HomePortal 2700 Series User Guide
Contents
1. Figure 39 MDC Voice Configure Server Page 86 Management and Diagnostic Console The Edit VolP Settings panel displays the current SIP settings and allows you to edit the settings The following table describes the fields Server IP Address Corresponds to the SIP proxy address Port Corresponds to the SIP proxy destination port Number of Lines Displays the number of lines allowed on the gateway End Point Domain Displays the IP domain of the SIP endpoint Register Expire Time Displays the default expiration in seconds of the SIP registration and indicates how frequently re registration will occur Register Retry Interval Indicates the period of time in seconds before the gateway will retry registration after a failed attempt By default the Show CID Names and Require Authentication checkboxes are checked Show CID Names allows the gateway to display the configured outbound caller ID information Require Authentication allows the gateway to use authentication when registering with the SIP proxy Use 11 digit DIDs allows the gateway to automatically append a 1 to the registration phone number 87 Management and Diagnostic Console Troubleshooting DSL Diagnostics Page The Troubleshooting DSL Diagnostics page displays data associated with the 2Wire gateway s DSL link 2WReEz Management and Diagnostic Console Troubleshooting DSL Diagnostics al infeemasen w ay Rat2. Figure 31 MDC Local Network Device List Page The following information is displayed Item Identity Type MAC Address IP Address Description The name of the device If the device does not have a name associated with it the device IP address is displayed The type of connection used by the device to connect to the local network Ethernet USB or Wireless The hardware address used by the device The IP address used by the device 73 Local Network Wireless Settings Page Management and Diagnostic Console The Local Network Wireless Settings page allows you to view or change the wireless settings with which your gateway is configured 2WiRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Local Network Wireless Settings Current Settings Access Point Network Name Channel Authentication SUBMIT Settings 00 1 4 95 00 76 d9 2WIRE072 6 243
3. Configure Current Noise Margin 20 0 dB 21 0 dB Current Attenuation 8 3 dB 4 5 dB e Network Current Output Power 1 8 dB 5 0 dB Status statins ATM Cells Errors Device List Wi Transmit 3211 0 0 Wireless Receive 22399 0 0 Configure VIELE AEEA A NO ca PERA PAYER AA Address Allocation IP Bytes Packets Errors o Firewall Transmit 114504 1172 0 0 Settings Receive 1028145 1471 o 0 Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 26 MDC Broadband Link Statistics Page The Broadband Link Statistics page includes the following information Item Description DSL for DSL models only Current Rate The DSL downstream and upstream rate in kilobits Max Rate The maximum DSL downstream and upstream rate in kilo bits 61 Item Current Connection ATM Transmit Receive IP Transmit Receive Management and Diagnostic Console Description Current Noise Margin The current downstream and upstream noise margin in dB Current Attenuation The current downstream and upstream DSL attenuation in dB Current Output Power The current downstream and upstream DSL transmit and receive power in dB
4. Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Advanced Syslog Settings Enable Syslog Server Location Server Port Enable Throttling Limit Logging to 514 o Optional Default 514 logs per second SUBMIT Settings Figure 45 MDC Advanced Syslog Settings Page To enable syslog and specify the location of a syslog server 1 Check the Enable Syslog checkbox 2 3 In the Server Location field enter the IP address of a UNIX or Linux computer running a syslog daemon Optional In the Server Port field enter the outbound port number upon which the syslog server is located To limit the number of log packets check the Enable Throttling checkbox In the Limit Logging to field enter the number of logs per second that you wish to log Click the Submit button 100 Advanced Provisioning Info Page Management and Diagnostic Console The Advanced Provisioning Info page displays the parameters with which the 2Wire gateway was provisioned Management and Diagnostic Console Advanced Provisioning Information Module Configuration fest modis O pareraid 0 Mage O nun level A 10 LED profile Doba modis 1 parerad 0 Naps O run level 87 10 homes modis 2 parorda 0 Mags O run levet 8710 bibandi mosa 3 parents O fage 0 ran levet 6 gt 10 bbw binypa pr
5. Contents Advanced Traffic Shaping Page ee eee ees 112 Advanced Link Manager States Page 0 ce eee ees 113 Advanced Detailed Log Page ww ee ees 116 Glossary Regulatory Information Introduction The 2Wire gateway allows you to create a network with your computers and peripheral devices Following are just a few of the benefits derived from using the 2Wire gateway to network your home or office High performance integrated modem 2Wire s technology improves DSL performance especially for homes further away from the local exchange It also minimizes common interference found when other devices such as dimmer switches or fluorescent lighting are in contact with the DSL line Super fast router The 2Wire gateway s router provides the fastest data transfer speeds available between your network and the Internet The high performance router distributes data seamlessly to all of the computers on your network without a dramatic loss of performance or speed Professional grade firewall The 2Wire gateway firewall includes both standard NAT PAT security and Stateful Packet Inspection to defend against Denial of Service Internet attacks Flexible networking The 2Wire gateway includes a variety of home networking technologies in one box Ethernet direct USB and HyperG wireless Use any or all of the following technologies to create a network with your computers and peripherals Networking Technology Overview Eth
6. Local Network Configuration Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Local Network Configuration page allows you to change the gateway s default local network settings You must click the Submit button for changes to take effect 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Local Network Configuration susmiT___ Settings WARNING Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network Private Network Ifyou change the IP address range you must renew the DHCP lease on all devices on the network 192 168 1 0 255 255 255 0 default 172 16 0 0 25
7. The cumulative number of cells transmitted and the num ber and percentage transmitted in error The cumulative number of cells received and the number and percentage received in error The cumulative number of IP packets transmitted the cumulative number of IP payload bytes transmitted and the number and percentage transmitted in error The number of bytes and packets received and the num ber and percentage received in error To reset the broadband link statistics click the Reset button 62 Management and Diagnostic Console Broadband Link Detailed DSL Statistics Page Note This link is present only if the 2Wire gateway connects to the Internet via ADSL The Broadband Link Detailed DSL Statistics page shows a set of cumulative DSL statistics associated with the 2Wire gateway 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Broadband Link Detailed DSL Statist
8. eee 67 Modifying Internet Connection and Authentication Settings 0 4a 67 ll Contents Modifying Hardware Address ee 68 Modifying Internet Address Settings 0 ee eee 68 Modifying DNS Information aaae eee 68 Local Network Status Page 1 es 69 Local Network Statistics Page 2 es 71 Local Network Device List Page 1 1 cc eee 73 Local Network Wireless Settings Page 0 74 Customizing Security Settings 2 0 0 eee 75 Additional Settings esati piedica BAD GAD ee oe ee aa oe RTOS DANG Had i Ba 75 Local Network Configuration Page 1 0 cee eee 76 Private Network Settings 2 0 ee eee eee eee eee ees 76 Public Network Settings eee ees 77 Bridge Network Settings 0 ccc ee ee ee eee eee ees 77 Display Settings o2ecis cc et eetidia te ent peda SAR Rae A Ae ae eae 77 Enable Router Behind Router Alert 000 ee eee 77 Local Network Address Allocation Page 0 ccc ee eee 78 Firewall Settings Page 2 ee ee ee eee eee eee ees 79 Hosting an Application es 79 Creating an Application Profile ee ees 80 Allowing all applications 0 0 ee eee ees 82 Firewall Detailed Information Page 1 0 cc ee eee 83 PINHOlES na Lakan exces pew igen hat Peek eho eee oS bed heed Be wae eee edhe E 83 NAT S SSIONS 2 ma ak NN NAAN ee Pee ee ee eae a ee ee ee ae Pe Pa eee ANAK 83 Firewall Advanced
9. 102 will be sent to 4002 etc 81 8 9 Management and Diagnostic Console From the Application Type pull down menu select the application type None Default File Transfer Protocol FTP Microsoft Games H 323 based Internet telephony IRC Internet relay chat server or PPTP virtual private network server Click the Add Definition button Repeat the previous step for each port or range of ports required for the application profile Allowing all applications DMZplus is used for hosting applications if an application will not operate properly using the Allow individual application s option When in DMZplus mode the designated computer Shares the gateway s IP address Appears as if it is directly connected to the Internet Has all of the unassigned TCP and UDP ports opened and pointed to it Can receive unsolicited network traffic from the Internet Note DMZplus can only be configured for one computer on the local network at a time To configure a computer on the user s network for DMZplus mode 1 2 5 6 Select the computer to which the user wishes to have all data sent Click the Allow all applications DMZplus mode radio button Click Submit Access the selected computer Confirm that the computer is configured for DHCP If it is not configure it for DHCP Restart the computer When the computer restarts it receives a special IP address from the system and all unassigned TCP a
10. 2wire gateway net Click the Voice Network tab The View Voice Network page opens owire 2 Ble 5 Broadband Home Voice Firewall System H Link Network Network Digital Voice 2 Home Site Map View Voice Network Line Settings Status at a Glance Voice Service Disabled To use your voice network activate your phone lines by f Ss following the steps to the right Step 2 Set Up Phone Lines Step 1 Phone Wiring Voice Network Setup fire Voice Network R All Lines Inactive introduction Voice service is disabled please go to the home page and make Step 3 Match Phones To sure that voice service is enabled mace Phone Lines 2 Click Step 2 Set Up Phone Lines Click EDIT to change the settings 8 2 gt Broadband Home Voice Firewall Link H Network N Fx HONE site Map Step 2 Set Up Phone Lines Settings Line Information ia For each Digital Voice line you have ordered follow these steps to fill in Step 1 Connect Wiring oi pag the form below Step 2 Set Up Phone Lines 1 Activate a line by checking the box next to Phone Number Userid Step 3 Match Phones To Phone 2 Editthe line This information has been provided to you in your Lines service confirmation notice Activate Phone Number Userid Password Ring Tone Outgoing Caller ID 408 123 4560 Password Protected DEFAULT Phone Number EDT Click NEXT to continue or click BACK to go back to the prev
11. Item Primary DNS Secondary DNS Host Name Domain Name MTU Spoof MAC Address Management and Diagnostic Console Description The IP address of the primary DNS server that the 2Wire gateway is to use for DNS name resolution on the broadband link The IP address of the secondary DNS server that the 2Wire gateway is to use for DNS name resolution on the broadband link The 2Wire gateway host name This field is only present if the user configures the 2Wire gateway with a host name The domain name associated with the 2Wire gateway on the broadband link Maximum size of the packets sent from a computer to the network Either Disabled if the default factory set MAC address is used or Enabled if the computer s MAC address is used If there is an error on the broadband link or with the ISP connection click the Reset Broadband Link or Reset ISP Connection button to reset the connections 60 Management and Diagnostic Console Broadband Link Statistics Page The Broadband Link Statistics page shows statistics associated with the 2Wire gateway broadband link Note To update the information displayed on this page click the browser s Refresh button 2WRE Management and Diagnostic Console elon A Broadband Link Statistics RESET _ ATM Statistics Broadband Link DSL Down Up Summary Current Rate 3008 kbs 512 kbs Statistics Max Rate 11452 kbs 1152 kbs Detailed Statistics Current Connection
12. sent Click Allow all applications DMZplus mode Click DONE 42 Firewall Tab Access the computer that you selected in step 1 Confirm that the computer is configured for DHCP If it is not configure it for DHCP Restart the computer When the computer restarts it receives a special IP address from the system and all unassigned TCP and UDP ports are forwarded to it To stop DMZplus 1 5 From the Select a computer pull down menu select the computer for which you would like to disable DMZplus In the Edit firewall settings for this computer pane click Maximum protection Click DONE Access the computer that you selected in step 1 If the computer will continue to automatically obtain an IP address proceed to step 5 If the computer will have a static IP address configure it with a valid static IP address Restart the computer Viewing the Firewall Log The 2Wire gateway keeps a log of all firewall related events that occur Each log entry contains the date and time the event occurred the severity level of the event and details about the event To view the log Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab 43 Click the Firewall Log link under the tab to open the View Firewall Log page Firewall Tab Summary Firewall Settings View Firewall Log Log Date and Time 2005 02 10 13 36 00 PST 2005 0
13. 000326 000 Rev A Contents Introduction Networking Technology Overview 0 ee eee eee 1 System Tab Viewing Your System Summary sasaa aaa 2 Network at a Glance Panel cc ee es 3 System Area of the Network at a Glance Panel 0 eee ee eee eens 3 Broadband Link Area of the Network at a Glance Panel 00 eee eee ne 4 Home Network Area of the Network at a Glance Panel 000 eee eee 4 Enabling Enhanced Services 00 ees 5 Web Remote AcceSS sce ei sea eh dee ed Gee KANDADO PAG GE awe Ee eee eRe ee NG 5 Firewall MONITON 7 sc 3 KR ews eee A da ee a a Rea hare ee RR Kee eR Rob 5 Parental Controls aaah KANG ee ba wk ee eR ee SG eR aes HA WA ie ete ee a 5 Setting a System Password 1 cc ee 6 Resetting the System Password ee eee ees 7 Changing Your Time Zone Settings 0 cc ee ee ees 8 Viewing System Details 2 0 0 ee ees 9 Broadband Link Tab Viewing Your Broadband Link Summary 0 ee 10 Connection StatuS cs4ws 625 fe wee eae 2a NG Oe ee eee eee ee NG Se ee od 10 Connection Speed cc ees 11 Connection Information 0 0000 ee 11 Finding Your Hardware Address 00 ee 11 Connection Detalls 2 c6242486begae Re wee Eee ee eh ew ee Paw ees Pha ANA KG 12 Monitor Internet Connection 000 eee 15 Test Connection Speed ee ees 16 Using Broadband Diagnostics 0 ee eee 16 Viewing STALSUCS oea KA ag aa iadaaa
14. 5 5 or higher or Netscape 6 or higher Viewing Your System Summary The System Summary page provides general information and links to your system s most commonly used features To access the System Summary page Open a Web browser and access the gateway user interface by entering http 2wire gateway net Click the System tab to open the System Summary page aminer NG Z ds Broadband Home Voice Firewall System Link 3 Network Network Summary SystemPassword Date and Time Settings Details ft HOME Help Site Map Firewall Network at a Glance Firewall View firewall Active summar e fi T ng baban Set system password I J ateway Privacy policy f Xe Software 4 21 7 s View details PETTEE PEE T Password Not Set pa Upgrade the System Your system software View available C is current Check back upgrades and lt Broadband Link eiai interiel connection for future available options Connection Speed hag eons upgrades y Incoming 3008 kbps yianbetelamsatie Outgoing 512 kbps Set Up Run the System Setup Registration info Tia lt gt Home Network seater canon eae Run System Setu Uu Computers Wizard e S QUT 109 non Figure 1 System Summary Page System Tab Network at a Glance Panel The Network at a Glance panel provides a summary of the System Broadband Link and Home Network states of your gateway Network at a Glance i f tai pains Set system pa
15. Broadband Link Summary page click the Broadband Link icon or the View summary link Launching the 2Wire Bandwidth Meter The Bandwidth Meter measures the maximum data throughput obtained from 2Wire s Web site to your system Because it tests the speed over the Internet your results may vary depending on Internet conditions To launch the 2Wire Bandwidth Meter click the Test connection speed link Home Network Area of the Network at a Glance Panel The Home Network area of the Network at a Glance panel displays your system s LOCAL NETWORK light status and a list of the devices currently connected to your local network The diamond symbol in this area indicates the overall status of the network and corresponds to the Ethernet USB or Wireless light on the front of your gateway Ethernet USB or Wireless Light Condition Off The gateway is powered off or booting up Solid Green Device s connected via Ethernet USB or Wireless System Tab Accessing the Home Network Summary Page The Home Network Summary page displays information about the devices installed on your network To access the Home Network Summary page click the View the home network link Enabling Enhanced Services 2Wire provides a suite of enhanced services Web Remote Access Firewall Monitor and Parental Controls If your service provider offers these enhanced services links to set them up are available on the gateway Home page Following is a brief
16. Gateway To enable the SIP ALG on the gateway firewall check the Enable checkbox Changing the Upstream MTU The MTU Maximum Transmission Unit is the largest size packet or frame specified in octets eight byte bits that can be sent from a computer to the network The 2Wire gateway s MTU varies depending on the connection type used for example PPP or direct IP To change the gateway s upstream MTU 1 Inthe Force Upstream MTU field enter the value specified by the service provider 2 Click the Submit button 108 Management and Diagnostic Console Advanced Static Routes Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Advanced Static Routes page allows you to manually configure static routes that specify the transmission path data must follow between devices on the gateway network WRE Management and Diagnostic Console KA Advanced Static Routes Broadband Link Define a Static Route Summary Subnet IP Statistics Subnet Mask Detailed Statistics i r Configure Gateway IP Ls Local Network Status paaa KET Statistics Route List DavicelList Subnet IP Subnet Mask Gateway Interface Wreless 127 0 0 1 255 255 255 255 127 0 0 1 100 Galera 192 168 1 254 255 255 255 255 192 168 1 254 bridge0 Agarone Booman 69 110 3 227 255 255 255 255 69 110 3
17. Settings Page 1 cc eee 84 Enabling Security Features eee 85 Controlling Inbound and Outbound Traffic asas aoaaa es 85 Disabling Attack Detection 1 0 0 cc eee 85 Enabling Full Logging 1 0 ee ees 85 Voice Configure Server Page 020 es 86 Troubleshooting DSL Diagnostics Page 1 cc eee 88 Analyzing General Information ees 88 Reviewing Training History 1 0 ee 90 Reviewing Bitloading 1 0 cc cc sia bindo ik eee eee ees 92 Troubleshooting Event Log Page ee eee ee 93 Troubleshooting Network Tests Page 1 ce eee 95 Troubleshooting Upgrade History Page 1 97 Troubleshooting Resets Page 1 0 cc 98 Advanced Syslog Settings Page ees 100 Advanced Provisioning Info Page 1 ce ee eens 101 Advanced Configure Time Services Page 0 0 ccc ee ee eee 103 Advanced Configure Services Page ee es 105 ROUNE sianie ia ae wie wae a eke BOE hae Nee ee a wa ae AA E 105 Changing Timeout Parameters ee ees 108 Enabling Broadband Status Notification 2 0 0 cc es 108 Enabling Missing DSL Filter Notification 0 0 0 ce ees 108 Enabling SIP Application Layer Gateway 0 ee ees 108 Changing the Upstream MTU 0 cc ee eee ens 108 Advanced Static ROUTES lt lt a kA eki eena oda ge Sead tees KA TEA AA NTEN eee Eee NG 109 Advanced DNS Resolve Page ee eens 111 Hl
18. Statistics Time 03 35 52 PM Detailed Statistics Time Zone Pacific Standard Time Si E Time Configuration Automatic Configure aa Local Network Status Manually Set Time Date Tijuana v Enable Statistics MONA DARA Device List Time J J tah mm ss Wireless Date il li yyy imm bach Configure Time Zone GMT 08 00 Pacific Time US amp Canada Address Allocation Daylight Savings Time 7 Automatically adjust Configure Internet Time Servers Detailed Information Time Servers Advanced Settings ntpl 2wire com ntp2 Zwire com Voice ntp4 2wire com Configure Server Troubleshooting DSL Diagnostics ntp3 2wire com nolecule ecn purdue edu Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 47 MDC Advanced Configure Time Services Page During the 2Wire gateway setup process you specify the time zone in which you are located so that the time and date are automatically displayed in the 2Wire gateway user interface These time settings are displayed in the Current Time Settings panel which shows the current date time time zone and whether the time was automatically or manually configured If you wish to manually set the time and date you can do so in the Manuall
19. System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Local Network Status IP Gateway IP Network Subnet Mask DHCP Range Allocated Remaining DHCP Timeout Devices Ethernet Wireless 802 11 USB Public Network Router Address Subnet Mask Bridge Network Bridge Address Subnet Mask 192 168 1 254 192 168 1 0 255 255 255 0 192 168 1 64 192 168 1 253 2 188 1440 minutes Active Inactive Mode 1 0 Doo Disabled Disabled Disabled Disabled Figure 29 MDC Local Network Status Page The Local Network Status page includes the following information Item IP Gateway IP Network Subnet Mask DHCP Range Description The IP address allocated to the 2Wire gateway The IP address used by the network The subnet mask allocated to the 2Wire gateway The range of IP addresses available on the network the number of addresses Allocated and the
20. The Reset button in the Gateway field allows you to restart the 2Wire gateway During 2Wire gateway restart the Troubleshooting page cannot be accessed until the 2Wire gateway completely restarts and the connection is reestablished The Reset button in the to Factory State field resets the 2Wire gateway to an unprovisioned default state Doing so will remove all your configuration settings and requires 2Wire gateway software reinstallation WARNING Resetting the 2Wire gateway to an unprovisioned default state will clear all update records from the Upgrade History page and delete all provisioning firewall and Enhanced Services configuration settings 99 Advanced Syslog Settings Page Management and Diagnostic Console The Advanced Syslog Settings page allows users to maintain a history of security events greater than the capacity of the 2Wire gateway by enabling a syslog server Note Use of this feature requires a UNIX or Linux computer running a syslog daemon 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services
21. WEP Shared or WPA PSK Encryption The security setting that makes it difficult for unauthorized users to access your network T4 Management and Diagnostic Console The Settings panel allows you to change the Network Name and Wireless Channel and enable SSID broadcast Customizing Security Settings You should always enable encryption for wireless communication When encryption is enabled you must define an encryption key for the 2Wire gateway s wireless access point and configure that same key on each wireless client that will use your 2Wire gateway wireless network Note If encryption is enabled each wireless client must be configured with the encryption key defined on the system before it can operate on your wireless network You can customize the following wireless settings in the Wireless Security panel 1 From the Authentication pull down menu select an authentication setting WEP Open WEP Shared or WPA PSK Open authentication allows users to configure their wireless adapter as either Open or Shared in either case an encryption key is required Shared authentication allows users to configure their wireless adapter for Shared authentication which requires an encryption key WPA PSK requires that users configure their wireless adapter using TKIP 2 To use the encryption key that came with your gateway click the Use default encryption key radio button To create a custom encryption key click the Use custom encryp
22. and Diagnostic Console Broadband Link Summary Connection Information Broadband Connection Current Status DSL Connection Details DSL Line Wire Pair Protocol DSL Channel DSLAM ATM PVC Info ATM Encapsulation ISP Details Connection Type User Name PPPoE Access Concentrator PPPoE Service IP Address Range Subnet Mask Gateway Primary DNS Secondary DNS Host Name Domain Name MTU Spoof MAC Address Built in modem ADSL Fully Operational RESET Broadband Link Line 1 inner pair G DMT Annex A Fast Country OxFF Vendor 00 00 FF 00 Specific 0x00 0135 LLC RESET ISP Connection PPPoE 2wire sbcglobal net bras5 pltnca 69 110 3 227 255 255 255 255 151 164 184 81 68 94 156 1 206 13 28 12 1492 Figure 25 MDC Broadband Link Summary Page The Broadband Link Summary page includes the following information Item Description Connection Information Broadband Connection Ethernet Built in ADSL Modem or External Broadband Modem via 58 Item Current Status Management and Diagnostic Console Description The current operating condition of the broadband link Fully operational The broadband link is operational includ ing connection to ISP and other services Initializing The broadband link is preparing to connect Establishing link The broadband link is connecting No physical link signal No physical signal detected on the broadban
