Technicolor - Thomson 605 Network Router User Manual
Contents
1. Chapter 4 Basic Configuration Your SpeedTouch is protecting your network against malicious intrusions This page shows you the intrusions you are protected against The Protected Intrusions table shows the number of times the SpeedTouch actively protected your network against each intrusion since last statistics reset Your SpeedTouch is protecting your network against malicious intrusions This page shows you the Intrusions you are protected against Protected Intrusions The table shows the number of times the SpeedTouch actively protected your network against each intrusion since last statistics reset Intrusion Name fragment_sweep zero length_fragment_size small_fragment_size fragment_size_oyverrun fragment_overlap fragment_out of order ip_ protocol scan tcp_port_scan tcp_syn_scan stealth_tcp_null_scan stealth_tcp_fin_scan stealth_tcp_xmas_scan stealth_tcp_full_xrmas_scan stealth_tcp_yvecna_scan stealth_tcp_syn fin_scan udp port_scan pINg_sWeep scan tep_syn_flood udp flood ping_flood icmp unreachable storm smurt_broadcast_attack smurt_storm_attack fraggle_broadcast_attack fraggle_storm_attack land attack spoofed packet tep_null_port tep_data_on_syn_segment tep_invalid_urgent_offset udp_null_port icmp _type_unknown icmp code _unknown ip_zero_payload ten rata limitima speedtouch Count aa O PSS 2 fs o pag o pag o 8s O fea O Res OC 8s O Rs Oo RSs oO F O pE O pS Oo pg Oo p oO p2. Following fields are available gt Destination Controls the networks that can be reached via this particular PPP connection Specify the remote host or network in prefix notation e g 172 16 0 0 16 gt Label Allows you to assign a label to this connection S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities Following fields are available gt Mode A PPP connection can be established in three ways gt Manually You have to press the Dial In button of a particular connection gt Always On The SpeedTouch automatically tries to establish PPP connections gt On Demand A PPP connection is triggered by specific frames arriving at the Ethernet port gt Idle Time Limit Allows you to specify after which time limit the PPP connection is released Otherwise stated if no traffic passes over the PPP connection for Idle Time the connection is closed gt Authentication allows you to select the default PPP authentication mechanism when starting the PPP session Via the drop down box three authentication methods can be selected for the connection gt Auto default Preferably the CHAP Challenge Handshake Authentication Protocol will be used However if not successful PAP Password Authentication Protocol authentication is used instead If in turn PAP fails the connection will
3. 4 Click Apply to add the IP address To change the configuration of an existing IP address 1 Select the IP address entry 2 Make your changes 3 Click Apply Speedtouch E Chapter 5 Expert Configuration 9 3 2 Expressions Overview Expressions are used in rules for source and destination interface source and destination IP address es ranges and services The Expressions page consists of three sections gt Interface gt IP gt Service interface o Service ey expression Summary DHCP S_if_O intf land DHCP R_if_O intf questi wan intfgroup 0 local intfgroup 1 lan intfgroup 2 tunnel intfgroup 3 dmz intfgroup 4 guest intfgroup 5 _Internet intf Internet _lani intf land _wanl intf wand _dmzi intf dmz1 _guesti intf guesti HTTF_if_0 intfgroup 2 HTTFs_if_0 intfgroup 2 FTP_if_0O intfgroup 2 TELMET_if_O intfgroup 2 DNS 5_if_0 intfgroup 2 SNMF_AGENT_if_O intfgroup 2 PING RESPONDER_if_0 intfgroup 2 HTTPI_if_O intf land Click New to create a new entry Expressions are also used by the SpeedTouch Stateful Inspection Firewall Interface The Interface section bundles all expressions that express a relation based on Interfaces The Expressions table provides following information per expression gt The Name of the expression gt A Summary of the expression s configuration gt For more detailed information you can expand the expression click
4. Firstname a Lastname Email Confirm Email Request Software Key Complete the form to request a new software Key Select the Request Software Key button to proceed Eey dx Tocezcodke 9tuyikax2ziceulyo trrbesGNhlsTcat As a result you will get a text box with the key in it Copy the key and past it into the Software Activation Code Input Display and click the Add button g Key saved Restart to activate key Name Description ile Status O O VPM256 32 IPSEC based YPN capability VPN256 32 sl Key Verified Restart ISDN ISON Backup capability None No Key SIP256 Session Initiation Protocol capability None No Key Re start Click the Restart button to restart the SpeedTouch and activate the software module A progress bar will show indicating the time needed S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction system software upgrades availability system software packages and security system software upgrades Preliminary steps E DOC CTC 20050429 0104 v1 0 Chapter 7 Software Upgrade software Upgrade This chapter describes how to upgrade the SpeedTouch system software or firmware For the availability of new system software version packages you can gt Click the SpeedTouch Maintenance link available on the Setup CD menu gt Go to the embedded Update page gt Check for SpeedTouch upgrades at http www speedtouch com upgrade All system software pack
5. Menu items Collapsing and expanding the menu E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Menu The menu is located on the left side of the page and consists of the following menu items gt SpeedTouch Provides basic information on the SpeedTouch Broadband Connection Allows you to view configure your broadband connections Toolbox Allows you to assign games or applications to a device and secure your Internet connection Office Network Allows you to manage your local network Expert Configuration Mode Allows you to go to Expert Configuration mode for advanced configuration and maintenance of your SpeedTouch device You are able to collapse expand the menu by clicking the arrow located on the top of the menu speedtouch Chapter 4 Basic Configuration 4 1 2 Language Bar Language bar The language bar is located under the SpeedTouch logo and allows you to change the language of the SpeedTouch web interface o The language bar will only be shown if more than one language is available Speedtouch E 4 1 3 Navigation Bar Navigation bar The navigation bar is located on the top of the page and allows you to gt View the current user name Click this name to change your password or switch to another user gt View the current position on the SpeedTouch web interface gt Get context related Help information Display level Depending on the
6. Speedtouch 171 Chapter 5 Expert Configuration Chapter 5 Expert Configuration 172 0 7 VPN Availability Overview The VPN feature is only available if you activated the VPN software module For more information see 5 2 10 Add on on page 122 The VPN menu consists of following items LAN to LAN connect your LAN with a remote LAN through an IPSec VPN tunnel VPN Client set up a connection between the SpeedTouch and a remote VPN server VPN Server set up the SpeedTouch as a VPN server Advanced configure VPN tunnels with a component oriented environment Debug see status statistics and logging Certificates manage your authentication certificates Speedtouch E DOC CTC 20050429 0104 v1 0 0 7 1 Tabs Configuration procedure E DOC CTC 20050429 0104 v1 0 LAN to LAN The LAN to LAN page consists of two tabs Select gt Remote Gateway Address Known as the starting page when the SpeedTouch must be able to initiate a VPN connection gt Remote Gateway Address Unknown as the starting page when the SpeedTouch only needs to have responder capability By not specifying the Remote Gateway Address you allow additional sites to join the VPN without requiring any modification to the configuration of your SpeedTouch Gateway Address Local Network Remote Network State Empty table Remote Gateway Address or FQODN Backup Address or FODN
