GRT-101/401 User`s Manual - PLANET Technology Corporation.
Contents
1. PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 4 9 Firewall V ADVANCED SHESL bis LAN WAN BRIDGE VIRTUAL SERVER IP QoS DONS A firewall is a set of related programs that protects the resources of a private network from other networks It prevents hackers to access your private data resource There are three security levels basic firewall security automatic firewall security and advanced firewall security 4 9 1 Basic Firewall Securit Home Basic Advanced Status Admin Utility ADVANCED FIREWALL Firewall Security Level u Firewall Security Level Security Level G Basic Firewall Security Hint This level only amblas the NAT disewall and the remote management security The NAT firewall will take Ect if NAT fienction is enabled 3 Automatic Firewall Security Hint This level enables basic Frawall security all DoS protection and the SPI ilta fienction D Advanced Firewall Securi A Hint A weer cen determine the security level Se special purpose environment end applications Dy comfizuring the DoS protection end defining an extra packet Elter with higher priority then the deBult SPI Elter Note that en improper Alter policy may dese the capability of the frewell andor even Dok the tomal network traic Bee wm zm Check Basic Firewall Security This level only enables the NAT firewall and the remote management security The NAT firewall will2. PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual The screen will prompt as follows Command admin user modify 5 profile lt name gt lt pass_conf gt Message Please input the following information Legal user name ENTER for default lt admin gt superman Input the old Access password Input the new Access password Re type Access password For example set up the legal user name is superman and access password is 1234 and use write command to store on NVRAM Finally you can use list command to check the listing of five profiles including on user name and their UI mode Next time when you re enter this system you can use this set of username and password You can set up a maximum of five profiles i e five sets of usernames and passwords User superman Password User Profile User profi Ai tpn eCommand JI ue eCommand ue Gommen atten Gommen Jaen Gommane For example when using the command list the screen will prompt as follows Legal Access User Profile No User Name UI Mode 1 test Menu 2 test 1 Menu 3 test 2 Command 4 test 3 Command 5 superman Menu 10 13 2 Security Security command can be configured as sixteen legal IP addresses for telnet access and telnet port number Move the cursor gt gt to security and press enter The default legal address is 0 0 0 0 It means that there is no restriction of IP t
3. All function can use Administration user lt Change User name and Password security snmp passwd zi Change supervisor password id lt Change supervisor ID sntp 10 13 6 SNTP Time synchronization is an essential element for any business that relies on an IT system The reason for this is that these systems all have clocks that are the source of time for files or operations they handle Without time synchronization time on these systems varies with each other or with the correct time and this can cause virtual server schedule processes to fail and system log exposures with wrong data There are two methods to synchronize time synchronize with PC or SNTPv4 If you choose 419 G SHDSL Bridge Router GRT 101 401 402 User s Manual synchronize with PC the router will synchronize with PC If you choose SNTPv4 the router will use the protocol to synchronize with the time server Synchronization with time server SNTP v4 needs to configure service time_server and time_zone Synchronization with PC does not need to configure the above parameters Move the cursor gt gt to sntp and press enter gt gt method Select time synchronization method service Tigger SNTP v4 0 service Dme server Configure time server 1 time_server2 Configure time server 2 time_server3 Configure time server 3 updaterate Configure update period time_zone Configure GMT time zone offset Ss ist Show SNTP configuration To co
4. Check Automatic Firewall Security Status ADVANCED FIREWALL Firewall Security Level a Firewall Security Level Security Level D Basic Firewall Security Hint This level only enables the NAT firewall and the remote management security The NAT firewall will take effect if NAT fonction is enabled Automatic Firewall Security Hint This level enables basic firewall security all DoS protection and the SPI Alter fonction Advanced Firewall Security Hint A user can determine the security level for special purpose environment and applications by confiroring the Dod protection and defining an extra packet filter with higher priority than the default BPI filter Note that an improper filter policy may dezrade the capability of the firewall and or even block the normal network traffic This level enables basic firewall security all DoS protection and the SPI filter function Press to complete setting firewall 53 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual ADVANCED FIREWALL Firewall Security Level Review To let the configuration thet you have changed take ect immediately plasse click Festat button to reboot the system To continue the setup procedure plesse click Continue button e Firewall Secericy Level Security Level Apres Firewall Seriy Do Protection Parameters Review Detect SH Attack Emis SYN As
5. PLANET Networking amp Communication User s Manual G SHDSL Bridge Router gt GRIT 101 GRT 401 GRT 402 www PLANET com tw o PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual Copyright Copyright 2013 by PLANET Technology Corp All rights reserved No part of this publication may be reproduced transmitted transcribed stored in a retrieval system or translated into any language or computer language in any form or by any means electronic mechanical magnetic optical chemical manual or otherwise without the prior written permission of PLANET PLANET makes no representations or warranties either expressed or implied with respect to the contents hereof and specifically disclaims any warranties merchantability or fitness for any particular purpose Any software described in this manual is sold or licensed as is Should the programs prove defective following their purchase the buyer and not PLANET its distributor or its dealer assumes the entire cost of all necessary servicing repair and any incidental or consequential damages resulting from any defect in the software Further PLANET reserves the right to revise this publication and to make changes from time to time in the contents hereof without obligation to notify any person of such revision or changes All brand and product names mentioned in this manual are trademarks and or registered trademarks of their respective holde
6. Chapter 10 Configuration via Serial Console or Telnet with Menu Driven Interface 10 1 Serial Console Check the connectivity of the RS 232 cable from your computer to the serial port of ROUTER Start your terminal access program with VT100 terminal emulation Configure the serial link with the following values Parameter Value Baud rate 9600 Data Bits 8 Parity Check No Stop Bits 1 Flow control No Press the SPACE key until the login screen appears When you see the login screen you can logon to Router Only SPACE key invoke the login prompt Pressing Note other keys does not work User admin Password The factory default user and passwords are both admin Note 10 2 Telnet Make sure the correct Ethernet cable connects the LAN port of your computer to this Router The LAN LNK LED indicator on the front panel will light up if a correct cable is used To start your Telnet client with VT100 terminal emulation and connect to the management IP of Router wait for the login prompt appears Input User and Password after login screen pops up User admin Password 104 d PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual The default IP address is 192 168 0 1 Note 10 3 Operation I nterface For serial console and Telnet management the Router implements two operational interfaces Command Line Interface CLI and menu driven interface The CLI mode provides users a simp
7. Create A New Account XRT 401F ICA HM132 ICA HM316 Internet Broadband Anger 2 Mega Pixel 20M IR Vari 2 Mega Pixel 11n Outdoor eee Router ES Focal Dome IP Camera IR IP Camera Access anytime amp anywhere Support amp Downlaod Sign in PLANET DDNS to register a simple u can find drivers firmware updates domain name to access home device other software and documentation ytime and anywhere Go for your PLANET products PLANET Technology Corp Copyright 2012 All Rights Reserved 62 PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual e After adding new account fill in the information below Home ERLE Advanced status TTL Utility ADVANCED DDNS DDNS Parameter DDNS Mode O Disable Enable Provider www _planetddns com Host Name grt test planetddns com Usemame qgrt test Password qrt test 63 PLANET Networking amp Communication G SHDSL B ridge Router GRT 101 401 402 User s Manual Chapter 5 Status gt ADVANCED INTERFACE On STATUS item you can monitor the following and CRC error count IP type MAC address IP address Subnet mask and DHCP client table Type IP address and MAC address WAN interface information 8 WAN interface including IP address Subnet Mask Mode Line rate and Performance information including SNR margin atteunation VPI VCI Encapsulation Protocol and Flag IP routing table including Flags Desti
8. None Enable zl WAN Disable 2 None None WAN Disable None Disable None WANS Disable None Disable None WAN4 Disable None Disable None WANS Disable None Disable None WANG Disable None Disable None WAN Disable None Disable None WANS Disable None Disable None E cm Wm Authentication code You can set up an authentication code here After modifying the RIP parameters press finish The screen will prompt the modified parameter Check the parameters and press to restart the router or press to set up another parameters 4 7 NAT DMZ NAT Network Address Translation is the translation of an Internet Protocol address IP address used within one network to a different IP address known within another network One 47 Pa PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual network is designated the inside network and the other is the outside Typically a company maps its local inside network addresses to one or more global outside IP addresses and reverse the global IP addresses of incoming packets back into local IP addresses This ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request NAT also conserves on the number of global IP addresses that a company needs and lets the company to use a single IP address of its com
9. be in the same location The routers can be used to create a daisy chain or ring 4 1 3 TCPAM Type TCPAM stands for Trellis Coded Pulse Amplitude Modulation It is the modulation format that is used in both HDSL2 and SHDSL and provides robust performance over a variety of loop conditions SHDSL bis supports 16 level TCPAM line code TPCAM 16 or 32 level TCPAM line code TCPAM 32 to provide a rate reach adaptive capability offering enhanced performance increased rate or reach and improved spectral compatibility The default option is Auto You may assign the different type manually by clicking the caption TRPCAM 16 or TPCAM 32 Only Annex AF and BG can apply using TCPAM 32 4 1 4 Data Rate For 2 wire model n 64kbps You can set up the SHDSL bis data rate in the multiple of 64kbps The default data rate is 5696Kbps n 89 For using Annex AF or BG TCPAM32 data rate is 192768Kbps 5696Kbps Nx64kbps N 312 89 TCPAM 16 data rate is 192Kbps 3840Kbps Nx64kbps N 3 60 For using Annex Aor B el PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual TCPAM16 192Kbps 2304Kbps Nx64kbps N 3 36 For 4 wire model n 128kbps You can set up the SHDSL bis data rate in the multiple of 128kbps The default data rate is 11392Kbps n 89 For using Annex AF or BG TCPAM32 data rate is 3841536Kbps 11392Kbps Nx128kbps N 312 89 TCPAM 16 data rate is 384Kbps 7680Kbp
10. Host Name This is the system name in BASIC Setup It is for identification purposes System Time This field displays the router s present date and time System Up Time This is the total time that the router has been on 85 K4 PLANET Networking amp Communication 7 2 SYSLOG gt BASIC gt ADVANCED gt STATUS gt ADMIN VW UTILITY SYSTEM INFO CONFIG TOOL UPGRADE LOGOUT RESTART G SHDSL Bridge Router GRT 101 401 402 User s Manual SHDSL bis routers support detailed logging via Syslog function The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event message The router can generate a syslog message and send it to a syslog server Press SYSLOG to send the syslog messages as shown below UTILITY SYSLOG Svstem Log bh wo ca en on Al w lt 129 gt Jan 1 2002 00 129 gt Jan 1 2002 01 configuration lt 129 gt Jan 1 2002 00 129 gt Jan 1 2002 00 lt 129 gt Jan 1 2002 00 lt 129 gt Jan 1 2002 00 lt 129 gt Jan 1 2002 00 lt 129 gt Jan 1 2002 00 lt 129 gt Jan 1 2002 00 700 00 SOHO System 7 16 05 SOHO System 00 00 SOHO System 00 00 SOHO System 00 00 SOHO System 00 00 SOHO System 00 00 SOHO System 00 00 SOHO System 00 00 SOHO System Finish Power Up User Reboot by web after modify Power Up Power Up Power Up Power Up Power Up Powe
11. The local server host IP address and port number are configured via server command The authorized access protocol is set up via protocol command Name command can be used to configure the service name of the host server Begin and end command is used to set up the local server schedule to access Virtual Server Virtual Server entry number 1 10 Interface 1 8 ICP UDP Port Number 1 65534 2 scoala NN EE E Seeler Seng fme Ening o You can view the fixed NAT mapping entry via list command 10 16 8 3 DMZ DMZ demilitarized zone is a computer host or small network inserted as a neutral zone between a company private network and the outside public network It prevents outside users from getting direct access to a server that has company private data To set up demilitarized zone move the cursor gt gt to dmz and press enter gt gt active Tigger DMZ host function address Configure virtual IP address and interface You can enable the demilitarized zone via active command After enabling the DMZ shift the cursor to address and press enter Command setup ip share dmz address lt ip gt lt 1 8 gt Message Please input the following information Virtual IP address 192 168 0 251 Active interface number Enter for default lt 1 gt 1 DMZ Host Function oDisable oEnable IP Address Active interface number PLANET e Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User
12. UDP Flood A UDP flood attack is a denial of service DoS attack using the User Datagram Protocol UDP A sender transmits a volume of requests for UDP diagnostic services which cause all CPU resources to be consumed serving the phony requests Ping of Death A ping of death POD attack attempts to crash your system by sending a fragmented packet when reconstructed is larger than the maximum allowable size Land attack A land attack is an attempt to slow your network down by sending a packet with 442 PLANET e Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual identical source and destination addresses originating from your network IP Spoofing IP Spoofing is a method of masking the identity of an intrusion by making it appeared that the traffic came from a different computer This is used by intruders to keep their anonymity and can be used in a Denial of Service attack Smurf attack The Smurf attack is a way of generating a lot of computer network traffic to a victim host That is a type of denial of service attack A Smurf attack involves two systems The attacker sends a packet containing a ICMP echo request ping to the network address of one system This system is known as the amplifier The return address of the ping has been faked spoofed to appear to come from a machine on another network the victim The victim is then flooded with responses to the ping As many responses are ge
13. VBR rt is characterized by a peak cell rate PCR substained cell rate SCR and maximun burst rate MBR VBR nrt Varible Bit Rate non real time is intended for non real time applications such as FTP e mail and browsing PCR Peak Cell Rate in kbps The maximum rate at which you expect to transmit data voice and video Consider PCR and MBS as a menas of reducing lantency not increasing bandwidth The range of PCR is 384kbps to 11392kbps SCR Substained Cell Rate The sustained rate at which you expect to transmit data voice and video Consider SCR to be the true bandwidth of a VC and not the lone term average traffic rate The range of SCR is 384kbps to 11392kbps MBS Maximum Burst Size The amount of time or the duration at which the router sends at PCR The range of MBS is 1 cell to 255 cells 10 16 3 6 ISP ISP command can configure account name password and idle time Idle time is from 0 minute to 300 minutes 10 16 3 7 IP Type 427 G SHDSL Bridge Router GRT 101 401 402 User s Manual Most of the ISPs use dynamic IP for PPP connection but some of the ISPs use static IP You can configure the IP type Dynamic Fixed and Unnumbered The setting is via ip_type command The ip unnumbered configuration command allows you to enable IP processing on a serial interface without assigning it an explicit IP address The ip unnumbered interface can borrow the IP address of another interface already configured on t
14. 0 You can view interface statistics data on one LAN port and maximum eight WAN ports 10 8 5 Firewall Move cursor gt gt to firewall and press enter Monitoring Window lt Current Firewall Status gt Attack Type Current Status History Status Packets dropped by DoS protect function 0 409 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Packets dropped by SPI filter function O Packets dropped by packet filter function O You can view firewall statistics Only for firewall models 10 8 6 IP_qos Move cursor gt gt to lp_qos and press enter Command status mp qos lt 0 8 gt Message Please input the following information Interface number lt 0 8 gt Monitoring Window lt Current IP QoS Statistics LAN Interface gt Preced InBytes InPackets OutBytes OutPackets OutDropByts OutDropPkts O O O O O CH O O O O O CH O O O O O CH 10 8 7 STP Move cursor gt gt to STP and press enter lt STP Status gt Bridge ID Designated ROOT ID 8000 000379 572002 8000 000379 572002 ROOT Port ROOT Path Cost None 0 Max Age Forward Delay Hello Time 20 15 2 secs PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual LAN WAN1 WAN2 WAN3 WAN4 WANS WANG WANZ WANS State F D D D D D D D D Priority 128 128 128 128 128 128 128 128 128 Path Cost 100 500 500 500 500 500 500 500 50
15. 132 168 0 1 Subnet Mask 255 255 255 0 D ae DNS Server 4 1688 35 11 E DNS Server 2 hees DNS Server 3 a WANI interface 20 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 3 3 3 Router mode Routing mode contains DHCP server DHCP client and DHCP relay Point to Point Protocol over ATM and Ethernet and IP over ATM and Ethernet over ATM You have to clarify which Internet protocol is provided by ISP Check and then press Next Two SHDSL modes of this product can be set up Central Office CO and Customer Premises Equipment CPE For connection with DSLAM the SHDSL mode is CPE For LAN to LAN connection one side must be CO while the other side must be CPE BASIC STEP1 Operation Vode System Mode ROUTE BRIDGE SHDSL bis Mode OCOSide CPE Side 3 3 4 DHCP Server Dynamic Host Configuration Protocol DHCP is a communication protocol that lets network administrators to manage centrally and automate the assignment of Internet Protocol IP addresses in an organization s network Using the Internet Protocol each machine that can be connected to the Internet needs a unique IP address When an organization sets up its computer users with a connection to the Internet an IP address must be assigned to each machine Without DHCP the IP address must be entered manually at each computer If computers move to another location in another part of th
16. 168 0 76 Local Port oOo eg Any 0 65535 Single 80 Remote Port Range 1024 5050 Protocol Precedence Description A brief statement describing this policy Local IP type IP address of local host in prioritized session Remote IP type IP address of remote host in prioritized session Local Port type the service port number of local host in prioritized session Remote Port type the service port number of remote host in prioritized session Protocol identify the transportation layer protocol type you want to prioritize e g TCP or UDP The default is ANY Precedence type the session s prioritized level you classify 0 is lowest priority 5 is highest priority Click when all parameters are finished Status i Utility ADVANCED IP QoS IP QoS Parameters e General IP QoS Parameters Trigger IP QoS Service Disable Enable ma IP QoS Policies ndex Enable Protocol Local Remote Precedence Descri Description Gi ON w ANY 192 168 1 10 0 65535 192 168 0 15 80 test m O2 oN ell ANY 192 168 0 15 80 0 0 0 0 1024 5640 test2 You can modify or delete the policies by clicking or command 60 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Click Finish to make a review of all IP QoS parameters Atvanced Status i Utility ADVANCED IP QoS IP QoS Parameter Review To let the configuration that you have chan
