router Attention Package Contents TW EA802 SHDSL bis Router RJ 11 SHDSL telephone Cable Ethernet CAT 5 LAN Cable Console tool AC DC power adapter 12V DC 1A Manual Chapter 2 Installing the Router TW EA802 Bridge Router The Front LEDs Lit when power is ON LAN Port Lit when connected to an Ethernet device 1X 4X Green for 100Mbps Orange for 10Mbps RJ 45 connector Blinking when data is Transmitted Received LINE1 and LINE2 Lit when successfully connected to SHDSL line and it is synchronized Chapter 2 Installing the Router TW EA802 Bridge Router The Rear Ports Connect the supplied power adapter to this jack After the device is powered on press it to reset the device or restore to factory default settings R
96. uals There are ways to connect with the router either through an external repeater hub to the router or directly connecting with PCs However to be sure PCs have an Ethernet interface installed properly prior to connecting to the router device You ought to configure your PCs to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router The default IP address of the router is 192 168 0 254 and the subnet mask is 255 255 255 0 i e any attached PC must be in the same subnet and have an IP address in the range of 192 168 0 1 to 192 168 0 253 If you encounter any problem accessing the router s web interface it may also be advisable to uninstall any kind of software firewall on your PCs as they can cause problems accessing the 192 168 0 254 IP address of the router Users should make their own decisions on how to best protect their network Please follow the steps below for your PC s network environment installation NOTE Any TCP IP capable workstation can be used to communicate with or through F the router To configure other types of workstations please consult the manufacturer s documentation Connecting Your Router 1 Connect the Router to a LAN Local Area Network and the SHDSL LINE 2 Power on the device 3 Make sure the PWR and SYS LEDs are lit steadily and that the relevant LAN and LINE LED are lit Chapter 3 Basic Installation Configuring PCs in Windows in Wind
97. um Receive Unit This is negotiated during the LCP protocol stage Discover Primary Secondary DNS This setting enables disables whether the primary secondary DNS server address is reguested from a remote PPP peer using IPCP The default setting for this command is enabled Give DNS to Relay Controls whether the PPP Internet Protocol Control Protocol IPCP can request the DNS server IP address for a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS relay so that a connection can be established Give DNS to Client Controls whether the PPP Internet Protocol Control Protocol IPCP can reguest a DNS server IP address for a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS client so that a connection can be established Give DNS to DHCP Server Similar to the above but gives the DNS server address to the DHCP server Discover Primary NBNS Discover Secondary NBNS This setting enables disables whether the primary secondary NBNS server address is reguested from a remote PPP peer using IPCP The default setting for this command is disabled Discover Subnet Mask Specifies if the subnet mask given by IPCP negotiation process is to be used 38 Chapter 4 Configuration TW EA802 Bridge Router DNS DNS Parameters Obtain DNS automatically Enable Primary DNS Secondary DNS A Domain Name System DN
98. v2 and RIP v2 Multicast Check to enable RIP function MTU Maximum Transmission Unit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface TCP MSS Clamp It is enabled by default All TCP traffic routed through the interface will be examined If a TCP SYN synchronize start segment is sent with a maximum segment size larger than the interface MTU Maximum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without reguiring fragmentation PPPoE Connections service Name IP Address Authentication Protocol Connection Idle Timeout RIP MTU TCP MSS Clamp MAC Address Spoofing WAN Connection PPPoE Routed Description PPPoE Routed VPI 8 VCI 35 ATM Class UBR ov NAT Enable O Disable Username Password 0 0 0 0 means Obtain an IP address automatically Chap uto Y Always On v O minutes C RIP vi O RIPv2 RIP v2 Multicast 1492 Enable Disable O Enable Disable Description User definable name for this connection VPI VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer 34 Chapter 4 Configuration TW EA802 Bridge Router NAT The NAT Network Address Translation feature allows multiple users to access the Internet through a single ISP account sharing a single IP address If users