23. default is 192 16 1 33 through 192 16 1 250 IP addresses can be either static permanently assigned or dynamic automatic and temporary Setting up a Private Network By default the 2Wire gateway uses the 192 168 1 0 255 255 0 0 IP address range You can select from two additional IP address ranges or configure the network settings manually You should manually configure 28 Home Network Tab these settings ONLY if you thoroughly understand IP internetworking because an incorrect configuration can cause unpredictable results To set up a private network Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Home Network tab Click the Advanced Settings link under the tab to open the Edit Advanced Home Network Settings page NG 5 JS o evo Broadband Home Voice Firewal System Link Network Network Summary Wireless Settings Advanced Settings Tt HOME Help Site Map Edit Advanced Home Network Settings WARNING A Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network Settings Current Settings Private Network Private Network Ifyou change the IP address range you must renew the DHCP lease on Router all devices on the network Address 1962168311
24. displays the Current Settings for your firewall Default Unsolicited inbound traffic is not allowed to pass through the firewall Custom Applications are associated with computers on your network An access list shows the computers Devices on your network and the names of the Allowed Applications for each computer When you allow application traffic external users on the Internet can have limited access to your home network This access might be required to allow some programs such as game servers or instant messaging software to operate properly For example a remote game player on the Internet might need to contact the game server program that you have installed on your home network in order to play against you Normally the firewall blocks this communication By changing the firewall settings this communication is permitted to pass through a pinhole in the firewall This function may be referred to as port mapping or port forwarding in your software program documentation 36 Firewall Tab Click VIEW DETAILS to access the Firewall Details page which shows a list of all the devices that have applications configured in the firewall and the details of these configurations awre JU Q 4 2 5 F Pier Broadband no vaise Firewall Summary Firewall Settings Advanced Settings fr HOME Help Site Map View Firewall Details Details Current Settings Default To allow users on the Internet to connect to a comp
25. following pages Broadband Link Configuration Local Network Configuration Local Network Address Allocation Firewall Settings Firewall Detailed Information Firewall Advanced Settings Troubleshooting Configure Logs Troubleshooting Resets Advanced Syslog Settings Advanced Configure Time Services Advanced Configure Services Advanced Static Routes Advanced DNS Resolve Advanced Traffic Shaping The following section shows Management and Diagnostic Console pages and describes how to use the information provided to troubleshoot the 2Wire gateway 55 System Summary Page Management and Diagnostic Console The System Summary page shows general information about the 2Wire gateway its configuration and components 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console System Summary System Model 2700HGY Gateway Serial Number 265116005072 MAC Address 00 14 95 00 76 d8 Ha
26. loss of signal failures since the 2Wire gateway was last restarted and the elapsed time since the last loss of sig nal failure The number of DSL loss of power indications from the ATU C since the 2Wire gateway was last restarted and the elapsed time since the last loss of power indication The number of DSL loss of margin failures at current data rate since the 2Wire gateway was last restarted and the elapsed time since the last loss of margin failure The number of cumulative errored seconds since the 2Wire gate way was last restarted and the elapsed time since the last error The number of severely errored seconds since the 2Wire gateway was last restarted and the elapsed time since the last severely errored second The number of corrected DSL superframes that had data errors detected during reception 18 Broadband Link Tab Data Error Description DSL Uncorrected Blocks The number of uncorrected DSL superframes that had data errors detected ISP Connection Establishment The number of times the ISP connection was established since the statistics were last reset and the elapsed time since the last establishment Using Advanced Settings The Advanced Settings page allows you to manually configure your DSL and Internet connection settings Typically these settings are automatically provided by your service provider You should adjust these settings ONLY if you are very familiar with DSL and networking technology To a
27. refer to Setting a System Password on page 6 Click the Privacy policy link to review the 2Wire privacy policy System Tab Broadband Link Area of the Network at a Glance Panel The Broadband Link area of the Network at a Glance panel displays the overall status of your gateway s physical connectivity The diamond symbol in this area indicates the overall status of the broadband link and corresponds to the internet light on the front of your gateway The following table shows a list of possible BROADBAND LINK light states and their associated meanings Broadband Link Light Condition Off The gateway has been unable to detect a DSL signal DSL signal detected the gateway is attempt ing to train Solid Green The gateway is fully connected to your broad band service s Connection Speed displays the broadband speed for which DSL is configured by your ISP Both the Incoming or Downstream from your service provider to your system and Outgoing or Upstream from your system to your service provider connection rates are shown The actual throughput of your Internet connection rate Such as downloading a file from a Web site will be somewhat less because of the overhead required to send information over the Internet Accessing the Broadband Link Summary Page The Broadband Link Summary page provides general information about the current status of your broadband link connection and your system configuration To access the
28. resets Block Ping Enabling Block Ping blocks ping responses Strict UDP Session Control Enabling Strict UDP Session Control prevents another source from piggybacking onto a UDP session Controlling Inbound and Outbound Traffic If an Inbound box is checked the firewall allows the corresponding protocol to pass through from the Internet to the network If an Outbound box is checked the firewall allows the traffic from the network to pass through the firewall to the Internet You must click the Submit button for changes to take effect Note Allowing inbound traffic does not mean that the firewall automatically allows this type of traffic to pass through the firewall to the network Even if a particular protocol application type is allowed the firewall still checks and blocks all unsolicited traffic from the Internet unless the firewall is configured to allow the traffic through using an application profile Disabling Attack Detection By default the 2Wire gateway firewall rules block the attack types listed in the Attack Detection pane Some hosted applications require that the user open specific ports for example TCP or UDP to allow outside users to access their network The Attack Detection pane allows you to configure the gateway s firewall rules to allow traffic through on the specified ports To disable attack detection for a specific port deselect the corresponding checkbox and click the Submit button Enabling Full Log
29. startup A time zone Such as GMT following the timestamp designates that the timestamp occurred after system startup Module in which the state occurred for example netdev Description of the log entry When you click Insert Mark a placeholder is inserted into the code string to mark where the error was found The following table lists the filters that can be applied Filter All aaal5 algaim algesp algh323 alghttp algintt algmsgame algmsn algpptp algrtp algrtsp algsip algww amon atm cm devfs Description All log messages ATM AAL5 encapsulation AOL Instant Messenger ALG IPSec ESP ALG H323 ALG HTTP ALG Intoto Wrapper ALG Microsoft Game ALG MSN Messenger ALG PPTP ALG RTP ALG RTSP ALG SIP ALG Kineto QoS ALG Application monitoring issues ATM stack Configuration Manager configuration database Device files system 117 Filter dhcpd dsl dslice eth ethatm fw gpio hostapd hpna httpd initd ipsess jtag kacct kelog kmem kppp kpppoa kpppoe krtlock kthread led Imd login Iwdp mdog msig named Description DHCP server DSL modem and DSL control module DSL hardware Ethernet device Ethernet to ATM bridge 1483 Firewall GPIO general purpose input output device Wireless access point daemon HPNA interface HTTP daemon Initd daemon logs for application contro IP firewall session JTAG device Kernel accounting Kernel event log module M
30. the Firewall Log 2 eee 43 Configuring the Firewall Advanced 0 0 00 ee ee ee eee 45 Enabling Advanced Security 0 0 ccc eee 45 Stealth MOdG co cccsdcaee terre cae ei Gwen ewe eee E ee ie eee Pe eR ee eS 46 Block PINE ress eae eet Sales eRe Re we DR Pe ee Ew aw See wR NN Seas 47 Strict UDP Session Control 2 22 28 a Nakalap cna DA RG EG BNG GE eae a Ge See NG 48 Allowing Inbound and Outbound Traffic 0 ees 49 Disabling Attack Detection 0 0 cc eee 49 Management and Diagnostic Console Accessing the MDC iru 00 0 adw hana Baa hn PROD baa eda ee Ra ew oe RNB Rabe a dha ed 52 USINS The MDG pins ieni seat ete amy KAB Ge a grees a anaes Ae ae ag a ekg ae ROR gow ATA Te 52 System Summary Page ee 54 Broadband Link Pages maa dee a ceed ose a Beas oe ea SESS EE Od See RE 54 Local Network Pages 0 ccc eee ee ee eee eee eee eee eee ees 54 Firewall Pages pani Kea See he Ree BE Raw eee Re ea LED Rew ee wh eee Re ee ee 54 Troubleshooting Pages 1 1 cc eee 54 Advanced Pages ccc ioiii pii ia bebe Both he Fd eae dee Gee RE SNES Bd ee Ge a 54 Remote Management Feature 0 cc ee eee es 55 System Summary Page 1 eee ees 56 Broadband Link Summary Page eee eee ees 58 Broadband Link Statistics Page ee eee eee 61 Broadband Link Detailed DSL Statistics Page 0 ee 63 Broadband Link Configuration Page ee 66 Modifying DSL and ATM Settings
31. the Internet and can either be Static permanently assigned and manually entered or Dynamic automatically assigned and configured depending on your subscribed service type Hardware Address Also known as the MAC address physical address or if you are a cable customer the C number When your gateway is connected to the broadband network an association is made between its unique hardware address and its Internet address before it can communicate to the Internet Note This field displays the hardware address only if the gateway is connected to the Internet via PPPoE Key Code The activation code that tells your gateway how to connect to your service provider The key code is used during the installation process to customize the setup screens and settings for your broadband provider Finding Your Hardware Address If required to find your Hardware MAC address refer to the following table and follow the instructions for your operating system Windows OS 1 Click the Start menu 2 Click Run 3 Enter cmd in the entry field 4 Click OK 5 At the C gt prompt enter ipconfig all 6 Locate the Physical address for example 01 24 H5 18 B3 00 7 To close the window enter exit at the C gt prompt Macintosh 8 x amp 9 x 1 Click the Apple icon 2 Select Control Panels 3 Select TCP IP 4 From the Configure pulldown menu select Built in Ethernet 5 From the File men
32. this page The Advanced DNS Resolve page allows users to name network devices such as printers or Web servers so that they may be easily accessed by other users on the network EWR Management and Diagnostic Console Saen Suturing Advanced DNS Name table Broadband Link Define a Name and Address to resolve Summary DNS name Statistics IP Address Detailed Statistics Confiqure Local Network Naisahla Status DNS name IP Address Entry Type Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 50 MDC Advanced DNS Name Table Page To add entries to the Name table 1 Inthe DNS name field enter a name for the device 2 Inthe IP Address field enter the device s IP address 3 Click ADD 4 The Name table displays the name you defined for each device the device s IP address and the entry type To remove the device from the Name table click the Remove button 111 Advanced Traffic Shaping Page Management and Diagnostic Console Note To access this page your organization must have the Rem
33. to connect 3 Click the Submit button 112 Advanced Link Manager States Page Management and Diagnostic Console The Advanced Link Manager States page is a tree representation of the 2Wire gateway interface stack and shows the internal state of the 2Wire gateway e 5 WRIE Management and Diagnostic Console Sadi Sania Advanced Link Manager States a gt root0 is UP stecen Link gt qlobald is UP e gt deviced is UP Statistics l gt rnat0 is UP Detailed Statistics gt routet is UP Conti gt fwO is UP ag H gt ems0 is UP Local Network gt atmmard is UP Status pve0 is UP Statistics gt homed is UP AG l gt bridge0 is UP Eene Lit Fesipnett is UP Wireless gt bridgemond is UP Configure ipbridged is UP Address Allocation gt bridge3 is PHY_NONE gt bband0 is UP Firewall dsi0 is UP Settings gt apvcO is UP Detailed Information a m sip Advanced Settings gt pppoed is UP Voice pppd is UP Configure Server gt ipnet0 is UP 5 t gt dnstest0 is UP Troubleshooting gt bridge is UP DSL Diagnostics device0 Event Log banay Dependency State UP haban Titi Link State UP Upgrade History Link Detail UP Resets Timeout 17504535 File descriptor flags 00000001 Advanced Reported error string Syslog Settings File Descprtor State Count 1 Active 1 Events 3 Provisioning Into Confiqure Time Services Configure Services Module State Chan
34. wesh 18 pecan 009 hpon thieshs 109 Mess tese par hoit 409 minana pime 10 host any theshad 309 host ten Prasholg INO been w Top Figure 46 MDC Advanced Provisioning Information Page 101 Management and Diagnostic Console The gateway provisioning parameters are dynamic and vary depending on the software version that the gateway is running Module Configuration Configuration parameters for modules listed in the Advanced Link Manager States page The parameters are set by broadband provisioning UI Param Configuration Configuration parameters that affect the user interface and user interaction The parameters are set by broadband provisioning Server Set Configuration Configuration information defining how the gateway is connected to and interacts with backend provisioning Firewall Configuration Configuration information for the firewall 102 Advanced Configure Time Services Page Management and Diagnostic Console Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Advanced Configure Time Services page allows you to view and change system time and date settings PMR Management and Diagnostic Console Sson Summa Advanced Configure Time Services suemt settings Broadband Link Current Time Settings Summary Date Wednesday February 8 2006
35. 08 00 Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Scie aie Troubleshooting Event Log system FLTER PAN AA AA Summary CLEAR LOG Statistics Type Date Time Event Description Detaled Statistics INF PO000 00 00T00 00 08 sys Wireless SSID set to 2WIREO72 Configure INF PO000 00 00T00 00 08 sys Wireless authentication setto Open Local Network INF POODO 00 00T00 00 08 sys Wireless encryption setto WEP Sabina INF POODO 00 00T00 00 08 sys Wireless Key set Statistics INF P0000 00 00T00 00 08 sys Wireless channel setto 6 Device List INF P0000 00 00T00 00 08 sys Wireless power setto 100 sina INF PO000 00 00700 00 08 sys ipnet1 Up on bridge0 with 192 168 1 254 24 reess INF POOO0 00 00T00 01 20 sys PPP username changed to 2wire sbeglobal net Configure INF POODO O0 00TO0 01 20 sys PPP password changed Baikasa Soci INF POO00 00 00T00 01 25 sys ppp0 Up with ipv4 service on pppoed Firewall INF PO000 00 00T00 01 26 sys ipnet0 Up on ppp0 with 69 110 3 227 32151 164 184 81 Settings INF P0000 00 00T00 01 26 sys DNS up DNS1 68 94 156 1 DNS2 206 13 28 12 sys Set system clock 2006 02 08 10 52 39 PST sys Wireless SSID setto 2WIRE072 sys Wireless authentication setto Open sys Wireless encrypti
36. 2 10 13 36 05 PST 2005 02 10 13 36 41 PST 2005 02 10 13 39 32 PST 2005 02 10 13 41 56 PST 2005 02 10 13 41 57 PST 2005 02 10 13 41 57 PST 2005 02 10 13 41 57 PST 2005 02 10 13 48 05 PST Firewall Monitor Severity info info info info info info info info oL Broadband Home Link 2 amp Voice Firewall Network Network Firewall Log Advanced Settings Pr HOME Help Site Map Details src 69 104 57 17 dst 69 110 16 39 ipprot 6 sport 3735 dport 6129 Unknown inbound session stopped src 222 96 173 5 dst 69 110 16 39 ipprot 17 sport 28502 dport 1026 Unknown inbound session stopped sro 4 157 104 12 dst 69 110 16 39 ipprot 17 sport 13307 dport 1028 Unknown inbound session stopped sre 81 137 202 29 dst 69 110 16 39 ipprot 17 sport 35234 dport 137 Unknow inbound session stopped sre 82 228 225 74 dst 69 110 16 39 ipprot 6 sport 2258 dport 15118 Unknown inbound session stopped Previous log entry repeated 1 times sre 82 228 225 74 dst 69 110 16 39 ipprot 6 sport 2258 dport 15118 TCP Port Scan Detected sro 82 228 225 74 dst 69 110 16 39 ipprot 6 sport 2258 dport 15118 Unknown inbound session stopped src 200 100 81 10 dst 69 110 16 39 ipprot 17 sport 1029 dport 137 Unknown inbound session stopped CLEAR LOG Figure 21 View Firewall Log Page The following table provides additional information about the log entries Severity Info Informational only the event does not imply a threat
37. 2 Wire Gateway User Guide 2WRE Notice to Users 2006 2Wire Inc All rights reserved This manual in whole or in part may not be reproduced translated or reduced to any machine readable form without prior written approval 2WIRE PROVIDES NO WARRANTY WITH REGARD TO THIS MANUAL THE SOFTWARE OR OTHER INFORMATION CONTAINED HEREIN AND HEREBY EXPRESSLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE WITH REGARD TO THIS MANUAL THE SOFTWARE OR SUCH OTHER INFORMATION IN NO EVENT SHALL 2WIRE INC BE LIABLE FOR ANY INCIDENTAL CONSEQUENTIAL OR SPECIAL DAMAGES WHETHER BASED ON TORT CONTRACT OR OTHERWISE ARISING OUT OF OR IN CONNECTION WITH THIS MANUAL THE SOFTWARE OR OTHER INFORMATION CONTAINED HEREIN OR THE USE THEREOF 2Wire Inc reserves the right to make any modification to this manual or the information contained herein at any time without notice The software described herein is governed by the terms of a separate user license agreement Updates and additions to software may require an additional charge Subscriptions to online service providers may require a fee and credit card information Financial services may require prior arrangements with participating financial institutions 2Wire the 2Wire logo and HomePortal are registered trademarks and HyperG Greenlight FullPass and GuestPass are trademarks of 2Wire Inc All other trademarks are trademarks of their respective owners 5100
38. 227 pppo 151 164 184 81 255 255 255 255 69 110 3 227 pppd Firewall 69 110 3 227 255 255 255 255 192 168 1 254 bridged Settings 192 168 1 0 255 255 255 0 192 168 1 254 bridged Detailed Information 127 0 0 0 255 0 0 0 127 0 0 1 lod Advanced Settings 0 0 0 0 0 0 0 0 151 164 184 81 pppo Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 49 MDC Advanced Static Routes Page To define a static route 1 In the Subnet IP field enter the IP address of the network to which you want to configure a static route 2 In the Subnet Mask field enter the subnet mask of the destination network 3 In the Gateway IP field enter the IP address of the router for the specified subnet 4 Click the Add button 109 Management and Diagnostic Console The Route List shows a list of static routes defined by the user For each user defined static route the following information is displayed Subnet IP Subnet Mask Gateway Interface 110 Management and Diagnostic Console Advanced DNS Resolve Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access
39. 5 255 0 0 10 0 0 0 255 255 0 0 Configure manually Router Address aa Subnet Mask Enable DHCP First DHCP Address Ea Last DHCP Address ter Set DHCP Lease Time 24 hours O Create a route from the Internet to the public network specified below Router Address Subnet Mask Bridge Network O Allow broadband IP addresses to be used on the local network Broadband Network 63 110 3 227 255 255 255 248 Subnet Mask 255 255 255 255 E V Show inactive devices in network list Enable Router behind Router alert Display alert when another router is connected to this router SUBMIT Settings tx Back to Top Figure 33 MDC Local Network Configuration Page Private Network Settings By default the gateway uses the 192 168 0 1 255 255 0 0 IP address range The Private Network pane allows you to change the IP address range used by the local network You can choose from three standard configuration options or configure the network settings manually 76 Management and Diagnostic Console Note If you change the local network IP address range you must renew the DHCP lease on all devices on the gateway s local network and manually reconfigure all devices configured with static IP addresses Public Network Settings The Public Network pane allows you to create a local network that has broadband network accessible IP addresses by creating a route from the Internet to t
40. 654 192 168 1 0 255 255 255 0 default Subnet Mask 255 255 255 0 O172 16 0 0 255 255 0 0 DHCP Range 192 168 1 64 192 168 1 253 10 0 0 0 255 255 0 0 Allocated 2 O Configure manually E aie kad Router Address Device List Subnet Mask po QVT_109 192 168 1 64 Enable DHCP amp von 192 168 1 65 First DHCP Address EDIT ADDRESS ALLOCATION Last DHCP Address m Set DHCP Lease Time z4 hours Public Network Check ENABLE to create a route from the Internet to the public network specified below Subnet Mask Bridge Network E Enable Check ENABLE to allow broadband IP addresses to be used on the local network Broadband Network 69 110 3 227 255 255 255 248 Router Address Subnet Mask Display Settings V Show inactive devices in network list SAYE CANCEL Figure 14 Advanced Home Network Settings Page 29 Home Network Tab 1 Click the radio button that corresponds to the IP address range you wish to use If you select the 172 16 0 0 255 255 0 0 or 10 0 0 0 255 255 0 0 range continue to step 5 If you select Configure manually continue to step 2 2 Inthe Router Address field enter the IP address used by your system on the private home network 3 In the Subnet Mask field enter the subnet mask The subnet mask is determined by the home network IP address range settings 4 Click the Enable DHCP checkbox a Inthe First DHCP Address field e
41. 7 MHz WEP Open Encryption WEP Settings Network Name Wireless Channel Enable SSID Broadcast Wireless Security Enable Wireless Network Security Authentication Use default encryption key Use custom encryption key Key 2WIRE072 6 2437 MHz W v v WEP Open Additional Settings defaults recommended Wireless Mode DTIM Period seconds Power Setting Maximum Connection Rate 802 11b g Defaut 80211big 1 Default 1 10 v Default 4 54 Mbps V Default 54 Mbps SUBMIT Settings xD Back to Top Figure 32 MDC Local Network Wireless Settings Page The Current Settings panel shows the 2Wire gateway s wireless access point settings Access Point The designated name of the wireless access point Network Name The name assigned to your wireless network The default is 2 WIREXXX where XXX represents the last three digits of your 2Wire gateway serial number for example 2WIRE954 Channel The radio frequency band the access point uses for your wireless network the default is 6 Wireless adapter cards auto detect the channels to use If you are having problems with your wireless network it could be due to radio interference You can change the wireless channel to see if interference is reduced on a different channel Authentication The security method used to ensure that users are authorized to access the wireless network WEP Open
42. 8 133 219 25 5 times with 64 bytes of data ping successful icmp_seq 0 time 24 ms Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 42 MDC Troubleshooting Network Tests Page The Ping test allows you to ensure that the 2Wire gateway can send data packets to ping a remote host The Traceroute test traces the number of times a data packet sent from the 2Wire gateway is routed before it reaches its destination The DNS Query test finds the IP address of the domain name service 95 Management and Diagnostic Console To perform a ping or traceroute test 1 2 6 From the drop down menu select Ping or Traceroute In the Host field enter the URL of the host location to which you wish the 2Wire gateway to send the ping or traceroute In the Test field enter the number of times you want the ping to occur the maximum is 25 or the number of hops you want traceroute to trace In the Packet Size field enter the packet size you wish to send The maximum packet size is 576 Check the Enable network name resolution checkbox This will ensure that the name of the host location is dis