17. 994 1 G hs Encoding Scheme TCPAM 16 TCPAM 32 EFM Bonding IEEE 802 3ah PAF Data Rate N x 64Kbps N 3 89 N x 64Kbps N 3 89 N x 128Kbps N 3 89 Impedance 1350hms LAN Interface 1x RJ 45 4 x RJ 45 4 x RJ 45 Ethernet 10Base T 100Base TX Data Rate 10 100Mbps Full Half Duplex Console port RS 232 General PWR ALM WAN LINE ACT LED Indicator 1 x LNK ACT 4 x LNK ACT 4 x LNK ACT Routing Bridging Configuration Network management SNMPv1 SNMPv2 agent ATM Up to 8 PVCs UBR CBR traffic shaping AAL5 OAM F5 loopback ATM Forum UNI 4 0 AAL5 Encapsulation VC multiplexing and SNAP LLC Ethernet over ATM RFC 2684 1483 PPP over ATM RFC 2364 Classical IP over ATM RFC 1577 PPP PPP over Ethernet RFC 2516 PPP over ATM RFC 2364 User authentication with PAP CHAP MS CHAP Physical Electrical Power 12VDC 40N S O Operating Temp 0 45 degrees C 20 70 degrees C 0 95 degrees C non condensing 0 95 degrees C non condensing EMC EMI FCC CE G SHDSL Bridge Router GRT 101 401 402 User s Manual 1 3 Applications SHDSL bis Router ATM Mode SHDSL bis Router cree EFM Mode S gt SHDSL bis Router ATM Mode SHDSL bis Router Q EFM Mode Combination with EFM or ATM DSLAM S SHDSL bis Router Bridge SHDSL bis Router Bridge EFM or ATM mode EFM or ATM mode Point to point Connection 10 PLANET Netwo
18. AkNv OSYN JACK ICMP only Echo_Reply Dest_Unreach Src_Quench Redirect ICMP flag JEcho_Request R_Advertise R_Solicit T Exceed Param_Problem T Stamp 444 PLANET w i Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual T_Stamp_Reply _ Info_ Request Info_ Reply JoAddr_Mask_Request JAddr_Mask_Reply Desorption 1 Enable 99 om Begntime SOS Endtime Action DENY JPERMIT 10 16 9 3 DOS Protection DoS protection parameters can be configured in dos_ protection menu Move the cursor to dos_ protection and press enter gt gt syn_flood Enable protection SYN flood attack icmp_ flood Enable protection ICMP flood attack udp_ flood Enable protection UDP flood attack ping death Enable protection PING of death attack land_attack Enable protection land attack ip_spoff Enable protection IP spoofing attack smurf_attack Enable protection smurf attack fraggle attack Enable protection fraggle attack SYN flood A SYN flood is a form of denial of service attack attempts to slow your network by requesting new connections but not completing the process to open the connection Once the buffer for these pending connections is full a server will not accept any more connections and will be unresponsive ICMP flood A sender transmits a volume of ICMP request packets to cause all CPU resources to be consumed serving the phony requests
19. Configure operation and auto summery mode lan Configure LAN interface RIP parameters wan Configure WAN interface RIP parameters list Show RIP configuration Generic RIP Parameters Generic command can set up RIP mode and auto summary mode Generic RIP Parameter Rip Mode oDisable coEnable Auto Summary oDisable cEnable Interface RIP Parameters LAN If there are other routers in your LAN you can configure LAN interface RIP parameters via lan command Command setup route rip lan lt 1 1 gt lt more gt Message Please input the following information Active interface number lt 1 1 gt gt gt attrib Operation authentication and Poison reverse mode version RIP protocol version authe Authentication code 433 WAN1 WANS The product supports 8 PVCs and you can configure the RIP parameters of each WAN via wan command Move the cursor gt gt to wan and press enter G SHDSL Bridge Router GRT 101 401 402 User s Manual Command setup route rip wan lt 1 8 gt lt more gt Message Please input the following information Active interface number lt 1 8 gt 1 gt gt attrib Operation authentication and Poison reverse mode version RIP protocol version authe Authentication code Attrib command can configure RIP mode authentication type and Poison reverse mode Version command can configure RIP protocol version Authe command can configure authentication code Interface RIP Parameter I
20. GRT 101 401 402 User s Manual Chapter 6 Administration This session introduces security and simple network management protocol SNMP and time synchronous gt BASIC gt ADVANCED ADMIN SECURITY SNMP SYSLOG TIME SYNC 6 1 Security For system secutiry suggest to change the default user name and password in the first setup otherwise unauthorized persons can access the router and change the parameters There are three ways to configure the router Web browser telnet and serial console Press to set up the parameters gt BASIC gt ADVANCED gt STATUS ADMIN e e SNMP e SYSLOG e TIME SYNC For greater security change the Supervisor ID and password for the router If you don t set them all users on your network can be able to access the router using the default Supervisor IP and Supervisor Password is roof You can authorize five legal users to access the router via telnet or console only There are two Ul modes menu driven mode and line command mode to configure the router There are two Ul modes menu and command mode for telnet or console mode to set up the Router The Menu means menu driven interface mode and Command means line command mode We will 76 eg PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual not discuss command mode in this manual The default user name and password are admin Legal address pool will set up the legal IP addresses from which
21. MAC address and its associated port When using the port based VLAN the port is assigned to a specific VLAN independent of the user or system attached to the port This means all users attached to the port should be members in the same VLAN The network administrator typically performs the VLAN assignment The port configuration is static and cannot be automatically changed to another VLAN without manual reconfiguration As with other VLAN approaches the packets forwarded using this method do not leak into other VLAN domains on the network After a port has been assigned to a VLAN the port cannot send to or receive from devices in another VLAN 41 P 8 8 8 8 a al alelala 2PloO ojolol o j olo l o a oa ePlO oj ol o o j olo o a oa eloj ojololo olo o a oa s o nnmnnn n a o o elO oj ol o o j olo o a o riol oj olo o l ololol oal oa ala ePloOl ojolo o ololal a v a a a The default setting is all ports LAN1 to LAN4 and WAN1 to WAN8 connected together which means all ports can communicate with each other That is there are no virtual LANs The G SHDSL Bridge Router GRT 101 401 402 User s Manual cy SCH CS ECH SR ECH alg oji O K O O seepe aael K KIK UK option is the most flexible but the least secure Port Based VLAN Table No LAN1 LAN2 LAN3 LAN4 WANT WAN2 WAN3 WAN4 WANS WANG WAN7 WANS M H oj o ol Ha olj oj ol oljo l o ja z2jJofmwj olfjolol alslyaoljal ala
22. Move up down lt L J gt Select Unselect lt U 0O gt Move top bottom lt Q gt Help From top to bottom the window will be divided into four parts 1 Product name GRT 101 GRT 401 GRT 402 2 Menu field Menu tree is prompted in this field gt gt symbol indicates the cursor place 3 Configuring field You will configure the parameters in this field lt parameters gt indicates the parameters you can choose and lt more gt indicates that there have submenu in the title 4 Operation command for help The following table shows the parameters in the brackets lt ip gt An item enclosed in brackets is required If the item is shown in lower case bold it represents an object with special format For example lt ip gt may be 192 168 0 3 Two or more items enclosed in brackets and separated by vertical bars means that you must choose exactly one of the items If the item is shown in lower case bold with leading capital letter it is a command parameter For example Route is a command parameter in lt Route Bridge gt 1 1999 An item enclosed in brackets is optional Two or more items enclosed in brackets and separated by vertical bars means that you can choose one or none of the items 403 PLANET G SHDSL Bridge Router GRT 101 401 402 User s Manual 10 5 Menu Driven I nterface Commands Before changing the configuration familiarize yourself with the operations list in the following t
23. NAT Virtual IP address and range Base Address Number of Address 2a ff ER EM 5l TI You can delete virtual IP address range from 1 to 5 by using delete command You can view the virtual IP address range via list command Global IP address pool gt gt range Edit global IP address pool interface Bind address pool to specific interface delete Delete global IP address pool list Show global IP address pool Command setup mp share nat global range lt 1 5 gt lt ip gt lt 1 253 gt Message Please input the following information NAT global IP address range entry number lt 1 5 gt 1 Base address 122 22 22 2 Number of address 3 After configuration global IP address range you can bind address pool to specific interface via interface command NAT Global IP Address and range Base Address Number of Address Active Interface Numbe 1 8 1 2 Ir DAN BE 2 II 2 Ir zl TI Command setup mp share nat global interface lt 1 5 gt lt 1 8 gt Message Please input the following information NAT global ddress range entry number lt 1 5 gt 1 Active interface number lt 1 8 gt 1 You can delete global IP address range from 1 to 5 by using delete command 436 PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual You can view the global IP address range via list command Fixed IP address mapping virtual Virtual IP address pool global Global IP address pool gt gt Fixed Fixed I
24. PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Press Wd on the bottom of web page to add the static bridge information ADVANCED BRIDGE Generic Bridge Parameters DeBult Gateway Static Bridge Parameters a Table of Current MAC Entries Deny PCs to access Joteret except Search MACs Disable O Enable 1 Filter E Filter PEET 2 Filter 6 Filter 1 00 30 4F 87 89 01 Filtar e Ee e Ee 4 Filter S Filter If you want to filter the designated MAC address of LAN PC to access Internet press to establish the filtering table Put the MAC address in MAC Address field and select in LAN field If you want to filter the designated MAC address of WAN PC to access LAN press to establish the filtering table Key the MAC address in MAC Address field and select Filter in WAN field For example if your VC is setup at WAN 1 select WAN 1 Filter Press on the bottom of web page to review the bridge parameters e PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual ADVANCED BRIDGE Bridge Parameters Review To let the configuration that you have changed take effect immediately please click Restart button to reboot the system To continue the setup procedure please click Continue button vg Static Bridge Parameter Deny PCs to access Internet except forward MACs Disable Ho WAC Address Lan WAN WAN WANS WANA WANS WANS WANT WANS 1 D 30 47 87 3
25. PVC and protocol information You can see the routing table via route command The statistic status of WAN and LAN interface can be monitor by interface command firewall Show firewall status for firewall models only Show IP QOS status Show the STP status on all LANs and WANs Clear all statistics data 10 8 1 Shdsl bis Move cursor gt gt to shdsl bis and press enter If the Router is 4 wire model it will show two channels status as follows Monitoring Window lt SHDSL bis Status gt Channel A B SHDSL bis Mode CPE Side CPE Side Line Rate n 64 Okbps Okbps Current SNR Margin QOdB OdB Attenuation OQOdB OdB CRC Error Count 0 0 SHDSL Remote Side Status Channel A B Current SNR Margin OdB OdB Attenuation gt 0dB OdB CRC Error Count 0 0 Monitoring Window lt SHDSL bis Status gt 407 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual SHDSL bis Mode Line Rate n 64 CPE Side Current SNR Margin Okbps Attenuation 0dB CRC Error Count 0dB 0 SHDSL Remote Side Status Current SNR Margin 0dB Attenuation 0dB CRC Error Count 0 Show SHDSL bis status includes the Mode Line Rate Current SNR Margin Attenuation and CRC error count on both side They are real time status and the screen may refresh anytime 7 mI You can press the c key to clear CRC error counter Press Ctrl C can quit t
26. SHDSL connection disconnected SHDSL self test 2 2 Rear Panel Ports The connectors on the rear panel provide Power LAN CONSOLE and LINE interfaces Figure 2 4 GRT 101 Rear Panel Figure 2 5 GRT 401 GRT 402 Rear Panel 12 PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual The following table describes the connectors functions Table 2 3 Connector Functions DC IN Power adaptor inlet Input voltage 12VDC Ethernet interface for LAN port RJ 45 CONSOLE RS 232C DBQY for system configuration and maintenance LINE SHDSL interface for WAN port RJ 45 Reset button for factory default 2 3 Rear Panel Connections The figure shows the rear panel connections of GRT series The STU R is a standalone and is able to place on desktop All the external wiring is located at the rear panel The LAN port is a 10 Base T 100Base TX auto sensing and half full duplex Ethernet interface and complied with IEEE 802 3 802 3u respectively The console RS 232C interface for configuration is menu driven operation and can also be configured through Ethernet interface by Telnet or Web based operation Power Adapter ia as DI Wall Jack Figure 2 6 Direct Connection with PC or NB 13 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual File Serer ZS ZE Mobile Devi
27. Status Admin Utility ADMIN SNMP SNMP Community and Trap Parameters Table of current community pool Table of current trap bost pool Index Version IPAddress Community at Dissble mo Dissble ge mes a Disable Lee e Ou Dede D5 Dissble ges 6 2 1 Community pool Press Modify to modify the community pool You can set up the access authority SNMP Community and Trap Parameters Table of current community pool EEn a ee 5 Disable cen coe SNMP Status SNMP Community and Trap Parameters Table of current community pool Index Index r i pa sess Right Disable ony Disable Disable z Disable on E Access Right for deny all access Read for access read only Write for access read and write 79 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Community it serves as password for access right After configuring the community pool press Ok 6 2 2 Trap host pool SNMP trap is an informational message sent from an SNMP agent to a manager Click Modify to modify the trap host pool Table ofcurrent trap host pool Index Version IP Address Community 1 Disable D 192 168 0 254 private 3 4 Disable 5 Disable cm SN Version select version for trap host Version 1 is for SNMPv1 for
28. Typically a company maps its local inside network addresses to one or more global outside IP addresses and reverse the global IP addresses of incoming packets back into local IP addresses This ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request NAT also conserves on the number of global IP addresses that a company needs and lets the company to use a single IP address of its communication in the Internet world To configure Network Address Translation NAT Move the cursor gt gt to ip_share then press gt gt nat Configure network address translation pat Configure port address translation dmz Configure DMZ host function gt gt virtual Virtual IP address pool global Global IP address pool Fixed Fixed IP address mapping The virtual menu contains a range of virtual IP addresses delete virtual IP addresses and show virtual IP addresses gt gt range Edit virtual IP address pool delete Delete virtual IP address pool List Show virtual IP address pool Command setup ip_ share nat virtual range lt 1 5 gt lt ip gt lt 1 253 gt Message Please input the following information NAT local address range entry number lt 1 5 gt 1 Base address 192 168 0 2 Number of address 49 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual
29. and press enter gt gt user Manage user profile security Setup system security snmp Configure SNMP parameter passwd Change supervisor password id Change supervisor ID sntp Configure time synchronization 10 13 1 User Profile You can use user command to clear modify and list the user profile You can set up at most five users to access the router via console port or telnet in user profile table however users who have the supervisor password can change the configuration of the router Move the cursor gt gt to user and press enter key gt gt clear Clear user profile modify Modify the user profile list List the user profile You can delete the user by number using clear command If you do not make sure the number of user you can use list command to check it Modify command is to modify an old user information or add a new user to user profile To modify or add a new user move the cursor to modify and press enter Command admin user modify lt 1 5 gt lt more gt Message Please input the following information Legal access user profile number lt 1 5 gt 2 gt gt Attrib UI mode Profile User name and password There are two UI modes command and menu mode to set up the router We will not discuss command mode in this manual Move the cursor to Attrib to change the UI mode on this profile Move the cursor to Profile and press enter you can change the username and their password on this profile 414
30. be sent at the peak rate The range of MBS is 1 cell to 255 cells Username Enter the user name exactly as your ISP assigned Password Enter the password associated with the user name above Password confirm Enter the password again for confirmation Idle Time You can specify an idle time on this field when you don t want the connection up all the time IP type A static IP address is a fixed IP that your ISP gives you A dynamic IP address is not fixed the ISP assigns you a differnet one each time you connect to the Internet Press to finish setting The screen will prompt the parameters that will be written in NVRAM Check the parameters before writing in NVRAM 36 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Press to restart the router working with new parameters or press continue to setup other parameters 4 3 Bridge If you want to setup advanced filter function while router is working in bridge mode you can use BRIDGE menu to setup the filter blocking function Click to setup Y ADVANCED SHDSL bis VIRTUAL SERVER FIREWALL IP Qos DDNS Advanced Status Admin Utility ADVANCED BRIDGE Generic Bridge Parameters u General Parameter Default Gateway Static Bridge Parameters a Table of Current MAC Entries Deny PCs to access Internet except forward MACs Disable Enable aioe be oe 00 00 00 00 00 00 37
31. from WAN to LAN or OUTBOUND from LAN to WAN Action DENY block or PERMIT allow Description Type a description for your customized service Src IP Address The source addresses or ranges of addresses to which this packet filter rule applies Address 0 0 0 0 is equivalent any Dest IP Address The destination addresses or ranges of addresses to which this packet filter rule applies Address 0 0 0 0 is equivalent any Schedule Select everyday always or the day s of the week to apply the rule Enter the start and end times in the hour minute format to apply the rule 57 GG PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual For example if you want to ban all of the protocols from the IP e g 200 1 1 1 to access the all PCs e g 192 168 0 2 192 168 0 50 in the LAN key in the parameter as Protocol ANY Direction INBOUND INBOUND is from WAN Action DENY Description Hacker Src IP Address 200 1 1 1 Dest IP Address 192 168 0 2 192 168 0 50 Schedule You can set always or any time range which you want Press OK to finish Home Basic Advanced Status Admin Utility FIREWALL PKT FILTER Packet Filtering Parameters a General Packet Filtering Parameter Trigger Packet Filtering Service Gei Disable Enable Drop Fragmented Packets Disable Enable a Access Policies Index Enable Protocol Direction Action Source Destination ba zn Schedule Description Pool is Empty The
32. of Internet Protocol IP addresses in an organization s network Using the Internet Protocol each machine that can connect to the Internet needs a unique IP address When an organization sets up its computer users with a connection to the Internet an IP address must be assigned to each machine Without DHCP the IP address must be entered manually at each computer If computers move to another location in another part of the network a new IP address must be entered DHCP lets a network administrator to supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network To configure DHCP server move the cursor gt gt to dhcp and press enter gt gt generic DHCP server generic parameters fixed DHCP server fixed host IP list relay DHCP relay parameter list Show DHCP configuration 10 16 11 1 DHCP Server generic The generic DHCP parameters can be configured via generic command gt gt active Trigger DHCP server function gateway Default gateway for DHCP client netmask Subnet mask for DHCP client ID range Dynamic assigned IP address range lease_time Configure max lease time Damme server Domain name server name_server2 Domain name server2 name_server3 Domain name server3 Command Description Active _ s Trigger DHCP server function 445 PLANET Networking amp Communication GSHDSL Bridge Router GRT 1
33. permit the definition operation and administration of VLAN topologies within a bridged LAN infrastructure ADVANCED VLAN Virtual LAN Parameters u General Parameter Hote Route mode does not support Vlan Mode Disable 602 12 Tag Based VLAN Port Based VLAN 4 4 1 802 1Q Tag based VLAN For setting 802 1Q VLAN check the 802 1Q Tag based VLANI The screen will prompt as the following Home Basic Advanced status Admin Utility ADVANCED VLAN Virtual LAN Parameters e General Parameter Mode Dissble 902 10 Tag Besed VLAN Port Based VLAN a 201 10 Tag Based VLAN Table Ho vwo cani LAN2 LAN3 ana wani WAN WANS WANA WANS wane WANT WANS he a 2 ow ow CECR CC zie oo a Is IS Is II SI SI II E o bp n m ifaw ss Is SIS Us m m m eE ie a a a aliam a ea a a a m aie e e gg Is gg eae Is a a e ek i a ma m eja m jalm a a m m ep m a m m Sg m e aom elma ee aaea M y PVID e e Me ee Ee IE 1E k i T V dl lt 1 V tn 4 I S lt VID Virtual LAN ID It is a definite number of ID range from 1 to 4094 PVID Port VID It is an untagged member from 1 to 4094 of default VLAN Link Type Access means the port can receive or send untagged pack