7. gt Type displays the device type gt Connected To displays the interface to which the device is currently connected gt Allowed on LAN indicates whether the wireless client is allowed to connect to the SpeedTouch WLAN gt Addressing allows you to view gt Physical Address displays the MAC address of the device gt IP Address Assignment displays whether the device is using a static or dynamic IP address gt IP Address displays the current IP address of the device gt Always use the same address indicates whether the wireless client has a static DHCP lease or not gt DHCP Lease Time displays the time for which the wireless client can use this IP address gt Connection Sharing Gives you an overview of the games or services that are currently assigned to this device Click the name of the game or service to view the used port mappings For more information see 4 5 4 Game or Application Definition on page 71 The Configure page allows you to gt Change the device information gt Assign a static DHCP server lease to this device by selecting the Always use the same address check box gt Allow a game or service running on this device to be initiated from the Internet Speedtouch Chapter 4 Basic Configuration 4 6 9 Access Point Settings Accessing the Access Proceed as follows Point settings 4 On the left menu click Office Network 2 Under Wireless click the name of the Acc
8. Chapter 1 Your SpeedTouch UPnP with NAT traversal capability gt enables game technologies Xbox live Direct X and many others gt enables conferencing functions of Microsoft Messenger Transparent bridging IEEE802 1D PPPoE routing bridging with integrated PPP Relay PPPoA routing PPPoA to PPTP relaying Hyper NAT with virtual server mapping for instance for Web FTP Mail servers and ALGs such as NetMeeting MSN Messenger VPN passthrough and others Quality of Service gt ATM QoS per PVC CBR VBR rt VBR nrt UBR gt IP QoS Managed Ethernet Switch with VLAN DMZ mirroring Service Level Agreement services Integrated Dynamic DNS client PAP RFC1334 CHAP RFC1994 for PPP session Integrated Stateful Inspection Firewall Intrusion Detection Website Filtering URL Filtering Wireless security on SpeedTouch 608 WL 620 gt 64 128bit WEP encryption WPA PSK gt Wireless client registration access control with physical push button Multi level SpeedTouch access policies Digest Authentication SSH SSL Embedded IPSec Software Module on SpeedTouch 608 608 WL 620 Dedicated support for provider provisioned PE based MPLS networks Home Install Wizard Easy Setup wizard Intuitive web based GUI HTTP HT TPs Advanced configuration via telnet SSH via the web based GUI and serial console Command Line Interface CLI Remote management access control Speedtouch Chapter 1 Your SpeedTouch
9. Creating a NAT Proceed as follows to create a address translation mapping mapping 4 2 3 Click New to create a new map Select or fill in all the fields see above Click Apply Templates The Template page allows you to create a NA P T template Depending on your needs following fields are available gt f Interface The name of the IP interface that needs to be NAT ed Group The IP interface group scope for this template Type Allows you to choose the translation type Protocol The IP protocol on which address translation has to be applied This allows the SpeedTouch to link specific traffic protocol dependent to a chosen private host Outside address The outside typically public IP address es Inside address The inside typically private IP address es Access list You can use the access list to define the address es that are allowed to use the outbound connections Foreign address Foreign address is to define the address es that are allowed to use the inbound connections Flags Description If you selected NAPT you will have to specify a port range for the inside and outside address Creating a NAT Proceed as follows to create a template template 4 2 3 Click New to create a new template Select or fill in all the fields see above Click Apply S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Sere Definition E DOC CTC 20050429 0104 v1 0 Chap
10. DHCP lease and clicking Lock Existing DHCP leases can be made static i e TTL infinite by selecting the DHCP leases can be added manually e g for DHCP client devices that need a static IP configuration You can also remove existing DHCP leases Speedtouch 153 Chapter 5 Expert Configuration Address Pools Address pool types One or more disjunctive DHCP server address pools can be created per existing SpeedTouch interface using the Address Pool table The first address pool displayed in the table has the highest priority for a certain interface If you select one of the address pools following fields become available gt Name The name of the DHCP server s address pool gt Interface The SpeedTouch interface for which the address pool applies gt Start address The start IP address of the DHCP server s address pool gt End address The end IP address of the DHCP server s address pool Both the start and end IP address define the IP address range used by the DHCP server to assign leases gt Subnet mask The subnet mask of the DHCP server s address pool gt Lease time The maximum time a client is allowed to use the address gt Gateway The IP address that will be assigned to DHCP clients as their default gateway gt Server The SpeedTouch IP address used as DHCP server address applicable for SpeedTouch multi homing gt Primary DNS Server The IP address
11. Ext Port Int Port RemoteIP b 2 PPTP VPN group auto any any any e ff ONS Client clent udp auto Sa any any e Simple Network Tim clent udp auto 123 any any e Ping using ICMP fo clent icmp auto 5 any any e Ping using UDP for client udp auto a any any e TraceRoute using I client icmp auto fa any any e i TraceRoute using U client udp auto 33434 any any e System Logging Eve client udp auto 514 any any e ff HTTP web server server tcp a0 a0 lan any e ff HTTP web server ov server tcp 443 443 lan any b HTTP intercept proxy proxy tcp auto BO lani 8080 any any e fv File Transfer server tcp 1 1 lan any e fv Virtual Terminal server tcp 23 23 lan any e Routing Informatio peer udp auto gs20 s20 any any e Handles the rip qu server udp s20 s20 any any e ff ONS Server relay udp auto 53 53 lan any b F Dynamic ONS group auto any any any b DHCP Server server udp 49152 49152 any any e Rx snmp GET SET a server udp 161 161 lan any e Send snmp traps to clent udp auto any any any e Simple Service Dis server udp auto 1900 1900 any any e Setup and upgrade server udp auto 32355 3235 any any b CPE Wan Management client tcp auto any any any b PE Wan Management server tcp 51005 51005 any any b F IFP connectivity co group auto any any any e fv ICMP echo responder server icmp 5 5 lan any Select an entry to change its configuration show dynami
12. IKE Authentication Use Preshared Key Authentication Use Cerificate Authentication Primary Untrusted Physical Interface IKE Exchange Mode Inactivity Timeout seconds 3600 IKE Security Descriptors Descriptor unset Miscellaneous Items marked with are mandatory Perform the following steps to configure your LAN to LAN application 1 On the LAN to LAN web page select either Remote Gateway Address Known or Remote Gateway Address Unknown N Configure the Remote Gateway parameters Go Define the Connection parameters 4 Save the configuration Speedtouch 173 Chapter 5 Expert Configuration Chapter 5 Expert Configuration 2g The VPN Client page 174 Configuration procedure VPN Client The VPN client in the SpeedTouch can replace a software VPN client installed on a computer You can use it for example to connect from your home to your employer s corporate network for tele working The VPN Client page allows you to configure a VPN client that functions in Initiator mode This means that the VPN client takes the initiative to set up a secure connection to a remote VPN server Perform the following steps to configure your VPN client 1 2 3 Select VPN gt VPN Client Fill out the various parameter fields in the VPN Client web page Select the IKE Authentication method Either Preshared Key or Certificate Authentication can be selected Select the S