43. AA ee A NANG Paa NG oa ee KA We a Ae a 17 Using Advanced Settings ee 19 Modifying DSL and ATM Settings 0 cc ee 20 Modifying Broadband Connection Settings 00 c eee 21 Modifying the Hardware Address 1 eee 21 Enabling Hostname Override 0 ce eee 21 Modifying the Broadband IP ccc ee eee 21 Modifying the Broadband DNS 0 ce ee 22 l Contents Home Network Tab Viewing Your Home Network Summary ees 23 Understanding the Local Devices Panel eee ee eee 23 Understanding the Status ata Glance Panel ees 25 Monitoring Your Wireless Settings 1 0 0 ees 25 Customizing Security Settings 2 0 0 eee 27 Configuring Additional Settings 1 0 ce eee 28 Configuring Advanced Settings es 28 Setting up a Private Network cc ee ee eee 28 Setting Up a Public Network ee 30 Setting Up a Bridge Network cc ee ee 31 Showing a Device as Inactive ee eee 31 VoIP Network Tab Configuring the VoIP Phones 0 0 ee eee eee 32 Firewall Tab Firewall Features sires ma BP NANA of de de be Mek NN Daghang bokeh ba ed 35 Viewing Your Firewall Summary ees 36 Hosting an Application s ses renterne riduan eee 37 Updating the Application Profile List 0 0 cee eee 39 Adding an Application Profile 2 0 0 ccc ee ees 39 Allowing all Applications DMZplus ee ee eee 41 Viewing
44. Allowing Inbound and Outbound Traffic The Inbound and Outbound Control pane displays some common protocol types When one of the Inbound protocol boxes is checked the firewall allows the corresponding protocol to pass through from the Internet to the network If one of the Outbound protocol boxes is checked the firewall allows the traffic from the network to pass through the firewall to the Internet Note If you configure the firewall to block an Inbound protocol you may disable support for hosted applications that require that type of protocol To block an Inbound or Outbound protocol Open a Web browser and access the 2Wire gateway user Inbound and Outbound Control interface by entering http 2Wire gateway net Checking the box allows the associated traffic type through the firewall Outbound Inbound Click the Firewall tab M HTTP M4 Remote Management HTTPS IT NetBios Click the Advanced Settings link under the tab to open the lv FTP Edit Advanced Firewall Settings page M Telnet N SMTP 1 In the Inbound and Outbound Control pane deselect the 7 DNS checkbox of the protocol you wish to block I NetBios V POP3 2 Click SAVE i IMAP f4 NNTP Disabling Attack Detection K a By default the 2Wire gateway firewall rules block the attack BA types listed in the Attack Detection pane There are some save cancer ResroreoersuTs applications and devices that require the use of specific data ports through the firewall The gateway allows u
45. Alternate Host Address 6 and Router Advertisement 9 can be used to redirect traffic from your site Echo 8 Timestamp 13 and Address Mask Request 17 can be used to obtain information on whether the host is up the local time and the address mask used on your network respectively ICMP messages are also sometimes used as part of DOS attacks such as flood ping or ping of death Invalid TCP flags Combination of TCP flags such as SYN FIN that signal a malicious attempt to get past the firewall IP Internet Protocol The standard signaling method used for all communication over the Internet 120 Glossary IP Address A numeric identifier for your computer Just as the post office delivers mail to your home address servers know to deliver data to your computer based on your IP address IP addresses can be dynamic meaning that your computer borrows the IP address for the necessary timeframe or they can be fixed meaning that the number is permanently assigned to your computer L LAN Local Area Network A network connecting a number of computers to each other or to a central server so that the computers can share programs and files MAC Media Access Control Address A hardware address that has been embedded into the network interface card NIC by its vendor to uniquely identify each node or point of connection of a network Map to Host Port When set not left blank or set to O this value provides the mapping o
46. Channel 12 Channel 13 Range 2409 5 MHz 2434 5 MHz 2414 5 MHz 2439 5 MHz 2419 5 MHz 2444 5 MHz 2424 5 MHz 2449 5 MHz 2429 5 MHz 2454 5 MHz 2434 5 MHz 2459 5 MHz 2439 5 MHz 2464 5 MHz 2444 5 MHz 2469 5 MHz 2449 5 MHz 2474 5 MHz 2454 5 MHz 2479 5 MHz 2459 5 MHz 2484 5 MHz Glossary The preferred channel separation between the channels in neighboring wireless networks is 25 MHz 5 channels This means that you can apply up to three different channels within your wireless network There are only 11 usable wireless channels in the United States It is recommended that you start using channel 1 and expand to channel 6 and 11 when necessary as these three channels do not overlap 124 Regulatory Information Declaration of Conformity Trade Name 2Wire Responsible Party 2Wire Inc Address 1704 Automation Parkway San Jose CA This device complies with Part 15 of the FCC rules Operation is subject to the following two conditions 1 This device may not cause harmful interference and 2 this device must accept any interference received including interference that may cause undesired operation This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency en
47. Identifier contained in the ATM cell header to designate the virtual channel on the physical ATM link W Wireless Transmission of data over radio waves rather than wiring Wireless channel The 2Wire gateway supports up to 13 wireless channels based on country restrictions For example the United States and Canada support channels 1 to 11 Europe and Australia support channels 1 to 13 In an 802 1b or 802 11g wireless network data is transmitted at 2 5GHz Wireless nodes communicate with each other using radio frequency signals in the band between 2 4GHz and 2 5GHz Neighboring channels are 5 MHz apart however due to the spread spectrum effect of the signals a node sending signals using a particular channel will use frequency spectrum 12 5HHz above and below the center channel frequency As a result two separate wireless networks using neighboring channels for example channels 1 and 2 in the same general vicinity will interfere with each other Applying two channels that allow the maximum channel separation such as channels 1 and 6 or channels 6 and 11 will provide a noticeable performance increase over networks with minimal channel separation The radio frequency channels used in 802 11b g networks are shown in the following table Channel Range Channel 1 2399 5 MHz 2424 5 MHz Channel 2 2404 5 MHz 2429 5 MHz 123 Channel Channel 3 Channel 4 Channel 5 Channel 6 Channel 7 Channel 8 Channel 9 Channel 10 Channel 11
48. L statistics To access the Broadband Link Statistics page Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Broadband Link tab Click the Statistics link under the tab to open the View Broadband Link Statistics page System Network Transmit and Receive Data IP Bytes Packets Errors Transmit 105267 1017 o Receive 1002403 1314 o Data Errors Statistics Collected for 3 08 04 Since Reset ATM Cell Header Errors o ATM Loss of Cell Delineation 0 DSL Link Retrains o DSL Training Errors o DSL Training Timeouts o DSL Loss of Framing Failures 0 DSL Loss of Signal Failures o DSL Loss of Power Failures o DSL Loss of Margin Failures o DSL Cumulative Errored Seconds o DSL Severely Errored Seconds o DSL Corrected Blocks o DSL Uncorrected Blocks o ISP Connection Establishment 1 Summary Details Diagnostics Statistics Advanced Settings View Broadband Link Statistics pa Firewall Current 15 Minute Interval ft HomE Help Site Map Time Since Last 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 01 oo Figure 10 View Broadband Link Statistics Page The Transmit and Receive Data panel displays the following information Transmit The cumulative number of IP packets transmitted the cumulative number of IP payload bytes transmitted and the number and percentage
49. O apvcO pppoeO pppoa0 rtatmO Description Root for configuration tree Branch for all global configuration modules Maintains the status and configuration for devices on the 2Wire gateway Maintains the application mappings and pinholes for nodes on the 2Wire gateway Maintains all static routes on the 2Wire gateway Maintains all firewall rules on the 2Wire gateway Monitors CMS connectivity and activity with the 2Wire gateway Branch for the home network modules Home network virtual LAN configuration module Home network IP configuration module Home network virtual LAN monitor for activity Home network IP bridge DMZ configuration module Home network public IP network configuration module Home network voice virtual LAN module Branch for the primary broadband network Primary broadband virtual LAN configuration module Primary broadband DHCP client module Primary broadband IP configuration module Primary broadband DNS access test module Primary broadband PPP bridge virtual LAN DSL device control module Primary broadband ATM and auto PVC search module Primary broadband PPPoE configuration module Primary broadband PPPoA configuration module Primary broadband routed ATM configuration module The nodes that display are dependent on the 2Wire gateway For example 2Wire gateways that are not connected to the Internet via ADSL will not display ADSL information 115 Advanced Detailed Log Page Manage
50. O000 00 00T00 00 08 INF PO000 00 00T00 00 08 INF PO000 00 00T00 00 08 INF PO000 00 00T00 00 08 INF PO000 00 00T00 00 08 INF PO000 00 00T00 00 15 INF PO000 00 00T00 00 15 INF PO000 00 00T00 00 17 INF PO000 00 00T00 00 24 INF PO000 00 00T00 00 26 INF PO000 00 00TO0 00 29 INF PO000 00 00T00 00 35 INF PO000 00 00T00 00 42 INF P0000 00 00TO0 00 42 INF PO000 00 00TO00 00 42 INF PO000 00 00T00 INF PO000 00 00T00 INF PO000 00 00TO00 FILTER cm cm initialized initd initd ulib ulib ulib ulib initd initd initd initd pkg pkg initd initd pki initd initd initd initd initd initd initd initd initd named named ulib ulib ulib ulib ulib ulib lud atm ulib usbhost named pkg lnd pkg pkg pkg pkg pkg initd initd initd libcn started starting runlevel 3 gt 7 System clock initialized Board serial number 265116005072 Board product name 2700HGV Gateway ulib initialized libulib start libmif start starting runlevel 4 gt 7 pkg start pid 14 extracted system system unable to find role config pkgc start login start pid 16 pki initialized pki start syslogd start pid 18 starting runlevel 5 gt 7 lud start pid 19 starting runlevel 6 gt 7 nodesd start pid 20 dhepd start pid 21 named start pid 22 starting runlevel 7 gt 7 domainname gateway Zvire net hostn
51. OA If you connect via PPPoE or PPPoA proceed to step 2 If you connect via Direct IP proceed to step 5 Direct IP connection does not require a user name or password 3 In the Username field enter your user name 4 In the Password field enter your password 5 In the Confirm Password field re enter your system password 6 Click the Submit button The PPP on Demand field allows you to enable PPP on demand If the value is set to O minutes the PPP session will be persistent always on If the value is between 1 to 10080 minutes the PPP session will timeout if the 2Wire gateway does not detect outbound traffic destined for the Internet in the specified time When the 2Wire gateway detects outbound traffic the session is reestablished Note By default the minimum timeout value is 3 minutes 67 Management and Diagnostic Console Modifying Hardware Address By default the 2Wire gateway uses its built in hardware address The Internet Connection Settings Hardware Address Override pane allows you to manually override the MAC address of the broadband connection which is sometimes required for cable modems that perform MAC address authentication To modify the hardware address 1 Click the Override the built in hardware address radio button 2 Inthe Hardware Address field enter the alternative hardware address 3 Click the Submit button Modifying Internet Address Settings By default the 2Wire gateway automaticall
52. S Resolve Traffic Shaping Link Manager Detailed Log Figure 43 MDC Troubleshooting Upgrade History Page The Upgrade History page shows the following information Item Description Model number The 2Wire gateway model number Hardware version The current 2Wire gateway hardware version Software version The current 2Wire gateway software version Upgrade Log The initial software version and a record of the last 10 upgrades Management and Diagnostic Console Troubleshooting Resets Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Troubleshooting Resets page allows you to reset various components associated with the 2Wire gateway network 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Tr
53. Shared authentication allows users to configure their wireless adapter for Shared authentication which requires an encryption key WPA PSK requires that users configure their wireless adapter using TKIP To use the encryption key that came with your gateway click the Use default encryption key radio button To create a custom encryption key click the Use custom encryption key radio button If you select Use custom encryption key you can define a 64 bit or 128 bit encryption key For 64 bit encryption enter a 10 digit hexadecimal number For 128 bit encryption enter a 26 digit hexadecimal number A hexadecimal number uses the characters 0 9 a f or A F Click SAVE 27 Home Network Tab Configuring Additional Settings The Additional Settings panel allows you to customize wireless settings In general it is recommended that you leave the default settings in place however if you are experiencing connection or performance difficul ties altering these settings may improve performance Note Because the fields that display are dependent on the type of wireless adapter you are using some of these settings may not display Wireless Mode Allows you to force the gateway to use 802 11b g 802 11b only or 802 11g only modes of operation Note This field displays only for 802 11b g based models DTIM Period seconds Determines at which interval the access point will send its broadcast traffic The default value is 4 seconds Max
54. T Settings Back to Top Figure 28 MDC Broadband Link Configuration Page Note Modifying the settings on this page can impact the ability of computers on the local network to access the broadband connection You should modify these settings ONLY if you are thoroughly familiar with networking 66 Management and Diagnostic Console Modifying DSL and ATM Settings By default the gateway automatically detects which DSL line to use The DSL and ATM Settings pane allows you to select a DSL line and manually configure your ATM settings To modify DSL or ATM settings 1 From the DSL Line Selection pull down select Automatic Line 1 inner pair or Line 2 outer pair 2 Inthe ATM Circuit Identifier VPI and VCI fields enter the VPI and VCI you want the gateway to use to connect to the ISP 3 From the ATM Encapsulation pull down menu select VC Mux or LLC 4 Inthe ATM PVC Search field click the Enabled or Disabled radio button 5 Click the Submit button Modifying Internet Connection and Authentication Settings The Internet Connection Settings Connection and Authentication pane allows you to modify the method by which you connect to the Internet To modify Internet connection and authentication settings 1 Ensure that the Broadband connection Enabled radio button is selected default 2 From the Connection Type pull down menu select the connection type either Direct IP DHCP or Static PPPoE or PPP
55. TS t HOME Help Site Map A Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network Instructions Limiting data traffic may disable support for hosted applications that require inbound communications such as Web servers games or Internet chat programs All data traffic will continue to be scanned by the firewall for known hacker attacks Attack Detection Check to detect the types of attacks below Excessive Session Detection TCPIUDP Port Scan Invalid Source Destination IP address Packet Flood SYN UDP ICMP Other Invalid TCP Flag Attacks NULLIXMAS Othen Invalid ICMP Detection JRO Sf Miscellaneous SAVE CANCEL Figure 22 Edit Advanced Firewall Settings Page Note These features should be used only if you are thoroughly familiar with firewalls and networking Enabling Advanced Security Your 2Wire gateway firewall already provides a high level of security You can configure the firewall to provide advanced security features including stealth mode strict UDP or block pings 45 Firewall Tab Stealth Mode In normal firewall operation when an unknown remote device makes a request to connect to a user s network the firewall does not allow the connection to be made a
56. To Settings CU Detailed Information Advanced Settings Yoice Map to Host Port Default the same port as defined above Confiqure Server TCP default 86400 Protocol Timeout seconds UDP default 600 Application Type None Default v Troubleshooting DSL Diagnostics ADD DEFINITION Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 36 MDC Firewall Edit Application Page 2 In the Application Name field enter a name for the application profile 3 In the Protocol field click the TCP or UDP radio button If both protocols are required you must create a definition for each 4 In the Port or Range field enter the port or port range used by the application 5 In the Protocol Timeout seconds field enter the amount of time in seconds that the connection in the specified range should remain open when there is no data transfer In most cases the default value is appropriate 6 In the Map to Host Port field enter the value that provides the mapping offset to the local computer For example if this value is set to 4000 and the range being opened is 100 to 108 the forwarded data to the first value in the range will be sent to 4000 Subsequent ports will be mapped accordingly 101 will be sent to 4001
57. Transmit 0 0 0 o Wireless Receive 0 0 0 0 Configure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 30 MDC Local Network Statistics Page The Local Network Statistics page includes the following information Item Description Ethernet Transmit The cumulative number of frames transmitted over the Ethernet home network interface the number of payload bytes transmitted and the number and percentage of transmitted packets in error 71 Management and Diagnostic Console Item Description Receive The cumulative number of frames received over the Ether net home network interface the number of payload bytes received and the number and percentage of received pack ets in error Wireless this field is present only on wireless 2Wire gateway models Transmit The cumulative number of frames transmitted over the wireless home network interface the number of payload bytes transmitted and the number and percentage of transmitted packets in error Receive The cumulative number of frames received over the wire less home network interface the number of payload bytes received and the number and perce
58. access the Management and Diagnostic Console a navigation bar allows you to quickly select pages on the site The navigation bar consists of the following links Group Link Summary System Summary Broadband Link Summary Statistics Detailed Statistics Configure Local Network Status Statistics 52 Group Local Network Firewall Voice Troubleshooting Advanced Management and Diagnostic Console Link Device List Wireless Configure Address Allocation Settings Detailed Information Advanced Settings Configure Server DSL Diagnostics Event Log Network Tests Upgrade History Resets Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Note The link groups that display are dependent on the 2Wire gateway model For example DSL Diagnostics will display only if a user has a gateway that connects to the Internet via DSL 53 Management and Diagnostic Console System Summary Page The System Summary page shows general information about the 2Wire gateway its configuration and components For example it shows the hardware and software version being used by the 2Wire gateway Broadband Link Pages The Broadband Link pages show summary detailed status and statistical information about the 2Wire gateway broadband link and lets you change configuration settings For example the Statisti
59. ack to Top Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 48 MDC Advanced Configure Services Page Routing By default the 2Wire gateway is configured in routed mode The Advanced Configure Services page allows you to configure the 2Wire gateway to operate in bridged mode 105 Management and Diagnostic Console IMPORTANT Bridged mode is intended for testing purposes only as in WT 062 ADSL BER Bit Rate Error or industry standard performance tests When routed mode is disabled the 2Wire gateway can no longer be managed via CMS and any DSL connection will require an external PPP connection via software of third party hardware It is strongly recommended that you disable routed mode ONLY if you thoroughly understand the ramifications of doing so To operate the gateway in bridged mode 1 Deselect the Enable Routing checkbox 2 Click the Submit button Most gateway features are now disabled including firewall and stateful packet inspection DHCP NAT DNS PPP and remote management The gateway no longer functions as a gateway and is in effect a multi protocol Ethernet wireless and USB bridge Note When routing is disabled the gateway s local IP address is set to 172 16 0 1 16 Computers connected to the 2Wire gateway will retain the IP address assigned by the gateway s DHCP server until a new IP address is obtained from an alternative DHCP server or is ma
60. agnostic Console SE Advanced Configure Services submit Settings Broadband Link Routing Summary Enable Routing v Routing disabled Bridge mode Statistics Warning When you disable routing the gateway s local IP address gets set to 192 168 1 254 255 255 2550 Detailed Statistics a P a ik If you want to connect to the gateway when it is in bridged mode to change its configuration parameters you must Confiqure e Configure your computer s IP address to work on the same subnet ex 192 168 1 x 255 255 255 0 Local Network e Attach your computer to the local network port of the gateway Status e Enter 192 168 1 254 as address in a web browser Statistics br a Note When routing is disabled NAT and the DHCP Server are disabled A o SEB AN AA PA AA AA Wireless NAT Configure TCP Timeout 1440 Minutes 51440 minutes default 1440 minutes Address Allocation 5 UDP Timeout 10 Minutes 1 720 minutes default 10 minutes oe IGMP Querier Settings a Ka ma a eer a een Broadband Status Notification Advanced Settings Enable VON TG a Aa AA AH ic PI si pa aaa Missing DSL Filter Detection Troubleshooting Enable DSL Diagnostics PAR RM O AA AAO Event Log SIP Application Layer Gateway Network Tests Enable 7 Upgrade Histor TTET OE EEEN EE EATE ETE eae Resets Upstream MTU Advanced Force Upstream MTU 1492 Syslog Settings 5 SUBMIT Settings Provisioning Info Confiqure Time Services Confiqure Services B
61. ailable ports are open and all incoming Internet traffic is directed to this computer 41 Note DMZplus can only be configured for one computer on your home network at a time To configure DMZplus Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Firewall Settings link under the tab to open the Edit Firewall Settings page W 2 5 e 2WRE Veg 3 gt Broadband Home Voice Firewall H systom Link Network Network Summary Firewall Settings Advanced Settings ft HOME Help Site Map Edit Firewall Settings Settings By default the firewall blocks all unwanted access from the Internet You can allow access from the Internet to applications running on computers inside your secure home network by enabling firewall pinholes Opening firewall pinholes is also known as opening firewall ports or firewall port forwarding Reset all firewall To do this associate the desired application with the computer below If you cannotfind a listing for your settings application you can create a user defined application profile To create a user defined profile you will need to know protocol and port information View firewall details To Allow Users Through the Firewall to Hosted Applications QO Select a computer Choose the computer that will host applications through the firewall QuT 109 w Edit firewall setti
62. ame homeportal gateway Zwire net Wireless ESSID set to 2WIREO7Z Wireless authentication set to Open Wireless encryption set to WEP Wireless WEP key set Wireless channel set to 6 Wireless power set to 100 UP on bridged with 192 168 1 254 24 port O opened Node 1 Added mac 00 c0 4f 1d 62 35 uhub explore uhub0 port 1 status 0x0300 0x0000 192 168 1 254 listen on address 0 extracted ui base ui dsl0 found signal on line 1 now testing line 2 extracted lang common_en extracted lang common fr extracted lang common es extracted voice base voice note voice base voice has no pkge start rfsd start pid 24 httpd start pid 25 CLEAR LOG INSERT MARK uninstall script INSERT MARK Ka Next Back to Top Figure 53 MDC Advanced Detailed Log Page Note The Detailed Log retains a persistent across upgrades and system restarts record of gateway events 116 Management and Diagnostic Console From the Filter pull down menus you can select the level of filtering you want to view for example DBG or higher and the specific gateway component that was affected Each log displays the following information Status level DBG debug INF informational NTC notice WRN warning ERR error FTL fatal ALR alarm or EMR emergency Timestamp in days hours minutes and seconds since the state occurred A preceding the timestamp designates that the timestamp occurred upon system
63. and your broadband connectivity will be briefly disrupted until your system restarts and broadband connectivity is re established with your broadband service provider The View available upgrades and options link accesses a page that displays available software upgrades or enhanced services If your gateway is running the latest software or enhanced services are not available the following message displays 2WiRE Upgrade The System Back Help System Upgrade Current Software Version 4 21 7 No Upgrade Available Your system has the latest software version available Please check back later Broadband Link Tab This chapter describes the 2Wire gateway Broadband Link features and provides detailed instructions on how to customize your broadband settings Viewing Your Broadband Link Summary The Broadband Link Summary page provides general information about the current status of your broadband link connection and your system configuration To access your Broadband Link Summary Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Broadband Link tab Click the Summary link under the tab to open the View Broadband Link Summary page Syste owre J 2 S s Broadband Link Networ Network Summary Details Diagnostics Statistics Advanced Settings 2 Home Help Site Map View Broadband Link Summary Connection Fully Operational Vie