99. vardino Valid sssusa j0sA 69 Add Vitti ES o lll ed 70 A A nad E mine sin t E DEEE PETO A ss A AOE ua JI Edit One to One NAT Network Address Translation ssssoso ona aasen 73 WES E AA JIE US N SEN SITTE a eae pera EAS IS LOI ars eh ISI TE 76 Contouratton o Time Schedulo siessen a a a lkka TT E CA ER 78 SIA10 ROI tous Nana s O A kaaosta 78 A needs mit ea m ete ft eens tuted m m est 79 CDEC Tassa sama sas S vassa ev tee eden es forsee VTE ToT ET OE a DREN ne VEO eR eRe s TOn 80 DC KC AA are een ne cee oe tee en Con ot cee eee ene Re ae nt vana eee 81 TON Ina ES 84 VEAN Ba o o e dd 84 Mat derrito WAN TP ii di 89 SAVE CONFIGURATION TO FLASH 0 89 E A 89 CHOICE DF AROUND OO A AI 90 PROBEEMS STARTING UP THE ROUTER ii daa 90 PROBLEMS WITH THE WAN INTERFACE tadas 90 PROBLEMS WITH THE LAN INTERFACE simislsiiesssvsa salu avasi daula sia dsalusa isla 90 TW EA802 Bridge Router Chapter 1 Introduction Introduction to your Router Welcome to the TW EA802 SHDSL bis Router Your SHDSL bis router is an all in one unit combining an SHDSL modem SHDSL router and Ethernet network switch providing everything you need to get the machines on your network connected to the Internet over your SHDSL broadband connection With features such as an SHDSL Ouick Start wizard and DHCP Server you can be online in no time at all and with a minimum of fuss and configuration catering for first time users to the guru regu
100. view and modify the data SNMP Version SNMPv2c and SNMPv3 SNMPv2c is the combination of the enhanced protocol features of SNMPv2 without the SNMPv2 security The c comes from the fact that SNMPv2c uses the SNMPv1 community string paradigm for security but is widely accepted as the SNMPv2 standard SNMPv3 is a strong authentication mechanism authorization with fine granularity for remote monitoring Traps supported Cold Start Authentication Failure The following MIBs are supported 82 Chapter 5 Troubleshooting From RFC 1213 MIB II M System group Interfaces group Address Translation group IP group ICMP group TCP group lt A lt ARN AN UDP group EGP not applicable Transmission SNMP group x A W From RFC1650 EtherLike MIB M dot3Stats From RFC 1493 Bridge MIB M dot1dBase group MI dot1dTp group M dot1dStp group if configured as spanning tree From RFC 1471 PPP LCP MIB MI ppplink group pppLar group not applicable From RFC 1472 PPP Security MIB M PPP Security Group From RFC 1473 PPP IP MIB M PPP IP Group From RFC 1474 PPP Bridge MIB M PPP Bridge Group From RFC1573 IfMIB MI ifMIBObjects Group From RFC1695 atmMIB MI atmMIBObjects Chapter 5 Troubleshooting TW EA802 Bridge Router 83 TW EA802 Bridge Router From RFC 1907 SNMPv2 MI only snmpSetSerialNo OID IGMP IGMP known as Internet Group Management Protocol is used to management h
101. y that the sample tested is able to declare conformity with the EMC Directive 89 336 EEC Amended by 92 31 EEC 93 68 EEC amp 98 13 EEC JARVENPAA FIN anuary 15 200 V Place Date Markku Aberg General Manager 91
102. y the Local server in the LAN network Internal IP Address The private IP in the LAN network which will be providing the virtual server S 11 Cn r8 m rr Chapter 4 Configuration TW EA802 Bridge Router application Candidates List all existing PCs connecting to the network You may assign a PC with IP address and MAC from this list Example If you like to remote accessing your Router through the Web HTTP at all time you would need to enable port number 80 Web HTTP and map to Router s IP Address Then all incoming HTTP requests from you Remote side will be forwarded to the Router with IP address of 192 168 1 254 Since port number 80 has already been predefined next to the Application click Helper A list of predefined rules window will pop and select HTTP_Sever Application HTTP Sever Time Schedule Always On Protocol tcp External Port 80 80 Redirect Port 80 80 IP Address 192 168 1 254 Virtual Server Port Forwarding Add Virtual Server D Edit DMZ Host O Edit One to one NAT D Virtual Server Table Application Time Schedule Protocol External Port Redirect Port IP Address HTTP Server Always On tcp 80 80 80 80 192 168 1 254 Edit QQ Delete Edit Click it to edit this virtual server application Delete Click it to delete this virtual server application Using port forwarding does have security implications as outside users will be able to connect to PCs on your network For this reason you
Download Pdf Manuals
Related Search