Home

SIEMENS ADSL SL-041 User Manual

Contents

1. CRM runc ren i FP i92 168 1 83 m gt 923681 F I popu LLL LL Was 5 m E cE 4 1 LE 922161 nr fo 5 JJ 9213681 nr o 6 1 9221681 o o 7 io2ies if oO o s a 1921681 nr o w iztegi 5 o io 1921681 Fr o i 1 is2iesif o o i2 192 1681 m o Ac ministrators Outbound Packet Filter Main Menu UEA OO Otem OOOO O OOOO O Setting O e Wizard b Outbound Filter Iv Enable Allow all to pass except those match the following rules C Deny all to pass except those match the following rules rm a A a Bl teo 21 a TH FAAPFPEE 69 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 7 Toolbox SIEMENS SEXES Wireless ADSL Router Control Panel se ewe Administrator s Toolbox Main Menu e Status View Log e Wizard View the system logs Firmware Upgrade Prompt the administrator for a file and upgrade it to this device Load Settings Load settings to this device Backup Setting View Log Save the settings of this device to a file Firmware Upgrade Load Settings Reset to Default Backup Setting Reset the settings of this device to the default values Reset to Default Reboot Reboot Reboot this dev
2. Administrator s Main Menu System Log e Wizard ERES gt IP Address for Syslog 168 123 0 b E mail Alert SMITP Server IP and Port Send E mail alert to ADSL Modem ee System Time E mail Subject System Log Dynamic DNS SNMP Routing schedule Rule This page supports two methods to export system logs to specific destination by means of syslog UDP and SMTP TCP The items you have to setup including IP Address for Syslog Host IP of destination where syslogs will be sent Check Enable to enable this function 59 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router E mail Alert Enable Check if you want to enable Email alert send syslog via email SMTP Server IP and Port Input the SMTP server IP and port which are concatenate with If you do not specify port number the default value is 25 For example mail your url com or 192 168 1 100 26 Send E mail alert to The recipients who will receive these logs You can assign more than 1 recipient using or to separate these email addresses E mail Subject The subject of email alert This setting is optional 60 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Username and Password To fill some SMTP server s authentication requirement you may need to input Username and Password that offered by your ISP Log type Please select the activities that
3. Administrator s Main Menu DHCP Server Status iter Reg eee gt DHCP Server Iv Enable gt Lease Time Minutes Primary Setup OAM Setup gt IP Pool Starting Address 100 DHCP Server gt IP Pool Ending Address 199 f EET gt Domain Name ilorg Change Password b Primary DNS 192 168 1 1 b Secondary DNS 192 168 1 3 b Primary WINS 192 168 1 100 b Secondary WINS 192 168 1 18 b Gateway 0 0 0 0 optional Undo Clients List Fixed Mapping Help Reboot The settings of a TCP IP environment include host IP Subnet Mask Gateway and DNS configurations It is not easy to manually configure all the computers and devices in your network Fortunately DHCP Server provides a rather simple approach to handle all these settings The SL 041 supports the function of DHCP server If you enable the SL 041 s DHCP server and configure your computers as automatic IP allocation mode then when your computer is powered on it will automatically load the proper TCP IP settings from the SL041 The settings of DHCP server include the following items 1 DHCP Server Choose Disable or Enable NJ Lease Time this feature allows you to configure IP s lease time DHCP client 9 IP pool starting Address IP pool starting Address Whenever there is a request the DHCP server will automatically allocate an unused IP address from the IP address pool to the requesting computer You must specify the starting and endin
4. 83 SIEMENS ADSL SL 041 User Manual Appendix B 3 If choosing use smart card or the certificate as the EAP type we select to use a certificate on this computer Fig 3 4 We will change EAP type to fit the variable test condition 4 Wireless Network Connection Properties EJ ES General Wireless Networks Authentication Advanced Select this option to provide authenticated network access for wired and wireless Ethernet networks Enable network access control using IEEE 602 1 EAP type Smart Card ar other Certificate Y MD5 Dhallenae mart Card or other Certificate Authenticate as computer when computer information rs available Authenticate as quest when user or computer information is unavailable Figure 2 Enable IEEE 802 1X access control 84 SIEMENS ADSL SL 041 User Manual Appendix B Smart Card or other Certificate Properties When connecting Validate server certificate LI MEMEEENEEEEEEEMMEMEM Use a different user name for the connection Figure 3 Smart card or certificate properties 4 Windows 2000 RADIUS server Authentication testing 4 1DUT authenticate PC1 using certificate PC2 follows the same test procedures 1 Download and install the certificate on PC1 Fig 4 2 PC1 choose the SSID of DUT as the Access Point 3 Set authentication type of wireless client and RADIUS server both to EAP_TLS 4 Disable the wireless connection
5. 11 E Wireless b Wireless connecting mode C 11g only Mixed C 11b only Change Password gt Security WPA gt RADIUS Server IP 192 168 1 33 gt RADIUS port 1812 b RADIUS Shared Key MA e Ad ie ress Co ntrol n m i is H ER eat Reboot n i SeDOOU l Veri sek Le TET TS Log out 30 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 4 4 Change Password s s Wireless ADSL Router Control Panel Administrator s Main Menu Change Password e Wizard Old Password x New Password Primary Setup OAM Setup Reconfirm DHCP Server Wireless l Change Passwor You can change Password here We strongly recommend you to change the system password for security reason 31 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 4 Forwarding Rules SIEMENS s s Wireless ADSL Router Control Panel Administrator s Main Menu 1 n Forwarding Rules e Status e Wizard Virtual Server Allows others to access WWW FTP and other services on your LAN Virtual Server Special Application Special AF This configuration allows some applications to connect Miscellaneous and work with the NAT router Miscellaneous IP Address of DMZ Host Allows a computer to be exposed to unrestricted 2 way communication Note that this feature should be used only when needed
6. In this example 1 URL include msn will be blocked and the action will be record in log file 2 URL include sina will be blocked but the action will be record in log file 3 URL include cnnsi will not be blocked but the action will be record in log file 4 URL include espn will be blocked but the action will be record in log file 45 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 4 MAC Address Control Administrator s Main Menu MAC Address Control e Status tem Setting e Wizard Packet Filters Domain Filters MAC Control Miscellaneous b MAC Address Control T Enable l Connection control Wireless and wired clients with C checked can connect to this device and allow v unspecified MAC addresses to connect Association control Wireless clients with A checked can associate to the wireless LAN and deny unspecified MAC addresses to associate URL Blocking ID MAC Address IPAddress C A 1 192 1681 ro 2 192168 1 r nm 3 192 1681 p n 4 o Ln 192 168 1 MAC Address Control allows you to assign different access right for different users and to assign a specific IP address to a certain MAC address MAC Address Control Check Enable to enable the MAC Address Control All of the settings in this Connection control Association control page will take effect only when Enable is checked Che
7. Non standard FTP port You have to configure this item if you want to access an FTP server whose port number is not 21 when Client uses active mode 4 4 1 Virtual Server SIEMENS s s Wireless ADSL Router Control Panel Administrator s Main Menu Virtual Server o oa i 9216891 o o amp l 1924681 ri o Diet s d L 9224681 7r fol RR 8 1 1921681 o 5s JJ 921681 D o e 1 9221681 o o 7 921681 o o s 1924681 OF o 9 iztegi o o io 1 192 1681 nr o i NEED 924681 Tr o i2 ios1sesi m o ud id i Sud iud id 32 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router The SL 041 s NAT firewall filters out unrecognized packets to protect your Intranet so all hosts behind the SL 041 are invisible to the outside world If you wish you can make some of them accessible by enabling the Virtual Server Mapping A virtual server is defined as a Service Port and all requests to this port will be redirected to the computer specified by the Server IP Virtual Server can work with Scheduling Rules and give user more flexibility on Access control For Detail please refer to Scheduling Rule For example if you have an FTP server port 21 at 192 168 1 100 a Web server port 80
8. ip Gavel imda l tnhannd Filter omar tava d nanl zi Packet Filter enables you to control what packets are allowed to pass the router Outbound filter applies on all outbound packets However Inbound filter applies on packets that destined to Virtual Servers or DMZ host only You can select one of the two filtering policies 1 Allow all to pass except those match the specified rules 2 Deny all to pass except those match the specified rules You can specify 8 rules for each direction inbound or outbound For each rule you can define the following e Source IP address e Source port address e Destination IP address e Destination port address e Protocol TCP or UDP or both e Use Rule For source or destination IP address you can define a single IP address 4 3 2 1 or a range of IP addresses 4 3 2 1 4 3 2 254 An empty implies all IP addresses 37 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router For source or destination port you can define a single port 80 or a range of ports 1000 1999 Add prefix T or U to specify TCP or UDP protocol For example T80 U53 U2000 2999 No prefix indicates both TCP and UDP are defined An empty implies all port addresses Packet Filter can work with Scheduling Rules and give user more flexibility on Access control For Detail please refer to Scheduling Rule Each rule can be enabled or disabled individually Inbound Filter To
9. 2 times repeat 2 Restore directly when the router power on First push the RESET button about 5 seconds STATUS will start flashing about 5 times remove the finger The RESTORE process is completed 88
10. Undo Virtual Computers Help Reboot Saved The change doesn t take effective until rebooting E In the Router Mode NAT is always enabled You have to set the following WAN IP settings WAN IP Mode The SL 041 supports two WAN IP modes static and dynamic If you select dynamic mode it will try to get a legal IP and WAN settings from ISP s DHCP server If you select static mode you have to set the following WAN setting manually WAN IP Address WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are assigned by your ISP VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate Once you finished the required configuration you must click on the Save button to save the configuration into Flash memory and the reboot this device 22 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 1 4 Classical IP over ATM RFC 1577 s Wireless ADSL Router Control Panel gt Administrator s E Main Menu Primary Setup Wizard gt LAN IP Address 192 168 1 1 Ea cel P WAN Type Classical IP over ATM __Change OAM Setup gt WAN IP Mode Static IP Address DHCP Server b WAN IP Address 0 0 0 0 Wireless b WAN Subnet Mask b WAN Gateway b Primary DNS b Secondary DNS b WAN s MAC Address gt VPI Number gt V