64. ange From 1235 To 11238 Protocol Timeout TCP default 86400 seconds 60000 pp defauit 600 Default the same port as Map to Host Port 4000 defined above Application Type None Default z ADD DEFINITION Figure 18 Edit Application Page 39 3 4 Firewall Tab In the Application Name field enter a name for the application profile You can enter any name you like although it s recommended that you use the name of the application for example Redwing Game Server In the Definition panel create a definition for your application A definition consists of a series of protocol specific ports that are to be allowed through the firewall This information should be contained in the documentation provided by the company that produces the application a In the Protocol field select the TCP or UDP radio button If the application you are adding requires both you must create a separate definition for each b In the Port or Range field enter the port or port range the application uses For example some applications may require only one port to be opened such as TCP port 500 others may require that all TCP ports from 600 to 1000 be opened c In the Protocol Timeout seconds field you may optionally enter a value for the amount of time that can pass before the application times out You can also leave the field blank in which case the system uses the default values 86 400 seconds for the TCP prot
65. ation Page To change the DHCP mapping for a device 1 From the IP Address pull down menu next to the device select an address from any of the available networks 2 Click the Submit button Note If you change the home network IP address range you must renew the DHCP lease on all devices on your home network and manually reconfigure all devices configured with static IP addresses 78 Management and Diagnostic Console Firewall Settings Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Firewall Settings page allows you to configure the firewall to pass through specific application data to a selected computer 2WiRE Management and Diagnostic Console System Summary Firewall Settings Saar a RONA By default the firewall blocks all unwanted access from the Internet You can allow access from the Broadband Link Internet to applications running on computers inside your secure home network by enabling firewall Summary pinholes Opening firewall pinholes is also known as opening firewall ports or firewall port forwarding To Statistics do this associate the desired application with the computer below If you cannot find a listing for your Detailed Statistics application you can create a user defined application profile To create a user define
66. attempt is displayed in the last row Item Description Time Initially this field will display the time since power on in DAYS HH MM SS format until the gateway can access the Internet and retrieve the current local time Sub sequently the time since power on is displayed in YY MM DD and HH MM SS for mat Line The line 1 or 2 on which the gateway is searching for a DSL signal Downstream Rate The net user data rate in kbps for the connection Max 1 Maximum rate achievable at the time of the initial connection based on the line quality specifically the uncapped rate Max 2 Latest estimate of maximum achievable rate adjusted for changing line conditions Max 3 Current or final estimated maximum achievable rate without impulse noise com pensation Mgn 1 Noise margin in dB at the start of the connection Mgn 2 Latest noise margin adjusted for changing line conditions since the connection was first established Attn Measured attenuation in dB of the line Pwr Transmit power in dB CRCs Total uncorrected errors for this connection FECs Total corrected errors for this connection INP Impulse noise protection DLY Delay of latency path 90 Item Upstream Rate Max Mgn Attn Pwr CRCs FECs Mode Vendor State Exit Code Echo VXCO Rx Gain INC Tones Management and Diagnostic Console Description The new user data rate in kbps for the connection Maximum rate achievable at the time o
67. auto detect which channels to use If you are having problems with your wireless network it could be due to radio interference You can change the wireless channel to see if interference is reduced on a different channel Note For more information on wireless channels refer to the wireless channel entry on page 123 in the Glossary Authentication The security method used to ensure that users are authorized to access the wireless network WEP Open WEP Shared or WPA PSK Encryption The security setting that makes it difficult for unauthorized users to access your network Customizing Security Settings You should always enable encryption for wireless communication When encryption is enabled you must define an encryption key for the 2Wire gateway s wireless access point and configure that same key on each wireless client that will use your 2Wire gateway wireless network Note If encryption is enabled each wireless client must be configured with the encryption key defined on the system before it can operate on your wireless network You can customize the following wireless settings in the Wireless Security panel 1 From the Authentication pull down menu select an authentication setting WEP Open WEP Shared or WPA PSK Note WPA PSK authentication is supported only on HG model gateways Open authentication allows users to configure their wireless adapter as either Open or Shared in either case an encryption key is required
68. b Setting Up a Bridge Network The Bridge Network pane allows you to create a local network that has broadband accessible IP addresses Bridge Network is a public network in which the local network is an extension of the broadband network and does not require any special routing Computers that are assigned Bridge Network IP addresses operate without Network Address Translation NAT This feature is typically used in conjunction with broadband service that provides a range of IP addresses Once enabled the bridge network IP addresses can be assigned to local computers To set up a bridge network 1 2 3 Check the Enable checkbox In the Subnet Mask field enter the subnet mask this is typically provided by your service provider and defines how large your IP pool is Click SAVE Showing a Device as Inactive To show a device as Inactive 1 2 Open a Web browser and access the 2Wire gateway user interface Click the Home Network tab Click the Advanced Settings link under the tab In the Settings pane select the Show inactive devices in network list checkbox Click SAVE 31 VoIP Network Tab This chapter describes the 2Wire gateway VoIP Network features and provides detailed instructions on setting up a VoIP network Configuring the VoIP Phones To configure VoIP via the gateway user interface follow these steps 1 Access the gateway user interface by opening a web browser and entering http
69. background noise on the line This is an indication of how much the uncancelled echo is affecting DSL perfor mance rather than an absolute measure of the uncancelled echo Indicates the difference between the gateway s and the DSLAM port s crystal fre quency in parts per million ppm Indicates the current receive gain settings which will depend on the length of the DSL line Indicates the number of compensation tones on which impulse noise is detected 91 Management and Diagnostic Console Reviewing Bitloading The Bitloading pane shows the bits loaded per tone for the upstream tones 6 to 31 and downstream tones 32 to 255 spectrum A single hex digit for each tone shows the numeric values O to F in addition to the bar graph depiction 92 Management and Diagnostic Console Troubleshooting Event Log Page The Troubleshooting Event Log page displays all security related events for the broadband and local network Log information is stored in an 8 KB buffer When the buffer is full the oldest items are purged from the log You can also clear the log contents by clicking the Clear Log button 2WRE INF PO000 00 00T00 01 32 INF 2006 02 08T10 52 50 08 00 INF 2006 02 08710 52 50 08 00 Detailed Information Advanced Settings Voice INF 2006 02 08T10 52 50 08 00 Confiqure Server INF 2006 02 08T10 52 50 08 00 Troubleshooting INF 2006 02 08T10 52 50 08 00 DSL Diagnostics INF 2006 02 08T10 52 50
70. ccess the Broadband Link Advanced Settings page Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Broadband Link tab 19 Broadband Link Tab Click the Advanced Settings link under the tab to open the Broadband Link Advanced Settings page Systen system Network Voice 3 Firewall Network Broadband Link Advanced Settings WARNING A Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network Settings DSL and ATM DSL Line Selection Automatic v Broadband Network Broadband Connection Connection Type PPPoE v PPP Username 2wire sbcglobal n Password Confirm Password a You must enter a username and password and confirmation password if you select PPPoE or PPPoA PPP on Demand o Minutes Entering a value of zero enables a connection with no timeout Hardware Address Override Use the built in hardware address Override the built in hardware address Hardware Address Hostname Override Hostname ATM Circuit Identifier VPI o velss ATM Encapsulation ATM PVC Search Broadband IP frt HOME Help site Map Bridged LLC ba Enabled Disabled Obtain IP address automatically O Manually configure IP address se
71. cs page shows current upstream and downstream DSL data rates Local Network Pages Local Network pages show the general operating status of the home network and statistics associated with network interfaces For example the Statistics page shows the transmit and receive packet count for Ethernet Wireless HomePNA and USB interfaces Firewall Pages Firewall pages allow you to access settings and detailed information for the gateway s firewall and to configure the firewall if necessary For example you can use the Firewall Settings page to access applications that are usually blocked by the firewall Troubleshooting Pages Troubleshooting pages allow you to view detailed logs that maintain a record of all significant 2Wire gateway events and to perform diagnostic tests For example if you are experiencing connection problems you can use the Ping tool on the WAN Tests page to ensure that the 2Wire gateway can ping a designated IP address Advanced Pages Advanced pages provide detailed information and sophisticated diagnostics that in general should only be accessed by technically advanced users 54 Management and Diagnostic Console Remote Management Feature Management and Diagnostic Console pages that affect gateway configuration can be accessed remotely only if your organization has enabled the Remote Management feature If the feature is not enabled an error message will display when you click the link to access the
72. ctive Each device on your home network is represented with a computer icon because it is powered off or removed from your network this icon will display as Inactive y Inactive Note For additional information refer to Showing a Device as Inactive on page 31 A symbol next to the device shows how it is connected to your home network G9 Ethernet USB Wireless i If you defined a name for your computer during System Setup or when your computer was set up the name displays next to the device However there are two instances where the device name will not appear If your computer was manually configured with a static IP address the static IP address displays instead of the computer s name If you have not named the device but it still obtains its Internet address from the system the word Unknown displays You can change the name of the device so that it will display in the system user interface by clicking the Change name link If you have configured the firewall to allow information from the Internet to pass through to the computer also referred to as hosting an application the name of the application s that you are hosting are displayed under the device name Note For additional information refer to Hosting an Application on page 37 If you have defined special features for the computer such as DMZplus mode the feature is displayed under the device name 24 Home Network Tab Depend
73. d link Physical connection The broadband link is connected Error There is a broadband link error DSL Connection Details for DSL models only DSL Line Wire Pair Protocol DSL Channel DSLAM ATM PVC Info ATM Encapsulation ISP Details Connection Type User Name PPPoE Access Concentrator PPPoE Service IP Address Range Subnet Mask Gateway Line 1 inner pair Line 2 outer pair or Searching for DSL signal During installation the 2Wire gateway auto detects whether the DSL signal is on line 1 or line 2 G dmt G lite or ANSI T1 413 Fast or Interleaved DSLAM vendor identification For G dmt or G lite protocol values are Country Vendor and Specific For ANSI T1 413 protocol values are ID Rev Revision and Std Standard The ATM VPI VCI LLC or VCMux The method by which the 2Wire gateway connects to the ISP Direct_IP PPPoA or PPPoE For the HomePortal 1000 direct uses an RFC2684 formerly RFC 1483 bridged Ethernet connection without FCS PID 0x00 07 format The 2Wire gateway user name This field is present only when the connection type is PPPoE The type of PPPoE services being used This field is present only when the connection type is PPPoE The broadband address of the 2Wire gateway The subnet mask to be used by the 2Wire gateway on the broadband link The IP address of the default gateway default router that the 2Wire gateway connects to on the broadband link 59
74. d profile you will need to know protocol and port information Configure Local Network To Allow Users Through the Firewall to Hosted Applications Status O select a computer Statistics Choose the computer that will host applications through the firewall quT 109 Device List Ni N sibat a Edit firewall settings for this computer Confiqure O Maximum protection Disallow unsolicited inbound traffic Address Allocation Allow individual application s Choose the application s that will be enabled to pass through Firewall the firewall to this computer Click ADD to add itto the Hosted Applications list Settings All applications Nd Hosted Applications Detailed Information Aga of Eupires Al Advanced Settings Age of Kings 3 3 Age of Wonders Voice Aliens vs Predator _ ao Configure Server Anarchy Online j Asheron s Call Troubleshooting Baldur s Gate REMOVE DSL Diagnostics BattleCom Event Log Battlefield Communicator Black and White Network Tests Upgrade History Add a new user defined application Resets PERR O Allow all applications DMZplus mode Set the selected computer in DMZplus mode All Advanced inbound traffic except traffic which has been specifically assigned to another computer using the Syslog Settings Allow individual applications feature will automatically be directed to this computer The DMZplus enabled computer is less secure because all unassigned firewall ports are ope
75. description of these services Web Remote Access The Web Remote Access enhanced service allows you to access your home computer files from remote locations using any standard Web browser Web Remote Access authenticates and encrypts access between the Web browser and the 2Wire gateway enabling you to securely access and download important files or manage other enhanced services such as Parental Controls or Firewall Monitor You can optionally define a unique Web Domain Name during setup for example http myname accessmyhome net making it easy for users that are allowed to access the home network to manage the gateway when away from the home For additional information please refer to the Web Remote Access User Guide Firewall Monitor The 2Wire Firewall Monitor enhanced service extends the professional grade firewall capabilities of your 2Wire gateway by continuously assessing threats to your home network Firewall Monitor allows you to Automatically download updates to your firewall software to protect against new threats Receive on screen notification to alert you of network attacks Review details about attacks blocked and the source of the attacks For additional information please refer to the Firewall Monitor User Guide Parental Controls The 2Wire Parental Controls enhanced service offers two features that allow parents to maintain control over what their children can access on the Internet and how often Content Screen
76. ds ISP Connection Establishment Management and Diagnostic Console Description The number of severely errored seconds since the 2Wire gateway was last restarted and the elapsed time since the last severely errored second The number of corrected DSL superframes that had data errors detected during reception The number of uncorrected DSL superframes that had data errors detected The number of unavailable seconds modem downtime since the 2Wire gateway was last restarted and the elapsed time since the last unavailable second The number of times the ISP connection was established since the statistics were last reset and the elapsed time since the last establishment To reset the DSL statistics click the Reset button 65 Management and Diagnostic Console Broadband Link Configuration Page The Broadband Link Configuration page allows you to modify specific broadband connection settings 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List e Wireless Configure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Confiqure Services Static Routes DNS Resolve Tra
77. e fomePNR 5 Any computers connected to the network using this network type will be To disable a network device click the DISABLE button immediately disconnected Click CONFIRM A message asks you to confirm your decision CONFIRM CANCEL Monitoring Your Wireless Settings Your 2Wire gateway has an integrated wireless access point which enables you to connect your wireless enabled computers to your home network By default the 2Wire gateway ships with WEP enabled and a preconfigured network name The default WEP key is located on the bottom of the gateway next to the serial number To check your current settings and configure changes Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Home Network tab 25 Click the Wireless Settings link to open the Configure the Wireless Network page awin 9 92 5 2 3 SSID Broadcast Enables the wireless network name to be broadcast publicly to any wireless users within wireless range of your network Disabling the SSID broadcast makes the network name private and provides enhanced security by requiring wireless users to enter the network name manually when creating a wireless network profile on their computer Wireless Security Wireless Network Security Authentication WEP Open M Use default encryption key Use custom encryption key Key Wi
78. e 2Wire gateway the network can become unstable because both devices are trying to manage private IPs via NAT 77 Management and Diagnostic Console Local Network Address Allocation Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Local Network Address Allocation page shows the name and IP address of each device on the gateway s local network and allows you to create DHCP mappings for each device s i eWRE Management and Diagnostic Console Salo San Local Network Address Allocation susmT settings Broadband Link Create DHCP mappings for the local network s Summary Device Current Settings IP Address Statistics avT_109 192 168 1 64 DHCP Private 192 168 1 0 Detailed Statistics MOM 192 168 1 65 DHCP Private 192 168 1 0 Confiqure Local Network Status Statistics Device List Wireless Configure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Figure 34 MDC Local Network Address Alloc
79. e Mao Mga Ahm Pwe CHOW NECK Figure 40 MDC Troubleshooting DSL Diagnostics Page Analyzing General Information The General Information pane shows diagnostic information for the current DSL connection or connection attempt These values are also listed in the last row of the Training History pane Item Description Value Comment DSLAM Lists information about the DSLAM including country DSLAM vendor and specifics DSL Line During line search the value tor 2 None or Searching for DSL will alternate between 1 and signal 2 The Searching for DSL sig nal comment appears until the ADSL protocol is con firmed with the DSLAM on the current line Downstream The configured DSL service Varies by service Rate Cap downstream speed provider 88 Item Downstream Atten at 300kHz Uncancelled Echo VCXO Frequency Offset Final Rx Gain Impulse Noise Comp Tones Excessive Impulse Noise Description The measurement in kbps of the decrease in downstream signal strength Measure in dB of the uncan celled echo relative to the background noise on the line indicating how much the uncancelled echo is affecting DSL performance Indicates the difference between the gateway s and the DSLAM port s crystal fre quency in parts per million ppm Indicates the current receive gain setting in dB Indicates the number of com pensation tones on which impulse noise is detected For non inter
80. emory PPP kernel network module PPPoA kernel network module PPPoE kernel network module Thread locking Thread LED device Link Manager daemon logs for module Login application Lightweight data protocol VoHPNA Hardware watchdog Machine signal related DNS server Management and Diagnostic Console 118 Filter netdev nodesd pdump pkg pki ppp reset rpcd rtatm scc sip sntpc stream syslog system ulib usbd usbhost vlan voh voiced voip vr vrsip wave Description Network device core Network device status daemon Packet dump used for debugging Package management Public Key Infrastructure subsystem Point to Point Protocol daemon Reset switch driver RPCD daemon logs for CMS interaction Routed ATM driver Voice SLIC drivers SIP Network time client Stream network core Syslog daemon System level Configuration libraries USB device USB host Virtual LAN VoHPNA driver Voice daemon Voice over IP Voice router Voice SIP module Wireless device Management and Diagnostic Console 119 Glossary A Access Point A device that transports data between a wireless network and a wired network With the help of the system a wireless base station is an example of an access point that acts between a wireless node and with other wired PCs and peripherals Default Gateway A device that is placed between network segments or subnets to ensure that traffic is properly routed betwe
81. en different subnets To communicate with a device on another network users need to know the default gateway s IP address DHCP Dynamic Host Configuration Protocol A TCP IP protocol that allows servers to assign IP addresses dynamically to PCs and workstations The PC or workstation borrows the IP address for a period of time then the IP address returns to the DHCP server for reassignment DMZ Demilitarized Zone A computer or small subnetwork that sits between a trusted internal network such as a LAN and an untrusted external network such as the Internet Typically the DMZ contains devices accessible to Internet traffic such as Web HTTP servers FTP servers SMTP e mail servers and DNS servers DNS Domain Name System The DNS is the way that Internet domain names such as www 2wire com are located and translated into IP addresses DSLAM Digital Subscriber Line Access Multiplexer A device found in telephone company central offices that takes a number of DSL subscriber lines and concentrates them onto a single ATM line Ethernet A type of local area network that operates over twisted wire and cable at speeds of up to 10 Mbps ICMP Internet Control Message Protocol ICMP supports packets containing error control and informational messages For example the PING command uses ICMP to test an Internet connection Although ICMP is generally harmless there are some message types that should be dropped Redirect 5
82. ent status Technical support representatives use this information to help troubleshoot problems with your broadband connection To access the Broadband Link Diagnostics page Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Broadband Link tab Click the Diagnostics link under the tab to open the Broadband Link Diagnostics page aminer 2 V Hd s Broadband irewal Link Network z etwor Summary Details 8 Diagnostics Statistics Advanced Settings fr HOME Help Site Map Broadband Link Diagnostics WARNING A Testing the broadband link will take a few minutes during which there will be no Internet access Status Click TEST to run a series of diagnostic tests on your broadband link DSL Synchronization UP G DMT ATM Signal UP PVC Connection UP PPPoE Service UP PPP Authentication UP IP Connection UP DNS Communication UP REFRESH TEST Figure 9 Broadband Link Diagnostics Page To update the broadband link status click REFESH To initiate a full test of your broadband link click TEST The test will take several minutes during which the system reestablishes all broadband connections You will not be able to access the Internet until the test is complete 16 Viewing Statistics Broadband Link Tab The View Broadband Link Statistics page shows statistics associated with the 2Wire gateway broadband link including cumulative DS