13. Internet Disconnected Connect Office Network Toolbox Expert Mode e Remote Assistance Disabled e Game amp Application Sharing A Firewall Disabled e Dynamic DNS Disabled Office Network ty Wireless No devices detected E Ethernet John e THOMSON BRAND 2 For more information on the web pages see 4 Basic Configuration on page 45 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 1 Your SpeedTouch 1 3 2 Access via CLI Command Line You can access the Command Line Interface CLI via Interface CLI gt The embedded Expert pages For more information see 5 Expert Configuration on page 101 gt A Telnet session This requires that TCP IP connectivity exists between the host from which the Telnet session is opened and the SpeedTouch Your SpeedTouch and the connected PC must have an IP address in the same subnet gt The serial Console interface gt Quote site commands over FTP For more information see Quote site command on page 17 For information on CLI commands see the SpeedTouch CLI Reference Guide E DOC CTC 20050429 0104 v1 0 S D e e d to U C h 13 Chapter 1 Your SpeedTouch Telnet session Proceed as follows 1 Open a telnet application 4 You can use the Command Prompt window In Windows XP for instance 1 On the Windows task bar click Start 2 Select All Programs gt Accessories gt
14. Management and monitoring VoIP v v v wv gt Multi level user protection Event logging DHCP server client and relay DHCP to PPP spoofing DNS server client and relay Time synchronization gt SNTPv1 SNTPv2 SNTPv3 and SNTPv4 gt integrated Real Time Clock in case of SpeedTouch 608 WL 620 for non volatile time of day Syslog SNMPv1 support for MIB Il RFC1213 201 1 201 2 2013 traps MIB RFC1215 bridge MIB RFC1286 1493 ATM TC MIB RFC2514 ATM MIB RFC1695 2515 ADSL MIB RFC2662 SHDSL MIB RFC3276 Ethernet MIB RFC1398 1623 1643 1650 2358 2665 Medium Attachment Units MIB RFC1515 2239 2668 interface MIB RFC1229 1573 2233 2863 IPSec MIB RMON MIB RFC1757 PING amp Traceroute MIB RFC2925 Firmware upgradeable via web or via FTP or via upgrade wizard on Setup CD Dual firmware storage Active Passive for fail proof roll back On the SpeedTouch 620 under Software Module activation key Embedded SIP PBX functionality including SIP Registrar and Proxy server S D e d tO U C n E DOC CTC 20050429 0104 v1 0 1 2 Speedlouch LED Behaviour Front panel LEDS The SpeedTouch is equipped with a number of LEDs on its front panel indicating the state of the device during normal operation Be a Following table shows the meaning of the different LEDs Indicator Description Colour Green Power on normal operation Power on self test failed indicating device malf
15. Speedtouch Speed Touch 6035 608 608 WL 620 Wireless Business DSL Routers Sa User s Guide Release R5 3 1 A 93 THOMSON BRAND lt opeed louch 609 608 608 WL 620 User s Guide R5 3 1 Speedtouch Copyright Copyright 1999 2005 THOMSON All rights reserved Passing on and copying of this document use and communication of its contents is not permitted without written authorization from THOMSON The content of this document is furnished for informational use only may be subject to change without notice and should not be construed as a commitment by THOMSON THOMSON assumes no responsibility or liability for any errors or inaccuracies that may appear in this document Thomson Telecom Belgium Prins Boudewijniaan 47 B 2650 Edegem Belgium www speedtouch com Trademarks The following trademarks are used in this document gt SpeedTouch is a trademark of THOMSON gt Microsoft MS DOS Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corpora tion in the United States and or other countries UNIX is a registered trademark of UNIX System Laboratories Incorporated Apple and Mac OS are registered trademarks of Apple Computer Incorporated registered in the United States and other countries gt Adobe the Adobe logo Acrobat and Acrobat Reader are trademarks or registered trademarks of Adobe Systems Incorpo rated registered
16. You can add multiple NTP servers This ensures that the SpeedTouch SNTP client will always be able to contact at least one NTP server to synchronize the SpeedTouch real time clock with You can manually configure the SpeedTouch s real time clock in case no connection to an NTP server is available To manually configure the SpeedTouch real time clock 1 Type the current Date day month year 2 Type the current Time hour minutes seconds in 24 hour clock 3 Select the Time Zone suiting your physical regional location 4 Select Daylight saving to adjust the SpeedTouch real time clock to daylight saving time if used in your region Ol Click Apply to apply the time settings to the SpeedTouch real time clock S D e d tO U C n E DOC CTC 20050429 0104 v1 0 amaie Overview Ping Add delete a ping test Modify ping test properties E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration SLA The Service Level Agreement SLA page allows you to view and configure ping and traceroute tests Ping Traceroute Test Owners Target Address Status r x z S Specify following properties and click Apply to commit New test Test Ping to my ISP Target address The page contains two sections gt Select Ping to view configure and perform ping tests gt Select Traceroute to view configure and perform traceroute tests The Ping table provides a list of configu
17. Allow multicast frames sent to local clients Wireless interface enabled Allows you to enable disable the wireless interface Speedtouch 161 Chapter 5 Expert Configuration Chapter 5 Expert Configuration Network Name SSID Network Name broadcast Interoperability Mode Channel The WLAN s radio link is a shared medium As no physical connection exists between the SpeedTouch and wireless clients a name must be given to allow unique identification of your WLAN radio link This is done by the Network Name also known as Service Set ID SSID Wireless clients must be configured for the same Network Name in order to be able to communicate with other clients on the W LAN via the SpeedTouch wireless access point To change the Network Name SSID 1 Type a Network Name of your choice 2 Click Apply to immediately apply your changes By default the access point broadcasts its SSID and accepts every client However for security reasons you are able to configure not to broadcast its SSID and to accept only those clients who have exactly the same SSID as configured on the Speed Touch To change the Network Name broadcasting configuration 1 Select Only stations with correct Network Name SSID can connect to disable Network Name broadcasting 2 Click Apply to immediately apply your changes When you enable this option the SSID will not be broadcasted The SpeedTouch wireless network will no lon
18. Following priority facilities are possible for a syslog message generated by the SpeedTouch The facilities are listed by descending priority each followed by notation priority value gt Kernel messages kern O User level messages user 8 Mail system mail 16 System daemons daemon 24 Authorization messages auth 32 Syslog daemon messages syslog 40 Line printer subsystem lpr 48 Network news subsystem news 56 UUCP subsystem uucp 64 Clock daemon cron 72 Security messages security 80 FTP daemon ftp 88 NTP subsystem ntp 96 Log audit audit 104 Log alert alert 112 Clock daemon clock 120 Local use messages localO local7 128 184 v v yv Y yY Y Y Y Y Y Y Y Y Y ww Le Following priority severities are possible for a syslog message generated by the SpeedTouch SpeedTouch The severities are listed by descending priority each followed by notation priority value gt Emergency conditions system unusable emerg O Alert conditions immediate action is needed alert 1 Critical conditions crit 2 Error conditions err 3 Warning conditions warning 4 Normal but significant conditions notice 5 Informational messages info 6 v v v rT wT w WW Debug level messages debug 7 speedtouch 111 Chapter 5 Expert Configuration 5 2 6 Overview System configuration Upload system files system Update The System Update pag