34. subdirectories of setup Move the cursor gt gt to setup and press enter gt gt mode Switch system operation mode Shdsl bis Configure SHDSL parameters wan Configure WAN interface profile bridge Configure transparent bridging vlan Configure virtual LAN parameters stp Configure bridge STP parameters route Configure routing paramters lan Configure LAN interface profile ip_share Configure NAT PAT parameters firewall Configure Firewall parameters ID qos Configure IP QoS paramters dhcp Configure DHCP parameters dns_ proxy Configure DNS proxy parameters hostname Configure local host name default Restore factory default setting 10 16 1 Operation Mode The product can act as routing mode or bridging mode The default setting is routing mode You can change the system operation mode by using mode command Move the cursor gt gt to mode and press enter Command setup mode lt Route Bridge gt Message Please input the following information System operation mode TAB select lt Route gt Route Operation Mode Operation Mode JRoute Bridge 10 16 2 SHDSL bis You can set up the SHDSL parameters by the command shdsl Move the cursor gt gt to shdsl and press enter gt gt mode Configure SHDSL bis mode link Configure shdsl bis link n 64 Configure SHDSL bis data rate type Configure SHDSL bis annex type margin Configure SHDSL bis SNR margin tcpam Configure shdsl bis TCPAM type probe Configure shd
35. table rip Configure RIP protocol 10 16 6 1 Static If the Router is connected to more than one network it may be necessary to set up a static route between them A static route is a pre determined pathway that network information must travel to reach a specific host or network With Dynamic Routing you can enable the Router to automatically adjust to physical changes in the network s layout The Router using the RIP protocol determines the network packets route based on the fewest number of hops between the source and the destination The RIP protocol regularly broadcasts routing information to other routers on the network You can set up 20 sets of static route in static command After entering static menu the screen will show as follows gt gt add Add static route entry delete Delete static route entry List Show static routing table You can add 20 sets of static route entry by using add command Type the IP information of the static route including IP address subnet mask and gateway Static Route Table IP Address Subnet Mask o PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual You can delete the static route information via delete command You can review the static route entry by using list command 10 16 6 2 Rip To configure Routing Information Protocol RIP you can use rip command to set up the parameters Move the cursor gt gt to rip and press enter gt gt generic
36. take effect when NAT function is enabled The remote management security by default will block any WAN side connection to the device Non empty legal IP pool in ADMIN will block all remote management connection except those IPs specified in the pool Press to finish setting of firewall and review the parameters 52 PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual Home Basic Advanced Status Admin Utility ADVANCED FIREWALL Firewall Security Level Review To let the comigzurtion thet you have changed take elect immediately please click Restat button to reboot the system To continue the setup procedure plasse click Continue button w Firewall ecerity Level Security Level Saus eer Deh Dap Protection Parameters Review Detect SCH Attack Dirie SYN Amack Thesaincld 100 parisis ge second Detect ICMP Flood Dirie ICME Flood Deeg 100 eegen ger second Detect UDP Flood Tiie UDP Flood Thoestold 2100 pecie oer second o E i Packet Filtering Parameter Review u General Packer Filteries Parameter Drop Fragmented Packets Dizzie m Acces Pobicie Index Enable Protocol Direction Action Source Destination TCP Flag ICMP Type Schedule Description Po ls Empi The screen will prompt the parameters to be recorded in NVRAM Please check these parameters Press o restart the router or press to set up another function 4 9 2 Automatic Firewall Security
37. term for a modem and similar devices PPPoE and PPPoA can be used to office or building Users share a common Digital Subscriber Line DSL cable modem or wireless connection to the Internet PPPoE and PPPoA combine the Point to Point Protocol PPP commonly used in dialup connections with the Ethernet protocol or ATM protocol which supports multiple users in a local area network The PPP protocol information is encapsulated within an Ethernet frame or ATM frame 24 PLANET e Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Bridge BAS IP 192 168 0 1 IP 192 168 0 254 Netmask 255 255 255 0 Gateway 192 168 0 254 L ps a ZE L se ber re T 7 T D a b d Ceci Ze oh GER GC AN d E d 1 wl PC DSLAM 4 cf IP 192 168 0 2 VPI 0 VCI 32 Netmask 255 255 255 0 Encapsulation LLC Gateway 192 168 0 254 How to set up this mode Key in the WAN1 parameters VPI 0 VCI 32 AAL5 Encap ULC Protocol PPPoA NAT or PPPoE NAT Click Next to set up user name and password Utility BASIC STEP4 WANI VFI AALS Enap O VC ma LLC be Protocol IPoA IIF2A MAT EnA FoAthAT PPPoAs hAT PPPoE NAT 25 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Utility BASIC STEPS ISP1 Username Password Password Confirm Idle Time IP Type IP Ad
38. the factory default user admin When the system prompts you for a password type admin to enter GRT series 7 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 3 2 3 Web browser Make sure the correct Ethernet cable is used for connecting the LAN port of your computer to GRT series The LAN LNK indicator on the front panel will light up if a correct cable is used To start your web browser and connect to the management IP of GRT series wait for the login screen to appear When you see the login screen you can logon to GRT series The factory default management IP and subnet mask are 192 168 0 1 and 255 255 255 0 respectively If you have not changed password setting for web interface enter the factory default user root When GRT prompts you for a password type root Enter Network Password i 37 x Flease type your user name and password Site 192 168 0 1 Realm system setup UserName froot Password i Save this password in your password list cancel 13 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 3 3 Web Operation and Quick Installation Guide 3 3 1 Bridge Mode IP 192 168 0 1 GRT 101 Mask 255 255 255 0 A IP 192 168 0 31 Se Mask 255 255 255 VPI 0 VCI 33 Gateway 192 168 0 254 Encapsulation LLC 3 3 2 Web UI Configuration After connection via w
39. with other router 45 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Disable The gateway does not participate in any RIP exchange with other routers Enable The router broadcasts the routing table of the router on the LAN and incoporates RIP broadcast by other routers into it s routing table Silent The router does not broadcast the routing table but it accepts RIP broadcast packets that it receives a Table of Current Interface RIP Parameter eRe ee eee Le ae LAN Disable D sl None Enable WAN Di 2 None Enable None WAN2 None Disable None WANS Disable None Disable None WAN4 Disable None Disable None WANS Disable None Disable None WANG Disable None Disable None WAN Disable None Disable None WANG Disable None Disable None WH cm Wm RIP Version It determines the format and broadcasting method of any RIP transmissions by the gateway RIP v1 it only sends RIP v1 messages only RIP v2 it sends RIP v2 messages in multicast and broadcast format Table of Current Interface RIP Parameter Inte Tace RIP V rsion Authentication Poison Authentication Mode Required Reverse Code WANI Disable None Enable None WAN Disable None Disable None WANS Disable None Disable None WAN Disable None Disable None WANS D
40. 0 lt Hint gt D Disable B Blocking LS Listening LN Learning F Forwarding You can view all STP status on all LAN and WANs ports The STP state per LANs and WANs are as following Blocking A port that would cause a switching loop no user data is sent or received but it may go into forwarding mode if the other links in use were to fail and the spanning tree algorithm determines the port may transition to the forwarding state BPDU data is still received in blocking state Listening The switch processes BPDUs and awaits possible new information that would cause it to return to the blocking state Learning While the port does not yet forward frames packets it does learn source addresses from frames received and adds them to the filtering database switching database Forwarding A port receiving and sending data normal operation STP still monitors incoming BPDUs that would indicate it should return to the blocking state to prevent a loop Disabled Not strictly part of STP a network administrator can manually disable a port 10 8 8 Clear Move cursor gt gt to Clear and press enter You can Clear all statistics by this command Command status clear lt CR gt Message Clear OK 10 9 Show You can view the system information configuration and configuration in command script by show command Move cursor gt gt to show and press enter PLANET Networking amp Communication GSHDSL B
41. 01 401 402 User s Manual DHCP Server DHOLClentgatoway ooo DHCP CientNetmask Oooo Sar iPaddress SSS AddressRange Lossen 1 Nameserver Namesever2 NameSeversiP 10 16 11 2 DHCP Server Fixed Host Fixed Host IP Address list are setup via fixed command gt gt add Add a fixed host entry delete Delete a fixed host entry When use the fixed host entry you must enter the MAC address and IP address at the same time Up to 10 maximum fixed host IP addresses can be configured DHCP Server with Fixed Host 10 16 11 3 DHCP Relay Active the DHCP relay and remote server IP address via relay command Command setup dhcp relay lt Disable Enable gt lt ip gt Message Please input the following information Parameter of command relay TAB Select lt Disable gt Enable IP address ENTER for default lt 192 168 0 124 gt 446 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual DHCP Relay DHCP Relay oDisable cEnable You can view the full DHCP configuration via list command 10 16 11 4 DNS Proxy The Domain Name Service DNS is a system designed to allow the identification of Internet servers to be based on names rather than IP addresses Because Internet communication is based on IP addresses all names must be translated into an IP address This is the purpose of a Domain Name Server Enter the IP address of DNS proxy use DNS proxy command Move cur
42. 1 Annex Type There are two Annex types Annex AF and Annex BG If the router will connect to your ISP please check with them for the correct setting If your routers are configured for point to point application you must choose one of the two types according to which line rate you need 30 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 4 1 2 Link Type There are five Line Types for you to choose from 2 Wire 4 Wire Auto Fall Back StandBy and Multi link 2 wire Mode 2 wire router will provide data rate up to 5 696Mbps For 4 wire model it only can use the first one pair for the single pair DSL wire application 4 wire Mode 4 wire router will provide data rate up to 11 392Mbps In this mode each wire pairs of SHDSL bis router must be configured with the same line rate If one pair fails then the entire line must be restarted Auto Fall Back Mode Auto Fall Back Mode Two DSL pairs are working simultaneously When one pair of both is disconnected the other pair will keep working PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Standby Mode Only one of the two pairs is working the other pair is standby as backup If the working pair fails the standby pair will start up to continue Multi Link Mode For 4 wire model each pair will connect to a two different remote device which may or may not
43. 2 User s Manual 1 1 Product Features Internet Access Features Efficient IP routing and transparent learning bridge to support broadband Internet services NAT PAT feature lets user both conserve valuable IP address space and reduce IP address management meanwhile also protects certain attack from outer network or internal workstations Full ATM protocol stack implementation over SHDSL SHDSL bis PPPoA and PPPoE support user authentication with PAP CHAP MS CHAP DMZ host Multi DMZ Multi NAT enables multiple workstations on the LAN to access the Internet for the cost of IP address ae Advanced Internet Functions Easy configuration and management with password control for various application environments SNMP management with SNMPv1 SNMPv2 agent and MIB II Console and remote Telnet or HTTP administration allow user or service providers to locally or remotely diagnose network problems in details Symmetrical data rate from 192kbps to 5 7Mbps GRIT 101 GRT 401 Symmetrical data rate from 384kbps to 11 4Mbps GRIT 402 Virtual LANs VLANs offer significant benefit in terms of efficient use of bandwidth flexibility performance and security VPN pass through for safeguarded connections K PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual 1 2 Product Specifications Model GRT 101 GRT 401 GRT 402 WAN Interface 1x RJ 45 SHDSL ITU T G 991 2 Annex AF Annex BG Annex ABFG ITU T G 991 2 rev2 bis ITU T G
44. 5 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation Federal Communication Commission FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure set forth for an uncontrolled environment In order to avoid the possibility of exceeding the FCC radio frequency exposure limits human proximity to the antenna shall not be less than 20 cm 8 inches during normal operation PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual Safety This equipment is designed with the utmost care for the safety of those who install and use it However special attention must be paid to the dangers of electric shock and static electricity when working with electrical equipment All guidelines of this and of the computer manufacture must therefore be allowed at all times to ensure the safe use of the equipment CE Mark Warning This is a Class B product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures WEEE Regulation To avoid the potential effects on the environment and human health as a result of the presence of hazardous substances in electrical and electronic equipment end users of electrical and electronic equipment should understand the m
45. 68 5 5 255 255 255 0 192 168 0 254 Oc 192 168 6 6 255 255 255 0 492 168 0 254 O7 192 168 7 7 255 255 255 0 192 168 0254 O8 192 168 8 8 255 255 255 0 192 168 0 254 O9 192 168 9 9 255 255 255 0 192 168 0 254 O10 192 168 10 10 255 255 255 0 492 168 0 254 Cu 192 168 11 11 255 255 255 0 192 168 0 254 O12 192 168 12 12 255 255 255 0 492 168 0 254 013 192 168 13 13 255 255 255 0 192 168 0 254 O14 192 168 14 14 255 255 255 0 1492168 0 254 O15 192 168 15 15 255 255 255 0 192 168 0 254 O16 192 168 16 16 255 255 255 0 192 168 0 254 om 192 168 17 17 255 255 255 0 492 168 0 254 O18 192 168 18 18 255 255 255 0 192 168 0 254 1419 192 168 19 19 255 255 255 0 192168 0 254 20 192 168 20 20 255 255 255 0 192 168 0 254 Wm WG RN To modify the RIP Routing information protocol Parameters RIP Mode Auto RIP Summary Press Modify General RIP Parameter Auto RIP Summary Disable Enable m Table of Current Interface RIP Parameter Enable None OWAN1 Disable 2 None Enable None O WAN2 Disable None Disable None O WAN3 Disable None Disable None O WAN4 Disable None Disable None O WANS Disable None Disable None O WANG Disable None Disable None O WANT Disable None Disable None O WANS Disable None Disable None TS US RIP Mode This parameter determines how the router handle RIP Routing information protocol RIP allows it to exchange routing information
46. 9 01 Filter Filter Filter Filter Filter Filter Filter Filter Filter The screen will prompt the parameters that will be written in NVRAM Check the parameters before writing in NVRAM Press to restart the router working with new parameters or press to setup another parameter 4 4 VLAN Click to configure VLAN v ADVANCED SHDSL bis LAN WAN BRIDGE STP NAT VIRTUAL SERVER FIREWALL IP QoS D H D H D H ROUTE Py D o a DONS VLAN Virtual Local Area Network allows a physical network to be partitioned into multiple logical networks Devices on a logical network belong to one group A device can belong to more than one group With VLAN a device cannot directly talk to or hear from devices that are not in the same group With MTU Multi Tenant Unit applications VLAN is vital in providing isolation and security among the subscribers When properly configured VLAN prevents one subscriber from accessing the network resources of another on the same LAN VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain In traditional switched environments all broadcast packets go to each and every individual port With VLAN all broadcasts are confined to a specific broadcast domain 39 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual The IEEE 802 1Q defines the operation of VLAN bridges that
47. AN function move the cursor gt gt to mode and press enter The products support two types of VLAN 802 11q and Port Based Command setup vlan active lt Disable 8021Q Port gt Message Please input the following information Tigger VLAN function Tab select lt Disable gt 8021Q VLAN Mode VLAN Mode oDisable 802 1Q Tag VLAN oPort Based VLAN The IEEE 802 1Q defines the operation of VLAN bridges that permit the definition operation and administration of VLAN topologies within a bridged LAN infrastructure Port Based VLANs are VLANs where the packet forwarding decision is based on the associated ports If you don t use VLAN set to Disbale 429 e PLANET G SHDSL Bridge Router GRT 101 401 402 User s Manual 10 16 5 1 802 11Q VLAN To modify the VLAN rule move the cursor gt gt to modify and press enter Command setup vlan modify lt 1 8 gt lt 1 4094 gt lt string gt Message Please input the following information Rule entry index lt 1 8 gt 1 VLAN ID ENTER for default lt 1 gt 10 VLAN port status ENTER for default lt 111111111 gt 111111111 Link Tvbe oAccess bere Kee be aan ZE oo ZE yP ofrunk jofrunk loTrunk JoTrunk loTrunk loTrunk JoTrunk loTrunk loTrunk To assign PVID Port VID move the cursor gt gt to pvid and press enter The port index 1 represents LAN and ports index 2 to 9 represents WAN1 to WANB8 respectively VID value is the group at which you want to assign
48. AT VIRTUAL SERVER FIREWALL IP QoS DDNS The parameters in WAN Number 1 has been set up in Basic Setup If you want to set up additional PVCs you can configure in WAN 2 to WAN 8 Advanced Status Admin ADVANCED WAN WAN Interface Parameters u Table of Current WAN Interface Parameter l Feto sme L F F Address yond Subnet Mask ncr mee GAS Encan ssword Confirm Subnet Mask 555 965 255 0 asco lic ir e KSE Lee eee Dynamic vi m a kr em e pm be ro TTY Protea Disable Aw VP H Fie in th b Li q ii QoS POR 44499 Redial Time E oe em Tye VDmamt M Enter the parameters 34 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Protocol If WAN Protocol is PPPoA or PPPoE with dynamic IP leave the default WAN IP Address and Subnet Mask as default setting The system will ingore the IP Address and Subnet Mask information but leaving erasion or blanks in default setting will cause system error If the WAN Protocol is IPoA or EoA leave the ISP parameters as default setting The system will ingore the information but leavingerasion or blanks in default setting will cause system error VC mux VC based Multiplexing Each proto
49. CED Y STATUS SHDSL bis WAN ROUTE INTERFACE FIREWALL IP Qos SIP DDNS Home Basic Advanced Status Admin Utility STATUS LAN LAN Interface Status General status d 00 30 4F 11 22 33 P Address 9210 Subnet Mask 255 255 255 0 Sg DHCP client table Table is Empty This information shows the LAN interface status and DHCP client table 66 vi Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 5 3 WAN gt BASIC gt ADVANCED V STATUS e SHDSL bis e LAN ROUTE INTERFACE FIREWALL DDNS Home Basic Advanced Status Admin Utility STATUS WAN WAN Interface Information Ee on LC Pes Dow Gre a ae Es sf f fl Disable kee EISE ES SES Disable Ea Bisa SE SS SS DUSSIER EENS yf isa om Bl Disab T This information shows the status of all eight WAN interfaces 67 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Y 5 4 ROUTE gt BASIC gt ADVANCED V STATUS SHDSL bis LAN WAN INTERFACE FIREWALL IP QoS STP DDNS Routing tables contain a list of IP addresses Each IP address identifies a remote router or other network gateway that the local router is configured to recognize For each IP address the routing table additionally stores a network mask and other data that specify the destination IP a
50. G TOOL UPGRADE LOGOUT RESTART This section will describe the utility of the product including SYSTEM INFO Show the system information SYSLOG Capturing log information Load the factory default configuration restore configuration and backup CONFIG TOOL configuration UPGRADE Upgrade the firmware LOGOUT Logout the system RESTART Restart the router 7 1 System Info Click System Info for reviewing the information 84 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual gt BASIC gt ADVANCED gt STATUS gt ADMIN lt UTILITY SYSLOG CONFIG TOOL UPGRADE LOGOUT RESTART The browser will prompt the system information UTILITY SYSTEM INFO General Svstem Information Product Model GRT 402 MCSV 14A0 FFFF 524FFFFF Software Version 1440 0002 5241FE95 Chipset CX98102 11Z Firmware Version see Host Name SOHO Serial No BKLVD3AT0000 System Time 2002 01 01 00 41 06 GMT 8 00 System Up Time ODAY OHRAMIN O ce a It will display general system information including MCSV software version chipset firmware version Host Name System Time and System Up Time MCSV For internal identification purposes Software Version This is the router s firmware version Sometimes the technicians need it to troubleshoot problems Chipset This is the SHDSL bis chipset model name Firmware Version This is the chipset s firmware version
51. Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual You can set up the data rate by the multiple of 64Kbps where n is from 3 to 89 If the router is 4 wire model and doesn t use on 2 wire mode the line rate will double from 2 wire model s setting TCPAM 16 192 2304 kbps n 3 36 384 4608 kbps n 6 72 TCPAM 16 192 3840 kpbs n 3 60 384 7680 kbps n 6 120 TCPAM 32 768 5696 kpbs n 12 89 1536 11392 kbps n 24 178 Annex AF BG 10 16 2 4 Type There are four types of SHDSL bis Annex type Annex A Annex B Annex AF and Annex BG 10 16 2 5 Margin Generally you cannot need to change SNR margin which ranges from 10 to 21 SNR margin is an index of line connection You can see the actual SNR margin in STATUS SHDSL bis The larger SNR margin is the better the line connection quality is If you set SNR margin in the field as 3 the SHDSL bis connection will drop and reconnect when the SNR margin is lower than 3 On the other hand the device will reduce the line rate and reconnect for better line connection 10 16 2 6 TCPAM There are two TCPAM settings on SHDSL bis TCPAM 16 or TCPAM 32 In most cases you can set Auto It can use TCPAM 16 or TCPAM 32 for Annex A F or B G If using Annex A or B only TCPAM 16 can be used 10 16 2 7 Probe For adaptive mode you have to Enable The router will adapt the data rate according to the line status 10 16 2 8 TC Layer There are two TC
52. P address mapping gt gt modify Modify fixed NAT mapping interface Bind address pair to specific interface delete Delete fixed NAT mapping wee list Show fixed IP address mapping Command setup ip_share nat fixed modify lt 1 10 gt lt ip gt lt ip gt Message Please input the following information Fixed NAT mapping entry number lt 1 10 gt 1 Local address 192 168 0 250 Global address 122 22 22 2 After configuration fixed IP address entry you can bind the entry to specific interface via interface command Command setup mp share nat fixed interface lt 1 10 gt lt 1 8 gt Message Please input the following information Fixed NAT mapping entry number lt 1 10 gt 1 Active interface number Enter for default lt 1 8 gt 1 CHEN 9 10 BN G SHDSL Bridge Router GRT 101 401 402 User s Manual You can delete fixed NAT mapping entry from 1 to 10 by using delete command You can view the fixed NAT mapping entry via list command 10 16 8 2 PAT Port Address Translation PAT is a feature of a device that translates TCP or UDP communications made between hosts on a private network and hosts on a public network It allows a single public IP address to be used by many hosts on the private network which is usually called a Local Area Network or LAN A PAT device transparently modifies IP packets as they pass through it The modifications make all the packets which it sends to the public network from the mul
53. SL bis LAN WARN BRIDGE VLAN STP ROUTE NAT FIREWALL IP QoS DONS Basic ADVANCED VIRTUAL SERVER Virtual Server Mapping Farameters E Table of Current Virtual Server Entries Up to ten virtual servers index form 1 to 10 can been configured Press Modify to modify index 1 50 G SHDSL Bridge Router GRT 101 401 402 User s Manual Advanced Utility ADVANCED VIRTUAL SERVER Virtual Server Mapping Parameters Virtual Server I Intersce WANT E Prive Private Post b Public Pot b Schedule KX Always O From Day Sunday Mito Saturday __ M Time 0 0 wii 23 W 59 w Type the necessary parameters and then click OKI Press to restart the router or press to set up another function For example you can set up the router as Index 1 protocol TCP interface WAN1 service name test1 private IP 192 168 0 2 private port 80 public port 80 schedule from Monday to Friday and from 800 to 1600 hours and index 2 protocol UDP interface WAN1 service name test2 private IP 192 168 0 3 private port 25 public port 25 schedule always Advanced ADVANCED VIRTUAL SERVER Virtual Server Mapping Parameters a Table of Current Virtual Server Entries 1 test WAN 192 188 0 2 TCP 80 80 nasil Oo test WAN 192 188 0 3 UDP 25 25 Always D3 ae iia Disable nee O4 i Te os Dissble oo ke al So O o 51
54. SNMPv2 IP Address type the trap host IP address Community type the community password The community is set up in community pool Press OK to finish the setup The browser will prompt the configured parameters and check it before writing into NVRAM Press Restart to restart the gateway working with the new parameters and press to set up other parameters 6 3 SYSLOG Syslog is a standard method of centralizing various logs You can use a syslog server to store your servers logs in a remote location for later perusal or long term storage gt BASIC gt ADVANCED gt STATUS V ADMIN SECURITY SNMP TIME SYNC 80 PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual EEIE Utility ADMIN SYSLOG Syslog Configuration E Syslog Service Setup Syslog Server Service Disable Enable Facility LOCAL _USEO H Syslog Server Setup Server Port 514 E wm Wm To send logs to the LOG server you must configure the other servers from your network to send logs to that server Syslog Service setup 1 Check the item of Syslog Server Service to turn on syslog service 2 Select the syslog server facility The log facility allows you to send logs to different files in the syslog server Syslog Server Setup 3 Specify a server name to which all syslog messages will be sent 4 Specify a UDP port number to which the syslog server is listening The default valu
55. Start IP Address to End IP Address The legal IP address range is from 0 to 255 but 0 and 255 are reserved for broadcast so the legal IP address range is from 1 to 254 On the other hand you cannot assign an IP greater than 254 or less then 1 Alease time of 72 hours indicates that the DHCP server will reassign IP information in every 72 hours Your ISP will provide at least one Domain Name Service Server IP You can type DNS Server the router IP in this field The router will act as DNS server relay function You may assign fixed IP addresses to some devices while using DHCP provided that the fixed IP addresses are not within the range used by the DHCP server Press to setup WAN1 parameters J9 P LANET G SHDSL Bridge Router Networking amp Communication GRT 101 401 402 User s Manual Sr Home Basic Adwanced Status Admin Utility BASIC STEPS DHCP SERVER gv General DHCP Parameter Stat IP Address 192 1680 End IP Address 192 1680 DNS Server 1 DNS Severi ms zeee 3 O o Lasse Time hours E Table of Fixed DHCP Host Entries Hint The Ermat of the MAC Address is 12 54 56 78204 8E 3 3 5 DHCP Client Some of the ISPs provide DHCP server service by which the PC in LAN can access IP information automatically To set up the DHCP client mode follow the procedure LAN IP Type Click Next to setup WAN1 parameters Basic status BASIC STEP2 LAN IP Type Dyna
56. The field shows the discarded number of transmitted packets on this port 69 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Y 5 6 FIREWALL gt BASIC gt ADVANCED V STATUS SHDSL bis LAN WAN ROUTE INTERFACE IP QoS STP DDNS Basic Aivanced Status Admin Utility STATUS FIREWALL Current Firewall Status DoS Protection Status Attack Type This information shows firewall status DoS protection and dropped packets statistics 70 PLANET 5 Networking amp Communication G SH DSL Bridge Router GRT 101 401 402 User s Manual 5 7 IP QOS gt BASIC gt ADVANCED V STATUS e SHDSL bis e LAN e WAN e ROUTE e INTERFACE e FIREWALL kt kt STP DONS Status Utility STATUS IP QoS IP QoS Statistics a LAN Interface Precedence 0 1 2 3 4 5 InOctets 0 0 0 0 0 0 InPackets 0 0 0 0 0 0 OutOctets 0 0 0 0 0 0 OutPackets 0 0 0 0 0 0 OutDiscardOctets 0 0 0 0 0 0 OutDiscardPackets 0 0 0 0 0 0 This information shows IP QoS statistics Octet is a group of 8 bits often referred to as a byie Packet is a formatted block of data carried by a packet mode computer networks often referred to the IP packet InOctets The field shows the number of received bytes on this port InPactets The field shows the number of received packets on this port OutOctets The field shows the number of transmitted bytes on this p
57. US gt ADMIN VW UTILITY SYSTEM INFO SYSLOG CONFIG TOOL UPGRADE RESTART To logout system and close window click the LOGOUT in UTILITY UTILITY LOGOUT This page offers vou the opportunity to qut your SOHO Router When the YES button be clicked the SOHO Router is logout and your browser window will be closed When clicking the Yes button the Router will logout and browser window will close 90 G SHDSL Bridge Router GRT 101 401 402 User s Manual 7 6 Restart To restart the router click the RESTART in UTILITY gt BASIC gt ADVANCED gt STATUS gt ADMIN WV UTILITY SYSTEM INFO SYSLOG CONFIG TOOL UPGRADE LOGOUT UTILITY RESTART This page offers you the opportunity to restart your SOHO Router When the restart button be clicked the SOHO Router is restarting and your browser session will be disconnected This may appear as f your browser session is hungup After the server restarts you may either press your browser s reload button or close your browser and re open it several minutes later Restart Press to reboot the router When the restart button Is clicked the router will restart and the browser session will be disconnected This may appear as if your browser session is hung up After the router restarts you may either click the browser s reload button or close the browser and re open it later 91 PLANET Networking amp Communication GSHDSL Bridge R
58. a form of denial of service attack attempts to slow your network by requesting new connections but not completing the process to open the connection Once the buffer for these pending connections is full a server will not accept any more connections and will be unresponsive ICMP flood A sender transmits a volume of ICMP request packets to cause all CPU resources to be consumed serving the phony requests UDP Flood A UDP flood attack is a denial of service DoS attack using the User Datagram Protocol UDP A sender transmits a volume of requests for UDP diagnostic services which cause all CPU resources to be consumed serving the phony requests Ping of Death A ping of death abbreviated POD attack attempts to crash your system by sending a fragmented packet when reconstructed is larger than the maximum allowable size Land attack A land attack is an attempt to slow your network down by sending a packet with identical source and destination addresses originating from your network IP Spoofing IP Spoofing is a method of masking the identity of an intrusion by making it appeared that the traffic came from a different computer This is used by intruders to keep their anonymity and can be used in a Denial of Service attack Smurf attack The Smurf attack is a way of generating a lot of computer network traffic to a 55 e PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual victim host That is a type of deni
59. able The operation list will be shown on the window Move to Top Up Move to bottom Up UD Exit Down Enter Exit Down Enter Menu Driven Interface Commands Keystroke Description UP or Move to above field in the same level menu DOWN or K Move to below field in the same level menu U Move to top field in the same level menu O Move to bottom field in the same level menu LEFT or J Move back to previous menu RIGHT L or Move forward to submenu ENTER TAB To choose another parameter Ctrl C To quit the configuring item Ctrl D Disconnection Ctrl U Hot key switch to command line interface Ctrl Q Display help menu 10 6 Main menu before enable When following the menu all of the configuration commands are placed in the subdirectories of Enable protected by supervisor password On the other hand unauthorized user cannot change any configurations but viewing the status and configuration of the router and using ping command to make sure the router is working 104 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual gt gt enable Modify command privilege status Show running system status show View system configuration ping Packet internet groper command exit Quit system If you need setup and manage the router you must set enable command before 10 7 Enable To set up the router move the cursor gt gt to enable and press enter key While the scr
60. ackup Configuration After completing the configuration of the router please use this function to back up your router parameters in the PC Select the Backup Configuration and then press Finish Browse the location of backup file name or enter the name directly Then press OK The router will automatically back up the configuration If you don t enter a file name the system will use the default config1 log Advanced UTILITY CONFIG TOOL Backup Configuration Press OF button to backup the system confizurtion to the PC 88 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 7 4 Upgrade You can upgrade the gateway using the upgrade function Press in UTILITY gt BASIC gt ADVANCED gt STATUS gt ADMIN V UTILITY SYSTEM INFO SYSLOG CONFIG TOOL LOGOUT RESTART Advanced UTILITY FIRMWARE UPGRADE Firmware Upgrade Please select the firmware file that you want and press Ok button to upgrade the system then the system will restart automatically Browse Select the firmware file name by clicking on your PC or NB and then press button to upgrade The system will reboot automatically after finishing the firmware upgrade operation 89 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 7 5 Logout To logout the router press in UTILITY gt BASIC gt ADVANCED gt STAT
61. al of service attack A Smurf attack involves two systems The attacker sends a packet containing an ICMP echo request ping to the network address of one system This system is known as the amplifier The return address of the ping has been faked spoofed to appear to come from a machine on another network the victim The victim is then flooded with responses to the ping As many responses are generated for only one attack the attacker is able use many amplifiers on the same victim Fraggle attack A Fraggle attack is a type of denial of service attack where an attacker sends a large amount of UDP echo traffic to IP broadcast addresses all of it having a fake source address This is a simple rewrite of the smurf attack code For SYN attack ICMP flood and UDP flood they can set up the threshold of packets number per second The default values are 200 packets per second If everything is working properly you probably do not need to change the threshold setting as the default threshold values Reduce the threshold values if your network is slower than average Traditional firewall is stateless meaning they have no memory of the connections of data or packets that pass through them Such IP filtering firewalls simply examine header information in each packet and attempt to match it to a set of define rule If the firewall finds a match the prescribe action is taken If no match is found the packet is accepted into the network or droppe
62. and CO Side to set up Bridge mode of the Router and then click Next Home Basic Advanced Status Admin Utility BASIC STEP1 Operation Mode System Mode ROUTE BRIDGE SHDSL bis Mode CO Side Gei CPE Side Home Basic Advanced Status Admin Utility BASIC STEP2 LAN Default Gateway lk DNS Server Host Name WANI VCI Encap OvC mux LLC Enter LAN Parameters IP 192 168 0 2 Subnet Mask 255 255 255 0 Gateway 192 168 0 2 Host Name SOHO Enter WAN1 Parameters VPI 0 VCI 32 Check LLC Click The screen will prompt the new configured parameters Check the parameters and click Restart The router will reboot with the new setting 94 SE gt IP 192 168 20 1 ke e em me maa o ee Ce mm PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual Routing Mod STU C CO r STU R CPE Router Router IPoA or EoA VPI 0 VCI 32 Netmask 255 255 255 0 Netmask 255 255 255 0 D K UN Ai Ba IP 192 168 30 1 _ IP 192 168 30 2 Netmask 255 255 255 0 yall Netmask 255 255 255 0 y Gateway 192 168 30 2 Anaemia Dn Gateway 192 168 30 1 a IP 192 168 20 100 IP 192 168 10 200 Netmask 255 255 255 0 Netmask 255 255 255 0 Gateway 192 168 20 1 Gateway 192 168 10 1 9 1 CO Side Check ROUTE and CO Side to set up Routing mode of the Router and then click Next Home Basic Atvanced Statu
63. authorized person can configure the router This is the more secure function for network administrator to set up the legal address of configuration ADMIN SECURITY Supervisor Profile and Security Parameters E Supervizor ID and Pazeword Supervisor ID jroot pr i SOT I dastrora Password Confirm sese E Uzer Profile Im aod seer Gas a ER HCI ET fel We Comand WI if Command E General Parameterz Telnet Port e Remote Management Host Modif legal management IP address Note an empty pool deBults to a security level that would allow any management connections fom any host in LAN but deny all connections fom WAN side A 00O entry in the pool will allow all management connections fom any host including the Intemet D Ip Address i 0 0 0 0 dg This is the default supervisor ID and password is root It is highly recommended that you change this for security purpose o PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual Supervisor ID Type the new ID Supervisor Password Type the existing password roof is the default password when shipped Password Confirm Retype your new password for confirmation Telnet Port For Telnet you may change the default service port by typing the new port number If you change the default port number then you will have to let user who wish to use the service know the new port number The default val
64. ce HUB Switch s Pass Y j Power Through ee Wireless LAH Adpater Ethernet of Wall Jack Figure 2 7 Connection with Switch or HUB The GRT 401 and GRT 402 support auto MDI media dependence interface that auto detects MDI or MDI cross with link partner A standard straight wire UTP cable EIA568 can be deployed to connect to a PC or Ethernet devices like hubs switches The GRT 101 supports MDI interface only 2 4 Setting up the hardware environment Step 1 Connect the power adapter to the port labeled DC IN on the rear panel of the product Step 2 Connect the Ethernet cable If the GRT 101 is directly connected to PC the Ethernet crossover cable has to be used refer to figure 2 6 If the product is connected to a hub or switch be sure that the hub or switch supports auto MDI MDI X or not If yes both crossover and non crossover Ethernet cables are suitable If not only non crossover Ethernet cable could be used refer to figure 2 7 Since the GRT 401 and GRT 402 LAN ports support auto MDI MDI X both crossover and non crossover Ethernet cables are suitable Step 3 Connect the phone cable to the product Connect the other side of the phone cable to the wall jack Step 4 Connect the male end of the RS 232 cable to the product and female end to any free COM port in PC Step 5 Connect the power adapter by plugging power supply 14 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 Use
65. ch Thrsuheld 100 packen ger seccad Detect ICMP Fitti Bosb e ICMP Flood Tireathold 200 pachet psr second fi Detect UDP Flood Eais UDF Flood Taveshold 100 gocis ger recond Detect PING oT Death Attack Soss ps Detect Land Attack itt 2 Detect IP Spoofing Attack tate Detect Smurf Attack Eme Detect Fraggle attack Eels we Packet Filtering Parameters Review ev General Packet Press Parameter Trigger Packet Filtering Service Disate Drop Fragmented Packets Dizzo e Accecz Pabor index Enable Protocol Direction Aceton Sources Destination Cp Fiag ICMP Type Schedule Description Pool is Empi mil The screen will prompt the parameters which will be written in NVRAM Please check these parameters Press to restart the router or press Continue to set up another function User can determine the security level for special purpose environment and applications by configuring the DoS protection and defining an extra packet filter Please note that an improper filter policy may degrade the capability of the firewall and or even block the normal network traffic 4 9 3 Advanced Firewall Security Check Advanced Firewall Security and then press Finish Home Basic Advanced Status Admin Utility ADVANCED FIREWALL Firewall Security Level gv Firewall Security Level Security Level D Basic Firewall Security Hint This level only amables the NAT
66. col is assigned to a specific virtual circuit VC based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical LLC LLC based Multiplexing One VC carries multiptle protocols with protocol identifying information being contained in each packet header Desapite the extra bandwidth and processing overhead this method may be advantagrous if it is not practical to have a sepatate VC for each carried protocol VPI Virtual Path Identifier is for set up ATM Permanent Virtual Channels PVC The valid range for VPI is 0 to 255 VCI Virtual Channel Identifier is for set up ATM Permanent Virtual Channels PVC The valid range for VCI is 32 to 65535 0 to 31 is reserved for local management of ATM traffic QoS Quality of Service class The Traffic Management Specification V4 0 defines ATM service cataloges that describe both the traffic transmitted by users onto a network as well as the Quailty of Service that the network needs to provide for that traffic There are four classes to be selected UBR CBR rt VBR and nrt VBR Select CBR to specify fixed bandwidth for voice or data traffic Select UBR for applications that are not time sensitive such as e mail Select VBR for bursty traffic and bandwidth sharing with other applications UBR Unspecified Bit Rate is the simplest service provided by ATM networks There is no guarantee of anything It is a primary service used for t