11. can be applied to the dedicated tunnel as shown in the proposal index list Function of Buttons Add to button Click it to add the chosen proposal indicated by proposal ID to IKE Proposal index list The proposals in the index list will be used in phase 1 of IKE negotiation for getting the IKSAMP SA of dedicated tunnel 51 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router VPN Settings Set IPSec Proposal Administrator s Main Menu VPN Settings Tunnel 1 Set IPSec Proposal e Status e Wizard b IPSec Proposal index vpn ES ee ee c 3bEs x None E Eco al 3nEc vl aed A Remove i cate s Name protocol algorithm algorithm Time Unit MAC Cc E 1 pn ooo ha ESP gt 3DES y SHAI 400 cm n IPSec Proposal index A list of selected proposal indexes from the IPSec proposal pool listed below The selecting activity is performed by selecting a proposal ID and clicking add to button in the bottom of the page There are only four indexes can be chosen for the dedicated tunnel Remove button beside the index list can remove selected proposal index before Proposal name It indicates which IPSec proposal to be focused First char of the name with OxOO value stands for the proposal is not available DH group There are three groups can be selected group 1 MODP768 group 2 MODP1024 group 5 MODP1 536 But none also can be selected here for IPSec propos
12. conferencing Internet telephony and so on then the SL 041 can sense the application type and open multi port tunnel for it e DMZ Host supported Lets a networked computer be fully exposed to the Internet this function is used when special application sensing tunnel feature is insufficient to allow an application to function correctly e Statistics of WAN Supported Enables you to monitor inbound and outbound packets SIEMENS ADSL SL 041 User Manual Introduction Wireless functions High speed for wireless LAN connection Up to 54Mbps data rate by incorporating Orthogonal Frequency Division Multiplexing OFDM e Roaming Provides seamless roaming within the IEEE 802 11b 11M and IEEE 802 11g 54M WLAN infrastructure IEEE 802 11b compatible 11M Allowing inter operation among multiple vendors e IEEE 802 11g compatible 54M Allowing inter operation among multiple vendors Auto fallback 54M 48M 36M 24M 18M 12M 6M data rate with auto fallback in 802 11g mode 11M 5 5M 2M 1M data rate with auto fallback in 802 11b mode Security functions Packet filter supported Packet Filter allows you to control access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP address of the source and destination Domain Filter Supported Let you prevent users under this device from accessing specific URLs URL Blocking Supported URL Blocking can block hundred
13. enable Inbound Packet Filter click the check box next to Enable in the Inbound Packet Filter field Suppose you have SMTP Server 25 POP Server 110 Web Server 80 FTP Server 21 and News Server 119 defined in Virtual Server or DMZ Host Example 1 Administrator s Outbound Packet Filter Main Menu Stats es lt lt OOOO O Seting 3 Wizard b Outbound Filter Iv Enable C Allow all to pass except those match the following rules amp Deny all to pass except those match the following rules us Source IP Ports Destination IP Ports Enable Use Rule e Packet Filters 3 100 1 2 3 149 Be 110 Domain Filters 1 2 3 10 1 2 3 20 URL Blocking MAC Control Miscellaneous x xl eO S om dq UO NM P SIBIPIPIPIPIP 1 2 3 100 1 2 3 149 They are allow to send mail port 25 receive mail port 110 and browse the Internet port 80 1 2 3 10 1 2 3 20 They can do everything block nothing Others are all blocked 38 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Example 2 Administrator s Outbound Packet Filter Main Menu einan SS E T a SEEN Wizard gt Outbound Filter Iv Enable C Allow all to pass except those match the following rules Deny all to pass except those match the following rules ID Source IP Ports Destination IP Ports cum Use Rule 2 3 100 1 2 3 11 ESTER Packet Filters Domain Filters URL Blocking M
14. http support microsoft com default aspx scid kb en us 313664 82 SIEMENS ADSL SL 041 User Manual Appendix B 2 DUT Configuration 1 Enable DHCP server 2 WAN setting static IP address 3 LAN IP address 192 168 1 1 24 4 Set RADIUS server IP 5 Set RADIUS server shared key 6 Configure WEP key and 802 1X setting The following test will use the inbuilt 802 1X authentication method such as EAP_TLS PEAP_CHAPv2 Windows XP with SP1 only and PEAP_TLS Windows XP with SP1 only using the Smart Card or other Certificate of the Windows XP Professional 3 DUT and Windows 2000 Radius Server Setup 3 1 1 Setup Windows 2000 RADIUS Server We have to change authentication method to MD5_Challenge or using smart card or other certificate on RADIUS server according to the test condition 3 1 2 Setup DUT 1 Enable the 802 1X check the Enable checkbox 2 Enter the RADIUS server IP 3 Enter the shared key The key shared by the RADIUS server and DUT 4 We will change 802 1X encryption key length to fit the variable test condition 3 1 3 Setup Network adapter on PC 1 Choose the IEEE802 1X as the authentication method Fig 2 Note Figure 2 is a setting picture of Windows XP without service pack 1 If users upgrade to service pack 1 then they can t see MD5 Challenge from EAP type list any more but they will get a new Protected EAP PEAP option 2 Choose MD5 Challenge or Smart Card or other Certificate as the EAP type
15. index list will be used in phase 2 of IKE negotiation for getting the IPSec SA of dedicated tunnel 4 5 5 2 VPN Settings Dynamic VPN Tunnel JE Wireless ADSL Router Control Panel Administrator s 2 Main Menu VPN Settings Dynamic VPN Tunnel e Status o tem Setting o e Wizard gt Tunnel Name dynamic vpn b Dynamic VPN Iv Enable gt Local Subnet 92 168 123 0 b Local Netmask p55 255 255 0 Packet Filters gt Preshare Key 12345676 Domain Filters gt IKE Proposal index Select IKE Proposal URL Blocking MAC Control b IPSec Proposal index Select IPSec Proposal VPN Miscellaneous 53 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router When using VPN Dynamic IP Setting this router is working as a Dynamic VPN server Dynamic VPN Server will not check VPN client IP information so user can build VPN tunnel with VPN gateway from any remote host regardless of its IP information 4 5 5 3 VPN Settings L2TP Server JI Wireless ADSL Router Control Panel gt Administrator s Main Menu VPN Settings L2TP Server ea gt LOTP Server Iv Enable gt Virtual IP of L2TP Server 10 o l 1 a gt Authentication Protocol CPAP CHAP C MSCHAP NRO d id IID Tunnel Name UserName Password Domain Filters 1 2tp 2tp URL Blocking MAC Control e VPN Miscellaneous L2TP Layer2 Tunneling protocol combine features of both Point
16. log by clicking the View Log button 71 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 7 2 Firmware Upgrade SIEMENS s 5 Wireless ADSL Router Control Panel Administrator s Main Menu Firmware Upgrade Firmware Filename Current firmware version is R1 01f1RAG The upgrade procedure takes about 20 seconds Note Do not power off the unit when it is being upgraded When the upgrade is done successfully the unit will be restarted automatically e Status e Wizard Upgrade m Bod View Log Firmware Upgrade Load Settings Backup Setting Reset to Default You can upgrade firmware by clicking Firmware Upgrade button 72 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 7 3 Load Settings Administrator s Main Menu Load Settings Config Filename Durchsuchen The procedure takes about 20 seconds Note Do not power off the unit when it is being upgraded When the upgrade is done successfully the unit will be restarted automatically e Status e Wizard View Log Firmware Upgrade 4 7 4 Backup Setting IDateidownload You can backup your settings by clicking the Backup Setting button and save it as a bin file Once you want to restore these settings please click Firmware Upgrade button and use the bin file you saved 73 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broa
17. oO Trafic OC WLAN COM SPEED 10 100 Figure 2 1 Front Panel LED Power Power is being applied to the Power Green On indication SL 041 mE The SL 041 is functioning Status System status 1 Green Blinking properly DSL ADSL status1 Green m This router is trying to connect Blinking to your ISP uu The ADSL is sending or Traffic ADSL status2 Green Blinking E receiving data Wireless m Sending or receiving data via WLAN u Green Blinking l activity wireless An active station is connected On to the corresponding LAN L1 L4 Link status Green port mE The corresponding LAN port is Blinking l 7 sending or receiving data SIEMENS ADSL SL 041 User Manual Hardware Installation 2 1 2 Rear Panel 12VDC ADSL Port 1 4 COM Figure 2 2 Rear Panel Description Power inlet DC 12V 1 5A The port where you will connect your phone jack The ports where you will connect network computers and other devices COM Port for connecting to dial up modem SIEMENS ADSL SL 041 User Manual Hardware Installation 2 2 Procedure for Hardware Installation 1 Decide where to place your ADSL Wireless Broadband Router You can place your ADSL Wireless Broadband Router on a desk or other flat surface or you can mount it on a wall For optimal performance place your ADSL Wireless Broadband Router in the center of your office or your home in a location that is away from any potential source of i
18. should be shown on log 4 6 3 Dynamic DNS Administrator s Main Menu Dynamic DNS e Wizard gt DONS Iv Enable b Provider No IP com H gt Host Name siemensadsl no ip com b Username E mail lsiemens hotmai com b Password Key eee e eol ADSL Modem System Time System Log Dynamic DNS SNMP Routing Schedule Rule To host your server on a changing IP address you have to use dynamic domain name service DDNS So that anyone wishing to reach your host only needs to know the name of it Dynamic DNS will map the name of your host to your current IP address which changes each time you connect your Internet service provider Before you enable Dynamic DNS you need to register an account on one of these Dynamic DNS servers that we list in provider field To enable Dynamic DNS click the check box next to Enable in the DDNS field Next you can enter the appropriate information about your Dynamic DNS Server You have to define Provider Host Name Username E mail Password Key 61 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router You will get this information when you register an account on a Dynamic DNS server After Dynamic DNS setting is configured click the save button 4 6 4 SNMP Setting se eee Wireless ADSL Router Control Panel Administrator s Main Menu SNMP Setting e Status P Item as Setting o erento gt Enable SNMP I7 Lo