19. Only Fram Wirel latory Domain Europe stations with correct Network name SSID can connect D ebursting D ess interface enabled a Following wireless access point settings can be viewed or configured gt Network Name SSID The network name also known as Service Set ID SSID For more information see Network Name SSID on page 162 Rate Displays the current modulation rate in which the SpeedTouch is operating Take into consideration that if the distance between the SpeedTouch and the clients increases the throughput decreases Walls closets and big metal objects have a negative influence Interoperability Mode Channel Selection allows you to choose between gt Auto The best communication channel is automatically selected by the SpeedTouch recommended setting The Current Channel displays the channel currently in use gt A specific channel Regulatory Domain displays the access point s Regulatory Domain Only stations with correct Network name SSID can connect If this check box is gt Cleared the SpeedTouch broadcasts its SSID and accepts every client gt Selected the SpeedTouch does not broadcast its SSID and accepts only those clients who have the correct Network name SSID Framebursting Allows you to enhance the performance of wireless networks by improving the efficiency between the client and the access point if you have mainly downstream traffic
20. Using this input the aging timer of the bridge internal database can be changed If the aging time of a MAC entry has expired this entry will be removed from the database Virtual LAN By selecting this checkbox the SpeedTouch bridge will become fully VLAN ID aware This means that if incoming Ethernet packets are VLAN tagged this tag will be taken into account and as such the packet will only be bridged to the ports that are member of that VLAN The SpeedTouch will always take into account the VLAN interface Q configuration that is set This means that if an interface is configured to be member of VLAN A it will not be able to communicate with an interface that is set to be VLAN B even if the bridge state is set to VLAN disabled Vv Speedtouch E Add a new Bridge port VLAN VLAN interface overview E DOC CTC 20050429 0104 v1 0 Proceed as follows to add a new port to the Ethernet Bridge 1 Click New under the Bridge Ethernet overview table 2 In the Interface box type a unique interface name in the Destination list select the interface you want to use for this connection 3 Mark the Multicast filter checkbox if you wish to filter out multicast streams on this interface In normal situations multicast packets are flooded on all ports of the bridge but this might cause unwanted performance issues on some interface types 4 Select the VLAN name to which arriving packets on this interface should be
21. Yes to allow it to exchange data with other stations gt No to explicitly deny the station to associate with the SpeedTouch Ol Click Apply to immediately apply your changes The Networks tab allows you to gt Scan for Other Networks gt Enable WDS connections with other wireless devices The Other Networks tab allows you to overview the wireless networks in your neighbourhood To scan for other wireless networks 1 Click Scan 2 The SpeedTouch scans all channels for wireless networks 3 The SpeedTouch lists the available networks in the table The Wireless Distribution System WDS allows you to extend the range of your SpeedTouch by means of one or more wireless repeater s To allow a WDS connection with a specific access point 1 Click New 2 In the Name box type an appropriate name for the access point 3 In the BSSID box type the BSSID of the access point S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration 5 6 Firewall Overview The Firewall menu consists of the following topics Expressions view configure interface or IP or Service related expressions For more information see 65 3 2 Expressions on page 125 Log view log messages for SpeedTouch firewall events view configure the SpeedTouch Stateful Inspection Firewall security level and its policies E DOC CTC 20050429 0104 v1 0 S D e d tO U C n 167 Chapter 5 Expe
22. gt Game or Application Name you can Change the name of the game or application gt Game or Application Definition you can Change the TCP UDP port definition for this game or application Lotus Notes Game or Application Name Lotus Notes Apply Cancel Mew Mame Game or Application Definition 4 game or application is made of one or more TCP UDP port ranges Each incoming port range can be translated into a different internal local network port range Port ranges can be statically assigned to devices or dynamically assigned using an outgoing trigger Translate Trigger Trigger Protocol Port Range To Protocol Port Any lasg Ise Lege L352 dit Delete Any to Proceed as follows 1 In the Protocol list click the protocol the game or application uses 2 In the Port Range box type the port range the game or application uses 3 In the Translate To box type the port range to which the SpeedTouch has to translate the ports specified under Port Range 4 If you want to make a dynamic translation rule you must specify a trigger protocol and port As soon as the SpeedTouch receives outgoing traffic on this trigger port it will activate this translation rule 5 Click Apply Speedtouch Chapter 4 Basic Configuration 4 9 9 Accessing the Game or Application Definition Creating a new game or application New Game or Application Proceed as follows 1 On the A
23. ohn Devices Interfaces ethport4 100Mbps Expert Mode Poe THOMSON BRAND If you click a on wireless client you will be able to gt View the wireless client s network settings gt Configure the wireless client s network settings by clicking Configure speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 6 1 Devices Overview Configure The Overview page gives you an overview of the devices that are currently connected to the SpeedTouch network Click on a device name to get more information on a specific device Local Network Devices Detected Device s The table below contains the list of devices the SpeedTouch detected on your local network Click on a device name to get more information on a device Name IP Address Interface ri dsidevice 10 0 0 138 E yourrc 192 168 110 E ethport wy YourLaptop 197 168 1 64 T WLAN The Configure page gives you an overview of the devices that are currently connected to the SpeedTouch network To gt Get more information on a specific device click on the name of the device See 4 6 2 Device Settings on page 89 for more information Edit a device from the Detected Device s list click Edit Delete a device from the Detected Device s list click Delete 4 Once a device connects to the SpeedTouch network it will remain listed in the Detected Device s list until you delete it S
24. AEA AEEA 115 SNP e E 118 E E TEE E E E T E A T E E N E A E EE TT 119 AAGOT eaa AE A E E E E T E A T 122 I ROLON ioeina NENE E EE A 123 IP Add ESOO uric tenis er edeiceuen tte send EERE A rE 124 REE EE Ea E E A E A A EEE ere ee ene E ee ee 125 lea Sst Cat OW area e A AA 127 ROUTIO sasiore E E ec cascnescoeeccaisacasadetete tens 129 El E E E E E plane aura aia A E T A E E 130 AAT e E E E E E wees 131 IP OOS e E E E S E ee aa nahi 133 CONMECU OS soserroreiiirn iinan rake AR NAA ARER 135 ATI a E anuaTtaaa el 136 MOLEC PEE OL seciceresntasatimentent EAEE OE 138 POULEU IP Er OF aeniacccstensatiatiaenutinsarecinais atendanssaieadedataadiniaereeeniaieruedentemaesc 140 ROU Ge Ol En EE EA 142 prno ged EINGO esa npa A A A aoe cane E E 144 Koe E E aaa E EE E E case tedtaaniataias 147 ROWE HOF iee aE EN E TE E 148 PPIP OPPP REII ntanna a ei ernibawen aaa eorraraerancis 149 YPU LAN ea A E A 150 Local NetworkKing 0cccsccecessnneeeeeenneeeeeeeneeeeeeeneeeeeeeeeeneeeeeeeneeees 151 DACP ere E O E E EAE 152 DNO issandacdesiin is A AA A A A 157 Managed SWO nl ene ee ene a ar err err rene ree eee eee 158 NVIGCIGSS a E EE E E A de suet E E E T EE E E E 160 Firewall isaac a EEEE 167 PON Vesse E T E EE 168 LD Gs a a a A A A A E 171 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 5 7 5 7 1 5 7 2 SNTE 5 7 4 Salud 5 7 6 5 8 7 1 7 2 7 3 3 1 8 1 1 8 1 2 8 1 3 3 2 3 3 E DOC CTC 20050429 0104 v1 0 b A od h EE EE E E E