67. d depending on the firewall configuration Packet filter Click to set up the packet filtering parameters If you want to configure the Packet Filtering Parameters choose Enable and press Utility FIREWALL PKT FILTER Facket Filtering Parameters u General Packet Filtering Parameter Trigger Packet Filtering Service G Disable Enable Drop Fremented Packets G Disable Enable E Access Policies Index Enable Protoceo Lotion Destination TCP Flag ICMP Type Schedule Description Pool is Empty 56 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual It can set up the packet filter rule parameters PKT FILTER RULE 1 Packet Filter Rule Parameters u Filter Rule Protocol ANY K Direction INBOUND O OUTBOUND Action CODENY PERMIT Description jpenmit for mail server Sac IP Ades 0 0 0 0 eg Any 0 0 0 0 Single 10 0 0 1 Dest IP Address 192 168 0 111 Range 192 168 0 1 192 188 0 76 Schedule Gi Always O From Day Sunday Wlin Saturday Time 0 D to 59 Select the Protocol and configure the parameter Protocol ANY TCP UDP ICMP GRE RSVP ESP and AH ANY means all protocols Transmission Control Protocol User Datagram Protocol Internet Control Message Protocol Generic Routing Encapsulation Resource Reservation Protocol Encapsulating Security Payload Authentication Header Direction INBOUND
68. ddress ranges that remote device will accept Advanced Status Utility STATUS ROUTE IP Routing Table Information Destination Netmask Gateway Interface Portname S 0 0 0 0 0 0 0 0 192 168 0 254 192 168 0 1 LAN C 192 168 0 0 255 255 255 0 directly 192 168 0 1 LAN C 127 0 0 1 255 255 255 255 directly 127 0 0 1 Loopback This information shows the IP routing table 68 PLANET 5 Networking amp Communication G SH DSL Bridge Router GRT 101 401 402 User s Manual 5 5 INTERFACE gt BASIC gt ADVANCED V STATUS SHDSL bis LAN WAN ROUTE FIREWALL IP QoS STP DDNS Home ERTL Advanced Status Admin Utility STATUS INTERFACE Interface Statistics Port InOctets InPackets OutOctets OutPackets InDiscards OutDiscards LAN 230075 1633 452436 1719 0 0 WANT 0 0 0 0 0 0 This table shows the interface statistics Octet is a group of 8 bits often referred to as a byie Packet is a formatted block of data carried by a packet mode computer networks often referred to the IP packet InOctets The field shows the number of received bytes on this port InPactets The field shows the number of received packets on this port OutOctets The field shows the number of transmitted bytes on this port OutPactets The field shows the number of transmitted packets on this port InDiscards The field shows the discarded number of received packets on this port OutDiscards
69. dge Router GRT 101 401 402 User s Manual A ObORpwWatt 52 Me MP OOS EE 59 SINNER CG 61 COTA Py 0G S EEN 64 Dele oT SLUG awananecerte race stsat tae vnnetioeusawaeaaacate a E E e E ENN 65 Me RE 66 SI VV dN EE 67 SE AT BR NEE 68 SSINTERFACE ee 69 OR V REN 70 STIP OO Sag errs EE 71 OM NEE E E E E EEN 73 De D DIAN E 75 CHAPTER 6 ADMINISTRATION cccecccccccccccccccccccccccccccccccccccccsccsccces 76 OA BCU RUD N tee 716 dE ee EE EE EEN 78 EE E GC E A E EE SO ak ER hs ee a A Ce ee 82 CHAPTER 7 ERR EIN EEN 4 PM VS VA EE 84 EE 86 Te ONO Oeics E 87 7 4 UPGRADE ccccceccsceccsceccsceccscececcscscsccescucesceceecscscecuseececescscescscesescestsceceseeceseeceses 89 Ee M e ee E e WEE 90 TORPE NH E VE 91 CHAPTER 8 LAN TO LAN CONNECTION IN BRIDGE MODE 92 SLC E E 92 EE HE nee are eee E EE 94 CHAPTER 9 LAN TO LAN CONNECTION IN ROUTING MODE 95 SP IE Oe E 95 d e Pe SUI EG 98 CHAPTER 10 CONFIGURATION VIA SERIAL CONSOLE OR TELNET WITH MENU DRIVEN INTERFACE sicssscsesesescssssesssssesseceessoocescaesnessossascasssssseseese 101 IOI SERAL ee 1 GE 101 e Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual EE ee 101 103 OPERATION EE 102 IOA WINDOW STRUCTURE eege 103 10 5 MENU DRIVEN INTERFACE COMMANDS sssccccsseeccceeeecceceesecceeuaeeceeuaeeeeeas 104 10 6 MAIN MENU BEFORE ENARBLE 104 Ee 105 WV RE 106 TOS E 111 IION EIT
70. dress Type the ISP1 parameters Username test Password test Password Confirm test Your ISP will provide the user name and password Idle Time 10 You want your Internet connection to remain on at all time enter O in the Idle Time field There are three IP types Dynamic Static and IP Unnumbered which you can set up The default IP type is Dynamic It means that ISP PPP server will provide IP information including dynamic IP address when SHDSL connection is established On the other hand you do not need to type the IP address of WAN1 Some of the ISPs will provide fixed IP address over PPP For fixed IP address IP Type IP Address 192 168 1 1 Click Next The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to set up another parameter 26 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 3 3 8 IPoA or EoA N LAN l WAN P 10 1 2 1 Router Netmask 255 255 255 0 BAS IP 192 168 0 1 QQ Gateway 10 1 2 2 Netmask 255 255 255 0 DNS 168 95 1 1 a E IP 10 1 2 2 Netmask 255 255 255 0 E I T I d Ee IP 192 168 0 2 51 VPI 0 VCI 33 Netmask 255 255 255 0 Encapsulation LLC Gateway 192 168 0 1 E l N oS a How to set up this mode Ty
71. e is 514 Make sure this is not blocked from your firewall Press to finish the setup The browser will prompt the configured parameters and check it before writing into NVRAM 81 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 6 4 Time Sync Time synchronization is an essential element for any business that relies on an IT system The reason for this is that these systems all have clocks that are the source of time for files or operations they handle Without time synchronization time on these systems varies with each other or with the correct time and this can cause firewall packet filtering schedule processes to fail security to be compromised virtual server works in wrong schedule Click TIME SYNC gt BASIC gt ADVANCED gt STATUS v ADMIN SECURITY e SNMP SYSLOG Time synchronization has two methods Sync with PC Synchronization with PC SNTP v4 0 Simple Network Time Protocol with Version 4 6 4 1 Synchronization with PC For synchronization with PC select Sync with PCI The router will synchronize the time with the connecting PC The function can be supported in both bridge and router modes ADMIN TIME SYNC Time Synchronization ae SYNC method Sync with PC u Time evnchronization with client 82 6 4 2 SNTP v4 0 For using the SNTP select ISNTP v4 0 G SHDSL Bridge Router GRT 101 401 402 User s Ma
72. e network a new IP address must be entered DHCP lets a network administrator to supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network If the DHCP server is enabling you have to set up the following parameters for processing it as DHCP server The embedded DHCP server assigns network configuration information at most 253 users accessing the Internet at the same time 21 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual BASIC STEP2 LAN IP Type Fixed C Dynamic DHCP Client We te IP Address 192 168 O el J KN Le d Ge P a E Fees EE EE Subnet Mask 255 LH 255 L lo r Host Name SOHO Trigger DHCP Service O Disable Server O Relay IP type Fixed IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Host Name SOHO some of the ISPs require the host name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored Trigger DHCP Service The default setup is Enable DHCP server If you want to turn off the DHCP service choose Disable For example if the LAN IP address is 192 168 0 1 the IP range of LAN is 192 168 0 2 to 192 168 0 51 The DHCP server assigns the IP form
73. e operation It di Press y 10 11 Reboot To reboot the router please use reboot command Move cursor to gt gt to reboot and press enter Command reboot lt CR gt Message Please input the following information Do you want to reboot y n y It di Press y to confirm the reboot operation 10 12 Ping Ping command will be used to test the Ethernet connection of router or Internet linking condition Move cursor gt gt to ping and press enter Command ping lt ip gt 1 65534 t 1 1999 Message Please input the following information IP address lt IP gt 10 0 0 1 Number of ping request packets to send TAB select t Data size 1 1999 32 There are 3 parameters for ping command lt ip gt 1 65534 t 1 1999 IP address The IP address which you want to ping Number of ping request packed to send key TAB for further selection e Default It will send 4 packets only e 1 65534 Set the number of ping request packets from 1 to 65534 e t It will continuous until you key Ctrl C to stop Data Size From 1 to 1999 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 10 13 Administration You can modify the user profile security SNMP Sample Network Management Protocol supervisor information and SNTP Simple Network Time Protocol in admin For configuration the parameters move the cursor gt gt to admin
74. eaning of the crossed out wheeled bin symbol Do not dispose of WEEE as unsorted municipal waste they should be collected separately Revision User s Manual for PLANET G SHDSL Bridge Router Model GRT 101 GRT 401 GRT 402 Rev 5 0 July 2013 Part No EM GRTV5 Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Table of Contents CHAPTER 1 OVERVIEW EE 7 EN E eer BY G4 RER S aaa rE E NEOS 8 1 2 PRODUCT SPECIFICATIONS ege 9 L3 APPLICATIONS satsene oin EEE N EREE Ee 10 CHAPTER 2 ec BINS KEN E EECH KL A D 11 2 1 FRONT PANEEL LE DO E 11 E EE 12 2 3 REAR PANEL CONNECTIONS siccaswssaevnterscwancusicsnscaincvasusedecwtsesadwandesdcucsescasedecndss 13 2 4 SETTING UP THE HARDWARE ENVIRONMENT c ssseccccessecceceeeeceecasececeaaeeceeeaees 14 CHAPTER 3 CONFIGURATION wesesvicsscsessececescsasasccczeceaesviccecssssetsseassasescesnesdaavsasees 15 gM PIRI ee 15 3 2 LOGON PROCEDURE 6 casasanatesadsadsnisandacsadaasansaonnnassadiaionsoosdacssadaasawsaascnassadsnioxevesdness 15 3 2 1 E RT 15 SG 17 GE WC DIOWS EE IS 3 3 WEB OPERATION AND QUICK INSTALLATION GUIDE ccccceecccsecceeecseeesseeeees 19 Date OTTO EE 19 Deel WOE Eeer 19 Ee TEE 21 oon ET 21 ra fro eee oC EN as EE 23 E A eal ad EE 24 EE EE 27 CHAPTER 4ADVANCED SETUP EE 30 MST S E Cu 20 Ee 34 A Ni NER EN Ga ee 37 EA EE 39 Ge CR RE 42 AIO TS 1 NEE 43 WINA KE EE 47 AV EE A E 50 Networking amp Communication GSHDSL Bri
75. eb browser Check and select CO or CPE in SHDSL mode to set up bridging mode of the Router and then click for the next setting Advanced Status Utility BASIC STEP1 Operation Mode eer System ve D ROUTE BRIDGE Se WAN need to be reset The pfptocol of each WAN only can be set to Ethernet over ATM SHDSL bis Mody CO Side O CPE Sidae eee ff See Rn za Bed d Enter WAN1 VPI 0 and VCI 33 Select WAN1 AAL5 Encap LLC Enter LAN IP 192 168 0 1 Enter LAN Sub net Mask 255 255 255 0 Enter Gateway 192 168 0 254 The Gateway is directly pointed to the BAS IP Click 19 eg PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual You have to do that otherwise the new configuration parameters will not affect GRT series Home Basic Advanced Status Admin Utility BASIC STEP2 Seeeeedreeeegeg f DNS Server 1 168 95 1 1 DNS Server 2 168 956 1921 DNS Server 3 Host Name i D Emap O VC mux op LLG Click Restart and GRT series will reboot with the new setting Home Basie Advanced Status Admin Utility BASIC REVIEW REVIEW To let the configuration that you have changed take effect immediately please click Restart button to reboot the system To continue the setup procedure please click Continue button ew System Operation Mode System Mode Bridge Mode SHDSL Mode co Side a LAN Interface IF Type Fixed IP Address
76. ed network Spanning Tree Protocol forces certain redundant data paths into a standby blocked state If one network segment in the Spanning Tree Protocol becomes unreachable or if Soanning Tree Protocol costs change the spanning tree algorithm reconfigures the spanning tree topology and reestablishes the link by activating the standby path Spanning Tree Protocol operation is transparent to end stations which are unaware whether they are connected to a single LAN segment or a switched LAN of multiple segments RSTP Rapid Spanning Tree Protocol defined in the IEEE 802 1w can be seen as an enhancement of the 802 1D standard Most parameters have been left unchanged so users familiar with 802 1D can quickly configure the new protocol In most cases RSTP performs better than STP 4 6 Route If the Router is connected to more than one network it may be necessary to set up a static route between them A static route is a pre determined pathway that network information must travel to reach a specific host or network PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual With Dynamic Routing you can enable the Router to automatically adjust to physical changes in the network s layout The Router using the RIP protocol determines the network packets route based on the fewest number of hops between the source and the destination The RIP protocol regularly broadcasts routing information to ot
77. een appears type the supervisor password The default supervisor password is root The password will be prompted as symbol for system security Command enable lt CR gt Message Please input the following information Supervisor password In this sub menu you can set up management features and upgrade software backup the system configuration and restore the system configuration via utility tools For any changes of configuration you have to write the new configuration to EPROM and reboot the router to work with new setting The screen will prompt as follows gt gt enable Modify command privilege setup Configure system status Show running system status show View system configuration write Update flash configuration reboot Reset and boot system ping Packet internet groper command admin Setup management features utility TFTP upgrade utility exit Quit system leet eee eee eee The description of the commands is e Modify command privilege When you login via serial console or Telnet enable the router defaults to a program execution read only privileges to you 405 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual To change the configuration and write changes to nonvolatile RAM NVRAM you must work in enable mode To configure the router you have to use the setup command View the status of router Show the system and configuration of
78. er packet filtering function drop_flag Drop fragment packets add Add packet filtering rule delete Delete packet filtering rule modify Modify packet filtering rule exchange Exchange the filtering rule See list Show packet filtering table 140 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual To enable the packet filtering function you can use active command To enable the drop fragmented packets you can use drop_ frag command Function enable Packet filtering function Disable Enable Drop fragmented packet __ Disable Enable Add the packet filtering rule via add command You can set up maximum 32 numbers packet filtering rules Anytime you can modify and exchange their rules by using modify and exchange command gt gt protocol Configure protocol type direction Configure direction mode SrC Ip Configure source IP parameter dest_ip Configure destination IP parameter port Configure port parameter TCP and UDP only tcp_flag Configure TCP flag TCP only icmp_type Configure ICMP flag ICMP only description Packet filtering rule description enable Enable the packet filtering rule begin The schedule of beginning time end The schedule of ending time a action _ s Configure action mode Packet filtering IANY JTCP JUDP ICMP JGRE _JRSVP JESP JAH Swer Source Pon TCP UDP only Destination Pot TCPIUDP only TCP only ee
79. ets Trunk means that the port can receive or send tagged packets By default the router initially configures one VLAN VID 1 A port such as LAN1 to LAN4 and WAN1 to WANS can have only one PVID but can have as many VIDs as the router can store in the VLAN table Ports in the same VLAN group share the same frame broadcast domain thus increasing network performance through reduced boardcast traffic VLAN groups can be modified at any 40 ed PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual time by adding moving or changing ports without any re cabling 4 4 2 Port based VLAN Port based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port For setting Port based VLAN Check Port based VLAN The screen will prompt as follows ADVANCED VLAN Virtual LAN Parameters General Parameter Mode Disable 2802 10 Tag Based VLAN Port Based VLAN gv Port Based VLAN Table No LAN LAN2 LAN3 LAN4 WAN1 WAN2 WAN3 WANA WANS WANG WANT WANS RI EIER RIEI RIRIR RIRIR zjOo oOfj ol ol ol ol ol ojol olo a eiOl o oj oj ol o j oljojo j o l ajo f4 o ojol ol ol ol ol ojoljoloa a slo ojol ol oj ol o j ojol olo a le o ofolol oj olo l ojo j ola a mTlo ojol ol ol olol oljol olola flojojol ol oj oljojojoljolo ao KIK ES j N j N j E j N y S j N j N y N j Port based VLANs are VLANs where the packet forwarding decision is based on the destination
80. frawall and the remote mangement security The NAT resll will take ect if AT disnction is enabled C Avtomstic Firewall Security Hint This level enables basic Areal secoripy all DoS protection and the SPI filter fenction DEI Advenced Firewall Security Hint A weer can determine the security level for special purpose environment end applications by coniezuring the DoS protection end defining sp anime packat filter with higher priority than the deBult SPI alter Note that sp improper filter policy may desada the cepability of the firewall andor even block the normal network taic A user can determine the security level for special purpose environment and applications by configuring the DoS protection and defining an extra packet filter Please notice that an improper filter policy may degrade the capability of the firewall and even block the normal 54 ly PLANET 3 Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual network traffic It can set up the DoS protection parameters FIREWALL DoS PROTECTION DoS Protection Parameters H Detect SYN Attack STN Attack Threshold packet par second Detect ICMP Flood ICMP Flood Threshold 200 packets per second Detect UDE Flood UDP Flood Threshold 200 packets par second v Detect PING of Desth Attack F Detect IP Land Attack H Detect IP Sponine Attack Detect Ze Attack e Detect Fraggle Attack SYN flood A SYN flood is
81. g amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Advanced otatus Utility BASIC STEP4 WANI AALS Encap O VC mu LLC Protocol PPPoA NAT PPPoE NAT IP Address 192 168 30 1 Subnet mask 255 255 255 0 Gateway 192 169 30 2 Click Basic Advanced Status Admin Utility BASIC STEP5 WANI IF Address Subnet Mask Gateway DNS Server 1 DNS Server 2 DNS Server 3 The screen will prompt the parameters that will be written in NVRAM Check the parameters before writing in NVRAM Press to restart the router working with new parameters or press continue to set up another parameter 97 w i PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual 9 2 CPE side Check ROUTE and CPE Side and then press Next Home El Aivanced Status Admin Utility BASIC STEP1 Operation Mode System Mode ROUTE BRIDGE SHDSL bis Mode CO Side CPE Side Type LAN parameters IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Host Name SOHO DHCP Service or Home Basic Advanced Status Admin Utility BASIC STEP2 LAN IP Type Fixed Dynamic DHCP Client Subnet Mask 255 256 ass Llo Trigger DHCP Service O Disable Server O Relay The range of DHCP is from 192 168 20 2 to 192 168 20 51 User also can set and fix IP in the table below 98 PLANET lt Networking amp Communication GSHDSL Bridge Route
82. ged take effect immediately please click Restart button to reboot the system To continue the setup procedure please click Contine button General IP QoS Parameter IP QoS Service Enable a IP QoS Policies Index Enable Protocol Local Remote Precedence Description 1 ON ANY 192 168 1 10 0 65535 192 166 0 15 80 0 test 2 ON ANY 192 166 0 15 60 0 0 0 0 1024 5640 5 test2 To immediately take effect the IP QoS configuration you have changed please click button to reboot the system To continue the setup procedure please click button 4 11 DDNS YV ADVANCED SHDSL bis LAN WAN BRIDGE VLAN STP ROUTE NAT VIRTUAL SERVER FIREWALL IP QoS Stands for Dynamic Domain Name Server The device supports DDNS that it s free for PLANET s customers Check to enable this function 61 PLANET G SHDSL Bridge Router M Networking amp Communication GRT 101 401 402 User s Manual Home DEG Advanced Status Admin Utility ADVANCED DDNS DDNS Parameter DDNS Mode Disable Enable Provider www_planetddns com Host Name Username Password Step 1 Enable DDNS option through accessing web page of GRT series Step 2 Select on DDNS server provide and register an account if you have not used yet Let s take dyndns org as an example Register an account in http planetddns com BD PLANET GL PLANET Support Sign in Forgotten Password
83. her routers on the network v ADVANCED SHDSL bis LAN WAN BRIDGE VLAN STP MAT VIRTUAL SERVER FIREWALL IP QoS DONS Click to modify the routing information Home PEELE Advanced status Admin Utility ADVANCED ROUTE Static Route and RIP Parameters gv Table of Current Static Route Entries index Network Address Subnet Mask Gatewa y a a General RIP Parameter RIP Mode pissble Enable Auto RIP Summary Disable Enable u Table of Current Interface RIP Parameter Interface gee Version Gegen Seen E OEE ei ian Disepie 2 None Enbe None te WAN i H Diss ite 2 j None Enatite H Mone Le wan H Disable i None Disable None WANS Disable i None Dissble Mone wan 7 Disa ble Mone Dia bic Hane E WANS Diseole Ji Mone Disable i None There are maximun 20 entries to set up the static router Press to add each entry For example there are 20 entries as follows 44 PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual Static Route and RIP Parameters Table of Current Static Route Entries jubnet Mask Gateway 255 255 255 0 192 168 0 254 192 168 2 2 255 255 255 0 192 168 0 254 192 168 3 3 255 255 255 0 192 168 0 254 O4 19246844 255 255 255 0 4192168 0 254 Op 192 1