19. your ISP VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate Once you finished the required configuration you must click on the Save button to save the configuration into Flash memory and the reboot this device 19 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 1 2 Ethernet Over ATM RFC 1483 Bridged with NAT Administrator s T Main Menu Primary Setup e Status T T E e Wizard i gt LAN IP Address 192 168 1 1 ce P WAN Type RFC1483 Bridge Mode with NAT OAM Setup gt WAN IP Mode Static IP Address DHCP Server gt WAN IP Address ooxooocoooc xxx EN n gt WAN Subnet Mask VYY YYY YVY yVY Char ig Password er b WAN Gateway zzz zzz zzz zzz gt Primary DNS Vv b Secondary DNS uuu uuu uuu uuu gt WAN s MAC Address 00 50 18 21 BB 6 Clone MAC gt Data Encapsulation ic a gt VPI Number s gt VCI Number 5 P Schedule type UBR Save Undo Virtual Computers H elp Reboot aved The change doesn t take effective until rebooting 20 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Dynamic IP Address Obtain an IP address from ISP automatically Host Name optional Required by some ISPs for example Home 1 Renew IP Forever this feature enables the SI 041
20. 8 1 1 After the connection is established you will see the web user interface of the SL 041 There are two appearances of web user interface for general users and for system administrator To log in as an administrator enter the system password the factory setting is admin in the System Password field and click on the Log in button If the password is correct the web appearance will be changed into administrator configure mode As listed in its main menu there are several options for system administration 13 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 2 Wizard Administrator s Main Menu e Status Setup Wizard e Wizard Setup Wizard will guide you through a basic configuration procedure step by step Administrator s Main Menu e Status Setup Wizard Set PPPoE e Wizard The service name is optional but may be required by your ISP Click Next to continue User Name Password Service Name optional Enter your User Name and your Password and press Next 14 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Administrator s Main Menu e Status Setup Wizard Choose your time zone e Wizard Select the appropriate time zone for your location and click Next to continue GMT 01 00 Amsterdam Berlin Bern Rome Stockholm Vienna Choose your time zone Click Nex
21. AC Control Miscellaneous S KI PIPIFIIEIE 1 2 3 4 5 6 7 8 LH Bo to B 1 2 3 100 1 2 3 119 They can do everything except read net news port 119 and transfer files via FTP port 21 Others are all allowed After Inbound Packet Filter setting is configured click the save button Outbound Filter To enable Outbound Packet Filter click the check box next to Enable in the Outbound Packet Filter field 39 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Example 1 Administrator s Outbound Packet Filter Main Menu Status ENS tem OOOO OOOO Setting NENNEN Wizard b Outbound Filter Iv Enable Allow all to pass except those match the following rules C Deny all to pass except those match the following rules ID Source IP Ports Destination IP Ports ee Enable Use Rule e Packet Filters 192 168 1 149 Domain Filters 192 168 1 20 URL Blocking MAC Control Miscellaneous a K 1 DT EI 5 o o a a o o a LI ET LI 192 168 1 100 192 168 1 149 They are allowed to send mail port 25 receive mail port 110 and browse Internet port 80 port 53 DNS is necessary to resolve the domain name 192 168 1 10 192 168 1 20 They can do everything block nothing Others are all blocked 40 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Example 2 Administrator s Outbound Packet Filte
22. At any given time only one PC can use each Special Application tunnel 4 4 3 Miscellaneous Items 34 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router ee ee Wireless ADSL Router Control Panel Administrator s p Main Menu Miscellaneous Items e Wizard ios b IP Address of DMZ Host 192 168 1 C gt Non standard FTP port Virtual Server a ores Hi pee igo haven ks lone F Y P rays js el ESI 1dc 5 I wove Undo T Special AF Miscellaneous IP Address of DMZ Host DMZ Demilitarized Zone Host is a host without the protection of firewall It allows a computer to be exposed to unrestricted 2 way communication for Internet games Video conferencing Internet telephony and other special applications NOTE This feature should be used only when needed Non standard FTP port You have to configure this item if you want to access an FTP server whose port number is not 21 This setting will be lost after rebooting 35 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 Security Settings SIEMENS Wireless ADSL Router Control Panel Administrator s Packet Filters Main Menu Allows you to control access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP address of the source and destination e Status e Wizard Domain Filters Let yo
23. C E Es 32 AA d SS CVAD m P M 33 2 4 5 Miscellaneous ensena Hu a ED qu Eu M MM EE 34 Ms S Security SCUOMIOS TT I TU MUTET 36 d 5 T PIRE DS eee pee trey aub duree uoo DUC bp AE E T Cep Poe ar ne nS MTN TI POT Mea UE 37 252 Oa i EE eaa O ae enue D eta 42 2 5 3 URL BIOGEIBE srs vege chats amata mea muse 44 25 MAC Adress CODTEOL eo I OB C E m E ME MR UE dE 46 EKN PN SEN Se Se Ola Ee Li ee cO MO ERE LM SOC I UR Eni DUE 48 4 5 5 Miscellaneous I Ins i 122c0scarestentnansedsoat nate canantecteanneassaanstacsnagoasecapantecieannaasaaansaadioagoadacaoaambespannandd 56 4 6 Advanced Setilli9s iioi ea eb eoe eu neas obire e DIEN S Clsa uo da o eeu EHENPUa EN VN EE LV PP AEe S EX DN va EU Erba e eee E CULA SC AERE 57 kol System Tienaa a T T eee 58 AOZ System ette rcc 59 zs Dna e DN cese n e E E TE A UE IN 6l kod SNMP SGUIBIE a oot ionis qa Seb EE O tema 62 KOROVIN izle NL eee 64 A oodurei stia 66 Hn 70 Appendix A TCP IP Configuration for Windows 95 98 eee e Lecce eee e eee eee eee eee eee ee oett e eene essa noe 76 Appendix B 802 1x Setting Appendix CFAO and TrOUDICSNOOUNG aee evei eh Eee ONE eaa Sas Reset to factory Default SIEMENS ADSL SL 041 User Manual Introduction Chapter 1 Introduction Congratulations on your purchase of this outstanding ADSL W
24. CI Number Change Password gt Schedule type j Reboot booting In the Classical IP over ATM Mode NAT is always enabled You have to set the following WAN IP settings WAN IP Mode The SL 041 supports two WAN IP modes static and dynamic If you select dynamic mode it will try to get a legal IP and WAN settings from ISP s DHCP server If you select static mode you have to set the following WAN setting manually WAN IP Address WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are assigned by your ISP VPI VCI Numbers The channel settings provided by your ISP 23 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate Once you finished the required configuration you must click on the Save button to save the configuration into Flash memory and the reboot this device 4 3 1 5 PPP over ATM RFC 2364 Administrator s E Main Menu Primary Setup e Wizard i b LAN IP Address 192 168 1 1 gt WAN Type PPP over ATM _ Change Primary Setup OAM Setup gt PPPoA Account TU TERRI gt PPPoA Password ARMY e m gt Maximum Idle Time 300 seconds gt Connection Control Connect on demand x gt Data Encapsulation uc H gt VPI Number CEN gt VCI Number 5 Schedule type UBR b Auto backup E
25. ENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Example E 192 168 1 216 192 168 1 103 i Router 1 Router 2 Shu fem 162 168 123200x que vu TIE 192 168 1 XXX Client 2 182 168 123 11 168 1 210 F3 an Client 3 192 168 12 22 Configuration on NAT Router Destination Subnet Mask Gateway Hop Enabled 192 168 123 0 255 255 255 0 192 168 1 216 1 T 192 168 0 0 255 255 255 0 192 168 1 103 1 T So if for example the client3 wanted to send an IP data gram to 192 168 12 2 it would use the above table to determine that it had to go via 192 168 1 103 a gateway And if it sends Packets to 192 168 123 11 will go via 192 168 1 216 Each rule can be enabled or disabled individually After routing table setting is configured click the save button 65 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 6 6 Schedule Rule Administrator s Main Menu Schedule Rule gt Schedule Iv Enable Ruled Rule Name Action Status Wizard Tus Pye Fett Shee xs M AS 2 NE WS pA Aqu X NOI Se ave Add New Rule Help Reboot ADSL Modem System Time System Log Dynamic DNS SNMP Routing Schedule Rule You can set the schedule time to decide which service will be turned on or off Select the enable item Press Add New Rule 66 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router You can write a rule name and set whi
26. SIEMENS SIEMENS ADSL SL 041 User Manual Rev 01 050712 2005 07 12 No part of this publication may be reproduced in any form by any means without the prior written permission from Siemens Switzerland Ltd Copyright The contents of this publication may not be reproduced in any part or as a whole stored transcribed in an information retrieval system translated into any language or transmitted in any form or by any means mechanical magnetic electronic optical photocopying manual or otherwise without the prior written permission Trademarks All products companies brand names are trademarks or registered trademarks of their respective companies They are used for identification purpose only Specifications are subject to be changed without prior notice FCC Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against radio interference in a commercial environment This equipment can generate use and radiate radio frequency energy and if not installed and used in accordance with the instructions in this manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause interference in which case the user at his own expense will be required to take whatever measures are necessary to corre
27. SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 6 5 Routing Table Administrator s Main Menu Routing Table e Status Item Setting O OOOO O Zara gt Dynamic Routing Disable C RIPvi RIPv2 gt Static Routing Disable Enable LID Destination Subnet Mask _Gateway__ _ Hop Enable es ee ADSL Modem System Time System Log Dynamic DNS SNMP Routing Schedule Rule Q OO oO KR W MN amp TOE db Tf E CE BP E EILILTETETLIL elp Reboot Routing Tables allow you to determine which physical interface address to use for outgoing IP data grams If you have more than one routers and subnets you will need to enable routing table to allow packets to find proper routing path and allow different subnets to communicate with each other Routing Table settings are settings used to setup the functions of static and dynamic routing Dynamic Routing Routing Information Protocol RIP will exchange information about destinations for computing routes throughout the network Please select RIPv2 only if you have different subnet in your network Otherwise please select RIPv1 if you need this protocol Static Routing For static routing you can specify up to 8 routing rules You can enter the destination IP address subnet mask and gateway hop for each routing rule and then enable or disable the rule by checking or unchecking the Enable checkbox 64 SIEM