83. er After a connection has been established on a given port the sender and receiver usually determine when the session is finished and the connection is closed However if the connection is left open and data transfer stops the system must eventually close the connection and reclaim the resources in order to protect your network In some cases the system might close the application during normal operation for example if there is a long pause between data transfer If this is the case lengthening the timeout may help PVC permanent virtual circuit A virtual circuit that is permanently available Used to establish connections between hosts that communicate frequently Router The central switching device in a packet switched computer network that directs and controls the flow of data through the network S Subnet Mask The IP addressing system allows subnetworks or interchanges to be created and devices numbers or extensions to be established within these subnetworks These numbers are created using a mathematical device called a subnet mask A subnet mask like the IP address is a set of four numbers in dotted decimal notation Subnet masks typically take three forms 255 0 0 0 255 255 0 0 255 255 255 0 The number 255 masks out the corresponding number of the IP address resulting in IP address numbers that are valid for the network For example an IP address of 123 45 67 89 and a subnet mask of 255 255 255 0 resu
84. er Your Hint awa 490012345678 6912345678 System Key Figure 4 Reset System Password Page To obtain access to your system 1 Inthe System Key field enter the 10 digit system key located on the bottom of your gateway 2 In the Enter New Password field enter a new system password In the Confirm New Password field re enter the system password 3 In the Enter Your Hint field enter an appropriate hint as described under Setting a System Password on page 6 4 Click Submit System Tab Changing Your Time Zone Settings The 2Wire gateway sets the time automatically using time servers on the Internet It retrieves date time information in Greenwich Mean Time GMT Your local time is set using the Time Zone setting you configured when you set up your system If your Time Zone is incorrectly set you can change it in the Edit Date and Time Settings page To change your time zone settings Open a Web browser and access the gateway user interface by entering http 2wire gateway net Click the System tab Click the Date and Time Settings link in the System area of the Network at a Glance panel to open the Edit Date and Time Settings page mor MAG 2 33 EWR x a a n Voic Firewall System POH Network Network Nona Summary System Password Date and Time Settini Details fr HOME Help Site Map Edit Date and Time Settings Settings Current Date and Time Wed
85. ergy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and the receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help You are cautioned that any changes or modifications not expressly approved in this manual could void your authority to operate this equipment Only peripherals computer input output devices terminals printers and so forth that comply with FCC Class B limits may be attached to this computer product Operation with noncompliant peripherals is likely to result in interference to radio and television reception All cables used to connect peripherals must be shielded and grounded Operation with cables connected to peripherals that are not shielded and grounded may result in interference to radio and television reception WARNING While this device is in operation a separation distance of at least 20 cm 8 inch
86. ernet Ethernet is a local area network LAN technology that transmits information between computers at speeds of 10 or 100 Mbps 2Wire gateways have either 1 or 4 Ethernet ports for directly connecting computers or devices If your home or office is wired for Ethernet you can use the Ethernet interface s on the gateway to create a broadband network USB The 2Wire gateway s USB 1 1 port allows you to directly connect a computer or other network ready device Wireless The 2Wire gateway includes an integrated wireless access point which allows users to roam wirelessly throughout the home or office 2Wire s high powered wireless technology virtually eliminates wireless coldspots in the home The 2Wire gateway s high power 400mW transmitter ensures that users benefit from increased wireless bandwidth throughout the coverage area In addition the 2Wire gateway employs a special triple antenna design The third antenna is used only for transmitting packets thus mitigating the power loss associated with switching the antenna use back and forth between transmit and receive This results in greater access point sensitivity as antenna placement can be better optimized with a dedicated set of receive only antennas 1 The 200 series gateways connect via Ethernet 2 Some interfaces are not available on specific models System Tab This chapter describes the 2Wire gateway System features Note 2Wire recommends that you use Internet Explorer
87. es must be maintained between the radiating antenna inside the ERU and the bodies of all persons exposed to the transmitter in order to meet the FCC RF exposure guidelines Making changes to the antenna or the device is not permitted Doing so may result in the installed system exceeding RF exposure requirements This device must not be co located or operated in conjunction with any other antenna or radio transmitter Installers and end users must follow the installation instructions provided in this guide FCC Part 68 This equipment complies with Part 68 of the FCC rules On the bottom of this equipment is a label that contains among other information the FCC equivalence number REN for this equipment If requested this information must be provided to the telephone company The REN is used to determine the quantity of devices that may be connected to the telephone line Excessive RENs on the telephone line may result in the devices not ringing in response to an incoming call In most but not all areas the sum of the RENs should not exceed five To be certain of the number of devices that may be connected to the line as determined by the total RENs contact the telephone company to determine the maximum REN for the calling area If the terminal equipment causes harm to the telephone network the telephone company will notify you in advance that temporary discontinuance of service may be required But if advance notice is not practical the teleph
88. es them back into the private IP address of the original host for final delivery During PAT each computer on the LAN is translated to the same IP address but with a different port number assignment Inbound and outbound port blocking Blocks common inbound and outbound protocol types from passing information to or receiving information from the Internet 35 Firewall Tab Viewing Your Firewall Summary The Firewall Summary page provides summary information and links to the most commonly used security related features of your system To access the Firewall Summary page Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Firewall tab to open the View Firewall Summary page F E e cu ewire P 2 8 2 a Network Network fi Summary Firewall Settings Advanced Settings t HOME Help Site Map View Firewall Summary Firewall Settings Firewall Active The firewall actively blocks access of unwanted activity from the Internet If you are using an application that requires you to open a portin your firewall you may do so by clicking Firewall Settings above Current Settings Default To allow users on the Internet to connect to a computer inside your secure home network you must configure the system s firewall settings Click VIEW DETAILS for more information VIEW DETAILS Figure 15 View Firewall Summary Page The Firewall Settings panel
89. f the initial connection based on the line quality specifically the uncapped rate Noise margin in dB at the start of the connection Measured attenuation in dB of the line Transmit power in dB Total uncorrected errors for this connection Total corrected errors for this connection The DSL mode used G DMT 11 413 or G LITE Vendor ID of the DSLAM for example ALCB indicates Alcatel DSLAM in G DMT mode The internal state of the modem If there are repeated connection problems tech nical support representatives can use this information to determine at what point during training the modem failed or whether the modem is repeatedly failing at the same point Indicates the reason for a lost connection or a terminated training attempt Follow ing are examples of the typical values that can be represented ERR LOF LIMIT Retrained due to loss of framing ERR LOS LIMIT Retrained due to loss of signal ERR HI BER LIMIT Retrained due to excessive CRCs RESTART System deliberately restarted modem line search reprovisioning or 30 second timeout when waiting for DSL signal ERR_STATE_TIMEOUT Modem timed out during training for example the modem failed to detect pilot signal at the appropriate time ERR_ALL_OPTIONS_FAIL Failed to negotiate a final bitrate with DSLAM RETRAIN_HIGHER Proactive retrain in order to obtain a significantly higher connect rate A measure of the uncancelled echo relative to the
90. ffic Shaping Link Manager Detailed Log Management and Diagnostic Console Broadband Link Configuration suot settings WARNING Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network DSL and ATM Settings DSL Line Selection automatic ATM Circuit Identifier VPI 0 VCI 35 ATM Encapsulation Bridged LLC ATM PVC Search Enabled Disabled Internet Connection Settings Connection and Authentication Broadband connection Enabled Disabled Connection Type PPPoE E Username 2wire sbeglobal n Password Confirm Password You must enter a username and password if you select PPPoE or PPPoA PPP on Demand lo Minutes Entering a value of zero enables a connection with no timeout Internet Connection Settings Hardware Address Override Use the built in hardware address Override the built in hardware address Hardware Address Internet Connection Settings Internet Address Obtain Internet address automatically Manually configure Internet address settings IP Address Subnet Mask Default Gateway Internet Connection Settings DNS Obtain DNS information automatically Manually configure your DNS information Primary Server Secondary Server Domain Name SUBMI
91. ffset to the local computer For example if this value is set to 4000 and the range being opened is 100 to 108 the forwarded data to the first value in the range will be sent to 4000 Subsequent ports will be mapped accordingly 101 will be sent to 4001 102 will be sent to 4002 etc MTU maximum transmission unit The largest size packet or frame specified in octets eight bit bytes that can be sent from a computer to the network The Internet s TCP uses the MTU to determine the maximum size of each packet in any transmission If the MTU is too large the packet may need to be retransmitted if it encounters a router that can t handle that large a packet Too small an MTU size means relatively more header overhead and more acknowledgements that have to be sent and handled Most computer operating systems provide a default MTU value that is suitable for most users In general Internet users should follow the advice of their Internet service provider ISP about whether to change the default value and what to change it to NAT Network Address Translation Enables a LAN to use one set of IP addresses for internal traffic and a second set of IP addresses for external traffic This feature is used by the system so an end user can have an internal computer network in their home with all its computers using internal IP addresses using only one routable IP address which accesses the outside Internet P PAT Port Address Translation Allows hos
92. ge History To State UP at 00 00 07 83 Static Routes devicel has 6 devices 6 configed DNS Resolve DEVICE UP eth0 devid 0 51 0 Traffic Shapin DEVICE NOTFOUND ethl devid 1 0 0 DEVICE NOTFOUND hpnaO devid 2 0 0 Link Manager DEVICE UP waved devid 3 60 0 Detailed Log DEVICE UP usbd0 devid 4 55 0 DEVICE UP a510 devid 5 58 0 Figure 52 MDC Advanced Link Manager States Page The Link Manager States page is used to gather dynamic information on internal networking modules and is based on the runtime configuration of the 2Wire gateway The information cannot be used to configure the 2Wire gateway 113 Management and Diagnostic Console To view information about each node click the node link Information displays below the Link Manager States tree and includes the following Node Information Description Link status Up The link is functioning properly Climbing The link is attempting to establish a connection Down The link is not yet configured Error An error has occurred State changes The number of times the state of the link has changed since last reboot 114 Management and Diagnostic Console The following table shows the possible nodes that can display on the Link Manager States page Node rootO globalO deviceO rnatO routeO fwO cmsO homeO vilanO ipnet1 vlanmonO ipbridgeO ipnet2 vlan3 bbandO vlan1 dhcpO ipnetO dnstestO vlan2 dsl
93. ging To log all packets check the Enable Full Logging checkbox Note When full logging is enabled the gateway logs every packet This will significantly reduce overall system performance because the log buffer capacity will be reached more quickly 85 Management and Diagnostic Console Voice Configure Server Page Note This link is present only if the 2Wire gateway is VolP enabled The Voice Configure Server page allows you to set up your VolP server and is used primarily for test purposes EWR Management and Diagnostic Console patch cake Voice Configure Server Broadband Link Edit VoIP Settings Summary SIP Settings Statistics Brasserie Detailed Statistics Server o Confiqure IP Address 208 35 230 9 Local Network Port 5060 atau Number of Lines 2 Statistics a peviea Lit EE naaa End Point Wireless Na Configure Domain 208 35 230 9 Address Allocation Register Expire Time 3600 Firewall Register Retry Interval 300 Detailed Information Use 11 digit DIDs Advanced Settings Show CID Names Require Authentication EER Voice Confiqure Server Troubleshooting SUBMIT DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Confiqure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log
94. he most recent events display at the bottom of the list Events generate an Informational INF or Warning WRN severity level Informational indicates events that are informational only Warning indicates an unexpected condition that does not affect the 2Wire gateway s ability to operate for example a network problem or the 2Wire gateway is not configured properly For events that involve the transfer of packets the following additional information is displayed Item Description src Source IP address dst Destination IP address ipprot Protocol number as indicated in the IP header field sport Source port TCP and UDP dport Destination port TCP and UDP Disposition of the event The action taken when the event occurs for example Unknown inbound session stopped 94 Troubleshooting Network Tests Page Management and Diagnostic Console The Troubleshooting Network Tests page provides the Ping Traceroute and DNS Query tools which help diagnose problems with the 2Wire gateway or 2Wire gateway connections 2WRE Management and Diagnostic Console saaan Troubleshooting Network Tests Broadband Link ping v Host ww cisco com Summary Enable network name resolution Test 5 Times or Hops Statistics Packet Si acket Size 64 i Detailed Statistics Bytes Maximum 576 a START STOP Local Network Status Statistics Device List Wireless Confiqure Address Allocation Pinging 19
95. he public network specified The public network operates without the use of Network Address Translation NAT This feature is typically used in conjunction with broadband service that provides a range of available IP addresses Once enabled the public IP addresses can be assigned to local computers Bridge Network Settings The Bridge Network pane allows you to create a local network that has broadband accessible IP addresses Bridge Network is a public network in which the local network is an extension of the broadband network and does not require any special routing Computers that are assigned Bridge Network IP addresses operate without the use of Network Address Translation NAT This feature is typically used in conjunction with broadband service that provides a range of IP addresses Once enabled the bridge network IP addresses can be assigned to local computers Display Settings If the Show Inactive Devices checkbox is checked devices that are no longer on the local network will display in the Local Network Local Devices list as an inactive device If this checkbox is not checked inactive devices will not be displayed in the device list Enable Router Behind Router Alert If the Display alert when another router is connected to this router checkbox is checked the Router Behind Router error page displays in the gateway user interface if the gateway detects the presence of a third party router If a third party router is connected to th
96. header error The number of ATM loss of cell delineation errors since the 2Wire gateway was last restarted and the elapsed time since the last loss of cell delineation error The number of DSL retrains since the 2Wire gateway was last restarted and the time elapsed since the last retrain The number of failed DSL retrains since the 2Wire gate way was last restarted and the elapsed time since the last failed retrain The number of timeouts waiting for response from ATU C since the 2Wire gateway was last restarted and the elapsed time since the last initialization timeout The number of DSL loss of framing failures since the 2Wire gateway was last restarted and the elapsed time since the last line search initialization The number of DSL loss of signal failures since the 2Wire gateway was last restarted and the elapsed time since the last loss of signal failure The number of DSL loss of power indications from the ATU C since the 2Wire gateway was last restarted and the elapsed time since the last loss of power indication The number of DSL loss of margin failures at current data rate since the 2Wire gateway was last restarted and the elapsed time since the last loss of margin failure The number of cumulative errored seconds since the 2Wire gateway was last restarted and the elapsed time since the last error 64 Item Cumulative Sec w Severe Errors Corrected Blocks Uncorrectable Blocks DSL Unavailable Secon
97. ics Collected for 4 02 06 ATM Cell Header Errors Loss of Cell Delineation DSL Link Retrains DSL Training Errors Training Timeouts Loss of Framing Failures Loss 0f Signal Failures Loss of Power Failures Loss of Margin Failures Cumulative Seconds wiErrors Cumulative Sec w Severe Errors Corrected Blocks Uncorrectable Blocks DSL Unavailable Seconds ISP Connection Establishment Since Reset 0 0 a tocccc000000 Current 24 Hour Interval 0 ec0c00c0000000 aN a 0 RESET Statistics Current 15 Minute Interval 0 oo0oo0o0o0o0000000 0 Time Since Last Event 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 0 00 00 4 00 48 0 01 25 Figure 27 MDC Broadband Link Detailed DSL Statistics Page Note To update the information displayed on this page click the browser s Refresh button 63 Management and Diagnostic Console The Broadband Link Detailed DSL Statistics page includes the following information Item ATM Cell Header Errors Loss of Cell Delineation DSL Link Retrains DSL Training Errors Training Timeouts Loss of Framing Failures Loss of Signal Failures Loss of Power Failures Loss of Margin Failures Cumulative Seconds w Errors Description The number of ATM cell header CRC errors since the 2Wire gateway was last restarted and the elapsed time since the last cell
98. ime or Retrieving date and time settings from Internet if not set The time elapsed since the 2Wire gateway was last restarted The time elapsed since the 2Wire gateway com municated with the configuration server DSL modem software version Current version of the installed firewall rules database Current version of the application list Note The contents of the Components list varies according to service provider specific information For example the Components list may contain language files such as common en common es or common fr user interface files such as base ui or VoIP files such as base voice 57 Broadband Link Summary Page Management and Diagnostic Console The Broadband Link Summary page allows you to view 2Wire gateway broadband connectivity related settings and reset the Broadband Link and ISP Connection 2WiRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Configure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management
99. imum Connection Rate The maximum rate at which your wireless connection works 1 2 5 5 11 or 22 Mbps for 802 11b based models 1 2 5 5 11 6 9 12 24 36 48 or 54 Mbps for 802 11b g based models Power Setting Allows you to select the power level for your wireless connection The default list is 1 to 4 additional options may appear based on the service provider s configuration If you have customized your wireless system configuration you can restore the wireless settings to factory defaults by clicking the RESTORE DEFAULTS button Configuring Advanced Settings The Edit Advanced Home Network Settings page displays the current IP settings in use by your system for your home network and allows you to configure your home network settings You should adjust these settings ONLY if you are very familiar with computer networking technologies The Current Settings panel shows the following information Router Address The IP address used by your system on the private home network the default is 192 168 0 1 The system has two IP addresses a private address that it uses on the home network and one that is used on the public broadband connection on the Internet You can change the home network IP address by changing the home network IP address range Subnet Mask The subnet mask is determined by the home network IP address range settings the default is 255 255 0 0 DHCP Range The range of IP addresses used by your system the
100. ing and Internet Access Controls Content Screening allows you to protect your children from Websites with questionable content You control what sites or types of sites your child can and cannot access Internet Access Control gives you power to decide when your child can use the Internet and allows you to restrict Internet access by day of week and time of day For additional information please refer to the Parental Controls User Guide Setting a System Password System Tab Setting a system password protects your gateway settings from being modified or changed by someone who has not been given permission to do so After setting a system password you will be required to enter it whenever you attempt to access a gateway configuration page for example if you try to change the gateway s broadband connection settings or upgrade the gateway software If a password has not been set a reminder notice is displayed when you attempt to access pages where settings can be changed To set your system password Open a Web browser and access the gateway user interface by entering http 2wire gateway net Click the System tab Click the System Password link in the System area of the Network at a Glance panel to open the Edit System Password page 9 O Home Network awing Summary System Password Edit System Password Broadband Link i D 1 Time Setti Settings Password Protection If Password Protection Is E
101. ing on the permissions you have set for devices on your network the following links may display next to the device Access shared files Accesses the shared files available from this computer This feature only works with Microsoft Windows computers that have shared files and file sharing installed Note f your computer is configured with a static IP address this link will not appear Edit firewall settings Accesses the system user interface page which allows you to edit the firewall pass through settings for the computer For example you may need to change the pass through settings for the computer if you want to play an Internet game View Internet Access Control Accesses the Internet Access Restriction schedule for this computer Edit Content Screening Accesses the Content Screening settings page allowing you to change the Web site permissions for users on your network View device details Displays the technical networking details about the device If you are experiencing difficulties this information may be helpful to a technical support representative Understanding the Status at a Glance Panel The Status at a Glance panel shows you a list of network connection types the number of devices connected via each connection type ConfmaiLocalinteifacs Changes and your wireless settings Warning You are about to disable the following network interface To change your wireless settings click the EDIT SETTINGS button A Phonelin
102. inhole is a configuration setting in the firewall that allows access to specific services running on the network For example in order for users outside the network to access a specific application such as a game a pinhole must be opened on the gateway firewall to allow requests to the application The Pinholes pane shows the number of pinholes that are currently open There are 192 pinholes available NAT Sessions The NAT Sessions pane shows the number of NAT sessions currently running 83 Firewall Advanced Settings Page Management and Diagnostic Console Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Firewall Advanced Settings page allows you to configure the gateway s firewall 2WRE Management and Diagnostic Console a ER T E T E N E PANG Aba Inbound and Outbound Control C Excessive Session Detection V TCP UDP Port Scan M Invalid Source Destination IP address V Packet Flood SYN UDP ICMP Other Y Invalid TCP Flag Attacks NULLIXMAS Other V Invalid ICMP Detection V Miscellaneous Traer Checking the box allows the associated traffic type through the firewall Detailed Information Outbound Inbound Advanced Settings F HTTP V Remote Management Voice V HTTPS C NetBl0s Confiqure Server FTP T