84. his router which conserves network and address space 10 16 3 8 List You can review the WAN interface configuration via list command 10 16 4 Bridge You can set up the bridge parameters in bridge command If the product is configured as a router you do not want to set up the bridge parameters Move the cursor gt gt to bridge and press enter gt gt gateway Default gateway static Static bridging table 10 16 4 1 Gateway You can set up default gateway IP via gateway command 10 16 4 2 Static Bridging Table You can set up 20 sets of static bridge in static command After entering static menu the screen will prompt as below em wm mm em e wm vm vm wm vm vm vm vm vm vm wm vm vm vm vm vm vm vm vm vm wm vm e vm em em wm vm em vm vm em em wm wm em vm wm em vm wm em e vm wm em vm wm em em wm wm em www vm ewww ewww www ewww eww www www ww ww ww ew ww ew ww ew ww ww ww ww ww e wm wm Aen gt gt Deby PCs Deny PCs to access Internet add Add static MAC entry delete Delete static MAC entry modify Modify static MAC entry list Show static bridging table You can deny PCs to access Internet for security purpose use deny_PCs command After enter add menu the screen will prompt as follows gt gt mac Configure MAC address lan_port Configure LAN interface bridging type wan1_port Configure WAN1 interface bridging type wanz2_ port Configure WAN2 interface bridging type wan3_ port Configure WANS interface bridging type wan4_port Conf
85. his screen 10 8 2 Wan Move cursor gt gt to wan and press enter Monitoring Window WAN IP address NetMask VPI VCI Encap Protocol Active WAN1 192 168 1 255 255 255 0 32 LLC IPoA No WAN2 192 168 1 255 255 255 0 34 LLC Ethernet No WAN3 192 168 1 255 255 255 0 34 LLC Ethernet No WAN4 192 168 1 255 255 255 0 35 LLC IPoA No O 36 LLC PPPoA No UI 37 LLC Ethernet No UI 38 LLC Ethernet No UI 39 LLC Ethernet No WANG 192 168 1 255 255 255 WAN 192 168 1 255 255 255 1 2 3 4 WAN5 192 168 5 1 255 255 255 6 T WANS 192 168 8 1 255 255 255 Show WAN status include IP address Net Mask VPI VCI encapsulation type protocol on each WAN ports 10 8 3 Route Move cursor gt gt to Route and press enter Monitoring Window 108 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Flag Destination Netmask Gateway Interface Portname C 192 168 0 0 255 255 255 0 directly 192 168 0 1 LAN C 127 0 0 1 255 255 255 255 directly 127 0 0 1 Loopback You can view the routing table on here 10 8 4 Interface Move cursor gt gt to Interface and press enter Monitoring Window lt Interface Statistics gt Port InOctets InPackets OutOctets OutPackets InDiscards OutDiscards LAN 0 0 912 8 0 0 WAN 0 0 0 0 0 0 WAN 0 0 0 0 0 0 WAN 0 0 0 0 0 0 WAN4 0 0 0 0 0 0 WANS 0 0 0 0 0 0 WANG 0 0 0 0 0 0 WAN7 0 0 0 0 0 0 WANS 0 0 0 0 0
86. horized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Tom shih Position Title Product Manager Taiwan Uh Mar 2004 Sr SE ZS Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528
87. igure WAN4 interface bridging type wan5_port Configure WAND interface bridging type wan6_port Configure WANG interface bridging type wan _port Configure WAN interface bridging type wan port Configure WAN8 interface bridging type Deny PCs to access interface Deny PCs to access Interface Disable Enable Static MAC Address 428 o PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual MAC entry number 1 20 macadres LAN Filter Forward Dynamic 10 16 5 VLAN Virtual LAN VLAN is defined as a group of devices on one or more LANs that are configured so that they can communicate as if they were attached to the same wire when in fact they are located on a number of different LAN segments Because VLAN is based on logical instead of physical connections it is extremely flexible You can setup the Virtual LAN VLAN parameters in vlan command The router support the implementation of VLAN to PVC only for bridge mode operation i e the VLAN spreads over both the COE and CPE sides where there is no layer 3 routing involved The unit supports up to 8 active VLANs with shared VLAN learning SVL bridge out of 4096 possible VLANs specified in IEEE 802 1Q Move the cursor gt gt to vlan and press enter gt gt mode Trigger virtual LAN function modify Modify virtual LAN rule pvid Modify port default ID link_mode Modify port link type list Show VLAN configuration To activate the VL
88. isable None Disable None WANG Disable None Disable None WAN Disable None Disable None WANS Disable None Disable None WH mm ce Authentication required None for RIP there is no need of authentication code Password the RIP is protected by password authentication code MD5 The RIP will be decoded by MD5 then protected by password authentication code 46 PLANET r Networking amp Communication Table of Current Interface RIP Parameter G SHDSL Bridge Router GRT 101 401 402 User s Manual vn d wm cect e m LAN Disable 2 None zs Enable WANT Disable 2 IEN Enable None WAN Disable Disable None WANS Disable Disable None WANA Disable Disable None WANS Disable Disable None WANG Disable Disable None WAN Disable Disable None WANS Disable S Disable None WH cm Wm Poison Reserve Poison Reserve is for the purpose of promptly broadcast or multicast the RIP while the route is changed e g shutting down one of the routers in routing table Enable the gateway will actively broadcast or multicast the information Disable the gateway will not broadcast or multicast the information Table of Current Interface RIP Parameter Inte face RIP Kos ii Authentication Poison Authentication Mode Required Reverse Code LAN Disable 2
89. ity There are 5 entries of SNMP community that can be configured in this system Move the cursor to community and press enter Command admin snmp community lt l1 5 gt lt more gt Message Please input the following information Community entry number lt 1 5 gt 2 gt gt edit Edit community entry LIST Show community configuration Move the cursor to edit and press enter You can setup the following Validate Set Enable or Disable Community Key in the string Access right Set Read only Read Write or Denied Move the cursor to list and press enter you can view full listing on SNMP Community Pool 5 entries of SNMP trap are allowed to be configured in this system SNMP Community SNMPenty I s SSS CO 1 Access Right Read only Read Write Denied 10 13 4 1 Trap Host Move the cursor to trap and press enter Command admin snmp trap lt 1 5 gt lt more gt Message Please input the following information Trap host entry number lt 1 5 gt 2 gt gt edit Edit trap host parameter list Show trap configuration Move the cursor to edit and press enter you can setup the following Version Disable 1 or 2 Trap host IP address Key in the IP address Community Key in the string SNMP Trap Host Trap Hostenty I 8 Version si aDisable aVer 1 over P Address SS 417 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Ma
90. lala sjol o j wl oloala Toilfo ljo fjoja 4j of oj olf ul olala pipio slJofojofjolfoljaoljaslj al al alala elJofojofjolfolj oaolj aolj al a l alala 7jJol ojofj olfjoljaolfjaolj al al alala Blo o oj olj olj olj olj o lj olololo 4 5 STP v ADVANCED SHDSL bis LAN WAN BRIDGE VLAN NAT VIRTUAL SERVER FIREWALL IP QoS DONS D D D D D D ROUTE D D D D D This Web page allows you to configure Bridge STP Parameters as Disable STP or RSTP A3 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Utility ADVANCED STP Bridge STP Parameters R General Parameter Mode Disable STP CORSTP Bridge Priority 5 32708 w Wen oe ee STP Spanning Tree Protocol defined in the IEEE 802 1D is a link management protocol that provides path redundancy while preventing undesirable loops in the network For an Ethernet network to function properly only one active path can exist between two stations Multiple active paths between stations cause loops in the network If a loop exists in the network topology the potential exists for duplication of messages When loops occur some switches see stations appear on both sides of the switch This condition confuses the forwarding algorithm and allows duplicate frames to be forwarded To provide path redundancy Spanning Tree Protocol defines a tree that spans all switches in an extend
91. layer settings on this router EFM layer and ATM layer According to the network connected ATM based access networks or Ethernet based access networks 10 16 2 9 Clear Clear command can clear CRC error count 10 16 3 WAN The router supports 8 PVC private virtual circuit and so you can set up eight WAN such as WAN1 to WANS Move the cursor gt gt to wan and press enter 425 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual For example to set up WANT type 1 on interface number K4 Command setup wan lt 1 8 gt Message Please input the following information Interface number lt 1 8 gt 1 gt gt protocol Link type protocol address IP address and subnet mask vpi _vci Configure VPI VCI value encap Configure encapsulation type qos Configure VC QoS Isp Configure account name password and idle time ip_type Configure IP type in PPPoA and PPPoE list WAN interface configuration WAN parameter WAN interface number 1 8 Disable Ethernet PPPoA IPoA PPPoE ISP IP Type PPPoA or PPPoE _ Dynamic Fixed Unnumbered 10 16 3 1 Protocols There are four types of protocols IPoA EoA PPPoA and PPPoE which you can set up 10 16 3 2 IP Address For dynamic IP of PPPoA and PPPoE you do not need to set up IP address and subnet mask 10 16 3 3 VPI VCI There are unique VPI value and VCI value for Internet connection supported by ISP The range of VIP i
92. le E DAME Host DMZ Host Function Disable Enable Missa IP Address Active Inteacs want Ww gv Au DALZ 1D Virtual IP Address Global IP Address Interface 4 wani ww d WAN wel d WANA Lu h3 al CITT wan ls TTL want sl e T E WANT wl TTT CT beer If you want to enable the NAT DMZ functions check Enablel The IP address assigned to the WAN will enable DMZ function for the virtual IP address 4 7 1 Multi DMZ Some users have two or more global IP addresses assigned by ISP which can use multi DMZ The table is for mapping of global IP address and virtual IP address 4 7 2 Multi NAT Some of the virtual IP addresses eg 192 168 0 10 192 168 0 50 collectively use two of the global IP addresses eg 69 210 1 9 and 69 210 1 10 The Multi NAT table will be set up as Virtual Start IP Address 192 168 0 10 Count 40 Global Start IP Address 69 210 1 9 Count 2 Press Finish to continue to review The screen will prompt the parameters that will be written in NVRAM Check the parameters before writing in NVRAM Press to restart the router working with new parameters or to configure another parameter PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual K4 4 8 Virtual Server This section guides you to configure Virtual Servers Click to configure the parameters ADVANCED SHD
93. le interface which is better for working with script file The menu driven interface is a user friendly interface to general operations The command syntax for CLI is the same as that of the menu driven interface The only difference is that the menu driven interface shows you all of available commands for you to select You don t need to remember the command syntax and save your time on typing the whole command line The following figure gives you an example of the menu driven interface In the menu you scroll up down by pressing key I K select one command by key L and go back to a higher level of menu by key J For example to show the system information just logon to the Router move down the cursor by pressing key K twice and select show command by key L you will see a submenu and select system command in this submenu then the system will show you the general information PLANET GRT 402 Software Version Chipset Firmware Version Hostname SC No lt I K gt Move up down lt L J gt Select Unselect lt U 0 gt Move top bottom lt Q gt Help 402 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual D 10 4 Window Structure PLANET GRT 402 gt gt enable Modify command privilege status Show running system status show View system configuration ping Packet internet groper command exit Quit system Command enable lt CR gt Message lt I K gt
94. me_zone lt 12 12 gt Message Please input the following information GMT time zone offset hours Enter for default 8 Time synchronization Method oSync with PC oSNTP V4 0 SNTP V4 0 Service gEnable caDisable EH meser mme ener SSCS Updaters TimeZone 1 Move the cursor to list for review the SNTP setting Status Window Time Synchronization Parameters Method SNTP v4 0 Service Enable Time Server 1 ntp 2 vt edu Time Server 2 ntp drydog com Time Server 3 ntp1 cs wisc edu Update Period 3600 secs GMT Time Zone Offset 8 hours 10 14 Utility There are three utility tools upgrade backup and restore embedded in the firmware You can update the new firmware via TF TP upgrade tools and backup the configuration via TFTP backup tool and restore the configuration via TFTP restore tool For upgrade TF TP server with the new firmware will be supported by supplier but for backup and restore you must have your own TFTP server to backup and restore the file Move the cursor gt gt to utility and press enter gt gt upgrade Upgrade main software backup Backup system configuration Restore Restore system configuration PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 10 14 1 Upgrade Move the cursor gt gt to upgrade and press enter Command utility upgrade lt ip gt lt file gt Message Please input the following inf
95. mig DHCP Client ee EE Subnet Mask o Ges fess b Trigger DHCP Service SSC Dissble Server Relay DE 3 3 6 DHCP Relay If you have a DHCP server in LAN and you want to use it for DHCP services the product provides DHCP relay function to meet your need 23 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Y BASIC STEP2 LAN IP Type Fixed DynamicDHCP Client IP Address Subnet Mask Host Name Trigger DHCP Service O Disable Server Relay IP Type Fixed IP Address 192 168 0 1 Subnet Mask 255 255 255 0 Host Name SOHO some of the ISPs require the host name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored Trigger DHCP Service Press to setup DHCP server parameter Enter DHCP Server IP address in IP address field Press BASIC STEPS DHCP RELAY g Remote DHCP Server Parameter IP address 192 168 0 124 3 3 PPPoE and PPPoA PPPoE point to point protocol over Ethernet and PPPoA point to point protocol over ATM are authentication and connection protocols used by many service providers for broadband Internet access These are specifications for connecting multiple computer users on an Ethernet local area network to a remote site through common customer premises equipment which is the telephone company s
96. munication in the Internet world DMZ Demilitarized zone is a computer host or small network inserted as a neutral zone between a company private network and the outside public network It prevents outside users from getting direct access to a server that has company private data In a typical DMZ configuration for an enterprise a separate computer or host receives requests from users within the private network to access via Web sites or other companies accessible on the public network The DMZ host then initiates sessions for these requests to the public network However the DMZ host is not able to initiate a session back into the private network It can only forward packets that have already been requested Users of the public network outside the company can access only the DMZ host The DMZ may typically also have the company s Web pages so these could serve the outside world However the DMZ provides access to no other company data In the event that an outside user penetrated the DMZ host s security the Web pages might be corrupted but no other company information would be exposed Press NAT to set up the parameters v ADVANCED SHDSL bis VIRTUAL SERVER FIREWALL IP QoS DONS PLANET a Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual ADVANCED NAT DMZ Network Address Translation and DMZ Hosts Parameters E WAT DAI function WAT DMZ Function Disable W Ensb
97. nation IP Netmask Gateway Interface and Portname LAN and WAN statistics information Current DoS protection status and dropped packets statistics Show IP QoS statistics on LAN interface STP information include Bridge parameter and Ports Parameter Show status of PLANET DDNS 64 PLANET G SHDSL Bridge Router Networking amp Communication GRT 101 401 402 User s Manual Y 5 1 SHDSL bis gt BASIC gt ADVANCED Y STATUS a e LAN e WAN e ROUTE e INTERFACE e FIREWALL e IP Qos e STP e DDNS Advanced Status Utility STATUS SHDSL bis Status Information RKun lime Device Status Item Channel A Channel B Mode CPE Side CPE Side Tx Power 0 0 dBm 0 0 dBm Line Rate n 64 8 0 Kbps kb s Performance Information Local Side Remote Side Channel A Channel B ltem SNR Margin 0 0 dB 0 0 dB 0 0 dB 0 0 dB Attenuation 0 0 dB 0 0 dB 0 0 dB 0 0 dB 0 0 0 CRE Error Count 0 Clear CRC Error The status information shows this is a 4 wire model which has both channel A and B If the router is connected to a remote side it can also show the performance information of remote side If the router is 2 wire model you will not see any information on channel B Click Clear CRC Error to clear the CRC error count 65 e PLANET G SHDSL Bridge Router GRT 101 401 402 User s Manual 5 2 LAN gt BASIC gt ADVAN
98. nerated for only one attack the attacker is able use many amplifiers on the same victim Fraggle attack A Fraggle attack is a type of denial of service attack where an attacker sends a large amount of UDP echo traffic to IP broadcast addresses all of it having a fake source address This is a simple rewrite of the smurf attack code DoS Protection SYN flood Dase CErabie Packet persec 0 700 eren Le Enable Pacetspersee 0 700 Di _ i E _ IP_ spoofing Disable Enable Fraggle Disable Enable 10 16 10 IP QoS The Internet has worked so far with a best effort traffic model every packet is treated forwarded or discarded equally This is very simple and efficient model and several arguments have been stated against any need for a more complicated system To configure IP QoS move the cursor gt gt to ip_qos and press enter 443 o PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual gt gt active Trigger IP QoS function add Add IP QoS policy delete Delete IP QoS policy modify Modify IP QoS policy list Show IP QoS policy table You can enable the IP QoS function via active command The add parameters of IP QoS can be configured via add command To delete the policy is configured by delete command To modify the policy is configured by modify command You can view the IP QoS configuration via list command When use the add comman lt it will show the follo
99. nfigure SNTP v4 time synchronization follow the below procedures move the cursor to method and press enter Command admin sntp method lt SNTPv4 SyncWithPC gt Message Please input the following information SYNC method Enter for default lt SyncWithPC gt SNTPv4 Command admin sntp service lt Disable Enable gt Message Please input the following information Active SNTP v4 0 service Tab Select lt Enable gt Enable Command admin sntp time_server1 lt string gt Message Please input the following information Time server address Enter for default lt ntp 2 vt edu gt ntp 2 vt edu You can configure three time servers in this system with time_server1 time_server2 and time_servers The default time servers are the following time_server1 ntp 2 vt edu time_server2 ntp drydog com time_server3 ntp1 cs wisc edu Move the cursor to update_rate and press enter Command admin sntp update_rate lt 10 268435455 gt Message Please input the following information 120 G SHDSL Bridge Router GRT 101 401 402 User s Manual Update period secs Enter for default lt 3600 gt 86400 Move the cursor to time_zone and configure where your router is placed The easiest way to know the time zone offset hour is from your PC clock Double click the clock at the right corner of monitor and check the time zone of your country It will show GMT XX XX or GMT XX XX information Command admin sntp ti
100. nterface LAN WAN1 8 RIP Mode oDisable oEnable oSilent Authentication code CF You can review the list of RIP parameters via list command 10 16 7 LAN LAN interface parameters can be configured LAN IP address subnet mask and NAT network type Command setup lan lt 1 1 gt lt more gt Message Please input the following information Interface number lt 1 1 gt 1 gt gt ip type IP type address LAN IP address and subnet mask attrib NAT network type Ethernet Media type Ip_type can set up this IP is Fixed or Dynamic Address can set up IP address and subnet mask Attrib can set up NAT network type Global or Virtual Ethernet item can set up the PHY parameters on this LAN port Auto 100M Full 100M Half 10M Full and 10M Half 434 o PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual LAN Port parameter IP Type oFixed oDynamic LAN IP Address RE LAN Subnet Mask NAT Network type oGlobal oVirtual Ethernet Media Type oAuto o100M Full o100M Half o10M Full o10M Half 10 16 8 IP share You can configure Network Address Translation NAT Port Address Translation PAT and Demilitarized Zone DMZ parameters in ip_ share menu 10 16 8 1 NAT NAT Network Address Translation is the translation of an Internet Protocol address IP address used within one network to a different IP address known within another network One network is designated the inside network and the other is the outside
101. nual Utility ADMIN TIME SYNC Time Synchronization H SYNC method sync with PC Ge a Time evnchronization with client System Time SNTP is the acronym for Simple Network Time Protocol which is an adaptation of the Network Time Protocol NTP used to synchronize computer clocks in the Internet SNTP can be used when the ultimate performance of the full NTP implementation The function is only supported in router mode Service Enable Time Server 1 Time Server 2 and Time Server 3 All of the time server around the world can be used but suggest using the time server nearby to your country You can set up maximum three time server on here Time Zone Select the time difference between UTC Universal Time Coordinated formerly known as GMT Greenwich Mean Time and your time zone from the drop down list box Update Period How many times the router can resynchronize to time server The unit is second Press to finish the setup The browser will prompt the configured parameters and check it before writing into NVRAM 83 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Chapter 7 Utility This section will describe the utility of the product including system information load the factory default configuration upgrade the firmware logout and restart the gateway gt BASIC gt ADVANCED gt STATUS gt ADMIN SYSTEM INFO SYSLOG CONFI