28. SL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 3 URL Blocking Administrator s Main Menu URL Blocking stats ENS OU Setting GN Wizard gt URL Blocking Enable Exp ee SSS Sr oa 1 E Packet Filters 2 a Domain Filters 3 CF z cuu 4 n i Miscellaneous 5 rH 6 E 7 Co z 8 S Oe E 9 7 E 10 z URL Blocking will block LAN computers to connect to pre defined Websites The major difference between Domain filter and URL Blocking is Domain filter require user to input suffix like com or org etc while URL Blocking require user to input a keyword only In other words Domain filter can block specific website while URL Blocking can block hundreds of websites by simply a keyword URL Blocking Enable Checked if you want to enable URL Blocking URL If any part of the Website s URL matches the pre defined word the connection will be blocked For example you can use pre defined word sex to block all websites if their URLs contain pre defined word sex Enable Checked to enable each rule 44 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router ee ee Wireless ADSL Router Control Panel Administrator s 7 Main Menu URL Blocking eels gt URL Blocking IV Enable PID Rabe 1 msn iv Packet Filters sina M Domain Filters E cnnsi iv BE DEAE 4 Ee y MAC Control Miscellaneous 5 r 6 C 7 O 8 O 9 E B
29. Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate PPPoE Service Name Optional Input the service name if your ISP requires it 26 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Assigned IP Address Optional Required by some ISPs Once you finished the required configuration you must click on the Save button to save the configuration into Flash memory and the reboot this device 4 3 2 OAM Server BEEN Wireless ADSL Router Control Panel gt Administrator s Main Menu OAM Setup Ads b Activation De activation setting Enable b Loopback setting l Enable Primary Setup gt Fault Management setting Enable OAM Setup DHCP Server Change Password FMstate Normal In this page you can set the OAM feature for virtual channel First click on the Enable or Disable circle for the settings of OAM Function Activation De activation Loopback and Fault Management individually Then click on the Save button to finish the configuration of the selected session Once you set the appropriate OAM settings on virtual channel you can see the corresponding up to date maintenance status by clicking the Refresh AD FM State button in this page 27 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 2 DHCP Server see ee Wireless ADSL Router Control Panel
30. Service Name Optional Input the service name if your ISP requires it Assigned IP Address Optional Required by some ISPs Once you finished the required configuration you must click on the Save button to save the configuration into Flash memory and the reboot this device 25 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 1 6 PPP over Ethernet RFC 2516 Administrator s Main Menu Primary Setup e Status tem lt Setting O O O OOO O O O OO e Wizard 4 gt LAN IP Address 192 168 1 1 Primary Setup WAN Type PPP over Ethernet _ Change OAM Setup gt PPPoE Account l DHCP Server PPPoE Password Wireless Change Password b Maximum Idle Time 300 seconds gt Connection Control Connect on demand x P PPPoE Service Name optional P Assigned IP Address 0 0 00 optional b PPPoE Pass Through Enable b Data Encapsulation LLC gt VPI Number B gt VCI Number s b Schedule type UBR v b Auto backup C Enabled PPPoE Account Password The account ID amp password provided by your ISP Maximum Idle Time The time of no activity disconnect to your PPPoE session You can also set it to zero or enable Auto reconnect to disable this feature If Auto reconnect is enabled the SL 041 will automatically connect to ISP after system is restarted or connection is dropped VPI VCI Numbers The channel settings provided by your ISP
31. al Encapsulation protocol There are two protocols can be selected ESP and AH Encryption algorithm There are two algorithms can be selected 3DES and DES But when the encapsulation protocol is AH encryption algorithm is unnecessarily set Authentication algorithm There are two algorithms can be selected SHA1 and MD5 But none also can be selected here for IPSec proposal 52 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Life time The unit of life time is based on the value of Life Time Unit If the value of unit is second the value of life time represents the life time of dedicated VPN tunnel between both end gateways Its value ranges from 300 seconds to 172 800 seconds If the value of unit is KB the value of life time represents the maximum allowable amount of transmitted packets through the dedicated VPN tunnel between both end gateways for Its value ranges from 20 480 KBs to 2 147 483 647 KBs Life time unit There are two units can be selected second and KB Proposal ID The identifier of IPSec proposal can be chosen for adding the proposal to the dedicated tunnel There are total ten proposals can be set in the proposal pool At most only four proposals from the pool can be applied to the dedicated tunnel as shown in the proposal index list Function of Buttons Add to button Click it to add the chosen proposal indicated by proposal ID to IPSec Proposal index list The proposals in the
32. and enable again 5 The DUT will send the user s certificate to the RADIUS server and then send the message of authentication result to PC1 Fig 5 6 Windows XP will prompt that the authentication process is success or fall and end the authentication procedure Fig 6 7 Terminate the test steps when PC1 get dynamic IP and PING remote host successfully 85 SIEMENS ADSL SL 041 User Manual Appendix B Certificates Personal Other People Intermediate Certification Authorities Trusted Root Certificatior Issued By Expiratia Certificate intended purposes Figure 4 Certificate information on PC1 Network Connections alley File Edit View Favorites Tools Advanced Help A Back pi po Search Ies Falders EHE Address Go LAN or High Speed Internet Network Tasks A c Local 4rea Connection Wireless Blears Connection Create a new e Disabled e attempting to authenticate connection an m D LinkDFE S30T amp PCI Fast Et U y Mini SEW Tester Set up a home or small office network Figure 5 Authenticating 86 SIEMENS ADSL SL 041 User Manual Appendix B s Network Connections Bela ar Fie Edit wiew Favorites Tools Adwanced Help B pac m Ay o Bi F Search Wey Folders Address e Network Connections v Gd LAN or High Speed Internet Network Tasks ae Local 4rea Connection Create a new ss Disabled connection rs k D Link DFE S30T PCI Fast Et e Set
33. at 192 168 1 2 and a VPN server at 192 168 1 6 then you need to specify the following virtual server mapping table Service Port Enable 21 192 168 1 100 V 192 168 1 2 V 1723 192 168 1 6 V 4 4 2 Special AP 33 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router ee ee Wireless ADSL Router Control Panel Administrator s x Main Menu Special Applications a ID Name Trigger Incoming Ports Enable e Wizarc i OY Ll TT nm Zz lDl L s O O 1T TO J gp Virtual Server Special AF 4 r Miscellaneous 5 mn OSTEO OTO m ll Y OTO 1 s sf O h l l hOB Some applications require multiple connections like Internet games Video conferencing Internet telephony etc Because of the firewall function these applications cannot work with a pure NAT router The Special Applications feature allows some of these applications to work with the SL 041 If the mechanism of Special Applications fails to make an application work try setting your computer as the DMZ host instead 1 Trigger the outbound port number issued by the application 2 Incoming Ports when the trigger packet is detected the inbound packets sent to the specified port numbers are allowed to pass through the firewall The SL 041 provides some predefined settings Select your application and click Copy to to add the predefined setting to your list Note
34. ata integrity of network information by utilizing encapsulation protocols encryption algorithms and hashing algorithms VPN enable item VPN protects network information from ill network inspectors But it greatly degrades network throughput Enable it when you really need a security tunnel It is disabled for default Max number of tunnels item Since VPN greatly degrades network throughput the allowable maximum number of tunnels is limited Be careful to set the value for allowing the number of tunnels can be created simultaneously Its value ranges from 1 to 5 Tunnel name Indicate that tunnel that is focused now Method IPSec VPN supports two kinds of key obtained methods manual key and automatic key exchange Manual key approach indicates that two end VPN gateways setup authenticator and encryption key by system managers manually However IKE approach will perform automatic Internet key exchange System managers of both end gateways only need set the same pre shared key 48 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Function of Buttons More To setup detailer configuration for manual key or IKE approaches by clicking the More button 4 5 5 1 VPN Settings IPSEC s s s Wireless ADSL Router Control Panel gt Administrator s Main Menu VPN Settings Tunnel 1 IKE e Status ENS es NN 7 NNNNNNNRNI e Wizard gt Tunnel Name vpn b Local Subnet 92 168 123 0 gt Loca
35. been associated to your network card in the Configuration tab of the Network window Network k Ei Configuration Identification Access Control The following network components are installed BB PCI Fast Ethernet DEC 21140 Based Adapter c 8 MetBELI gt Dial Up Adapter 4 MetBELI PLI Fast Ethernet DEC 21140 Based Adapter 4 ILF IP gt Dial Up Adapter Y TCP IP gt PCI Fast Ethernet DEC 21140 Based Adapter iz File and printer sharing for Microsoft Hetwork s K Add Remove Properties Primary Network Logon Clhent For Microsoft Networks File and Print Sharing Description TCP IP is the protocol pou use ta connect to the Internet and wide area networks cancel 3 Click Properties button to set the TCP IP protocol for this NAT Router 4 Now you have two setting methods 78 SIEMENS ADSL SL 041 User Manual Appendix A a Select Obtain an IP address automatically in the IP Address tab Bindings Ad mea Po cee be Remove 79 SIEMENS ADSL SL 041 User Manual Appendix A c Choose Disable DNS in the DNS Configuration tab iagt bemat DHS Seme seach Wader ETT Saji o Bena r E Woman suns een Waern emare B Configure IP manually a Select Specify an IP address in the IP Address tab The default IP address of the SL 041 is 192 168 1 1 So please use 192 168 1 xxx xxx is between 1 and 253 for IP Address field and 255 255 255 0 for Subnet Mas