25. Adding an interface To add a new interface related expression related expression 4 Click New 2 Inthe Interface Expressions Properties table gt Type a Name for the expression gt Select the Interface group the expression should relate to For negative logic select Not gt Select the interface the expression should relate to An interface is the connection between the SpeedTouch and one of his attached networks For negative logic select Not 3 Click Apply E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 5 Expert Configuration Adding an IP related expression Service Adding a service related expression The IP section bundles all expressions that express a relation based on IP addresses The Expressions table provides following information per expression gt The Name of the expression gt A Summary of the expression s configuration gt For more detailed information you can expand the expression click To add a new IP related expression 1 Click New 2 Inthe IP Expressions Properties table gt Type a Name for the expression gt Type an IP address or an IP address range For negative logic select Not You can define a valid IP address range by gt Typing a subnet e g 10 0 0 0 8 gt Typing a IP address subset range e g 10 1 31 9 11 1 5 gt Using wild cards e g 192 5 3 Click Apply to add the expression to the table The Service section bundle
26. Client 2 0 ce ceeeee eee eeeeeeeeeeeeeeeeeneeees 43 Basic Configuration cccsccsecsssecseeceeeeeesaeeeeeeeeeeaes 45 Navigation i ccccneeeee eee e eee e eee ee ee eeeeee ee eeeee eens eee eeeeeeeeeeeeeeeeeeeeeeneeenees 46 WGI statue E E E A E E E E EE O E AT E 47 EANOU AG CB Anca ists coggicedace RE E a E 48 PoV QUO ANG a2 scene cane cadets ete ses see endeese2esoue eis E 49 NOTRICATION ANOA ais casita ctiaaanieasdctaeveausaleuniaalcisavinmineiesen senate tees 50 EE E E E E REE EAE E AE A A T A ARE E EET 51 FOME osoni a EE ain 52 SPECAT OUGID innseddeaunecwedenscndtcuscwatesncnceucussundeeusesanaudecebsancsesetuesenceime 53 TOV 2 CON EE strana tain vinta PET E TAA E E E E E E T 54 SpeedTouch Easy SEUD eresse ran EAEE E a E A 55 ROST e E E E 56 OUR AO acs cesses este ea Er aide a eee aenaauane gen taceteoe EE 57 Backup amp GS CONC earem AERA AAAA 58 Reset tO Factory Defalis ina cigiirnanwiecctawsnea sienna R SA 59 Pe EOG aer E AE E E ecace 60 MAG ea E E E E EE 61 Broadband Connection 00000500005000122015222252 62 COnMC CU VINY C NCORK cerise ao E s ATETEA 63 DECONT HOM a E E O Sice sys aeeeeeesytaaaereasess 64 TEE OVE a a a tins nag oh ene eee A ee ee ees 65 interme SeCrVICSS CUUINGS eesriie ENa EENES AKARE NAE IE 66 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Contents 7 Bl FOOIDORK Gee een ee eee ee ee eee ee eee ee ere ane nee 67 4 5 1 REMOTE ASSIS INCO esin
27. Command Prompt 2 Connect to your SpeedTouch gt 4 In the Command Prompt window At the prompt type telnet followed by the IP address of your SpeedTouch default is 192 168 1 254 3 Enter your SpeedTouch security user name and password The default user is Administrator and the default password is blank A As soon as you ve opened a session to the CLI the SpeedTouch banner is displayed followed by the CLI prompt as shown in the example below Username Administrator SpeedTouch ax Version 5 3 i __ Copyright c 1999 2005 Z N THOMSON Ni Administrator gt Speedtouch PO 1 3 3 Access via FTP File Transfer Protocol You can access the file system of the SpeedTouch via the File Transfer Protocol FIP FTP in order to gt Restore or backup configuration files templates or language packs gt Upgrade your configuration or firmware File system The SpeedTouch file system is stored on nonvolatile memory and contains the SpeedTouch software service template files and optionally default setting files FIP session To open an FTP session 1 Open a Command Prompt window Er In Windows XP for instance 1 On the Windows task bar click Start 2 Select All Programs gt Accessories gt Command Prompt 2 At the prompt type ftp followed by the IP address of your SpeedTouch default is 192 168 1 254 3 Enter your SpeedTouch s
28. IP Address 192 168 1 10 Apply Cancel Connection Sharin Game or Service ABC Another Bittorent Client Add E DOC CTC 20050429 0104 v1 0 S D e e d to U C h 89 Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 6 3 Introduction Accessing the Assign Public IP page Assigning the public IP address to a device Assign Public IP This page allows you to assign the public IP address of your Internet Connection s to a specific device on your local network You might want to do this if gt You do not want to use the Network Address Translation engine of your SpeedTouch gt This device is running server applications web server and you want it to be accessible from the Internet You can also achieve this by creating a port mapping for the specified server as described in 4 5 2 Game amp Application Sharing on page 69 gt This device has to be considered as the unique access point to your local network DMZ o It is not recommended to use this feature as this device will loose all security offered by the SpeedTouch Proceed as follows 1 On the Office Network menu click Devices 2 In the Pick a task list click Assign the public IP address of a connection to a device Proceed as follows 1 Click the Edit link of your Internet connection 2 In the Device list select the device you want to assign the public address to Assign the public IP addr
29. PPPoE Internet services Routed PPPoA view configure the Routed PPP over ATM PPPoA Internet services Routed PPPol view configure the Routed PPP over ISDN PPPol Internet services Bridged Ethernet view configure the Bridged Ethernet Internet services Routed Ethernet view configure the Routed Ethernet Internet services Routed IPoA view configure the Routed IP over ATM IPoA Internet service PPTP to PPP Relay view configure the PPTP to PPP Relay Internet services Virtual LAN view configure the SpeedTouch Virtual LAN functionality Speedtouch 135 Chapter 5 Expert Configuration 0 4 1 Overview Phonebook Adding a phonebook entry Connection Service Name Virtual Channel Identifiers VPI and VCI AIM The ATM page consists of following sections gt Phonebook gt QoS Book gt Interfaces The SpeedTouch Phonebook is a repository for ATM connectivity information A number of pre configured entries may already reside in the SpeedTouch Phonebook EEE r funkertaces Po Name dress to PE Available b atm_pyc_O_35 0 35 Mo Mo a atm _pyo_8_35 6 35 No No elete to remove the selected entry The Phonebook gt Allows you to use named connections gt Provides an instant overview of all possible connections gt Indicates whether hardware and software resources are actually assigned to Phonebook entries gt Resolves conflicts when adding new connectivity informat
30. SpeedTouch Support Site to your PC s hard drive Upload software to your SpeedTouch Select the update file you have placed on your PC s hard drive Browse 3 Load the new software and restart your SpeedTouch Note uploading the new software takes several minutes to complete Proceed speedtouch Chapter 4 Basic Configuration 4 4 The Broadband Connection menu The Broadband Connection page Broadband Connection The Broadband Connection menu consists of following menu items gt DSL Connection gt Internet Services The Broadband Connection page gives you a short status overview of the connections configured on the SpeedTouch speedtouch Administrator Help Home gt Broadband Connection SpeedTouch PERSERNE PAE EEEE E EE A DSL Connection e View more Uptime 0 days 4 19 19 A Bandwidth Up Down DSL Connection kbps kbps 640 6 144 i Data Transferred Internet Services Sent Received KB KB 0 00 0 00 me Toolbox Kd Internet Connect Domi View more Link Status Disconnected Type PPPoE Last Error Message None Expert Mode f s Pick a task Check connectivity to the Internet a THOMSON BRAND Click View more to see more information on the selected broadband connection If you configured a dial up connection you are able to establish terminate the connection by clicking Connect Disconnect S D e d tO U C n E DOC CTC 20050429 0104