102. nual Commun SSCS Move the cursor to list and press enter you can view full listing on SNMP Trap Host Pool 10 13 5 Supervisor Password and ID The supervisor password and ID is the last door for security but the most important Users who access the router via web browser have to use the ID and password to configure the router and users who access the router via telnet or console mode have to use the password to configure the router Suggest changing the ID and password after the first time of configuration and save it At next time when you access to the router you have to use the new password Factory default User name admin Password admin Supervisor ID root Supervisor Password root Command admin passwd lt pass_conf gt Message Please input the following information Input old Supervisor password Input new Supervisor password Re type Supervisor password Command admin id lt pass_conf gt Message Please input the following information Legal user name Enter for default lt root gt test The default admin ID is root Supervisor ID and Password Supervisor ID Supervisor Password 418 e PLA NET G SHDSL Bridge Router GRT 101 401 402 User s Manual Telnet Console mode User name Password Supervisor Password All sunctioM can use Can only ping test view the status and configuration Web Brower mode Supervisor ID Supervisor Password
103. o E E E E 112 IOI REPOU EE 113 MA LEE 113 10 13 ADMINISTRATION 114 fe Fo T lt 7 e E 114 RENE A e E 115 Te INI EE 116 VOLT Se COTE in EE 117 10 13 5 Supervisor Password and ID 118 by e SO IN RE 119 EA ER o E a E 121 LOOTE I a E AA A E 122 OTOS TP e E A den upioesososaosaeouuceuetousnesasousish 123 10 16 1 Operation MOde oo sitieni iener eE EAEE 123 1010 el e EE 123 RN WIN er tet satan ees toa sotoxsdaaess tgasornsnsiauees EE 125 10 104 le 128 TOTO Oe PIN E 129 VW OS acts pssst ca dsece ssa tsetse ade ayaa dau eooatseaeevaadontote ties E 132 VO CAN peace ates sats oc EE AAE A EE AEE ET ETS 134 10 166 IPF SINUS eae E 135 OOO FEW re a E E E E E SE E NENE O E 140 HEI EE EE 143 E WO Wilh Eeer 145 10 16 12 Host name 147 1016 T DETU EE 147 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Chapter 1 Overview Next Generation GSHDSL Bridge Router Based on digital subscriber line DSL technology PLANET s new DSL product the GRT series provides an affordable flexible and efficient Internet access solution for SOHO small office home office customers while reducing deployment and operation costs from service providers Using existing telephone lines the GRT series concentrates on all traffic onto a single high speed trunk for Internet activities or shares a corporate intranet Through the simple yet powerful management user interface of the GRT series ne
104. o access the router via telnet PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual gt gt port Configure telent TCP port ID pool Legal address IP address pool list Show security profile I Telnet TCP Port o oO Telnet TCP Port NN Legal client IP Address pool Move the cursor to port and press enter You can set up port number from 1 to 65534 Move the cursor to IP Pool and press enter there are sixteen legal IP addresses for telnet access The default legal address is 0 0 0 0 It means that there is no restriction of IP to access the router via telnet There are two sub menus modify and clear for easy to set up each one Move the cursor to list and press enter you can view full listing on security profile including the Telnet listing TCP port and 16 host IP address 10 13 3 SNMP Simple Network Management Protocol SNMP is the protocol not only governing network management but also the monitoring of network devices and their functions The router can generate SNMP traps to indicate alarm conditions and it relies on SNMP community strings to implement SNMP security This router supports MIB amp II Move the cursor gt gt to snmp and press enter gt gt community Configure community parameter trap Configure trap host parameter 416 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 10 13 4 Commun
105. on Title Product Manager Taiwan 18 Nov 2002 ee H KE Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 gt PLANET Networking amp Communication EC Declaration of Conformit For the following equipment Type of Product G SHDSL Router Model Number GRT 402 Produced by Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility 89 336 EEC Amended by 92 31 EEC 93 68 EEC amp 98 12 EC For the evaluation regarding the Electromagnetic Compatibility the following standards were applied Emission EN 55022 1994 A1 1995 A2 1997 Class A Harmonic EN 61000 3 2 2000 Flicker EN 61000 3 3 1995 A1 2001 Immunity EN 55024 1998 A1 2001 A2 2003 ESD EN 61000 4 2 2001 RS EN 61000 4 3 2002 EFT Burst EN 61000 4 4 1995 A1 2000 A2 2001 Surge EN 61000 4 5 2001 CS EN 61000 4 6 2001 Magnetic Field IEC 61000 4 8 2001 Voltage Disp EN 61000 4 11 2001 Responsible for marking this declaration if the Manufacturer C Authorized representative established within the EU Aut
106. ormation TF TP server IP address ENTER for default lt 192 168 0 2 gt 192 168 0 100 Upgrade filename ENTER for default lt default bin gt K5890000 bin Type TFTP server IP address and upgrade filename of the software 10 14 2 Backup Move the cursor gt gt to backup and press enter Command utility backup lt ip gt lt file gt Message Please input the following information TFTP server IP address ENTER for default lt 192 168 0 2 gt 192 168 0 120 Upgrade filename ENTER for default lt default bin gt backup001 bin Type TFTP server IP address and backup filename of system configuration 10 14 3 Restore Move the cursor gt gt to restore and press enter Command utility restore lt ip gt lt file gt Message Please input the following information TFTP server IP address ENTER for default lt 192 168 0 2 gt 192 168 0 150 Upgrade filename ENTER for default lt default bin gt backup002 bin Type TFTP server IP address and restore filename of system configuration 10 15 Exit If you want to exit the system without saving use exit command to quit system Command exit lt CR gt Message Please input the following information Do you want to disconnect y n to confirm the exit operation Press y 422 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 10 16 Setup All of the setup parameters are located in the
107. ort OutPactets The field shows the number of transmitted packets on this port OutDiscardsOctets The field shows the discarded number of transmitted bytes on this port 1 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual OutDiscardsPackets The field shows the discarded number of transmitted packets on this port 72 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 5 8 STP gt BASIC gt ADVANCED V STATUS SHDSL bis LAN WAN ROUTE INTERFACE FIREWALL IP QoS DDNS Home Basic Advanced Status Admin Utility Status Information a Bridge Parameter STP Function Enable Bridge ID 8000 000379 572002 Designated ROOT ID 8000 000379 572002 ROOT Port ROOT Path Cost None 0 Ports Parameter D Disable B Blocking LS Listening LN Learning F Forwarding WAN Port No LAN 1 2 3 4 5 6 7 8 State F D D D D D D D D This information shows the STP parameter The bridge parameters have Bridge ID The bridge ID of a configuration message is an 8 byte field The six low order bytes are the MAC address of the switch The high order two byte unsigned 16 bit integer field is the bridge priority number Designated Root ID The unique Bridge Identifier of the Bridge assumed to be the Root this parameter is used as the value of the Root Identifier parameter in all CBPDUs transmitted by the Bridge Roo
108. outer GRT 101 401 402 User s Manual Chapter 8 LAN to LAN Connection in Bridge Mode GE EE EE EE Ee emm emm r mm mm r om emm r emm emm emm emm me STU C CO i STU R CPE si i Bridge IP 192 168 0 1 i IP 192 168 0 2 Netmask 255 255 255 0 S EE Netmask 255 255 255 0 PC A IP 192 168 0 100 Netmask 255 255 255 0 Gateway 192 168 0 1 VPI 0 VCI 32 Encapsulation LLC _ IP 192 168 0 200 Netmask 255 255 255 0 Gateway 192 168 0 2 8 1 CO side Check and CO Side to set up bridging mode of the Router and then click Next Advanced BASIC STEP1 Operation Mode System Mode ROUTE BRIDGE SHDSL bis Mode COSide OCPE Side 92 PLANET lt lt Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Utility BASIC STEP2 LAN Default Gateway 192 168 Lb DNS Server 168 9511 DNS Server 2 168 95 1921 S A WANI ver pz Enap Ovcmx LLC Wm CH Wm Wm Enter LAN Parameters IP 192 168 0 1 Subnet Mask 255 255 255 0 Gateway 192 168 0 1 Host Name SOHO Enter WAN1 Parameters VPI 0 VCI 32 Check LLC Click The screen will prompt the new configured parameters Check the parameters and click Restart The router will reboot with the new setting 93 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual 8 2 CPE Side Check Bridge
109. pe the Wan Parameters VPI O VCI 33 AAL5 Encap LLC Protocol EoAl IPoA NAT or EoA NA Click to set up the IP parameters Home Basic Advanced Status Admin Utility BASIC STEP4 WANI VEL Wel AALS Enap O VC mux LLC Deoteco PPPoAt NAT wi PPPOA NAT PPPoE NAT 27 PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual IP Address 10 1 2 1 It is router IP address seem from Internet Your ISP will provide it and you need to specify here Subnet mask 255 255 255 0 This is the router subnet mask seen by external users on Internet Your ISP will provide it to you Gateway 10 1 2 2 Your ISP will provide you with the default gateway DNS Server 1 168 95 1 1 DNS Server 1 168 95 192 1 Your ISP will provide at least one DNS Domain Name System Server IP address Click Next Status Admin Utility BASIC STEPS Advanced Basic WANI Subnet Mask 255 25s 25s DNS Server 1 DNS Server 2 ai DNS Server 3 The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Basic Home Advanced Status Admin Utility REVIEW BASIC REVIEW To let the configuration that you have changed take effect immediately please click Restart button to reboot the system To continue the setup procedure please click Continue button g Sys
110. r s Manual Chapter 3 Configuration 3 1 Purpose This chapter provides information about configuring GRT series After you have completed all the necessary settings for GRT series make sure to write the new configuration to NVRAM by write command and reboot the system or all of your changes will not take effect 3 2 Logon Procedure There are three methods to logon to GRT series serial console Telnet and web interface For the first time configuration perhaps only the serial console mode could be used because applications requiring Internet protocol IP communication such as Telnet and web interface are not available unless a management IP is configured properly for your local networking environment After connecting all the necessary cables described in 1 3 power on GRT series and select one of the following procedures to access GRT series It is recommended that only one configuration application is used to set up GRT series at any given time that is Telnet serial console and the web management interfaces should not be used simultaneously 3 2 1 Serial console Check the connectivity of the RS 232 cable from your computer to the serial port of GRT series Start your terminal access program with VT100 terminal emulation Configure the serial link with baud rate of 9600 8 data bits no parity check 1 stop bit and no flow control and press the key until the login screen appears When you see the login
111. r GRT 101 401 402 User s Manual Atvanced Status BASIC STEP3 DHCP SERVER e General DHCP Parameter Start IP Address 192 168 20 End IP Address 192 168 20 51 DNS Server l Lease Tame Table of Fixed DHCP Host Entries Hint The format of the WLAC Address is 12 54 56 8 94 BC Index MAC Address F dden il EI E sl C 1 eee Type the WAN1 Parameters VPI O VCI 32 AALS Encap Protocol IPoA EoA or SEH The Protocol used in CO and CPE have to be the Ge same Note Click to set up the IP parameters Home El Advanced otatus Admin Utility BASIC STEP4 WANI vert VCE AALS Encap OVC mux LLC Protocol PPPoAt NAT PPPoE NAT Click to set up the IP parameters IP Address 192 168 30 2 99 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Subnet mask 255 255 255 0 Gateway 192 169 30 1 Click Next Home Basic Advanced Status Admin Utility BASIC STEPS WANI IF Address Subnet Mask Gateway DNS Server 1 DNS Server 2 DNS Server 3 The screen will prompt the parameters that will be written in EPROM Check the parameters before writing in EPROM Press Restart to restart the router working with new parameters or press continue to set up another parameter 400 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual
112. r Up Power Up Refresh 86 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Y 7 3 Config Tool gt BASIC gt ADVANCED gt STATUS gt ADMIN V UTILITY SYSTEM INFO SYSLOG UPGRADE LOGOUT RESTART This configuration tool has three functions Load Factory Default Restore Configuration and Backup Configuration Press Config Tool Home Basic Advanced Status Admin Utility UTILITY CONFIG TOOL Select Configuration Tool Configuration Tool Load Factory Default Lei Restore Configuration Backup Config uration i Choose the function and then press finish 7 3 1 Load Factory Default Load Factory Default It will load the factory default parameters to the router This action will change all of the settings to factory default value In other words you will lose all the existing configured parameters 87 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual K4 7 3 2 Restore Configuration Sometimes the configuration could crush accidentally It will help you to recover the backup configuration easily Click after selecting Restore Configuration Browse the route of backup file then press Finish Browse the location of restore file name or enter the name directly Then press OK The router will automatically restore the saved configuration 7 3 3 B
113. ransferring Internet traffic over the ATM network CBR Constant Bit Rate is used by connections that require a static amount of bandwidth that is available during the connection life time This bandwidth is characterized by Peak Cell Rate PCR Based on the PCR of the CBR traffic specific cell slots are assigned for the VC in KI G SHDSL Bridge Router GRT 101 401 402 User s Manual the schedule table The ATM always sends a single cell during the CBR connection s assigned cell slot VBR rt Varible Bit Rate real time is intended for real time applications such as compressed voice over IP and video comferencing that require tightly constrained delays and delay variation VBR rt is characterized by a peak cell rate PCR substained cell rate SCR and maximun burst rate MBR VBR nrt Varible Bit Rate non real time is intended for non real time applications such as FTP e mail and browsing PCR Peak Cell Rate in kbps The maximum rate at which you expect to transmit data voice and video Consider PCR and MBS as a menas of reducing lantency not increasing bandwidth The range of PCR is 384kbps to 11392kbps SCR Substained Cell Rate The sustained rate at which you expect to transmit data voice and video Consider SCR to be the true bandwidth of a VC and not the long term average traffic rate The range of SCR is 384kbps to 11392kbps MBS Maximum Burst Size Refers to the maximum number of cells that can
114. re factory setting operation It di Press y 448 gt PLANET Networking amp Communication EC Declaration of Confomi For the following equipment Type of Product Gshdsl Bridge Router Model Number GRT 101 GRT 401 Produced by Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive on 89 336 EEC For the evaluation regarding the EMC the following standards were applied Emission EN 55022 1994 A1 1995 A2 1997 Harmonic EN 61000 3 2 1995 A1 1998 A2 1998 A14 2000 Flicker EN 61000 3 3 1995 Immunity EN 55024 1998 ESD IEC 61000 4 2 1995 A1 1998 RS IEC 61000 4 3 1996 A1 1998 EFT Burst IEC 61000 4 4 1995 Surge IEC 61000 4 5 1995 CS IEC 61000 4 6 1996 Magnetic Field IEC 61000 4 8 1993 Voltage Disp IEC 61000 4 11 1994 Responsible for marking this declaration if the Manufacturer C Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Tom Shih Positi
115. ridge Router GRT 101 401 402 User s Manual gt gt system Show general information config Show all configuration script Show all configuration in command script system The general information of the system will show in system command config Config command can display detailed configuration information script Configuration information will prompt in command script 10 9 1 System information Move cursor to gt gt to system and press enter Status Window General system information MCSV 14A1 0000 5221D8BO Software Version 148D 0000 4101606C Chipset PEF24628V1 2 Firmware Version 71 1 1 5 7_ 004 Hostname SOHO System Up Time ODAY OHR SOMIN From this screen you can know more about the general information of this router 10 9 2 Configuration information Move cursor to gt gt to config and press enter You can view all setting using table format 10 9 3 Configuration with Script format Move cursor to gt gt to script and press enter You can view all setting using script format 10 10 Write For any changes of configuration you must write the new configuration to EPROM using write command and reboot the router to take affect Move cursor to gt gt to write and press enter G SHDSL Bridge Router GRT 101 401 402 User s Manual Command write lt CR gt Message Please input the following information Are you sure y n y to confirm the writ
116. rking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Chapter 2 Installation 2 1 Front Panel LEDs The LEDs on the front panel indicate the operational status of GRT series SHDSL Bridge Router LAN 5 PWR LNK ACT 10 ACT 100 AcT ALM Figure 2 1 GRT 101 Front Panel G SHDSI Bridge Router WAN GRT 401 ALM PWR LNK ACT Figure 2 2 GRT 401 Front Panel 4 Wire G SHDS WAN GRT 402 Bridge Router PWR LNK ACT ALM Figure 2 3 GRT 402 Front Panel 11 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual The following table describes the LEDs functions K4 Table 2 1 GRT 101 LED Functions LEDs Active Color Description PWR On Green Power adaptor is connected to GRT 101 LNK On en SHDSL line connection is established WAN Blink SHDSL handshake ACT On Green Transmit or receive data over SHDSL link LAN 10 ACT On Green LAN Speed operates in 10M 100 ACT On Green LAN Speed operates in 100M ALM On Red SHDSL connection disconnected SHDSL self test Table 2 2 GRT 401 GRT 402 LED Functions PAWR ER 2 ereen Power adaptor is connected to GRT 401 GRT 402 On creen SHDSL line connection is established SHDSL handshake dE 1 On Green____ TransmitorreceivedataoverLAN1 _ LAN LL On Green Transmit or receive data over LAN2 3 On Green TransmitorreceivedataoverLAN3 ae eo EEEEE
117. router Update flash configuration After you have completed all necessary setting make sure to write the new configuration to NVRAM by write command and reboot the system or all of your changes will not take effect Reset and boot system After you have completed all necessary setting make sure to write the new configuration to NVRAM and reboot the system otherwise all of your changes will not take effect png Immens OOOO 10 8 Status You can view running system status of SHDSL bis WAN route interface fireware ip gos and stp via status command Move cursor gt gt to status and press enter gt gt shdsl bis Show SHDSL bis status lan Show lan interface status wan Show WAN interface status route Show routing table interface Show interface statistics status firewall Show firewall status ID gos Show IP QoS statistics stp Show STP status clear Reset statistics The SHDSL bis status includes line rate SNR margin TX power attenuation and CRC error of the product and SNR margin attenuation and CRC error of remote side The router can access remote side s information via EOC embedded operation channel LAN status shows all their parameters including IP address Net mask Mac address and protocol information 406 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual WAN status shows all their parameters including IP address Net mask
118. rs Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and receiver 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio technician for help FCC Caution To assure continued compliance for example use only shielded interface cables when connecting to computer or peripheral devices Any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This device complies with Part 1
119. s Nx128kbps N 3 60 2 wire model 4 wire model Annex AF BG TCPAM 16 192 3840 kpbs 384 7680 kbps TCPAM 32 192 5696 kpbs 384 11392 kbps 4 1 5 SNR margin This is an index for line connection quality You can see the actual SNR margin in STATUS SHDSL bis The larger the SNR margin is the better the line connection quality is The range of SNR margin is 10 to 21 If you set SNR margin in the field as 3 the SHDSL bis connection will drop and reconnect when the SNR margin is lower than 3 On the other hand the device will reduce the line rate and reconnect for better line connection quality 4 1 6 TC Layer There are two TC layer setting on this router EFM layer and ATM layer It is based on the networks connected AIT M based Access Network or Ethernet based Access Network Rate Mode For adaptive mode you have to configure it in rate mode The router will adapt the optimal data rate according to the line status 33 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual K4 4 2 WAN The router can support up to 8 PVCs WAN 1 was configured via BASIC menu except QoS If you want to set up another PVCs such as WAN 2 to 7 those parameters can be configured and set up on the pages of under ADVANCED On the other hand you dont need to setup WAN unless except you apply two or more Internet Services with ISPs Y ADVANCED SHDSL bis BRIDGE VLAN STP ROUTE N