36. cal M Remote b Get Community public b Set Community private PIP 192 168 1 33 b IP2 ADSL Modem PIP3 System Time System Log P IP4 Dynamic DNS b SNMP Version CVI V2c SNMP Routing Schedule Rule In brief SNMP the Simple Network Management Protocol is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events Enable SNMP You must check either Local or Remote or both to enable SNMP function If Local is checked this device will response request from LAN If Remote is checked this device will response request from WAN Get Community Setting the community of GetRequest your device will response Set Community Setting the community of Set Request your device will accept IP 1 IP 2 IP 3 IP 4 62 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Input your SNMP Management PC s IP here User has to configure to where this device should send SNMP Trap message SNMP Version Please select proper SNMP Version that your SNMP Management software supports 1 This device will response to SNMP client which s get community is set as public 2 This device will response to SNMP client which s set community is set as private 3 This device will response request from both LAN and WAN 4 This device will send SNMP Trap message to 192 168 1 33 Use SNMP Version V2c 63
37. cessary 2 WAN Type WAN connection type of your ISP You can click Change button to choose a correct one from the following five options A B BL i F Ethernet Over ATM RFC 1483 Bridged without NAT Ethernet Over ATM RFC 1483 Bridged with NAT IP over ATM RFC 1483 Routed Classical IP over ATM RFC 1577 PPP over ATM RFC 2364 PPP over Ethernet RFC 2516 3 Data Encapsulation Two data encapsulation type are supported LLC and vc MUX It is specified by your ISP Once you finished above settings click on the Advanced Setting button to another page for further configurations 18 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 1 1 Ethernet Over ATM RFC 1483 Bridged without NAT ddl Wireless ADSL Router Control Panel gt Administrator s Main Menu Primary Setup as Po Ttem Setting o Wizard gt LAN IP Address 192 1658 1 1 C Seki gt WAN Type RFC1483 Bridge Mode without NAT _ Change OAM Setup gt Data Encapsulation LLC X Wireless gt VPI Number s Change Password gt VCI Number 35 b Schedule type UBR This WAN type disable the NAT this device becomes a pure bridge between your LAN and WAN all the clients in your LAN must have legal IP If you enable the NAT feature you have to set the following WAN IP settings WAN IP Address WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are also specified by
38. ch day and what time to schedule from Start Time to End Time The following example configure ftp time as everyday 14 10 to 16 20 Administrator s Main Menu Schedule Rule Setting gt Name of Rule ftp time Start Time hh mm End Time hh mm Sunday ef e Status E Monday i ADSL Modem Tuesday System Time Wednesday LE eE E Thursday 7 3 3 SNIMP Friday Hedi Rule REN Every Day Eg 10 B M 4 y Ty PON Eeo Reboot 67 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router After configure Rule 1 gt Administrator s Main Menu Schedule Rule Wizard b Schedule C Enable Rule n RuleName Action 1 i Edit m i PASEA Ux A SN eae cV PN Add New Rule E den ADSL Modem System Time System Log Dynamic DNS SNMP Routing Schedule Rule Schedule Enable Selected if you want to Enable the Scheduler Edit To edit the schedule rule Delete To delete the schedule rule and the rule of the rules behind the deleted one will decrease one automatically Schedule Rule can be applied to Virtual server and Packet Filter for example 68 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Exanple1 Virtual Server Apply Rule 1 ftp time everyday 14 10 to 16 20 Administrator s Main Menu Virtual Server
39. ck Connection control to enable the controlling of which wired and wireless clients can connect to this device If a client is denied to connect to this device it means the client can t access to the Internet either Choose allow or deny to allow or deny the clients whose MAC addresses are not in the Control table please see below to connect to this device Check Association control to enable the controlling of which wireless client can associate to the wireless LAN If a client is denied to associate to the wireless LAN it means the client can t send or receive any data via this device Choose allow or deny to allow or deny the clients whose MAC addresses are not in the Control table to associate to the wireless LAN 46 SIEMENS ADSL SL 041 User Manual Control table PID MAC Address SP Address C A CERE E E E 1 2 3 A In this page we provide the following Combo box and button to help you to input the MAC address DACP chents E select one Copy to ID E DHEP clients selectone W Copy to lio Control table is the table at the bottom of the MAC Address Control page Each row of this table indicates the MAC address and the expected IP address Configuring ADSL Wireless Broadband Router 192 58 Lae 158 1 192 165 1 19 168 i mapping of a client There are four columns in this table MAC Address MAC address indicat
40. ct the interference CE Declaration of Conformity This equipment complies with the requirements relating to electromagnetic compatibility EN 55022 A1 Class B The specification is subject to change without notice Table of Contents Chapter 1 TNT ODUCTION ME NO 5 Functions and Features sccscscscsisesssecasccscacessscsecesecsssz csoussdasecsssssadcaceucseadeaceneesascasedscascesevessetesteoesasssssasseensss 5 Chapter2 Hardware Installation ss ssssssossssssseeoooosssssececcosssesececcoossseecccocosssssecccosssssscecososssssececesessssssssesesso 8 Nui JB OU m n 8 Chapter 3 Network Settings and Software Installation e eee ecce eee e ee eee eee eee ee eee eee e eee eee e ees aan Il 3 1 Make Correct Network Settings of Your Computer cccccccssssssssscccccssssssssscccccccccsssssssccccoees 11 Chapter 4 Configuring ADSL Wireless Broadband Router ssssssccccccssssssssssscccccccccccssssssscccccsssscesssseees 12 AA STATUS apd OG e 13 AZ WALA 14 Ad BASIC SCUUNG e H MH 17 29 1 Primary Setup WAN TY Dic oe ee o HV Net et iT ewe 17 44 Borwardine Rules ecce aa QE ed EUR e Re EEPE a CP ee RE EUR DEDE NEL v LM PDE ELE Ue 01 32 2 4 Me Vittual SeEVOE 25i d suceda atate Qon um create a tu noe Su nde dii oun d cue us DU
41. dband Router 4 7 5 Reset to default Microsoft Internet Explorer Ed 2 Reset al setting to default Cancel You can also reset the SL 041 to factory default by clicking the Reset to default button 4 7 6 Reboot Microsoft Internet Explorer You can also reboot the SL 041 by clicking the Reboot button 74 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 7 7 Miscellaneous Items Administrator s Main Menu e Status e Wizard b MAC Address for Wake on LAN gt Domain Name or IP address for Ping Test b UPnP Setting Iv Enable View Log Firmware Upgrade Load Settings Backup Setting Reset to Default Reboot Miscellaneous MAC Address for Wake on LAN Wake on LAN is a technology that enables you to power up a networked device remotely In order to enjoy this feature the target device must be Wake on LAN enabled and you have to know the MAC address of this device say 00 11 22 33 44 55 Clicking Wake up button will make the router to send the wake up frame to the target device immediately Domain Name or IP address for Ping Test Allow you to configure an IP and ping the device You can ping a specific IP to test whether it is alive 75 SIEMENS ADSL SL 041 User Manual Appendix A Appendix A TCP IP Configuration for Windows 95 98 This section introduces you how to install TCP IP protocol into your personal computer And suppose you have been succ
42. e permissible channels depend on the Regulatory Domain The factory setting is as follow channel 6 for North America channel 7 for European ETSI channel 7 for Japan WEP Security Select the data privacy algorithm you want Enabling the security can protect your data while it is transferred from one station to another The standardized IEEE 802 11 WEP 128 or 64 bit is used here WEP Key 1 2 3 amp 4 When you enable the 128 or 64 bit WEP key security please select one WEP key to be used and input 26 or 10 hexadecimal 0 1 2 8 9 A B F digits Pass phrase Generator Since hexadecimal characters are not easily remembered this device offers a conversion utility to convert a simple word or phrase into hex 29 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 6 802 1X Setting Checkbox was used to switch the function of the 802 1X When the 802 1X function is enabled the Wireless user must authenticate to this router first to use the Network service RADIUS Server IP address or the 802 1X server s domain name RADIUS Shared Key Key value shared by the RADIUS server and this router This key value is consistent with the key value in the RADIUS server se eee Wireless ADSL Router Control Panel gt Administrator s 7 Main Menu Wireless Setting Eten gt Wireless C Disable Enable b Network ID SSID ADSLWLAN1 ee y gt Hide SSID C Disable Enable DHCP Server gt Channel
43. e subnet of LAN site of remote gateway Remote netmask Remote netmask combined with remote subnet to form a subnet domain of remote end Remote gateway The IP address of remote VPN gateway Pre shared key The first key that supports IKE mechanism of both VPN gateways for negotiating further security keys The pre shared key must be same for both end gateways Function of Buttons Select IKE proposal Click the button to setup a set of frequent used IKE proposals and select from the set of IKE proposals for the dedicated tunnel Proposals for the dedicated tunnel Select IPSec proposal Click the button to setup a set of frequent used IPSec proposals and select from the set of IKE proposals for the dedicated tunnel VPN Settings Set IKE Proposal Administrator s Main Menu VPN Settings Tunnel 1 Set IKE Proposal e Wizard gt IKE Proposal index Packet Filters 1D Life Domain Filters Time Unit URL Blocking 1 Group 1 400 sec e PIECEN 3 pa is o Sec 5 Group 1 spes sHai see gl 6 Group 1 soes Z su1z see H 7 Group 1 spes s stg o E 8 Group 1 soes sug fo E 9 Group 1 soes suis E io Grow 1x 3bes SHALT b Sec Ul SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router IKE Proposal index A list of selected proposal indexes from the IKE proposal pool listed below The selecti