31. The name of the destination IP expression gt Service The service or protocol e g smtp http telnet gt Flags gt Enable To enable the rule or not gt Log To log the actions concerning this rule You can see the result in Firewall gt Log gt Action gt Accept The connection is accepted gt Deny Send to the sender that the packet could not be delivered gt Drop The packet is silently discarded gt Reset Reset of the connection gt Count Counts the number of connections that match the rule description Contrary to other actions this action does not stop further parsing of the firewall rules database The reults are shown in the Hits column Click Apply Click Set Active to activate the new settings S D e d tO U C n E DOC CTC 20050429 0104 v1 0 9 6 2 Log Introduction E DOC CTC 20050429 0104 v1 0 The Log page allows you to view log messages when gt a firewall rule is hit gt the firewall is enabled or disabled gt the firewall level is changed gt a firewall rule is created gt a firewall rule is modified gt a firewall rule is deleted System Up Time 00 02 33 since power on View Mode al lagged messaqes stop AutoRetresh System UpTime Message Contents 00 01 50 FIREWALL level changed to Medium 00 00 06 FIREWALL level changed to Disabled 00 00 05 FIREWALL event 1 of 13 enabled rules View All View Important Only View Critical Only
32. You may Update your SpeedTouch by downloading the latest software from the SpeedTouch Support Site to your PC s hard drive Upload software to your SpeedTouch Select the update file you have placed on your PC s hard drive Browse 3 Load the new software and restart your SpeedTouch Note uploading the new software takes several minutes to complete Proceed 1 To download the latest software version 1 Click SpeedTouch Support Site 2 On the SpeedTouch Support Site download the software Remember the location where you save this software 2 To upload the software to your SpeedTouch 1 Click Browse 2 Select the file and click Open 3 The new software is retrieved and stored on the SpeedTouch without being activated passive build 3 To load the new software 1 Click Proceed 2 Your SpeedTouch performs firmware switch over active build will become passive and vice versa and automatically restarts and restores the current configuration and connections 4 At the end of the procedure the SpeedTouch returns to the Home page speedtouch Chapter 7 Software Upgrade Jie Introduction Starting the Upgrade Wizard Upgrade Wizard on Setup CD The procedures described in this section are valid only in case gt You run an MS Windows Operating System or Mac OS X gt Your SpeedTouch and computer are properly connected through Ethernet o It is NOT possible to upgrade y
33. a new content level To access this page 1 On the Toolbox menu click Parental Control 2 In the upper right corner click Configure 3 Under Pick a task click Create a new content level To apply a new content level following actions must be performed 1 Content level creation 2 Content level configuration 3 Content level definition 4 Content level activation o You can create up to 16 content levels Proceed as follows 1 In the Name box type a name for the new content level 2 In the Description box type a short text to describe what this security level will do 3 Click Next Proceed as follows 1 The Configuration section becomes available 2 Click gt Clone Existing Level to start from a previously created content level If no levels have been defined before this option will not be shown gt Black List to allow all web sites by default gt White List to block all web sites by default 3 Click Next Only web sites that match the selected content level will be allowed Proceed as follows 1 If you want to gt Allow a category Select the check box next to the category name gt Allow an entire group Select the check box next to the group name gt Block a category Clear the check box next to the category name gt Block an entire group Clear the check box next to the group name 2 Click Apply S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Content level activation E DO
34. accessible to gt Select the Facility level of syslog messages to show in the table gt Select the Severity level of syslog messages to show in the table gt Change the Refresh rate of the table As long as AutoRefresh is disabled you can manually refresh the table by clicking Refresh gt Click AutoRefresh to apply your changes and to start automatic update of the table using the new refresh rate This section allows you to view configure remote destinations syslog servers to send a subset of the SpeedTouch syslog messages for remote monitoring purposes To add a destination 1 In the Facility box type the Facility of your choice 2 In the Severity box click the Severity of your choice 3 In the Destination box type a destination IP address or host name to send the messages to 4 Click Add S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Facility severity E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration To change or delete a destination 1 Select the applicable interface 2 If needed make your changes and click gt New to add a new destination with the new settings next to the existing one gt Apply to apply the changes to the existing destination gt Delete to remove the destination from the list of destinations Click Deactivate to withdraw all forwarding of syslog messages for all destinations to re enable forwarding of syslog messages click Activate
35. and Save All to make the configuration permanent Optional If you use the Extended Authentication protocol you have to compose an authorized users list speedtouch 175 Chapter 5 Expert Configuration 0 7 4 Certificates pages secure Storage page Request Import page CRL page CEP page 176 Certificates The Certificates pages allow you to manage your certificates This page shows the list of certificates stored in the SpeedTouch This page allows importing new certificates from a Certificate Authority into the SpeedTouch This page allows managing the use of Certificates Revocation Lists This page allows configuring the Certificates Enrollment Protocol settings S D e d tO U C n E DOC CTC 20050429 0104 v1 0 ages VVhen to use How to use E DOC CTC 20050429 0104 v1 0 Advanced The Advanced VPN menu gives access to two main pages where the complete IPSec configuration can be done These pages are component oriented as opposed to the application oriented pages described in 5 7 1 LAN to LAN on page 173 6 7 2 VPN Client on page 174 and 5 7 3 VPN Server on page 175 Component oriented means that a number of components are constructed and subsequently combined It is highly recommended to use the application oriented web pages for VPN configurations Only in exceptional cases these pages will not be sufficiently flexible to fulfil your requirements Only in thes
36. and a passive package A switch over from the one package to the other can be performed Proceed as follows 1 Go to the embedded web pages 2 Inthe menu select SpeedTouch gt Update 3 Choose a way to update your SpeedTouch This can be done gt From a remote server gt From a PC You can upgrade your SpeedTouch from a remote server This procedure enforces you to upgrade right away disconnecting all connected devices Update SpeedTouch from remote server gt To check if 4 new software version is available click on Check For Updates Check For Updates 1 Click Check For Updates In the Pick a task list click Update software N 3 The new software is retrieved and stored on the SpeedTouch remembering the current configuration and connection states Your SpeedTouch will automatically restart and restore the connections 4 At the end of the procedure the SpeedTouch returns to the Home page S D e d tO U C n E DOC CTC 20050429 0104 v1 0 From a PC E DOC CTC 20050429 0104 v1 0 Chapter 7 Software Upgrade You can upgrade your SpeedTouch from a PC This procedure is done in steps You will download the software image to 7 your PC first You can choose another moment to upload the software to your SpeedTouch Upgrade from PC gt To update your SpeedTouch from your PC you may follow the three steps described below 1 Download the latest software to your PC