103. ion IP address Packet Flood SYN UDP ICMP Othen Invalid TCP Flag Attacks NULUXMAS Other a v 9 Invalid ICMP Detection a s Miscellaneous SAVE CANCEL Figure 23 Edit Advanced Firewall Settings Page 1 In the Attack Detection panel deselect the appropriate checkbox 2 Click SAVE 51 Management and Diagnostic Console This chapter describes the 2Wire gateway Management and Diagnostic Console MDC The Management and Diagnostic Console provides information about the status of the 2Wire gateway its broadband network connections attached home networking devices system and security information and a running log of any error conditions You can use the tools provided to View configuration and service provisioning information View operation logs Perform diagnostic tests Configure the gateway The following sections describe how to access the Management and Diagnostic Console use the diagnostic and configuration tools and modify settings Note The MDC pages available are dependent on the 2Wire gateway software release The MDC pages shown in this chapter are for 2Wire gateways running software release 4 21 x If your gateway is running a software release earlier than 4 21 x some of these pages may not be available Accessing the MDC To access the MDC from your in home or office network enter the following URL http gateway 2wire net management Using the MDC After you
104. ions list the list may need updating If an update is available click the UPDATE APPLICATION LIST button Creating an Application Profile If the application that the user wishes to host is not included in the updated application list you may need to create an application profile An application profile configures the system s firewall to pass through application specific data 80 Management and Diagnostic Console To create an application profile 1 Click the Add a new user defined application link The Edit Application page opens 2WRE Management and Diagnostic Console EER Firewall Edit Application Back Broadband Link Profile Name Summary Enter a name for the application profile that you are creating Statistics Application Name Detailed Statistics ecLuune Definition Local Network Choose a protocol and enter the port s for this application then click ADD DEFINITION to add the Status definition to the Definition List Ifthe application requires multiple ports or both TCP and UDP ports you Statistics will need to add multiple definitions Device List Hote In some rare instances certain application types require specialized firewall changes in addition to simple port Wireless forwarding If the application you are adding appears in the application type menu below it is recommended that you Configure select it Address Allocation Protocol TCP O UDP Firewall Port or Range From
105. ious step DO NOT use browser s Back button BACK NEXT 32 VolP Network Tab The account is based on username or phone number To change this setting from the pull down menu select Username or Phone Number To ensure that the settings cannot be changed in the Password field enter a password From the Ring Tone pull down menu select the tone you wish to associate with the phone To block the outgoing caller ID click the Anonymous checkbox Click SUBMIT amint P 93 8 Ye 5 System Network Network Digital Voice Pr HOME Site Map Step 2 Set Up Phone Lines Edit Settings Edit Line Information Please edit the line settings in the form below Phone Number x Password Ring Tone Outgoing Caller ID 1408 856 9285 RING A M USTEN C Anonymous Click SUBMIT to continue Click CANCEL to go the Previous page SUBMIT CANCEL The Phone Settings page allows you to match each phone to a line To do so click EDIT owire 92 5 Gg 3s System Link Network Network Digital Voice Pr HOME Site Map Phone Settings Settings Step 3 Match each Phone to a Line pire Assign each phone device to a Digital Voice line Follow these steps to Step 1 Phone Wiring KR fill in the form below Step 2 Set Up Phone Lines Step 3 Match Phones To Phone 1 For each phone listed click RING NOW which will momentarily Ts ring that phone allowing you to identify each phone 2 Choose aname f
106. k EDIT to change the protocol and port information Click DELETE to remove this fram your user defined list EDIT DELETE DONE Figure 19 Select a Hosted Application Page 1 In the User Defined Application Profiles panel highlight the application you wish to edit or delete f To edit the application profile click EDIT The Edit Application screen appears Make the necessary changes to the application profile and click DONE g To delete the application profile click DELETE Allowing all Applications DMZplus DMZplus is a special firewall mode that is used for hosting applications if you cannot get an application to work properly using the Allow individual application s option When in DMZplus mode the designated computer Shares your gateway s IP address Router Address Appears as if it is directly connected to the Internet Has all of the unassigned TCP and UDP ports opened and pointed to it Can receive unsolicited network traffic from the Internet Although the computer in DMZplus mode appears to Internet users as though it is directly connected to the Internet it is still protected by your system firewall All traffic is inspected by the firewall s Stateful Packet Inspection engine and all known hacker attacks continue to be blocked Because all filtered traffic is forwarded to the designated computer you should use DMZplus mode with caution A computer in DMZplus mode is less secure because all av
107. leaved lines with impulse noise the connect rate will be lowered to avoid excessive errors on the line however impulse noise may vary with time so connect rates may vary accordingly Impulse Noise Compensation is currently disabled for inter leaved lines Indicates to what degree impulse noise is present on the line Management and Diagnostic Console Value Varies by service provider Appropriate values usually range between 25dB and 6dB A positive value for exam ple 12 could indicate the pres ence of an unfil tered telephony device and or an alarm The ideal value is zero O The maxi mum difference should be less than 150 ppm Dependent on DSL line length The ideal value is zero O The ideal value is zero 0 Comment Ok or Suspicious check phone filters and alarm Ok or Suspicious hard ware frequency mismatch Ok or Suspicious possi ble saturation Ok or Suspicious Impulse noise detected 89 Management and Diagnostic Console Item Description Value Comment Measurement of how much impulse noise can be miti gated Dependent on the cur rent line configuration Impulse noise protection Delay of latency Measurement of how much path delay is introduced Depen dent on the current line config uration Reviewing Training History The Training History pane provides a record of the last 20 connection attempts The current connection or connection
108. lts in a sub network number of 123 45 67 0 and a device number of 89 The subnet mask used for the network typically corresponds to the class of IP address assigned as shown in the following table IP Address Class Dotted Decimal Notation Ranges Corresponding Subnet Mask Class A 1 XXX XXX XXX to 126 XXX XXX XXX 255 0 0 0 Class B 128 0 xxx xxx to 191 255 XXX XXX 255 255 0 0 Class C 192 0 0 xxx to 223 255 255 xxx 255 255 255 0 122 Glossary SYN Flood A method that the user of a hostile client program can use to conduct a denial of service DOS attack on a computer server The hostile client repeatedly sends SYN synchronization packets to every port on the server using fake IP addresses T TCP IP Transmission Control Protocol Internet Protocol A method of packet switched data transmission used on the Internet The protocol specifies the manner in which a signal is divided into parts as well as the manner in which address information is added to each packet to ensure that it reaches its destination and can be reassembled into the original message Transmission Control Protocol Internet Protocol TCP IP See TCP IP U UDP User Datagram Protocol A TCP IP protocol describing how data packets reach application programs within a destination computer vV VPI Virtual Path Identifier Identifier contained in the ATM cell header to designate the virtual path on the physical ATM link VCI Virtual Channel Identifier
109. m summary page then click the Voice Network DONE 34 Firewall Tab This chapter describes the 2Wire gateway firewall features and provides detailed instructions on how to modify the firewall settings Firewall Features The 2Wire gateway has a professional grade firewall to help prevent unauthorized users from accessing your local network The 2Wire gateway firewall includes the following features Stateful packet inspection Blocks common Denial of Service attacks such as SYN FIN flooding or Smurf and detects and logs TCP and UDP port scans Stateless packet inspection Filters specific NetBios traffic suspicious packets and IP fragments blocks packets sent from the private network to the Internet that have spoofed IP addresses Network Address Translation NAT Translates a local network s IP address to an external address maintained by the 2Wire gateway effectively hiding the existence of a home network to the Internet The 2Wire gateway then uses this external address to communicate with the Internet on behalf of devices connected to the local network Port Address Translation PAT A function provided by some routers which allows hosts on a LAN to communicate with the rest of a network such as the Internet without revealing their own private IP address All outbound packets have their IP address translated to the router s external IP address Replies come back to the router which then translat
110. ment and Diagnostic Console The Advanced Detailed Log page is a debug log facility modeled after syslog and provides advanced diagnostic capabilities 2WRE System Summary Broadband Link Summary St S Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Advanced Detailed Log INF PO000 00 00TO00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00TO00 00 07 INF PO000 00 00TO00 INF P0000 00 00TO INF PO000 00 00TO INF PO000 00 00TO INF PO000 00 00TO INF PO000 00 00TO ERR POOOO 00 00TO INF PO000 00 00TO INF PO000 00 00TO INF PO000 00 00TO INF PO000 00 00TO INF P0000 00 00TO INF PO000 00 00TO INF P0000 00 00TO INF PO000 00 00TO INF Pooo0 00 00TO INF PO000 00 00TO INF PO000 00 00TO00 INF PO000 00 00T00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00T00 00 07 INF PO000 00 00TO00 00 08 INF PO000 00 00T00 00 08 INF PO000 00 00T00 00 08 INF P
111. n create a user defined application profile To create a user defined profile you will need to know protocol and port information View firewall details To Allow Users Through the Firewall to Hosted Applications QO Select a computer Choose the computer that will host applications through the firewall QuT 109 s irewall settings for this computer Edit fi Il settings for thi ut Maximum protection Disallow unsolicited inbound traffic Allow individual application s Choose the application s that will be enabled to pass through the firewall to this computer Click ADD to add it to the Hosted Applications list All applications bd Hosted Applications Age of Empires a Age of Kings Age of Wonders Aliens vs Predator ADD Anarchy Online Asheron s Call Baldur s Gate REMOVE BattleCom Battlefield Communicator Black and White lt Add a new user defined application Allow all applications DMZplus mode Set the selected computer in DMZplus mode All inbound traffic except traffic which has been specifically assigned to another computer using the Allow individual applications feature will automatically be directed to this computer The DMZplus enabled computer is less secure because all unassigned firewall ports are opened for that computer Note Once DMZplus mode is selected and you click DONE the system will issue a new IP address to the selected computer The computer must be
112. nabled Enter New Password Ga Confirm New Password that will help you remember your password if you forget it what your password is without making it obvious to others Enter Your Hint SELG Check ENABLE to require a password to modify settings When you choose to password protect the system settings you should also set up a password hint This hint can be a word phrase or question Your password should be something unique that others cannot easily guess Likewise your hint should be something simple that reminds you CANCEL Voice Network Firewal KILI Details frome Help Site Map Current Settings No Password Set The system password allows you to control who can change settings on the system NT P Figure 3 Edit System Password Page 1 In the Settings panel click the Enable checkbox 2 In the Enter New Password field enter your password 3 In the Confirm New Password field re enter your password 4 Optional In the Enter Your Hint field enter a hint A hint is a word phrase or question that reminds you what the password is There is an forgot the password link on the password entry page When you click this link it shows you your hint and allows you to enter your password 5 Click SAVE System Tab To disable password protection deselect the Enable checkbox and click SAVE To safeguard your network against unauthorized users it is also a go
113. nabled the firewall detects UDP and TCP port scans and drops the packet Invalid Source Destination IP When enabled the firewall will verify IP addresses by address checking for the following IP source address is broadcast or multicast drop packet TCP destination IP address is not unicast drop packet IP source and destination address are the same drop packet Invalid IP source received from private home network drop packet Packet Flood SYN UDP ICMP When enabled the firewall will check for SYN UDP ICMP Other and other types of packet floods on the local and Internet facing interfaces and stop the flood Invalid TCP Flag Attacks NULL When enabled the firewall will scan inbound and out XMAS Other bound packets for invalid TCP Flag settings and drop the packet to prevent SYN FIN NULL and XMAS attacks Invalid ICMP Detection The firewall checks for invalid ICMP code types and drops the packet Miscellaneous The firewall checks for the following Unknown IP protocol drop packet Port O attack detected drop packet TCP SYN packet drop packet Not a start session packet drop packet ICMP destination unreachable terminate session To disable attack detection for a specific port Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab 50 Firewall Tab Click the Advanced Settings link under the tab
114. nd UDP ports are forwarded to it 82 Firewall Detailed Information Page Management and Diagnostic Console Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Firewall Detailed Information page shows detailed information about the gateway s firewall Statistics lnd 0 0 fnd 45 0 Device List last used 15089 max_idle 600 Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log E WRIE Management and Diagnostic Console Siskin Nanay Firewall Detailed Information Broadband Link Pinholes Summary external pin holes 192 available Detailed Statistics NAT Sessions Configure current secs since boot 15656 Local Network session table 1023 1024 available 0 512 used in inbound sessions Status sess 49 bkt 5 flags Ox000000c8 proto 17 cnt 2 1 69 110 3 227 30536 f 68 94 156 1 53 n 69 110 3 227 30536 Back to Top Figure 37 MDC Firewall Detailed Information Page Pinholes A p
115. nd responds with a connection not available message This may not discourage a determined hacker because the message confirms that there is an active network sending the response The hacker may then use more sophisticated tools in an attempt to access your network When in stealth mode the 2Wire gateway firewall does not return any information in response to network queries that is it will appear to the hacker who is trying to access your network that your network does not exist This discourages hackers from further attempts at accessing your network because to them it will appear as though there is no active network to access To enable Stealth Mode Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Advanced Settings link under the tab to open the Edit Advanced Firewall Settings page Settings Security Check to enable the features below We Stealth Mode T Block Ping IT Strict UDP Session Control Inbound and Outbound Control Checking the box allows the associated traffic type through the firewall Outbound Inbound V HTTP V Remote Management MV HTTPS T NetBIOs M FTP Telnet V SMTP iv DNS I NetBI05 FW POP3 Vv IMAP V NNTP M IRC M H323 W All Other Protocols SAVE CANCEL RESTORE DEFAULTS 1 In the Security pane click the Stealth Mode checkbox 2 Click SAVE 46 Firewall Tab Block Ping Ping is a ba
116. ned for Provisioning Info Confiqure Time Services Configure Services that computer Note Once DMZplus mode is selected and you click DONE the system will issue a new IP address to the A selected computer The computer must be set to DHCP mode to receive the new IP address from the system Static Routes and you must reboot the computer If you are changing DMZplus mode from one computer to another computer DNS Resolve you must reboot both computers Traffic Shaping SUBMIT Settings Link Manager Detailed Log Back to Top Figure 35 MDC Firewall Settings Page Hosting an Application To host an application on the gateway s network for Internet users to access such as a Web server the firewall must be configured to allow users on the Internet to access it To host an application 1 From 1 Select a computer select a computer from the pull down menu 2 From 2 Edit firewall settings for this computer click the Allow individual application s radio button 79 Management and Diagnostic Console 3 From the Applications list select an application profile 4 Click the ADD 5 button The application displays in the Hosted Applications list 5 Click the Submit button To stop an application that is routed to a selected computer 1 From the Hosted Applications list select the application profile name 2 Click the lt REMOVE button Note If an application does not appear in the Applicat
117. nesday February 8 2006 01 54 12 PM Pacific Standard Time Select Your Time Zone The date and time are automatically set using time servers on the Internet The local time is set correctly when you select your time zone Select the time zone below and click SAVE GMT 08 00 Pacific Time US 4 Canada Tijuana v SAVE CANCEL Figure 5 Edit Date and Time Settings Page 1 From the drop down menu select the time zone 2 Click SAVE System Tab Viewing System Details The System Details page provides information about your gateway any enhanced services you may have and provides a link that you can use to restart your system To view the System Details page Open a Web browser and access the gateway user interface by entering http 2wire gateway net Click the System tab Click the View details link in the System area of the Network at a Glance panel to open the View System Details page 7 SY H Oe Ng a 2 awe L Ce ma ian wun i n i Summary System Password Date and Time Settings Details Pr HOME Help Site Map View System Details Details r 4 2700HGV G IP a Monor ba Restart the system Li Serial Number 265116005072 View available upgrades and k P INS Hardware Version 2700 000483 002 options Software Version 4 21 7 Key Code S2AN 2374 WHEZ 22AZ B278 Figure 6 View System Details Page The Restart the system link restarts your system Your network connections
118. net Address Subnet Mask Default Gateway Primary Domain Name Server Broadband Link Tab Description A number that is assigned to a computer so that it can com municate on a network and on the Internet This address is assigned to you by your Internet Service Provider for all com munication on the Internet and can be either Static perma nently assigned and manually entered or Dynamic automatically assigned and configured The typical configuration is for your ISP to automatically assign and configure an Internet address Dynamic when your system connects to the Internet Businesses or power users may use a static address enabling them to run advanced services such as Internet servers and video conferencing Static addresses typically cost more because they must be leased from the ISP If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address Static IP this is the information that was provided to you by your ISP and entered by you during gateway installation Part of the Internet address settings and used in conjunction with your Internet address If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address Static IP this is the information that was provided to you by your ISP and entered by you during gateway installation Part of the Internet address setti
119. ngs The default gateway is a device your 2Wire gateway communicates with directly to give you access to the Internet If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address Static IP this is the information that was provided to you by your ISP and entered by you during the sys tem installation Part of the Internet address settings A domain name is a meaningful easy to remember handle for an Internet address The DNS allows Internet users to specify a name domain name to reach a Web page for example www domainname com instead of its Internet address for example 111 222 111 222 When you enter the name of a Web location URL the DNS looks up the name and resolves it to the Web page s Internet address If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address static IP this is the information that was provided to you by your ISP and entered by you during gateway installation 14 Broadband Link Tab Item Description Secondary Domain Name Used as a backup if the Primary server fails to respond Server If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address Static IP this is the information that was provided to you by your ISP and entered by you during the sys
120. ngs for this computer Maximum protection Disallow unsolicited inbound traffic Allow individual application s Choose the application s that will be enabled to pass through the firewall to this computer Click ADD to add it to the Hosted Applications list All applications Hosted Applications ge of Empires a Age of Kings 3 Age of Wonders Aliens vs Predator ADD Anarchy Online Asheron s Call Baldur s Gate REMOVE BattleCom Battlefield Communicator Black and White KI Add a new user defined application O Allow all applications DMZplus mode Set the selected computer in DMZplus mode All inbound traffic except traffic which has been specifically assigned to another computer using the Allow individual applications feature will automatically be directed to this computer The DMZplus enabled computer is less secure because all unassigned firewall ports are opened for that cornputer Note Once DMZplus mode is selected and you click DONE the system will issue a new IP address to the selected computer The computer must be set to DHCP mode to receive the new IP address from the system and you must reboot the computer If you are changing DMZplus mode from one computer to another computer you must reboot both computers DONE Figure 20 Edit Firewall Settings Page 1 Firewall Tab From the Select a computer pull down menu select the computer to which you would like to have all data
121. ntage of received pack ets in error USB Transmit The cumulative number of frames transmitted over the USB home network interface the number of payload bytes transmitted and the number and percentage of transmit ted packets in error Receive The cumulative number of frames received over the USB home network interface the number of payload bytes received and the number and percentage of received pack ets in error To reset the local network statistics click the Reset button 72 Management and Diagnostic Console Local Network Device List Page The Local Network Device List page displays information about each device in the local network 2WRE System Summary Broadband Link Summary Statistics Detailed Statistics Confiqure Local Network Status Statistics Device List Wireless Confiqure Address Allocation Detailed Information Advanced Settings Voice Configure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log Management and Diagnostic Console Local Network Device List Identity Type MAC Address IP Address System 00 14 95 00 76 d9 192 168 1 254 QVT_109 Ethernet 00 d0 9e 00 00 a0 192 168 1 64 MOM Ethernet 00 00 4f 1d 62 35 192 168 1 65
122. nter the first DHCP address that you ll be distributing over the private network b In the Last DHCP Address field enter the last DHCP address that you ll be distributing over the private network c Inthe Set DHCP Lease Time field enter a value for the number of hours before the DHCP lease expires 5 Click SAVE Note If you change the home network IP address range you must renew the DHCP lease on all devices on your home network and manually reconfigure all devices configured with static IP addresses If you are using the 2Wire Network Support Tool you can renew the DHCP lease by selecting Refresh Network Connection in the Network Support Tool menu Setting Up a Public Network The Public Network pane allows you to create a local network that has broadband network accessible IP addresses by creating a route from the Internet to the specified public network The public network operates without Network Address Translation NAT This feature is typically used in conjunction with broadband service that provides a range of available IP addresses Once enabled the public IP addresses can be assigned to local computers To set up a public network 1 Check the Enable checkbox 2 In the Router Address field enter the router address this is typically provided by your service provider 3 In the Subnet Mask field enter the subnet mask this is typically provided by your service provider 4 Click SAVE 30 Home Network Ta