44. es a specific client IP Address Expected IP address of the corresponding client Keep it empty if you don t care its IP address When Connection control is checked check C will allow the corresponding client to connect to this device When Association control is checked check A will allow the corresponding client to associate to the wireless LAN p D You can select a specific client in the DHCP clients Combo box and then click on the Copy to button to copy the MAC address of the client you select to the ID selected in the ID Combo box Previous page and Next Page To make this setup page simple and clear we have divided the Control table into several pages You can use these buttons to navigate to different pages 47 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 5 VPN setting s Wireless ADSL Router Control Panel gt Administrator s Main Menu VPN Settings pede gt VPN C Enable b Max number of tunnels o ID Tunnel Name Method j Packet Filters i x More Domain Filters URL Blocking MAC Control v F Miscellaneous mn amp W WN AENEA 3 i lt lt Previous VPN Settings are settings that are used to create virtual private tunnels to remote VPN gateways The tunnel technology supports data confidentiality data origin authentication and d
45. essfully installed one network card on your personal computer If not please refer to your network card manual Moreover the Section B 2 tells you how to set TCP IP values for working with this NAT Router correctly A 1 Install TCP IP Protocol into Your PC 1 Click Start button and choose Settings then click Control Panel Double click Network icon and select Configuration tab in the Network window Click Add button to add network component into your PC MD E Double click Protocol to add TCP IP protocol Select Network Component Type EE Add Cancel Click the type of network component you want to install Protocol is a language a computer uses Computers must use the same protocol ta communicate 76 SIEMENS ADSL SL 041 User Manual Appendix A 5 Select Microsoft item in the manufactures list And choose TCP IP in the Network Protocols Click OK button to return to Network window i j Fast Infrared Protocol 3 IPX SPX compatible Protocol Microsoft 32 bit DLE Y Microsoft DLC a NetBEUI Y TCR 6 The TCP IP protocol shall be listed in the Network window Click OK to complete the install procedure and restart your PC to enable the TCP IP protocol 77 SIEMENS ADSL SL 041 User Manual Appendix A A 2 Set TCP IP Protocol for Working with NAT Router 1 Click Start button and choose Settings then click Control Panel 2 Double click Network icon Select the TCP IP line that has
46. g address of the IP address pool 4 Domain Name Optional this information will be passed to the client 5 Primary DNS Secondary DNS This feature allows you to assign DNS Servers 6 Primary WINS Secondary WINS This feature allows you to assign WINS Servers 7 Gateway The Gateway Address would be the IP address of an alternate Gateway This function enables you to assign another gateway to your PC when DHCP server offers an IP to your PC 28 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 3 Wireless Setting and 802 1X setting s s Wireless ADSL Router Control Panel gt Administrator s 3 a Main Menu Wireless Setting e Status Pte Setting eee gt Wireless C Disable amp Enable b Network ID SSID ADSLWLAN1 j A i gt Hide SSID ODisable Enable DHCP Server gt Channel 1 Wireless b Wireless connecting mode C 11g only Mixed C 11b only Change Password gt Security WEP b WEP C Enable IEEE 64 bit Shared Key security Enable IEEE 128 bit Shared Key security WEP Key 1 1919191919191919191919 C WEP Key 2 C WEP Key 3 C WEP Key 4 Wireless settings allow you to set the wireless configuration items 1 Network ID SSID Network ID is used for identifying the Wireless LAN WLAN Client stations can roam freely over the SI 041 and other Access Points that have the same Network ID The factory setting is default Channel The radio channel number Th
47. happened after you changed the settings just reset it to default values to recover the physical characteristics Schedule Rule 4 6 1 System Time SIEMENS 5 Wireless ADSL Router Control Panel Administrator s Main Menu System Time b Get Date and Time by NTP Protocol Sync Now time windows com e Status e Wizard Time Server Time Zone GMT 01 00 Amsterdam Berlin Bern Rome Stockholm Vienna b Set Date and Time using PC s Date and Time ADSL Modem PC Date and Time Mittwoch 9 Februar 2005 15 22 41 System Time System Log b C Set Date and Time manually Dynamic DNS Date Year 2004 Month Aug Day 1 z SNMP SUE Time Heur o 0 23 Minute o 0 59 Second 0 0 59 Schedule Rule gt Daylight Saving C Enable Disable Start Month Jan Day fa gt Hour o x End Month Jan Day 1 E Hour o 58 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Get Date and Time by NTP Protocol Selected if you want to Get Date and Time by NTP Protocol Time Server Select a NTP time server to consult UTC time Time Zone Select a time zone where this device locates Set Date and Time manually Selected if you want to Set Date and Time manually Function of Buttons Sync Now Synchronize system time with network time server 4 6 2 System Log s s Wireless ADSL Router Control Panel
48. ice vliscellaneous Miscellaneous MAC Address for Wake on LAN Let you to power up another network device remotely Domain Name or IP address for Ping Test Allow you to configure an IP and ping the device You can ping a secific IP to test whether it is alive 70 SIEMENS ADSL SI 041 User Manual 4 7 1 System Log Administrator s Main Menu e Status e Wizard View Log Firmware Upgrade Load Settings Backup Setting Reset to Default Reboot Miscellaneous Configuring ADSL Wireless Broadband Router System Log WAN Type PPP over Ethernet R1 01f1RAG Display time Sun Aug 01 00 00 29 2004 Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag Sonntag 1 August 2004 00 00 09 Modem Initialization OK 1 August 2004 00 00 10 Admin from 192 168 1 127 login successfully 1 August 2004 00 00 13 Wait for ACTIVATING 1 August 2004 00 00 20 ACTIVATING 1 August 2004 00 00 27 ADSL Connection Opened 1 August 2004 00 00 27 ADSL OperationMode Available T 1 1 1 1 I August 2004 00 00 27 The ADSL FIRMWARE VER is 13 9 45 August 2004 00 00 27 Connected with ITU G DMT mode August 2004 00 00 27 Data Rate Fast August 2004 00 00 27 DownStream 3072 Kbps UpStream 256 Kbps August 2004 00 00 27 Vendorld near end 0022 August 2004 00 00 27 Vendorld far end FFFF Ra l DOCK You can View system
49. ion when someone accesses the specific URLs Privilege IP Addresses Range Setting a group of hosts and privilege these hosts to access network without restriction Domain Suffix A suffix of URL to be restricted For example com xxx com Action When someone is accessing the URL met the domain suffix what kind of action you want Check drop to block the access Check log to log these accesses Enable Check to enable each rule 42 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Example Administrator s P t Main Menu Domain Filter Status SS ct EEEENSSSNSNNNEN Wizard gt Domain Filter lv Enable gt Log DNS Query Iv Enable b Privilege IP Addresses Range From E To o RE AREE TUN E Packet Filters www msn com M Drop M Log Iv Domain Filters arated 2 M Drop EiLog z MAC Control 3 www gogge com Iv Drop F Log Iv Miscellaneous 4 SY O Drop FiLog r 5 O Drop O Log C 6 Drop Log C 7 oT C Drop Log E 8 C Drop C Log m 9 C Drop C Log 10 all others C Drop Log Reboot In this example 1 URL include www msn com will be blocked and the action will be record in log file 2 URL include www sina com will not be blocked but the action will be record in log file 3 URL include www google com will be blocked but the action will not be record in log file 4 IP address X X X 1 X X X 20 can access network without restriction 43 SIEMENS AD
50. ireless Broadband Router The SL 041 is specifically designed for Small Office and Home Office needs It provides a complete SOHO solution for Internet surfing and is easy to configure and operate even for non technical users Instructions for installing and configuring the SL 041 can be found in this manual Before you install and use the SL 041 please read this manual carefully for fully exploiting the functions of the SL 041 Functions and Features Router Basic functions Auto sensing Ethernet Switch Equipped with a 4 port auto sensing Ethernet switch WAN type supported The router supports some WAN types Ethernet Over ATM RFC 1483 Bridged without NAT Ethernet Over ATM RFC 1483 Bridged with NAT IP over ATM RFC 1483 Routed Classical IP over ATM RFC 1577 PPP over ATM RFC 2364 PPP over Ethernet RFC 2516 e Firewall All unwanted packets from outside intruders are blocked to protect your Intranet DHCP server supported All of the networked computers can retrieve TCP IP settings automatically from the SL 041 Web based configuring Configurable through any networked computer s web browser using Netscape or Internet Explorer Virtual Server supported Enables you to expose WWW FTP and other services on your LAN to be accessible to Internet users User Definable Application Sensing Tunnel User can define the attributes to support the special applications requiring multiple connections like Internet gaming video
51. k field TCPAP Proneities 92 168 1 115 255 255 255 0 80 SIEMENS ADSL SL 041 User Manual Appendix A b In the Gateway tab add the IP address of the SL 041 default IP is 192 168 1 1 in the new gateway field and click Add button TCP IP Properties 192 1688 1 1 ff 192 168 1 1 c In the DNS Configuration tab add the DNS values which are provided by the ISP into DNS Server Search Order field and click Add button TCP IP Properties 195 186 4 111 A 195 186 1 108 Sus Im rte Ta ES TIGPVTE 81 SIEMENS ADSL SL 041 User Manual Appendix B Appendix B 802 1x Setting PC 1 USER A A D Wireless S ee Authentication Server USER B men ad Windows 2000 Radius server i 192 168 1 33 Figure 1 Testing Environment Use Windows 2000 Radius Server 1 Equipment Details PC1 Microsoft Windows XP Professional without Service Pack 1 SIEMENS wireless LAN adapter Driver version 3 0 5 0 Driver date 03 05 2003 PC2 Microsoft Windows XP Professional with Service Pack 1a SIEMENS wireless LAN USB adapter Driver version 1 7 29 0 Driver date 10 20 2001 Authentication Server Windows 2000 RADIUS server with Service Pack 3 and Hot Fix Q313664 Note Windows 2000 RADIUS server only supports PEAP after upgrade to service pack 3 and Hot Fix Q313664 You can get more information from
52. l Netmask p55 255 255 0 gt Remote Subnet 192 168 12 0 Packet Filters Scd gt Remote Netmask p55 255 255 0 Domain Filters URL Blocking b Remote Gateway llink dyndns org J dus Control 3 Preshare Key 12345677 PaCS oe wa Miscellaneous gt IKE Proposal index Select IKE Propos gt IPSec Proposal index Select IPSec Proposal Em No VPN Settings IKE There are three parts that are necessary to setup the configuration of IKE for the dedicated tunnel basic setup IKE proposal setup and IPSec proposal setup Basic setup includes the setting of following items local subnet local netmask remote subnet remote netmask remote gateway and pre shared key The tunnel name Is derived from previous page of VPN setting IKE proposal setup includes the setting of a set of frequent used IKE proposals and the selecting from the set of IKE proposals Similarly IPSec proposal setup includes the setting of a set of frequent used IPSec proposals and the selecting from the set of IPSec proposals Basic setup Local subnet The subnet of LAN site of local VPN gateway It can be a host a partial subnet and the whole subnet of LAN site of local gateway 49 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Local netmask Local netmask combined with local subnet to form a subnet domain Remote subnet The subnet of LAN site of remote VPN gateway it can be a host a partial subnet and the whol