37. application can be assigned to a device on your local network Game or Application ABC another Bittorent Client ge of Empires Age of Mythology AIM Talk Aliens vs Predator America s Army AZuUreus Bay YPN BearShare BitTorrent Black and White Call of Duty Call of Duty United Offensive CarbonCapy32 Castle Wolfenstein Championship Manager 03 04 Checkpoint Fwi VPN Command and Conquer Generals Command and Conquer Zero Hour Counter Strike Cu SeeMe Cornell Cu SeeMe White Pine 3 1 2 and 4 0 Dark Reign 2 Default Server Delta Force Destroyer Command Diablo II Direct Connect Direct 7 Directs 6 Direct 9 Pooma Dune 2000 Dungeon Siege eDonkey Elite Force eMule Enemy Territory Everquest r l Tele de the game or application 70 Speedtouch Assigned to Mode Client Server Server Client Server Server Client Server Server Client Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server Server mm mn E DOC CTC 20050429 0104 v1 0 m a m m m m m m m m m m m oa m ao m m m m m m m m m ao m m m a m ao m oa m jet m ao m oa m oa m m m oa m m
38. client is configured for the correct wireless settings SSID security settings Check the signal strength indicated by the wireless client manager If the signal is low try to place the SpeedTouch or to direct the SpeedTouch s antenna for optimal performance Make sure that the wireless client adapter is enabled message like radio on Check following gt Choose automatic channel selection or carefully select a radio channel that does not interfere with other radio channels Make sure both WLAN client adapter and SpeedTouch are allowed to connect through wireless channels as defined for local regulatory domain Check the location of the SpeedTouch in the building Check the signal strength indicated by the wireless client manager If the signal is low try to place the SpeedTouch or to direct the SpeedTouch s antenna for optimal performance S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 1 3 Introduction Upgrade via web pages E DOC CTC 20050429 0104 v1 0 Chapter 8 Troubleshooting Upgrade Troubleshooting While upgrading your SpeedTouch via the Upgrade Wizard on the web pages or on the Setup CD you might encounter one of following problems One of following messages might appear gt Update from remote server Message Failed to retrieve new software The file does not exist version from the support site Try meaning there is no newer again later soft
39. connecting wired and wireless devices and surf the Internet at high speed all combined in one device For more information on how to set up your SpeedTouch installation and wiring and how to do a first Internet connection setup refer to the provided Installation and Setup Guide This User s Guide will assist you in configuring your SpeedTouch Before connecting the SpeedTouch please read the SpeedTouch Quick Installation Guide and the Safety Instructions and Regularity Notices Speedtouch 3 Chapter 1 Your SpeedTouch Chapter 1 Your SpeedTouch 1 1 Speedlouch Features Introduction Your SpeedTouch offers you a wide range of outstanding features In this section you will find a comprehensive overview of the gt Hardware Specifications gt Software Features 4 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 1 Your SpeedTouch 1 1 1 Hardware Specifications Router Physical interfaces LEDs Reset button Association button Wireless performance Memory and CPU Cardbus Power requirement E DOC CTC 20050429 0104 v1 0 Integrated multi mode ADSL modem supporting gt gt gt ADSL over POTS for a SpeedTouch ADSL POTS variant ADSL over ISDN for a SpeedTouch ADSL ISDN variant ADSL RE ADLS2 ADSL2 ADSL2 for both ADSL over POTS and ADSL over ISDN WAN gt One RJ 11 port for ADSL POTS or ADSL ISDN connection gt Integrated ISDN Mod
40. consists of 26 hexadecimal digits Click Apply to immediately apply your changes WPA PSK The SpeedTouch supports WPA PSK which has 3 improvements regarding to WEP gt Authentication via a 4 way handshake to check whether the Pre Shared Keys PSKs are the same gt Stronger encryption types gt Temporal Key Integrity Protocol TKIP default Instead of using a fixed WEP key TKIP uses in pairs temporary session keys which are derived from the PSK during the 4 way handshake For each packet it uses a different key TKIP also provides a message integrity check MIC and a rekeying mechanism in seconds gt Advanced Encryption Standard AES State of the art encryption can only be used if all wireless devices in your WLAN support AES Message Integrity Check MIC which is a strong mathematical function in which the recipient and transmitter each compute and compare the MIC If they don t match it is assumed that a third person has been trying to read the data To enable level2 WPA PSK 1 2 Select Security Level 2 WPA PSK WPA Personal In the WPA passphrase box type a passphrase aka Pre shared key of your choice The passphrase must consist of 8 to 63 ASCII characters or 64 HEX digits In the Encryption list click the desired Encryption method either TKIP or AES AES is not yet implemented in most clients but AES is implemented in the SpeedTouch because it will be the future security standar
41. disable and define the behaviour of the DHCP relay agent per configured interface Relay Config The Relay Configuration table allows you to add or delete additional DHCP relay agents for a specific interface To create a new DHCP relay agent 1 2 3 Click New In the DHCP relay server box type the IP address of the DHCP server In the Interface list click the appropriate relay interface click None to indicate no interface is specified In the Gateway Address giaddr box type the Gateway IP address to be used for the giaddr field in relayed DHCP packets Click Apply Relay Interfaces The Relay Interfaces table allows you to configure interface specific DHCP relay settings as gt Enable disable the DHCP relay server gt The maximum number of hops allowed for relayed DHCP requests and replies as indicated in the DHCP packet gt Defining whether to forward trusted or to drop not trusted DHCP request packets when a DHCP relay agent info option is present and the Gateway IP address field is O as specified in RFC3046 gt Define the remote ID as specified in RFC3046 to allow the DHCP relay agent E DOC CTC 20050429 0104 v1 0 to relay DHCP responses to the proper network speedtouch 155 Chapter 5 Expert Configuration DHCP Client Dynamic interfaces are created and managed by means of the DHCP Client table Following fields are listed in the DHCP Client table gt Interface The name of th
42. fields should therefore be left empty In cases where the DNS server IP addresses are not provided by the BRAS or to setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration Statistics For a running PPP session the fourth tab allows you to overview following connection statistics gt IP address Local IP address assigned by the server gt Bytes received Number of bytes received on this PPP connection gt Bytes dropped Number of bytes failed to transmit gt Bytes sent Number of bytes transmitted over this PPP connection a speedtouch Chapter 5 Expert Configuration 0 4 4 Availability Introduction Creating a Routed PPPol connection entry Additional configuration Routing Routed PPPol The ISDN modem is only fully functional after activating the ISDN software module with the ISDN software module activation key For more information see 5 2 10 Add on on page 122 The Routed PPPol configuration page allows you to add new Routed PPPol connection entries or to change settings of existing entries To add a Routed PPPol connection entry 1 Click New 2 In the Interface box type a unique interface name 3 Inthe ISP profile list click gt The name of a profile if you want to use an existing profile gt New to create a new profile Type the name you want to assign to this profile in the Enter Name box These ISP pro