123. nually assigned To re enable routed mode 1 Configure the computer s IP address to work on the same subnet as the gateway a From the Windows desktop or the Start menu right click the My Network Places icon then left click Properties b Right click the icon that represents the network connection to the gateway and left click Properties Local Area Conmection LAN or High Speed Internet Erabied Broadcom 70x Gigabit Integrated Controler IP addres 10 4 254 164 Subnet Mask 255 255 0 0 Assigned by OCP 106 Management and Diagnostic Console c Click Internet Protocol TCP IP then click the Properties button Mp Boeson SAX Gpabt reegates Cortroier Gas Tha correction uses the laksang tame Ghert tor Miroaoh Networks Bil a and Parta aang bor Merosot Networks Z Moos Packer Schesuer Sem con r rothcaton mas nran connmctnd C Ce d In the General tab click the Use the following IP address radio button In the IP address field enter an IP address between 172 16 1 1 to 172 16 1 32 In the Subnet mask field enter 255 255 0 0 In the Default gateway and Preferred DNS server fields enter 172 16 0 1 You can get IP setings asegred atomebcaly you network supports You need to ask your network adminatrator for the asorconate IP setings O Ottan an IP accross mutsmanely Use the following IP address P sarees 12 NG Sibret mash z s Dent gateway m i6 Use the folloming ONS server add
124. number of addresses Remaining 69 Item DHCP Timeout Devices Ethernet Wireless 802 11 USB Public Network Router Address Subnet Mask Bridge Network Router Address Subnet Mask Management and Diagnostic Console Description The time in minutes before the DHCP lease must be renewed The number of Active and Inactive Ethernet devices on the network The number of Active and Inactive wireless devices on the network Specifies whether a USB device is present Active on the network If a USB device is not present the value is Inac tive Defines a separate network on the home side The subnet mask allocated for public address Creates a bridge network with the broadband The subnet mask allocated for public address Note If you have Enhanced Services such as Internet Access Control installed the specific service and its status display in the Devices panel TO Management and Diagnostic Console Local Network Statistics Page The Local Network Statistics page shows information about the interfaces on the local network PMR Management and Diagnostic Console San Sui Local Network Statistics RESET statistics Broadband Link Ethernet Bytes Packets Errors Summary Transmit 3106914 16398 0 0 Statistics Receive 2654227 17688 0 0 Detailed Statistics AA Contis Wireless Transmit 117952 0 5401 0 Local work Receive 703362193 0 o 0 Statistics USB Device List
125. obits per second kbps The setting in this field is determined by your ISP s DSLAM equipment Indicates how much the noise on the DSL line can increase before it begins to affect the DSL signal As the noise on the DSL line increases the margin will approach zero If the noise exceeds the current noise margin the DSL signal will be lost The level is measured in decibels dBs Represents the decrease in signal strength between origina tion of the DSL Central Office and your gateway Customers who live close to their Central Office usually will have less sig nal loss and a low current attenuation The level is measured in decibels dBs The current DSL transmit power of your gateway The level is measured in decibels dBs A DSLAM is the piece of equipment located in the Central Office CO that provides the DSL signal to your DSL line The Vendor Information identifies information about the configura tion of this equipment Displays the pair of numbers that uniquely identifies the ATM virtual circuit between the system and the provider of your DSL service Identifies the method by which the gateway connects to the Internet Service Provider ISP PPPoE PPPOA or Direct The name used to connect with your Internet Service Provider ISP Your username was either assigned to you or configured by you during the install process The correct username is required to successfully connect to the Internet 13 Item Inter
126. ocol 600 seconds for the UDP protocol d Inthe Map to Host Port field enter a value that will map the port range you established in step b to the local computer For example if you set the value to 4000 and the range being opened is 100 to 108 the forwarded data to the first value in the range will be sent to 4000 Subsequent ports will be mapped accordingly 101 will be sent to 4001 102 will be sent to 4002 etc e From the Application Type drop down menu select the application type If you do not know the application type select None Default Click ADD DEFINTION to add the values to the profile definition list Click DONE Repeat these steps for each port or range of ports required for the application profile To edit or delete an application profile Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Firewall Settings link under the tab to open the Edit Firewall Settings page 40 Firewall Tab In the Applications panel click the Edit or delete user defined application link The Select a Hosted Application page opens i f Bs S awire OU 92 S 2 a E gt Broadband Home Voice Firewall System Link Network Network Summary Firewall Settings Firewall Monitor Firewall Log Advanced Settings TY HOHE Help Site Map Select a User Defined Application Applications Choose an application from the list below Clic
127. od practice to periodically change your password Resetting the System Password If you forget your password and still cannot remember it after seeing your hint click the System Password still can t remember the password link Password Required Here s a hint for the password company name Password still cant remember the password SUBMIT CANCEL The Reset System Password page opens owre C2 Z 2 amp Sen Network Network Summary System Password Date and Time Settings Details fr HOHE Help Site Map Reset System Password Password Help Information Before resetting the system password itis recommended that you attempt to use your password hint to remind you of your current system password Ifyou still cannot remember the current system password you may System Key change it by first entering the unique 10 digit system key printed on the bottom of your unit After entering the correct key you must immediately change your existing system password by typing and confirming a new password in the spaces below System Key Enter New Password or Confirm New Password After choosing a new password itis strongly recommended that you create a password hint This hint can be a word phrase or question that will help you remember your password if you forget it in the future Your password hint should be something simple that reminds you what your password is without making it obvious to others Ent
128. on set to WEP sys Wireless Key set sys Wireless channel setto 6 sys Wireless power setto 400 CLEAR LOG DI Back to Top Figure 41 MDC Troubleshooting Event Log Page You can view specific information by selecting which log to view from the pull down menu and then clicking the Filter button the screen capture depicted above has the system filter applied Following are descriptions of the logs Access Shows the current access log which registers all significant Content Screening and Internet Access Control events All Shows all logs that register a significant event access firewall fw alert system and wra Firewall Shows all detailed firewall events including Internet Access Control and Firewall Monitor FW Alert Shows the current Firewall Monitor log which registers all significant Firewall Monitor related events HURL Shows the Broadband Redirect messages that have been enabled by a service provider 93 Management and Diagnostic Console Modem Shows the current modem log which registers all significant modem related events System Shows the current system log which registers all significant events within the 2Wire gateway since it was last restarted WRA Shows the current Web Remote Access log which registers all significant Web Remote Access related events Each log entry includes the severity level a description of the event and the actual time that it occurred T
129. one company will notify the customer as soon as possible Also you will be advised of your right to file a complaint with the FCC if you believe it is necessary The telephone company may make changes in its facilities equipment operations or procedures that could affect the operations of the equipment If this happens the telephone company will provide advance notice in order for you to make the necessary modifications in order to maintain uninterrupted service If trouble is experienced with this equipment please contact the store reseller or agent from whom the product was purchased Repair of this equipment should be made only by the 2Wire Service Center or a 2Wire authorized agent
130. or the phone 3 Ifyou have more than one Digital Voice line select which of these phone lines you would like to connect to this phone Activate Locate amp RING NOW Phone 1 Line 1 408 856 9285 EDIT Click NEXT to continue or BACK to go back to the preivous step DO NOT use browser s back button Phone Name Connect to Line 33 5 VolP Network Tab In the Phone Name field select a name to associate with the phone If you have more than one digital voice line in the Assign Number field select which phone line you wish to associate with this phone Click SUBMIT awrr 0 2 5 2 3 adband Home Voice System Link Network Network Digital Voice Edit Information Edit A N Firewall Pr HONE Site Map Edit Information pire Edit The Phone to Line Mappings below KA Phone Name Kitchen Assign Number Line 1 408 856 9285 v Ll Click Submit to continue or Cancel to go back to previous page SUBMIT CANCEL 6 Setup is complete Click DONE to return to the View Voice Network page JR D owirE d 8 e F F Broadband Home Voice System Link h Network Network Digital Voice Firewall 42 HONE Site Map Congratulations Setup Complete You have completed the Digital Voice setup process Click DONE to return to the Voice Network summary page To change your settings go to the syste
131. ote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Advanced Traffic Shaping page allows users to change the 2Wire gateway s maximum upstream connection rate y BWRE Management and Diagnostic Console aaa Advanced Traffic Shaping Broadband Link WARNING Summary Settings on this configuration page may affect the performance of your Internet connection Statistics h seers Enable Traffic Shaping agi Current Upstream Rate 512 kbps Local Network New Upstream Rate kbps Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Confiqure Time Services Configure Services Static Routes DNS Resolve Traffic Shaping Link Manager Detailed Log SUBMIT Settings Figure 51 MDC Advanced Traffic Shaping Page WARNING Modifying the gateway s configuration settings may impede or interrupt the user s broadband service or violate the service provider s service level agreement To change the gateway s upstream connection rate 1 Check the Enable Traffic Shaping checkbox 2 In the New Upstream Rate field enter the upstream rate at which you want the gateway
132. oubleshooting Resets CLEAR RESET RESET RESET RESET RESET Note These actions are for diagnostic and troubleshooting purposes only Some actions will change configuration settings and will affect the operation of your gateway Local Network DSL Connection ISP Connection Broadband Link 2700HGV Gateway Reboots your 2700HGV Gateway to Factory State Clears all devices from your Local Network list Network devices will appear in the list as they are re discovered Retrains your DSL connection on the same line Resets your PPP connections and or releases and renews your broadband IP address Reestablishes your broadband link Warning Resets configuration parameters Figure 44 MDC Troubleshooting Resets Page The Clear button in the Local Network field clears all devices from the Local Network list Doing so will change the configuration settings and may affect 2Wire gateway operation because it removes all devices such as computers from your network The Reset button in the DSL Connection field retrains the 2Wre gateway s DSL connection The Reset button in the ISP Connection field resets the PPP connection and or releases and renews the broadband IP address 98 Management and Diagnostic Console The Reset button in the Broadband Link field allows you to reset the 2Wire gateway broadband link For 2Wire gateway models with a DSL connection this means the DSL connection is reset
133. ov request flags bb gen support phare merem bb gen support name Bwaca0 modd 4 parents 1 fags O mum leval 6 gt 10 mata modig 5 parerad 1 Naga O run levat 6 gt 10 Toute modig 6 pareng 1 Naga Orun level 6 10 fwO modis 7 parardd 1 tape O run lever 6 10 ds modig parentig 3 flags Orun level G 10 DSL Line ki apat medid Dparerdd 8 Mage run let Br 10 Velist Search Type vw va ince atmO modd 10 parontd 9 aps run teve amp gt 10 pppoed modd 11 parenta 17 fags 0 run lawet 6 gt t0 Sirie Dufau PEO modig 14 pwentid 11 fage O run level 6 gt 10 anye kamim username Ul Param Configuration slow csprro Firewall Configuration wound ast a 26 877 347 4600 SUppanigawre com 6032 0095 0197 AIN ADI 92 0795 078 005 001 00 o o 35 o Jwitegebegiooal net mue TRUE TRUE TRUE TRUE OFF OFF orr orf OFF OFF orr OFF TRUE TRUE FALSE TRUE TRUE FALSE TRUE tagas 86609 o 179 Maps Nga 4 21 7 spe cms Aero com DATO oraiicss cms 2wite com 3428 o KUL MTTP KILL MTTPS KILL PTP KILL TELNET KILL ENTE KILL DNS KILL POP3 KILL MAP KILL NNTP KILL IRC KILL H323 KILL NETBIOS KULTOTHER wu NETHIOR block ping OFF puana o strict uap EDU Isa Jog or por scan 0N ipagar crack sON Nood detect ON epfags cheek z0N lempcodetpe_check ON misc check on natmitcaal r tcp le Bm 86400 udpjdie ime 00 paran meal 100 pacan detect mesh 3 pocan dop
134. played along with the corresponding IP address Click the Start button The results are displayed on the page as they occur and include round trip latency the aggregate number of packets sent received and lost and the minimum maximum and average round trip latency To discontinue Ping or Traceroute click the Stop button To perform a DNS query 1 2 3 From the drop down menu select DNS Query In the Host field enter the domain name URL for which you wish to obtain the IP address Click the Start button 96 Management and Diagnostic Console Troubleshooting Upgrade History Page The Troubleshooting Upgrade History page shows a log of all system software upgrades and lists the upgrades in the order in which they occurred 2WRE Management and Diagnostic Console PARA Troubleshooting Upgrade History Broadband Link Current Version Model Number 2700HGY Gateway Hardware Version 2700 000483 002 Software Version 4 21 7 Summary Statistics sant Upgrade Log Local Network Initial Software Version 4 21 7 Status Statistics Device List Wireless Confiqure Address Allocation Firewall Settings Detailed Information Advanced Settings Voice Confiqure Server Troubleshooting DSL Diagnostics Event Log Network Tests Upgrade History Resets Advanced Syslog Settings Provisioning Info Configure Time Services Confiqure Services Static Routes DN
135. rdware Version 2700 000483 002 Hardware Options Wireless present DSL Modem Type ADSL Current Software 4217 Configuration Key Code 52AN 2374 WHE2 22AZ B275 System Time Wednesday February 8 2006 02 47 53 PM Pacific Standard Time 01 52 41 PM Time Since Last Boot 0 days 03 56 46 Last ID Post Wednesday February 8 2006 Components DSL Modem Az system 40180 base_ui 40181 common_en 40183 common_fr 40184 common_es 40185 base_voice 40182 Firewall Rules 1000 Application List 1001 Figure 24 MDC System Summary Page Depending on the service provider and the components installed the System Summary page includes the following information Item System Model Serial Number MAC Address Description 2Wire gateway model number for example 2700H6V Gateway 2Wire gateway serial number 2Wire gateway MAC address 56 Item Hardware Version Hardware Options DSL Modem Type Current Software Configuration Key Code System Time Time Since Last Boot Last ID Post Components DSL Modem Firewall Rules Application List Management and Diagnostic Console Description 2Wire gateway hardware version The type of peripheral device installed ADSL or ISDN 2Wire gateway software version The key code associated with the current provi sioning settings The value is Unprovisioned if the 2Wire gateway has not yet been provi sioned The day month year and t
136. ream 21 0 db Upstream 8 3 dB Downstream 4 5 db Upstream 1 8 dB Downstream 5 0 db Upstream Country OxFF Vendor 00 00 FF 00 Specific 0x00 0 35 PPPoE 2wire sbcglobal net 69 110 3 227 255 255 255 255 151 164 184 81 68 94 156 1 206 13 28 12 1492 Successful Successful Successful Figure 8 View Broadband Link Details Page The following table shows the information that may be displayed on the Broadband Link Details page Note The information displayed depends on the type of broadband service you have and your gateway model Item DSL Connection DSL Line Wire Pair Protocol Description The DSL signal can be transmitted on Line 1 inner pair or Line 2 outer pair During installation the gateway automati cally detects on which line the DSL signal is being transmit ted Displays which DSL protocol is being used to communicate between your system and your service provider 12 Item Downstream Rate Upstream Rate Channel Current Noise Margin Current Attenuation Current Output Power DSLAM Vendor Information PVC Info Internet Connection Details Connection Type Username Broadband Link Tab Description The speed at which data comes over your broadband connec tion from the Internet to your network measured in kilobits per second kbps The speed at which data goes over your broadband connec tion from your network to the Internet measured in kil
137. reless Mode 802 1lb g Default 802 11 big DTIM Period seconds 1 Default 1 Maximum Connection Rate 54 Mbps Vv Default 54 Mbps Power Setting lov Default 4 SAVE CANCEL RESTORE DEFAULTS Syst Broadband Home Voice Firewall wee Link Network Network Summary Wireless Settings Advanced Settings Tt HOME Help Site Map Configure the Wireless Network Settings Current Settings Identify Network Access Point 3 00 14 95 00 76 49 Network Name 2WIRE072 Network Name 2WIRE072 Channel 6 2437 MHz Wireless Channel 6 2437 MHz Authentication WEP Open Encryption WEP To locate the built in 10 digit wireless encryption key for your system please look at the bottom of the product near the bar code label SN 145511100110 ba WEENIE NUN LL o 4119627022 r i TOE SEEM CEEOL p Manay Number 4000000428000 _ Figure 13 Configure the Wireless Network Page Home Network Tab 26 Home Network Tab The Current Settings panel shows the 2Wire gateway s wireless access point settings Access Point The designated name of the wireless access point Network Name The name assigned to your wireless network The default is 2 WIREXXX where XXX represents the last three digits of your 2Wire gateway serial number for example 2WIRE954 Channel The radio frequency band the access point uses for your wireless network the default is 6 Wireless adapter cards
138. ress you want the gateway to use 21 Broadband Link Tab 3 In the Subnet Mask field enter the subnet mask you want the gateway to use 4 Inthe Default Gateway field enter the default gateway address you want the gateway to use 5 Click SAVE Modifying the Broadband DNS By default the gateway automatically obtains the DNS server addresses via DHCP The Broadband DNS panel allows you to manually configure your DNS information 1 Click the Manually configure your DNS information radio button 2 Inthe Primary Server field enter the IP address of the primary DNS server that the gateway is to use for DNS name resolution 3 In the Secondary Server field enter the IP address of the secondary DNS server that the gateway is to use for DNS name resolution 4 In the Domain Name field enter the specific domain name to be used by the gateway 5 Click SAVE Note If you choose to manually configure your system and have a problem re run your installation and follow the installation instructions provided to you by your service provider 22 Home Network Tab This chapter describes the 2Wire gateway Home Network features and provides detailed instructions on how to customize your network settings Viewing Your Home Network Summary The Home Network Summary page displays information about the devices installed on your network To access the Home Network Summary page Open a Web browser and access the 2Wire gateway user inte
139. resses Preferred ONS server Na NG e Click OK f If required reboot the system for the changes to take effect Attach the computer to the Local Network port of the 2Wire gateway In the Web browser address bar enter 172 16 0 1 management Click Configure Services 107 Management and Diagnostic Console 5 Click the Enable Routing checkbox 6 Click the Submit Settings button The gateway PPP routing and TCP IP functions are now re enabled and the Local Network LED will turn Green The computer can now be reset to a DHCP assigned IP address or left to obtain it statically Changing Timeout Parameters By default TCP and UDP are configured to timeout in 1 440 and 10 minutes respectively You can change the parameters by entering different values in the TCP Timeout and UDP Timeout fields and then clicking the Submit button Enabling Broadband Status Notification Note This field will display only if the CMS organization has the Broadband Status Notification feature enabled To receive a notification message that the gateway has lost broadband connectivity and cannot access the Internet check the Enable checkbox Enabling Missing DSL Filter Notification Note This field will display only if the CMS organization has the Missing DSL Filter Notification feature enabled To receive a notification message that the gateway has detected a missing DSL filter check the Enable checkbox Enabling SIP Application Layer
140. rface by entering http 2Wire gateway net Click the Home Network tab to open the View Network Summary page o 2 gs 4 G 5 EW If 2 ac a Broadband Home Voice Firewall a sya 8 Link Network Network Summary Wireless Settings Advanced Settings HOME Help Site Map View Network Summary Local Devices Status at a Glance QVT_109 For this computer gt Home Network Edit firewall settings Local Interfaces View device details Ethernet 1 Inactive HP Wireless 0 DISABLE gt USB 0 DISABLE MOM For this computer PIPO TIE NU PE OT EGO SEEM TAS PE ETETA 4S Access shared files Wireless Settings Edit firewall settings Network Name 2WIREO72 View device details Access Point 00 14 95 00 76 a9 EDIT SETTINGS Figure 12 View Network Summary Page Understanding the Local Devices Panel The Local Devices panel shows you the name of the device how it is connected any special configuration information and provides links to other system features that you can set up for the device A device on your network is usually a computer either a personal computer used by a household member or a computer that is dedicated to a specific use Such as a Web server that hosts online games The status of each device is shown in the Local Devices list in your 2Wire gateway user interface 23 Home Network Tab If the show inactive devices option is enabled and the device becomes ina
141. roubleshooting DSL Diagnostics 7 Telnet Event Log V SMTP Network Tests V DNS Upgrade History Resets C NetBIOS Advanced V POP3 Syslog Settings Z IMAP Provisioning Info Configure Time Services V NNTP Configure Services IRC Static Routes DNS Resolve Ei H323 Traffic Shaping E All Other Protocols Link Manager NG NAGA EDNA NADAAN NICE T aan IASA hemes Ange AARON ARKA HG Detailed Log Attack Detection AA Firewall Advanced Settings susmiT Settings Broadband Link WARNING Summary Modifying the settings on this page can impact the ability of computers on the local network to access your Statistics broadband connection Modifications may also affect broadband enabled applications and services running on the Detailed Statistics local network Confiqure Local Network Security Status Check to enable the features below atait C Stealth Mode Device List o Block Pin Wireless g Configure O Strict UDP Session Control Full Logging Enable Full Logging O Hote Enabling full logging will reduce system performance SUBMIT Settings Back to Top Figure 38 MDC Firewall Advanced Settings Page 84 Management and Diagnostic Console Enabling Security Features The Security pane allows you to configure the gateway s firewall to provide additional security features Following are descriptions of the features Stealth Mode Enabling Stealth Mode suppresses error responses for example TCP
142. rough application specific data This feature is typically used if the application for which you would like to pass through data to a given computer is new or has been recently updated to a new version To create a new application profile Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Firewall Settings link under the tab to open the Edit Firewall Settings page In the Applications panel click the Add a new user defined application link to open the Edit Application page f g amint 0 2 5 2 ss CH Por Broadband Home Voice Firewall System Link Network Network Summary Firewall Settings Firewall Monitor FirewallLog Advanced Settings Y HOHE Help site nap Edit Application Settings Profile Name Enter a name for the application profile that you are creating Application Name Custom Application Definition Choose a protocol and enter the port s for this application then click ADD DEFINITION to add the definition to the Definition List Ifthe application requires multiple ports or both TCP and UDP ports you will need to add multiple definitions Note In some rare instances certain application types require specialized firewall changes in addition to simple port forwarding If the application you are adding appears in the application type menu below it is recommended that you select it Protocol TCP C UDP Port or R