53. ls for PPTP clients Each tunnel can accept more than one client User is required to configure Virtual IP of PPTP Server Authentication Protocol PPTP Tunnel Name and User Account Password Virtual IP of PPTP Server PPTP server s virtual IP User must assign a virtual IP for PPTP Server Authentication Protocol Protocols that Clients can use to authenticate to Server PPTP Tunnel Name Username and Password Each tunnel defined a username and password that clients can use to connect to PPTP Server 55 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 5 Miscellaneous Items cee ee Wireless ADSL Router Control Panel Administrator s P Main Menu Miscellaneous Items e Status Se E Nc e Wizard a gt Remote Administrator Host Port o 0 0 0 es b Administrator Time out 600 seconds 0 to disable gt Discard PING from WAN side b VPN PPTP Pass Through Packet Filters gt VPN IPSec Pass Through Domain Filters qaq URL Blocking AC Control Miscellaneous Save Undo Help Reboot Remote Administrator Host Port In general only Intranet user can browse the built in web pages to perform administration task This feature enables you to perform administration task from remote host If this feature is enabled only the specified IP address can perform remote administration If the specified IP address is 0 0 0 0 any host can connect to the SL 041 to perform administration ta
54. nabled Loa out Log out _ M El BELSDGNENZS Help Reboot d mE AUA Sa ee Saved The change doesn t take effective until rebooting PRECII irn M CS a Save Undo More gt gt Save eet Mo iore pnm 24 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Press More gt gt Administrator s E Main Menu Primary Setup Wizard i b LAN IP Address 192 168 1 1 AE e P WAN Type PPP over ATM _ Change OAM Setup b PPPoA Account spad59 bluewin ch DHCP Server b PPPoA Password Wireless Change Password gt Maximum Idle Time 300 seconds gt Connection Control Connect on demand b PPPoA Service Name optional gt Assigned IP Address 0 0 0 0 optional gt Data Encapsulation ic X y gt VPI Number B b VCI Number b Schedule type UBR b Auto backup l Enabled PPPoA Account Password The account ID amp password provided by your ISP Maximum Idle Time The time of no activity disconnect to your PPPoA session You can also set it to zero or enable Auto reconnect to disable this feature If Auto reconnect is enabled the SL 041 will automatically connect to ISP after system is restarted or connection is dropped VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate PPPoA
55. ng activity is performed by selecting a proposal ID and clicking add to button in the bottom of the page There are only four indexes can be chosen from the proposal pool for the dedicated tunnel Remove button beside the index list can remove selected proposal index before Proposal name It indicates which IKE proposal to be focused First char of the name with OxOO value stands for the IKE proposal is not available DH group There are three groups can be selected group 1 MODP768 group 2 MODP1024 group 5 MODP1 536 Encryption algorithm There are two algorithms can be selected 3DES and DES Authentication algorithm There are two algorithms can be selected SHA1 and MD5 Life time The unit of lifetime is based on the value of Life Time Unit If the value of unit is second the value of life time represents the life time of dedicated VPN tunnel between both end gateways Its value ranges from 300 seconds to 172 800 seconds If the value of unit is KB the value of life time represents the maximum allowable amount of transmitted packets through the dedicated VPN tunnel between both end gateways Its value ranges from 20 480 KBs to 2 147 483 647 KBs Life time unit There are two units can be selected second and KB Proposal ID The identifier of IKE proposal can be chosen for adding corresponding proposal to the dedicated tunnel There are total ten proposals can be set in the proposal pool At most only four proposals from the pool
56. nterference such as a metal wall or microwave oven This location must be close to power and network connection 2 Setup LAN connection a Wired LAN connection connects an Ethernet cable from your computer s Ethernet port to one of the LAN ports of the SL 041 b Wireless LAN connection locate the SI 041 at a proper position to gain the best transmits performance Existing Connection Figure 2 3 Setup of LAN and WAN connections for the SL 041 3 Setup ADSL connection Prepare an Ethernet cable for connecting the SL 041 to your cable xDSL modem or Ethernet backbone Figure 2 3 illustrates the WAN connection 4 Power on Connecting the power cord to power inlet and turning the power switch on the SI 041 will automatically enter the self test phase When it is in the self test phase the indicators STATUS will be lighted ON for about 10 seconds and then STATUS will be flashed 3 times to indicate that the self test operation has finished Finally the STATUS will be continuously flashed once per second to indicate that the SL 041 is in normal operation 10 SIEMENS ADSL SL 041 User Manual Network Settings and Software Installation Chapter 3 Network Settings and Software Installation To use the SL 041 correctly you have to properly configure the network settings of your computers and install the attached setup program into your MS Windows platform Windows 95 98 NT 2000 3 1 Make Correct Network Settings of Your Comp
57. ow you to set device time manually or consult network time from NTP server e Wizard System Log Send system log to a dedicated host or email to specific receipts Dynamic DNS To host your server on a changing IP address you have to use dynamic domain name service DDNS ADSL Modem System Time 5vstem Log Dynamic DNS SNMP SNMP Gives a user the capability to remotely manage a Routing computer network by polling and setting terminal values Schedule Rule and monitoring network events Routing If you have more than one routers and subnets you may want to enable routing table to allow packets to find proper routing path and allow different subnets to communicate with each other Schedule Rule Allow you to set schedule rule that will be applied on x 5 7 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router SIEMENS s 5 Wireless ADSL Router Control Panel Administrator s Main Menu ADSL Modem Performance Setting e Status e Wizard b Tx Gain Offset gt Target Noise Margin Offset gt Max Bits per Tone b Rx Gain Offset gt Tx Output Power Offset gt Rx Output Power Offset 0 0 rjdBm b ADSL Open Type Auto Mode E SYSTEM Log Dynamic DNS SNMP Routing Warning The integrated ADSL modem might not work well if these parameters were set improperly DO NOT try to adjust these parameters under normal usage If any problem has
58. r Main Menu einan aS EE EE n Wizard gt Outbound Filter M Enable Allow all to pass except those match the following rules C Deny all to pass except those match the following rules ID Source IP Ports Destination IP Ports cum Use Rule 2 3 100 1 2 3 110 22340 123 4081 Packet Filters Domain Filters URL Blocking MAC Control Miscellaneous R Rl 71 O FAAP 1 2 3 4 5 6 7 8 Li Boo Help 192 168 1 100 192 168 1 119 They can do everything except read net news port 119 and transfer files via FTP port 21 Others are allowed After Outbound Packet Filter setting is configured click the save button 41 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 2 Domain Filter Administrator s Domain Filter Main Menu we a a iHHirigj s e Wizard gt Domain Filter M Enable gt Log DNS Query M Enable b Privilege IP Addresses Range From fi To 20 ID Domain Suffix Action Enable Packet Filters 1 www msncom Iv Drop M Log I oe z E Drop Fes MAC Control 3 O Drop O Log O Miscellaneous 4 ODrop OL g C 5 C Drop O Log 1 6 C Drop Log El 7 C Drop O Log O 8 C Drop F Log E 9 C Drop D Log 10 C Drop FLog e Domain Filter Let you prevent users under this device from accessing specific URLs Domain Filter Enable Check if you want to enable Domain Filter Log DNS Query Check if you want to log the act
59. ronment of your computers properly configured Tip If the IP address of the SL 041 is 192 168 1 1 the IP address of your computer must be 192 168 1 X and default gateway must be 192 168 1 1 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Chapter 4 Configuring ADSL Wireless Broadband Router The SL 041 provides Web based configuration scheme that is configuring by your Web browser such as Netscape Communicator or Internet Explorer This approach can be adopted in any MS Windows Macintosh or UNIX based platforms Wireless Broadband Router mee Fast Ethernet Windows SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 1 STATUS and Log in User s Main Menu System Status a Ee o WAN Type PPP over Ethernet default admin IP Address 0 0 0 0 Tm Subnet Mask 0 0 0 0 Gateway 0 0 0 0 Domain Name Server 0 0 0 0 ADSL Connection Sb SOL a e Status System Password BEER el Peripheral Status Dial up Modem Not ready Statistics of WAN Outbound loctets s Unicast Packets E 3 Non unicast Packets 0 0 Activate your browser and disable the proxy or add the IP address of the SL 041 into the exceptions Then type the SL 041 s IP address in the Location for Netscape or Address for IE field and press ENTER For example http 192 16
60. s of websites connection by simply a keyword e 802 1X supported When the 802 1X function is enabled the Wireless user must authenticate to this router first to use the Network service e SPI Mode Supported When SPI Mode is enabled the router will check every incoming packet to detect if this packet is valid DoS Attack Detection Supported When this feature is enabled the router will detect and log the DoS attack comes from the Internet SIEMENS ADSL SL 041 User Manual Introduction Advanced functions System time Supported Allow you to synchronize system time with network timeserver E mail Alert Supported The router can send its info by mail Dynamic dns Supported At present the router has 3 ddns dyndns TZO com and dhs org SNMP Supported Because SNMP this function has many versions anyway the router supports V1 and V2c Routing Table Supported Now the router supports static routing and two kinds of dynamic routing RIP1 and RIP2 e Schedule Rule supported Customers can control some functions like virtual server and packet filters when to access or when to block Other functions UPNP Universal Plug and Play Supported The router also supports this function The applications X box MSN Messenger SIEMENS ADSL SL 041 User Manual Hardware Installation Chapter 2 Hardware Installation 2 1 Panel Layout 2 1 1 Front Panel Power Status LINK SIEMENS e o peo e eo oe eO 1 2 3 4 o