120. s Admin Utility BASIC STEP1 Operation Node System Mode ROUTE COBRIDGE SHDSL bis Mode CO Side O CPE Side Type LAN parameters IP Address 192 168 20 1 Subnet Mask 255 255 255 0 Host Name SOHO DHCP Service or For more DHCP service review the chapter on DHCP Service 95 Chapter 9 LAN to LAN Connection in e IP 192 168 10 1 lt Z e Sy ey EA ve e Se Se et PLANET amp Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual BASIC STEP2 LAN IP Type Fj IP Address z A Dynamic DHCF Client subnet Mask 255 D I Host Name SOHO Trigger DHCP Service O Disable Sever O Relay NK Ki Ki 8 LO Wu 8 CO CO TE 55 The range of DHCP is from 192 168 20 2 to 192 168 20 51 User also can set and fix IP in the table below Home Basic Advanced Status Admin Utility BASIC STEPS DHCP SERVER a General DHCP Parameter Start IP Address 192 168 20 End IP Address 192 168 20 Lease Time hours a Table of Fixed DHCP Host Entries Hint The format of the WLAC Address is 12 54 56 78 9A BC Index MAC Address IP Address po Eo T E e Co T CT Type the Wan Parameters VPI 0 VCI 32 AAL5 Encap ULC Protocol IPoA IPoA NATI or EoA NAT The Protocol used in CO and CPE have to be the same Click Next to set up the IP parameters 96 PLANET amp Networkin
121. s Manual 10 16 9 Firewall This item is only for firewall models To configure Firewall move the cursor gt gt to firewall and press enter gt gt level Configure firewall security level pkt_filter Configure packet filter dos_protect Configure DoS protect 10 16 9 1 Firewall security level There are three levels of firewall which you can setup in this product Level one basic only enables the NAT firewall and the remote management security The NAT firewall will take effect if NAT function is enabled The remote management security is default to block any WAN side connection to the device Non empty legal IP pool in ADMIN will block all remote management connection except those IPs specified in the pool Level two automatic enables basic firewall security and all DoS protection Level three advanced is an advanced level of firewall where user can determine the security level for special purpose environment and applications by configuring the DoS protection and defining an extra packet filter with higher priority Note that an improper filter policy may degrade the capability of the firewall and or even block the normal network traffic The firewall security level can configure via level command Firewall Security Level oBasic cAutomatic Advanced 10 16 9 2 Packet Filtering Packet filtering function can be configured by pkt_filter command Move the cursor to pkt_filter and press enter gt gt active Tigg
122. s from O to 255 and VCI from 0 to 65535 VPI Virtual Path Identifier for set uo ATM Permanent Virtual Channels PVC VCI Virtual Channel Identifier for set up ATM Permanent Virtual Channels PVC 10 16 3 4 Ecapsulation There are two types of encapsulation VC Mux and LLC 426 10 16 3 5 VC QoS You can set up virtual circuit quality of service VC QoS using qos command The router supports UBR CBR VBR rt and VBR nrt Move the cursor to qos and press enter G SHDSL Bridge Router GRT 101 401 402 User s Manual gt gt class Configure QoS class pcr Configure peak cell rate kbps scr Configure sustainable cell rate kbps mbs Configure max burst size cell UBR Unspecified Bit Rate is the simplest service provided by ATM networks There is no guarantee of anything It is a primary service used for transferring Internet traffic over the ATM network CBR Constant Bit Rate is used by connections that requires a static amount of bandwidth that is avilable during the connection life time This bandwidth is characterized by Peak Cell Rate PCR Based on the PCR of the CBR traffic specific cell slots are assigned for the VC in the schedule table The ATM always sends a signle cell during the CBR connection s assigned cell slot VBR rt Varible Bit Rate real time is intended for real time applications such as compressed voice over IP and video comferencing that require tightly constrained delays and delay variation
123. screen you can logon to GRT series User admin Password If you have not set any user profile for GRT series enter the factory default user admin When the system prompts you for a password type admin to enter GRT series 15 M PLANET e Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual After you logon to GRT series and before proceeding any further check the software version of GRT series by the command PLANET GRI amp 82 enable Modify command privilege status Show running system status gt gt show View system configuration ping Packet internet groper command exit Quit system Enter show item to show information of GRT 402 PLANET GRT 402 gt gt system Show general information config Show all configuration script Show all configuration in command script PLANET GRI amp Status Window General system information Hodel HESY Software Yersion Chipset Firmware Yersion Hostname Serial No system Up Time Press Enter to Return Henu Window There are three utility tools upgrade backup and restore which embedded in the firmware You can update the new firmware via TFTP upgrade tools and backup the configuration via TF TP backup tool and restore the configuration via TFTP restore tool For operation on firmware upgrade and backup or restore the system configuration you must have your own TF TP server software Mo
124. screen will prompt the configured parameters Check Enable on Trigger Packet Filtering Service item to activate the packet filtering service Check Enable on Drop Fragmented Packets item to activate the drop fragmented packets operation You can modify or delete the access policies by clicking Modify or command 58 G SHDSL Bridge Router GRT 101 401 402 User s Manual 4 10 IP QoS IP QoS is a function to decide the priorities of setting IPs to transfer packets under the situation of overloading bandwidth YV ADVANCED SHDSL bis LAN WAN BRIDGE VLAN STP ROUTE NAT VIRTUAL SERVER FIREWALL DDNS Home Basic Advanced Status Admin Utility ADVANCED IP QoS IP QoS Parameters General IP QoS Parameters Trigger IP QoS Service Disable Enable e IP QoS Policies Index Enable Protocol Local Remote Precedence Description Sg Pool is Empty Cancel Check at item Trigger IP QoS Service in General IP QoS Parameter which will turn on this IP QoS function Click Add on the bottom of the web page to begin a new entry in IP QoS Policy table at PLANET Networking amp Communication G SHDSL Bridge Router GRT 101 401 402 User s Manual Home HE Aivanced Status ATLL Utility IP QoS POLICY 1 IP QoS Policy Parameters a Policy Rule Description Local IP Po eg Any 0 0 0 0 Single 10 0 0 1 RemoteIP 000000 Range 192 168 0 1 192
125. signed to a specific VLAN independent of the user or system attached to the port This means all users attached to the port should be members in the same VLAN The port based setting performs the VLAN assignment The port configuration is static and cannot be automatically changed to another VLAN without manual reconfiguration For Port based VLAN user must set up the table using 802 11Q methods But don t care the value of VID PVID or link type Port based VLAN LAN1 WAN1 WAN2 WAN3 WAN4 WAND WANG WAND ILL LI Ir To view the VLAN table move the cursor to list and press enter 10 16 5 3 STP Spanning Tree Protocol STP is a link management protocol that provides path redundancy while preventing undesirable loops in the network For an Ethernet network to function properly only one active path can exist between two stations The default is disable STP STP Function oDisable ocEnable 434 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Once you enable the STP feature you can see the STP status follow IEEE 802 1d standard to work The working steps are Blocking Listening Learning and forwarding 10 16 6 Route You can set up the routing parameters in route command If the product is configured as a bridge you do not want to set up the route parameters Move the cursor gt gt to route and press enter gt gt static Configure static routing
126. sl bis line probe tclayer Configure shdsl bis TC Layer clear Clear current CRC error count 423 SHDSL bis Mode em es Link _12 Wire M Pair _ M Pair Conexant a Auto Fall Back Standby JMulti link G SHDSL Bridge Router GRT 101 401 402 User s Manual Line rate Nx64 Annex Type JA RB JAF BG SNR Margin J i Cs C SC sr 10 16 2 1 Mode There are two types of SHDSL bis mode STU C and STU R STU C means the terminal of central office and STU R means customer premise equipment 10 16 2 2 Link This link item is only for 4 wire model 2 wire mode For 4 wire model it can use only the first one pair for the single pair DSL wire application M Pair Mode In this mode each wire pair of SHDSL bis router must be configured with the same line rate If one pair fails then the entire line must be restarted It also has the Conexant M pair standard used with connection to other router with Conexant chip set solution Auto Fall Back Mode Two DSL pairs are working simultaneously When one pair of both is disconnected the other pair will keep working Standby Mode Only one of two pairs is working the other pair is standby If the working pair fails the standby pair will start up to continue Multi Link Mode For 4 wire model each pair will connect to two different remote devices which may or may not be in the same location 10 16 2 3 N 64 424 PLANET
127. sor gt gt to dns_proxy and press enter Command setup Gdns proxy lt IP gt IP IP Message Please input the following information DNS server 1 ENTER for default lt 168 95 1 1 gt 10 0 10 1 DNS server 2 10 10 10 1 DNS server 3 You can setup three DNS servers in the router The number 2 and 3 DNS servers are option DNS Server IP 10 16 12 Host name A Host Name is the unique name by which a network attached The hostname is used to identify a particular host in various forms of electronic communication Enter local host name via hostname command Move cursor gt gt to hostname and press enter Command setup hostname lt name gt Message Please input the following information Local hostname ENTER for default lt SOHO gt test The host name can t use more than 15 characters and don t use space character Some of the ISP requires the Host Name as identification You may check with ISP to see if your Internet service has been configured with a host name In most cases this field can be ignored Host Name hosna 10 16 13 Default If you want to restore factory default first move the cursor gt gt to default and then press enter Command setup default lt name gt 147 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Message Please input the following information Are you sure Y N y to confirm the resto
128. t Port Identifies the Port through which the path to the Root is established and is not 73 d PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual significant when the Bridge is the Root and is set to zero It is the Port Identifier of the Port that offers the lowest Cost Path to the Root Root Path Cost The Cost of the Path to the Root from this Bridge this is equal to the sum of the values of the Designated Cost and Path Cost parameters held for the Root Port When the Bridge is the Root this parameter is zero The ports parameters have Learning This is when the modem creates a switching table that will map MAC addresses to port number Listening This is when the modem processes BPDU s that allow it to determine the network topology Forwarding When a port receives or sends data In other words this is operating normally Disabled This is when the network administrator has disabled the port Blocking this means the port was blocked to stop a looping condition 74 PLANET Networking amp Communication Y 5 9 DDNS gt BASIC gt ADVANCED V STATUS e SHDSL bis e LAN WAN ROUTE INTERFACE FIREWALL IP QoS STP Status Information DDNS Status G SHDSL Bridge Router GRT 101 401 402 User s Manual STATUS DDNS DONS update wait This information shows DDNS statistics 75 PLANET Networking amp Communication GSHDSL Bridge Router
129. tem Operation Mode System Mode Foute Mode SHDSL bis Mode CFE Side E LAN Interface REN IP Address 192 188 0 1 Subnet Mask 255 255 255 0 Hostname SOHO Trigger DHCP service 9 DHOF Server s DHCP server Default gateway 182 168 0 1 Subnet mask 255 255 255 0 ss Start IP address N 192 168 0 2 End IP address 192 168 0 51 DNS Server 1 baauesan 8 28 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Press Restart to restart the router working with new parameters or press continue to set up another parameter mmmseemen e 29 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Chapter 4 Advanced Setup Advanced setup contains SHDSL WAN Bridge VLAN Route NAT DMZ Virtual server and firewall parameters SHDSL bis LAN WAN BRIDGE VLAN STP ROUTE NAT VIRTUAL SERVER FIREWALL IP QoS DONS 4 1 SHDSL bis You can set up the Annex type data rate and SNR margin for SHDSL bis parameters in SHDSL bis ADVANCED SHDSL bis Operation Mode a Setup Operation Mode Annex Type O AnnexaF AnnexBG Link Type O2Wire 4 Wire Auto FallBack OStandBy MultHink TCPAM Type aAuto OTCPAM 16 TCPAM 32 Data Rate n 64kbps ag irange 3 89 wx SNR margin O range 10 10 TC Layer EFM Layer ATM Layer Rate Mode Fixed Adaptive WH Wm WS 4 1
130. the PVID of the port Command setup vlan pvid lt 1 9 gt lt 1 4094 gt Message Please input the following information Port index lt 1 9 gt 1 VID Value Enter for default lt 10 gt 10 VLAN port status is a 9 digit binary number whose bit 1 location indicates the VLAN port membership in which 1MSB and 8MSBs represents one LAN port and eight WAN ports respectively For example the setting vlan modify 1 20 111000000 means that the VID 20 member ports includes LAN WAN1 and WAN The member ports are tagged members Use PVID command to change the member port to untagged members To modify the link type of the port move the cursor to link_mode and press enter There are two types of link access and trunk Trunk link will send the tagged packet from the port and Access link will send un tagged packet from the port The port index 1 represents LAN and ports index 2 to 9 represents WAN1 to WANB8 respectively According to the operation mode of the device link type of WAN port is automatically configured If the product operates in bridge mode the WAN link type will be trunk and in routing mode access 430 o PLA NET GSHDSL Bridge Router GRT 101 401 402 User s Manual Command setup vlan link_mode lt 1 12 gt lt Access Trunk gt Message Please input the following information Port index lt 1 12 gt 1 Port link type Tab select lt Trunk gt Access 10 16 5 2 Port Base VLAN With port based VLAN the port is as
131. tiple hosts on the private network appear to originate from a single host the PAT device on the public network In PAT both the sender s private IP and port number are modified the PAT device chooses the port numbers which will be seen by hosts on the public network In PAT generally there is only one publicly exposed IP address and incoming packets from the public network are routed to their destinations on the private network by reference to a table held within the PAT device which keeps track of public and private port pairs This is often called connection tracking gt gt clear Clear virtual server mapping modify Modify virtual server mapping list Show virtual server mapping pool You can delete virtual server mapping entry from 1 to 10 by using clear command You can create up to 10 virtual server mapping entry via modify command Command setup mp share pat modify lt 1 10 gt lt more gt Message Please input the following information Virtual server entry number lt 1 10 gt 1 gt gt interface Active interface port TCP UDP port number server Host IP address and port number protocol Transport protocol name Service name begin The schedule of beginning time end The schedule of ending time PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual Set the active interface number via interface command You can configure the global port number by using port command
132. twork administrators can complete a managed network deployment simply in seconds High speed Symmetric Data Transmission With bandwidth of up to 5 7Mbps the GRT 101 401 outperforms both T1 s at 1 544 Mbps and E1 s at 2 048 Mbps The GRT 402 s bandwidth reaches up to 11 4Mbps By using a standard RJ 45 or phone wire as a connection medium the installation and equipment costs of the GRT series are dramatically less than that of T1 E1 and Frame Relay Using integrated bridging and routing support two GRT series can be connected as a LAN to LAN network connection at the distance up to 7 7km 4 8 miles via regular phone wire Built in PPPoE Feature The GRT series built in PPPoE feature enables both the users and the service providers to make use of the existing PPP PAP CHAP based authentication and accounting infrastructure The built in PPPoE feature saves time by eliminating the need to install software High speed Internet Access G SHDSL is the best solution to quickly provide cost effective high speed network service for enterprises and SME users or SOHO users who need high speed symmetrical Internet connections By utilizing the existing telephony infrastructure network installation is simple and straightforward With up to 5 7 Mbps full duplex speed IP telephony website hosting and various broadband services can be easily provisioned PLANET Networking amp Communication G SHDSL B ridge Router GRT 101 401 40
133. ue is 23 On trust host list configured 0 0 0 0 will allow all hosts on Internet or LAN to access the router Leaving blank of trust host list will cause blocking all PC from WAN to access the router On the other hand only PC in LAN can access the router If you type the exact IP address in the field only the host on this listing can access to the router Click to finish the setting The browser will prompt the all configured parameters and check it before writing into NVRAM Press to restart the gateway working with the new parameters and press to set up other parameters 6 2 SNMP Simple Network Management Protocol SNMP provides for the exchange of messages between a network management client and a network management agent for remote management of network nodes These messages contain requests to get and set variables that exist in network nodes in order to obtain statistics set configuration parameters and monitor network events SNMP communications can occur over the LAN or WAN connection The router can generate SNMP traps to indicate alarm conditions and it relies on SNMP community strings to implement SNMP security This router support MIB and MIB II Click to configure the parameters gt BASIC gt ADVANCED gt STATUS V ADMIN e SECURITY D e SYSLOG e TIME SYNC 73 PLANET Networking amp Communication G SHDSL B ridge Router GRT 101 401 402 User s Manual Home Basic Advanced
134. ve the cursor gt gt to utility and press enter 16 o PLANET G SHDSL Bridge Router Networking amp Communication GRT 101 401 402 User s Manual PLANET GRI 4 amp 62 gt gt upgrade Upgrade main software backup Backup system configuration restore Restore system configuration Command utility upgrade lt ip gt lt file gt Message Please input the following information Command utility upgrade lt ip gt lt file gt Message Please input the following information TFTP server IP address ENTER for default lt 192 168 0 2 gt 192 168 0 46 Upgrade filename ENTER for default lt default bin gt FW GRI 4 2 yv524 bin Pressing enter key will perform firmware upgrade PLANET GRI 402 IFIP server IP address 192 168 0 46 Upgrade filename FW GRI 48 2 yvo24 bin 909018 b Transfer Complete Replace Now y n 3 2 2 Telnet Make sure the correct Ethernet cable is used for connecting the LAN port of your computer to GRT series The LAN LNK indicator on the front panel will light up if a correct cable is used To start your Telnet client with VT100 terminal emulation and connect to the management IP of GRT series wait for the login screen to appear When you see the login screen you can logon to GRT series User admin Password The factory default management IP and subnet mask are 192 168 0 1 and 255 255 255 0 respectively If you have not set any user profile for GRT series enter
135. wing gt gt Protocol Configure protocol local_ip Configure local IP parameter remote_ip Configure remote IP parameter Port Configure port parameter description Policy description Enable Enable the policy Precedence Configure precedence parameter Protocol identifier One can differentiate IP from other network level protocols using link level information TCP Transmission Control Protocol and UDP User Datagram Protocol Source port number The only way to identify applications run over TCP or UDP is to look for port numbers and compare them to the list of well known port numbers While in most cases the mapping is correct there are cases when some services or clients use a port reserved for another application Destination port number The destination port identifies traffic originating from the client to the server Source host address It can identify the end system sending data and based on that classify traffic Destination host address It can identify the end system receiving data E Define the description of policy Enable the policy Define the priority of the policy 144 PLANET Networking amp Communication GSHDSL Bridge Router GRT 101 401 402 User s Manual IP Qos Local PP RemoteIP oo Local Port oo NN Desorption S SS 10 16 11 DHCP Dynamic Host Configuration Protocol DHCP is a communication protocol that lets network administrators to manage centrally and automate the assignment
Download Pdf Manuals
Related Search