143. s and going out of Outgoing Kbps your system It measures real time data throughput in Kilobits per second and displays in one second intervals The Speed Meter monitors the actual data rates while connecting to a Web site This data rate can differ from the reported speed of your broadband connection due to many factors including traffic to the Web site or the speed of the Web servers at the site you are visiting Note To use the Speed Meter your browser must support Java 2 15 Broadband Link Tab Test Connection Speed The Test connection speed link launches the 2Wire Bandwidth Meter The Bandwidth Meter measures the maximum download speed from 2Wire s Web site to your system in Kilobits per second Kbps The 2Wire Bandwidth Meter estimates your connection speed from the Internet Because the Internet consists of thousands of interconnections your connection to a Web site could be affected by many different factors If you experience slow performance on a particular Web site you can use the 2Wire Bandwidth Meter to verify whether this is isolated to that particular Web site or if it is a more general occurrence Because the 2Wire Bandwidth Meter measures the download speed from 2Wire s Web site to your computer and can be affected by many factors on the Internet it is not an accurate measurement of the service from your ISP Using Broadband Diagnostics Diagnostics displays an itemized list of your broadband connection s curr
144. sers to open the necessary ports through the firewall using the Firewall Settings page If the user requires that a computer have all incoming traffic available to it this computer can be set to the DMZplus mode While in DMZplus mode the computer is still protected against numerous broadband attacks for example SYN Flood or Invalid TCP flag attacks In rare cases the incoming traffic may be inadvertently blocked by the firewall for example when integrating with external third party firewalls or VPN servers You may need to disable one or more of the attack detection capabilities for any device placed in the DMZplus In this case the third party server provides the attack protection normally provided by the gateway 49 Firewall Tab The following table lists the attacks for which the gateway firewall filters continuously check Attack Description and Action Taken Excessive Session Detection When enabled the firewall will detect applications on the local network that are creating excessive sessions out to the Internet This activity is likely due to a virus or Worm infected computer for example Blaster Worm When the event is detected the gateway displays a HURL warning page TCP UDP Port Scan A port scan is a series of messages sent by someone attempting to break into a computer to learn which com puter network services each associated with a well known port number such as UDP and TCP the computer pro Vides When e
145. set to DHCP mode to receive the new IP address from the system and you must reboot the computer If you are changing DMZplus mode from one computer to another computer you must reboot both computers DONE Figure 17 Edit Firewall Settings Page 5 From the Select a computer pull down menu select the computer that you wish to host the application Click the Allow individual application s radio button In the Applications panel select an application Click the ADD gt button The application you selected now appears in the Hosted Applications pane Click DONE To stop hosting an application 1 2 3 In the Hosted Applications panel select the application you wish to stop hosting Click the lt REMOVE button Click DONE 38 Firewall Tab Updating the Application Profile List If the application you want to host does not appear in the Application Profile list you may need to update the application list If an update is available the UPDATE APPLICATION LIST button appears above the list of application profiles If the application that you want to host is not included in the updated application list you may need to add your own application profile Adding an Application Profile If you wish to host an application that is not included in the Application Profile list you can add an application using the Add Application Profile page An application profile configures your system s firewall to pass th
146. sic Internet program that when used without malicious intent allows a user to verify that a particular IP address exists and can accept requests Ping is used diagnostically to ensure that a host computer you are trying to reach is operating It can also be used to see how long it takes to get a response back from a specific host computer Hackers can use ping to launch an attack against your network because ping can determine the number form of the network s IP address for example 105 246 172 72 from the domain name for example www mynetwork com If you enable Block Ping your network will block all ping requests To block ping Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Advanced Settings link under the tab to open the Edit Advanced Firewall Settings page Settings Security Check to enable the features below I Stealth Mode fe Block Ping IT Strict UDP Session Control Inbound and Outbound Control Checking the box allows the associated traffic type through the firewall Outbound Inbound V HTTP V Remote Management MV HTTPS T NetBios WK FTP fw Telnet V SMTP V DNS IT NetBI05 V POP3 V IMAP V NNTP M IRC V H323 M All Other Protocols SAVE CANCEL RESTORE DEFAULTS 1 In the Security pane click the Block Pings checkbox 2 Click SAVE 47 Firewall Tab Strict UDP Session Control Enabling this feature pro
147. ssword i j ateway Privacy policy System Area 4 Software 4 21 7 atian ede Password Not Set cs Broadband Link Monitor Internet connection Broadband Connection Speed View summary Link Area Incoming 3008 kbps Outgoing 512 kbps View the home network a s Home Network a Computers Home NG J P Network Area QVT 109 g MOM Figure 2 Network at a Glance Panel System Area of the Network at a Glance Panel The System area of the Network at a Glance panel displays your 2Wire gateway model name the version of gateway software that you are using and the status of your gateway password The diamond symbol in this area indicates the gateway s POWER light status and corresponds to the Power light on the front of your gateway The following table shows a list of possible POWER light states and their associated meanings Power Light Condition Off Power is not being supplied to the system The power supply is not plugged in correctly or the power adapter has malfunctioned Blinking Green The system is performing a self test Solid Green Power is on Blinking Orange The gateway is undergoing a software upgrade Solid Red System error Contact Technical Support If you have not set a system password the Set system password link displays If you have set a password the Change system password link displays You must enter the system password whenever you change system settings Note For additional information
148. tem installation This parameter may not be necessary and may be left blank Domain The name that associates your gateway with your ISP on the broadband link This parameter may not be necessary and may be left blank If you receive your Internet address settings automatically the subnet mask has been set for you If you manually set your Internet address Static IP this is the information that was provided to you by your ISP and entered by you during gateway installation Maximum Transmission Unit Shows the maximum size allowed on packets that are sent to MTU and from your network to your ISP Gateway Ping The 2Wire gateway periodically checks the connection between itself and your ISP s Default Gateway This field informs you that the check has been performed and whether or not it was successful DNS Communication The gateway periodically checks the connection between itself and your ISP s domain name server s to make sure DNS is available This field informs you that the check has been per formed and whether or not it was successful Configuration Server Post The gateway periodically checks the connection between itself and the 2Wire Component Management System This field informs you that the check has been performed and whether or not it was successful Monitor Internet Connection The Monitor Internet connection link launches the Speed Meter The Speed Meter measures the actual rate at which data is coming into Incoming Kop
149. the Username field enter your user name 3 In the Password field enter your password 4 In the Confirm Password field re enter your password 5 In the PPP on Demand field enter a value for the length of time you wish the PPP session to remain active If the value is set to O the PPP session will not time out it will be always on If the value is between 1 to 10080 minutes the PPP session will time out if the gateway doesn t detect outbound traffic destined for the Internet in the specified time 6 Click SAVE Modifying the Hardware Address By default the gateway uses its built in hardware address The Hardware Address Override panel allows you to manually override the MAC address of the broadband connection which is sometimes required for cable modems that perform MAC address authentication 1 Click the Override the built in hardware address radio button 2 Inthe Hardware Address field enter the alternative hardware address 3 Click SAVE Enabling Hostname Override In the DHCP Host Name field enter the DHCP host name you want the gateway to use This field is only relevant if your ISP uses DHCP host name authentication Modifying the Broadband IP By default the gateway automatically obtains its Internet address The Broadband IP panel allows you to manually configure your Internet address settings 1 Click the Manually configure IP address settings radio button 2 Inthe IP address field enter the IP add
150. tion key radio button If you select Use custom encryption key you can define a 64 bit or 128 bit encryption key For 64 bit encryption in the Key field enter a 10 digit hexadecimal number For 128 bit encryption enter a 26 digit hexadecimal number A hexadecimal number uses the characters 0 9 a f or A F 3 Click the Submit button Additional Settings The Additional Settings panel allows you to customize wireless settings In general it is recommended that you leave the default settings in place however if you are experiencing connection or performance difficulties altering these settings may improve performance Note Because the fields that display are dependent on the type of wireless adapter you are using some of these settings may not display Wireless Mode Allows you to force the gateway to use 802 11b g 802 11b only or 802 11g only modes of operation DTIM Period seconds Determines at which interval the access point will send its broadcast traffic The default value is 1 second Power Setting Allows you to select the power level for your wireless connection The default list is 1 to 4 additional options may appear based on the service provider s configuration Maximum Connection Rate The maximum rate at which your wireless connection works 1 2 5 5 11 or 22 Mbps for 802 11b based models 1 2 5 5 11 6 9 12 24 36 48 or 54 Mbps for 802 11b g based models 75 Management and Diagnostic Console
151. to network security Low Occurs when the firewall detects a low level threat to the network such as an invalid IP header or invalid packet length Medium Occurs when a medium level threat is detected such as an invalid IP fragment offset High Occurs when an attack is launched against the network for example a SYN Flood Details Includes the following information The IP address from which the packet originated The destination IP address of the packet The action that was taken Click CLEAR LOG to clear the log 44 Configuring the Firewall Advanced Firewall Tab The Edit Advanced Firewall Settings page allows you to configure advanced features on your firewall H f 2 oe Broadbani H 4 Link System WARNING Settings Security Check to enable the features below Stealth Mode C Block Ping Strict UDP Session Control Outbound Inbound v HTTP V Remote M 7 HTTPS C NetBios Z FTP Telnet KI v SMTP v DNS NetBIOS F POP3 v IMAP v NNTP v IRC H323 lt All Other Protocols RK SAVE CANCEL do Home 2 amp Firewall Network Network Summary Firewall Settings Settings Edit Advanced Firewall Settings Checking the box allows the associated traffic type through the firewall lanagement RESTORE DEFAUL
152. to open the Edit Advanced Firewall Settings page Home Summary Firewall Settings Advanced Settings owre DQ S 2 5 System Link 3 Network Network frome Help site Map Edit Advanced Firewall Settings WARNING Settings Security Check to enable the features below C Stealth Mode O Block Ping Strict UDP Session Control Inbound and Outbound Control Checking the box allows the associated traffic type through the firewall Outbound Inbound v HTTP V Remote Management HTTPS O NetBios FTP JE S Telnet v SMTP v DNS NetBIOS v POP3 IMAP NNTP v IRC Ka K H323 lt All Other Protocols K save CANCEL RESTORE DEFAULTS A Modifying the settings on this page can impact the ability of computers on the local network to access your broadband connection Modifications may also affect broadband enabled applications and services running on the local network Instructions Limiting data traffic may disable support for hosted applications that require inbound communications such as Web servers games or Internet chat programs All data traffic will continue to be scanned by the firewall for known hacker attacks Attack Detection Check to detect the types of attacks below Excessive Session Detection m TCP UDP Port Scan Invalid Source Destinat
153. transmitted in error Receive The number of bytes and packets received and the number and percentage received in error 17 Broadband Link Tab The Data Errors panel displays the following information Data Error ATM Cell Header Errors ATM Loss of Cell Delineation DSL Link Retrains DSL Training Errors DSL Training Timeouts DSL Loss of Framing Failures DSL Loss of Signal Failures DSL Loss of Power Failures DSL Loss of Margin Failures DSL Cumulative Errored Sec onds DSL Severely Errored Seconds DSL Corrected Blocks Description The number of ATM cell header CRC errors since the 2Wire gateway was last restarted and the elapsed time since the last cell header error The number of ATM loss of cell delineation errors since the 2Wire gateway was last restarted and the elapsed time since the last loss of cell delineation error The number of DSL retrains since the 2Wire gateway was last restarted and the time elapsed since the last retrain The number of failed DSL retrains since the 2Wire gateway was last restarted and the elapsed time since the last failed retrain The number of timeouts waiting for response from ATU C since the 2Wire gateway was last restarted and the elapsed time since the last initialization timeout The number of DSL loss of framing failures since the 2Wire gate way was last restarted and the elapsed time since the last line search initialization The number of DSL
154. ts on a LAN to communicate with the rest of a network such as the Internet without revealing their own private IP address All outbound packets have their IP address translated to the router s external IP address Replies come back to the router which then translates them back into the private IP address of the original host for final delivery PPP Point to Point Protocol A protocol that allows a computer to access the Internet using a dial up phone line and a high speed modem This can be accomplished over Ethernet PPPoE or over Asynchronous Transfer Mode ATM PPPoA 121 Glossary PPPoA Point to Point Protocol over ATM A specification for connecting multiple computer users on an Ethernet LAN to a remote site through common customer premises equipment such as a modem PPPoA combines the Point to Point Protocol PPP commonly used in dialup connections with the ATM Asynchronous Transfer Mode protocol which supports multiple users in a LAN PPPoE Point to Point Protocol over Ethernet A specification for connecting multiple computer users on an Ethernet LAN to a remote site through common customer premises equipment Such as a modem PPPoE combines the Point to Point Protocol PPP commonly used in dialup connections with the Ethernet protocol which supports multiple users in a LAN Protocol Timeout The amount of time in seconds during which a connection in the specified range remains open when there is no data transf
155. ttings KITA XA IP Address Subnet Mask Default Gateway Broadband DNS Obtain DNS information automatically Manually configure your DNS information Primary Server Secondary Server Domain Name Upstream MTU Force Upstream MTU 1492 CANCEL Figure 11 Broadband Link Advanced Settings Page Modifying DSL and ATM Settings By default the gateway automatically detects which DSL line to use The DSL and ATM panel allows you to select a DSL line and manually configure your ATM settings 1 From the DSL Line Selection drop down menu select Automatic Line 1 inner pair or Line 2 outer In the ATM Circuit Identifier VPI and VCI fields enter the VPI and VCI you want the gateway to use to connect to your ISP From the ATM Encapsulation drop down menu select Bridged LLC Bridged VC Mux Routed LLC or Routed VC Mux 20 Broadband Link Tab 4 In the ATM PVC Search field click the Enabled or Disabled radio button 5 Click SAVE Modifying Broadband Connection Settings The Broadband Connection panel allows you to modify your broadband connection 1 From the Connection Type drop down menu select the connection type PPPoE PPPoA Direct IP DHCP or Static or Routed IPoA If you connect via PPPoE or PPPoA proceed to step 2 If you connect via Direct IP or Routed IPoA proceed to step 5 Direct IP and Routed IPoA connections do not require a user name or password 2 In
156. u select Get Info Your MAC address appears as either the Hardware Address or the Ethernet Address Macintosh OS X 1 Click the Apple icon 2 Select System Preferences 3 Click the Network icon 4 Click the TCP IP tab 5 From the Configure pulldown menu select Built in Ethernet Your MAC address appears in the lower left corner as the Ethernet Address 11 Connection Details Broadband Link Tab The View connection details link accesses the Broadband Link Details page which displays technical information about your broadband connection Technical support representatives use this information to help troubleshoot problems with your broadband connection Details DSL Connection Details DSL Line Wire Pair Protocol Downstream Rate Upstream Rate Channel Current Noise Margin Current Attenuation Current Output Power DSLAM Vendor Information PVC Info Connection Type Username Internet Address Subnet Mask Default Gateway Primary Domain Name Server Secondary Domain Name Server Domain Gateway Ping DNS Communication Configuration Server Post 2 Broadband Link e fi 7 o F a 3 System Summary Details Diagnostics View Broadband Link Details Statistics Advanced Settings Maximum Transmission Unit MTU 2 amp Voice Firewall ft HOME Help Site Map Line 1 inner pair G DHT Annex A 3008 kbps 512 kbps Fast 20 0 dB Downst
157. uter inside your secure home network you must configure the system s firewall settings Figure 16 View Firewall Details Page If you have the Firewall Monitor enhanced service the Firewall Monitor panel shows a brief summary of the number of attacks that were blocked for the current day and week Click VIEW DETAILS to access the Monitor the Firewall page Hosting an Application When you host an application on your network for Internet users to access you must configure the 2Wire gateway firewall to pass through specific application data to a selected computer To host an application Open a Web browser and access the gateway user interface by entering http 2Wire gateway net Click the Firewall tab 37 Firewall Tab Click the Firewall Settings link under the tab to open the Edit Firewall Settings page owire b2 S amp Link 3 Network Network Summary sFirewall Settings Advanced Settings ft HOME Help Site Map Edit Firewall Settings Settings 2 By default the firewall blocks all unwanted access from the Internet You can allow access from the Internet to applications running on computers inside your secure home network by enabling firewall pinholes Opening firewall pinholes is also known as opening firewall ports or firewall port forwarding Reset all firewall To do this associate the desired application with the computer below If you cannot find a listing for your settings application you ca
158. vides increased security by preventing the 2Wire gateway from accepting packets sent from an unknown source over an existing connection Strict UDP instructs the 2Wire gateway to be more restrictive about what packets are allowed to transmit over an established connection from a local network computer to the Internet In addition to relying on information about the destination 3 tuple the 2Wire gateway will also use information about the source of the connection 5 tuple Note The ability to send traffic based on destination only is required by some applications Enabling this feature may not allow some on line applications to work properly To enable strict UDP session control Open a Web browser and access the 2Wire gateway user interface by entering http 2Wire gateway net Click the Firewall tab Click the Advanced Settings link under the tab to open the Edit Advanced Firewall Settings page Settings Security Check to enable the features below I Stealth Mode T Block Ping fe Strict UDP Session Control Inbound and Outbound Control Checking the box allows the associated traffic type through the firewall Outbound Inbound V HTTP V Remote Management M HTTPS T NetBios V FTP I Telnet V SMTP V DNS IT NetBios V POP3 IV IMAP V NNTP M IRC V H323 M All Other Protocols SAVE CANCEL RESTORE DEFAULTS 1 In the Security pane click the Strict UDP Session Control checkbox 2 Click SAVE Firewall Tab
159. w connection details S DOLL connected Monitor Internet connection Internet Connected Connection Speed Incoming 3008 kbps Outgoing 512 kbps Connection Information Internet Address 69 110 3 227 Hardware Address 00 14 95 00 76 d8 Key Code 5Z2AN 2374 WHEZ ZZAZ B27S Figure 7 View Broadband Link Summary Page The Connection panel shows information about your gateway s connection to the Internet The elements displayed will vary depending on your gateway model and the type of broadband service you have Connection Status There are two ways you can check the current status of your gateway s broadband connection you can use the DSL and Internet indicator lights on the front of your gateway or if your computer is connected to the network you can view the user interface 10 Connection Speed Broadband Link Tab Connection Speed shows the incoming and outgoing data rates of your DSL connection measured in kilobits per second Kbps Incoming is the speed of data flowing from the Internet to your network Outgoing is the speed of data flowing from your network to the Internet Connection Information Connection Information shows the following basic system configuration information Internet Address The broadband IP address assigned by your service provider to your gateway so that it can communicate on the Internet This address is assigned to you by your Internet Service Provider for all communication on
160. y Set Time Date panel 103 Management and Diagnostic Console To manually set the time and date 1 Check the Enable checkbox 2 In the Time field enter the time in 24 hour HH MM SS format for example 10 02 11 3 In the Date field enter the date in YYYY MM DD format for example 2006 10 09 4 From the Time Zone pull down menu select the time zone The available time zones are Hawaii Alaska Pacific Mountain Arizona Central Eastern Indiana and Atlantic Canada 5 Check the Daylight Savings Time checkbox if you wish to automatically adjust for daylight savings time You can also specify the time servers from which you wish to obtain system time by entering the time server Internet address in the Time Servers fields These settings are typically provided by the service provider and or backend management system 104 Management and Diagnostic Console Advanced Configure Services Page Note To access this page your organization must have the Remote Management feature enabled If the feature is not enabled an error message will display when you click the link to access this page The Advanced Configure Services page allows you to enable the 2Wire gateway to operate in bridged mode change the timeout settings for NAT enable notification messages enable the SIP ALG and change the upstream maximum transmission rate e a 5 EWRIE Management and Di
161. y obtains its Internet address The Internet Connection Settings Internet Address pane allows you to manually configure your Internet address settings To manually configure your Internet address settings 1 Click the Manually configure Internet address settings radio button 2 Inthe IP Address field enter the IP address you want the 2Wire gateway to use 3 In the Subnet Mask field enter the subnet mask you want the 2Wire gateway to use 4 Inthe Default Gateway field enter the default gateway address you want the 2Wire gateway to use 5 Click the Submit button Modifying DNS Information By default the 2Wire gateway automatically obtains DNS server addresses via DHCP The Internet Connection Settings DNS pane allows you to manually configure your DNS information To manually configure your DNS information 1 Click the Manually configure your DNS information radio button 2 Inthe Primary Server field enter the IP address of the primary DNS server that the 2Wire gateway is to use for DNS name resolution 3 In the Secondary Server field enter the IP address of the secondary DNS server that the 2Wire gateway is to use for DNS name resolution 4 In the Domain Name field enter the specific domain name to be used by the 2Wire gateway 5 Click the Submit button 68 Management and Diagnostic Console Local Network Status Page The Local Network Status page shows the status of the local network 2WRE
Download Pdf Manuals
Related Search