61. sk You can use subnet mask bits nn notation to specified a group of trusted IP addresses For example 10 1 2 0 24 NOTE When Remote Administration is enabled the web server port will be shifted to 88 You can change web server port to other port too Administrator Time out The time of no activity to logout automatically Set it to zero to disable this feature Discard PING from WAN side When this feature is enabled any host on the WAN cannot ping the SL 041 SPI Mode When this feature is enabled the router will record the packet information pass through the router like IP address port address ACK SEQ number and so on And the router will check every incoming packet to detect if this packet is valid 56 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router DoS Attack Detection When this feature is enabled the router will detect and log the DoS attack comes from the Internet Currently the router can detect the following DoS attack SYN Attack WinNuke Port Scan Ping of Death Land Attack etc VPN PPTP IPSec Pass Through Please enable this feature if you need to establish a PPTP or IPSEC connection that will pass through this device 4 6 Advanced Settings SIEMENS s Wireless ADSL Router Control Panel Administrator s ADSL Modem Main Menu These parameters allow the user to tune the performance of the CPE modem e Status System Time All
62. t Administrator s Main Menu e Status Setup Wizard Change Password e Wizard Change login password Click Next to continue Old Password New Password Reconfirm For security it s recommend to change the default password Keep this password safely Click Next gt 15 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router Administrator s Main Menu e Status Setup Wizard e Wizard Configuration is Completed Configurations will not take effective until rebooting Please click Reboot The configuration is now complete Press Reboot to reboot your PC 16 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 Basic Setting SIEMENS s Wireless ADSL Router Control Panel Administrator s Main Menu T Basic Setting e Status e Wizard Primary Setup Configure LAN IP and select WAN type Primary Setup OAM Setup OAM Setup DHCP Server Allow you to set the OAM feature for virtual channel Wireless DHCP Server The settings include Host IP Subnet Mask Gateway DNS and WINS configurations Change Password Wireless Wireless settings allow you to configure the wireless configuration items Change Password Allow you to change system password 4 3 1 Primary Setup WAN Type SIEMENS s s Wireless ADSL Rou
63. ter Control Panel Administrator s 7 Main Menu Primary Setup e Status a INN PAG gt LAN IP Address 92 16811 Primary Setup P WAN Type PPP over Ethernet _ Change OAM Setup b PPPoE Account spad59 bluewin ch gt he i Pe RR gt PPPoE Password zm ee am gt Maximum Idle Time 300 seconds gt Connection Control Connect on demand x b Data Encapsulation b VPI Number b VCI Number P Schedule type b Auto backup More gt gt 2 CLEES Press Change 17 SIEMENS ADSL SI 041 User Manual Configuring ADSL Wireless Broadband Router ee ee Wireless ADSL Router Control Panel Administrator s Main Menu WAN Setup Status WAN Type WAN IP Mode AW iza rd C Ethernet Over ATM RFC 1483 Bridged without NAT C Ethernet Over ATM RFC 1483 Bridged with NAT Primary Setup C IP over ATM RFC 1483 Routed OAM Setup C Classical IP over ATM RFC 1577 DHCP Server Wireless Change Password C PPP over ATM RFC 2364 PPP over Ethernet RFC 2516 C StaticIP Dynamic IP StaticIP Dynamic IP C Static IP Dynamic IP This page is primary to enable the SI 041 to work properly The setting items and the web appearance depend on the WAN type Choose correct WAN type before you start 1 LAN IP Address the local IP address of this device The computers on your network must use the LAN IP address of your product as their Default Gateway You can change it if ne
64. to Point Tunneling Protocol PPTP and Layer 2 Forwarding L2F technology L2TP provides security for a virtual private network VPN connection from the remote user to the corporate LAN User can build up to five L2TP tunnels for L2TP clients Each tunnel can accept more than one client User is required to configure Virtual IP of L2TP Server Authentication Protocol L2TP Tunnel Name and User Account Password Virtual IP of L2TP Server L2TP server s virtual IP User must assign a virtual IP for L2TP Server Authentication Protocol Protocols that Clients can use to authenticate to Server L2TP Tunnel Username and Password Each tunnel defined a username and password that clients can use to connect to L2TP Server 54 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 5 4 VPN Settings PPTP Server PPTP Point to Point Tunneling Protocol is a tunneling d ee Wireless ADSL Router Control Panel Administrator s 5 Main Menu VPN Settings PPTP Server e Status o e OOOO OOOO O O PEN gt PPTP Server Iv Enable gt Virtual IP of PPTP Server 10 o o d b Authentication Protocol PAP CCHAP CMSCHAP Packet Filters Domain Filters 1 URL Blocking MAC Control SY Miscellaneous in sk W N protocol for connecting clients and servers PPTP can be used to create a Virtual Private Network VPN between the remote user and the corporate LAN User can build up to five PPTP tunne
65. to renew your IP address automatically when the lease time is expiring even when the system is idle SIEMENS s Wireless ADSL Router Control Panel Administrator s Main Menu Primary Setup e Status ete lC sig e Wizard gt LAN IP Address fis2 168 1 1 p T k WAN Type RFC1483 Bridge Mode with NAT OAM Setup gt WAN IP Mode Dynamic IP Address DHCP Server P WAN s MAC Address 00 50 18 21 BB 6 Clone MAC pum d E gt Renew IP Forever Enable Auto reconnect gt Data Encapsulation ic g gt VPI Number s gt VCI Number s gt Schedule type UBR b Auto backup Enabled Virtual Computers EU S NER SING QUE D Pte een Save Undo Help Reboot Saved The change doesn t take effective until rebooting 21 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 3 1 3 IP over ATM RFC 1483 Routed Administrator s E Main Menu Primary Setup Wizard i gt LAN IP Address 192 168 1 1 z hange b WAN Type RFC1483 Router Mode with NAT _ Change E DAM Setup gt WAN IP Mode Static IP Address DHCP Server gt WAN IP Address 0 0 0 0 Or d gt WAN Subnet Mask 0 0 0 0 Change Password he Soin i b WAN Gateway 0 0 0 0 b Primary DNS 0 0 0 0 Primary Setup b Secondary DNS 50 00 gt WAN s MAC Address 00 50 18 21 BB 62 Clone MAC gt Data Encapsulation ic g gt VPI Number B gt VCI Number 5 P Schedule type UBR Save
66. u prevent users under this device from accessing specific URLs URL Blocking URL Blocking will block LAN computers to connect to pre defined websites MAC Address Control MAC Address Control allows you to assign different access right for different users and to assign a specific IP address to a certain MAC address Miscellaneous Remote Administrator Host In general only Intranet user can browse the built in web pages to perform administration task This feature enables you to perform administration task from remote host Administrator Time out The amount of time of inactivity before the device will automatically close the Administrator session Set this to zero to disable it Discard PING from WAN side When this feature is p enabled hosts on the WAN cannot pina the Device xl 36 SIEMENS ADSL SL 041 User Manual Configuring ADSL Wireless Broadband Router 4 5 1 Packet Filter Administrator s Main Menu Outbound Packet Filter e Status tem Setting o e Wizard gt Outbound Filter C Enable Allow all to pass except those match the following rules C Deny all to pass except those match the following rules m Source IP Ports Destination IP Ports Enable Use Rule Packet Filters r 1 Domain Filters URL Blocking MAC Control i Miscellaneous i sab i il U n f iad a leii Schedule rule 00 Always Z _ Copy to
67. up a home or small npffice network Figure 6 Authentication success 4 2DUT authenticate PC2 using PEAP TLS 1 PC2 choose the SSID of DUT as the Access Point 2 Set authentication type of wireless client and RADIUS server both to PEAP TLS 3 Disable the wireless connection and enable again 4 The DUT will send the user s certificate to the RADIUS server and then send the message of authentication result to PC2 5 Windows XP will prompt that the authentication process is success or fail and end the authentication procedure 6 Terminate the test steps when PC2 get dynamic IP and PING remote host successfully Support Type The router supports the types of 802 1x Authentication PEAP CHAPv2 and PEAP TLS Note 1 PC1 is on Windows XP platform without Service Pack 1 2 PC2 is on Windows XP platform with Service Pack 1a 3 PEAP is supported on Windows XP with Service Pack 1 only 4 Windows XP with Service Pack 1 allows 802 1x authentication only when data encryption function is enabled 87 SIEMENS ADSL SL 041 User Manual Appendix C Appendix C FAQ and Troubleshooting Reset to factory Default 1 Restore with RESET button First turn off the router and press the RESET button in And then power on the router and hold the RESET button down until the STATUS and or M2 LED or Status LED start flashing then move away the hand If LED flashes about 8 times the RESTORE process is completed However if LED flashes
68. uter The default IP address of the SL 041 is 192 168 1 1 and the default subnet mask is 255 255 255 0 These addresses can be changed on your need but the default values are used in this manual If the TCP IP environment of your computer has not yet been configured you can refer to Appendix A to configure it For example 1 Configure IP as 192 168 1 100 subnet mask as 255 255 255 0 and gateway as 192 168 1 1 or more easier 2 Configure your computers to load TCP IP setting automatically that is via DHCP server of the SL041 After installing the TCP IP communication protocol you can use the ping command to check if your computer has successfully connected to the SL 041 The following example shows the ping procedure for Windows 95 platforms First execute the ping command ping 192 168 1 1 If the following messages appear Pinging 192 168 1 1 with 32 bytes of data Reply from 192 168 1 1 bytes 32 time 2ms TTL 64 A communication link between your computer and the SL 041 has been successfully established Otherwise if you get the following messages Pinging 192 168 1 1 with 32 bytes of data Request timed out There must be something wrong in your installation procedure You have to check the following items in sequence 1 Is the Ethernet cable correctly connected between the SL 041 and your computer Tip The LAN LED of the SL 041 and the link LED of network card on your computer must be lighted 2 Is the TCP IP envi

Download Pdf Manuals

Related Search

Related Contents

HP 400r User's Manual  SMS Smart Media Solutions X CH S605 Triangle  Télécharger la notice complète en pdf    SPEEDLINK SL-8271-BK speaker set  First Alert 2054DF Home Security System User Manual  Manual 2 - ibuyer (HK)  COUVERTURE SOPRO 717 First multilingue:Mise en page 1.qxd  動画活用法と アクセス解析手法  KISAE IC122055 Use and Care Manual  

Copyright © All rights reserved. Failed to retrieve file