43. have your settings changed ask someone with higher privileges User definition Mame Jon Administration Privileges User Reset Password Apply Cancel The Edit User page allows you to gt Click Reset Password to reset the password of the selected user to the user name So if you reset the password of John his password will be John gt Change the administration privileges of the selected user o You can not change the administration privileges of the account you are logged on to S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration 4 9 19 Change Default User Changing the default This page allows you to change the default user If users browse to the user SpeedTouch web pages they will be automatically logged in under this account SE eee Change Default User This page allows you to change the default user The default user is the user whose settings will be chosen as the default login settings Change Default User User Mame Change Default User Cancel Q To allow users to automatically log on under this account this default user account must be configured with a blank password E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 4 Basic Configuration 4 5 16 Add User Adding users _ This page allows you to add a new user Pe Add User This page allows you to add a user You re only allowed to add a user who has privil
44. of the primary DNS server gt Secondary DNS Server The IP address of the secondary DNS server The table header shows following pool properties in addition gt State the current DHCP server s address pool state gt PPP the PPP interface used to fill the DHCP server s address pool dynamically dynamic pools only Two kinds of DHCP server address pools can be envisaged gt Static address pools gt Dynamic address pools Static address pools are configured manually by the user state static on the other hand dynamic pools are configured dynamically based on the PPP IPCP parameters negotiated for a Routed PPP connection PPP interface given in the PPP column When the PPP connection is up state up all pool properties are defined except for the lease time which has to be configured manually At the moment the PPP connection goes down state down the pool parameters are remain valid to preserve LAN connectivity If the pool parameters have been changed after the PPP connection comes up again all associated leases are updated as well S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration DHCP Relay The DHCP relay tab allows you to add delete and overview SpeedTouch s DHCP relay interfaces The DHCP relay configuration is split up in two sections gt Relay Config To add delete and configure a DHCP relay server on a certain interface Relay Interfaces To enable
45. on your SpeedTouch and click on Restore Configuration Now to restore the configuration Configuration File Browse Restore Configuration Nowy Accessing the Backup Proceed as follows amp Restore page 4 On the SpeedTouch menu click Configuration 2 Click Configure 3 In the Pick a task list click Save or Restore Configuration Saving your current Proceed as follows configuration 4 Click Backup Configuration Now 2 Click Save 3 Choose a location to save your backup file and click Save Restoring a previously Proceed as follows saved configuration 4 Click Browse Select the configuration file you want to restore and click Open Click Restore Configuration Now The SpeedTouch loads your configuration and restarts of N At the end of the procedure the SpeedTouch returns to the Home page S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 3 6 Introduction Accessing the Reset to Factory Defaults page Resetting the speedlouch to factory defaults E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Reset to Factory Defaults This page allows you to reset the SpeedTouch to return to the initial configuration of your SpeedTouch All your changes will be deleted Warning Reset to Factory Defaults You are about to reset your SpeedTouch to factory default settings All active connections will be disconnected Do you want to proceed Yes rese
46. or a application or use the last row in the table to assign a game or application to 4 local network device If the game or the application you are looking for does not exist click here to create it you will be asked for game or application details Choose User defined in the device list and enter its IP address if the device you are looking for does not appear in the device list Game or Application Device Log FIP Server YourPe Off Edit Unassign HTTP Server World Wide Web YourPE Off Edit Unassign NetMeeting Wo ee Off Edit Unassign ABC Another Bittorent Client YourPC E Add E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 4 Basic Configuration 4 5 3 Defined Games amp Applications Accessing the Defined Proceed as follows Games amp Applications 4 In the Toolbox menu click Game amp Application Sharing page gt In the Pick a task list click Modify a game or application The Defined Games amp This page gives you an overview of the games and applications defined on your Applications page SpeedTouch Each game or application can be assigned to a device on your local network To gt View the translation rules of a game or application click the name of the rule gt Change the translation rules of a game or application click the Edit link of the Defined Games amp Applications This page summarizes the games and applications defined on your SpeedTouch Each game or
47. page you are viewing following buttons will be available gt Overview to view a summary of the current status or configuration gt Details to view more detailed information on the current status or configuration gt Configure to change the current settings E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 1 4 Notification Area Notification area The notification area is located under the Navigation Bar and is used to display gt Error messages indicated by a red traffic light gt Warnings indicated by an orange traffic light gt Information indicated by a green traffic light H If none of these events occur the notification area will not be shown Speedtouch E 4 1 9 Tasks E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Tasks To allow a swift configuration of your SpeedTouch some pages may offer you a number of related tasks These tasks will guide you to the page where you can perform the selected task Speedtouch 51 Chapter 4 Basic Configuration 4 2 speedTouch home page Home The SpeedTouch home page gives you a short overview of all the configurable aspects of the SpeedTouch SpeedTouch Toolbox Office Network v v v wv SpeedTouch Broadband Connection Toolbox Office Network Expert Mode Broadband Connection Administrator I
48. successfully ftp 256 bytes sent in 0 000Seconds 256000 000Kbytes sec ftp gt Quote site command All the CLI commands can be executed from within an FTP session Only complete CLI commands in other words the complete command syntax with all the parameters already specified can be executed Example To execute the CLI command software cleanup At the FIP prompt type quote site software cleanup and press Enter ftp gt quote site software cleanup 200 200 CLI command software cleanup executed ftp gt For more information on CLI commands see the CLI Reference Guide E DOC CTC 20050429 0104 v1 0 S D e d tO U C n 17 Chapter 1 Your SpeedTouch 1 3 4 Remote Assistance Remote access You can make your SpeedTouch accessible from the Internet with regard to remote support This way you can allow your helpdesk to access your Speed Touch remotely Enabling remote access To enable remote assistance 1 G2 R Go to the SpeedTouch pages as described in 1 3 1 Access via the Web Interface on page 12 In the menu select Toolbox gt Remote Assistance Click Enable Remote Assistance Provide the following parameters to your helpdesk gt URL the HTTPS link gt User name gt Password Your ISP is now able to access your SpeedTouch via the secure HTTPs link in combination with the provided certificate a secure authentication mechanism For security reasons after 20 minute
49. the Components list and click Details Windows Components Wizard Windows mpana Vou can odd a reten componi h ol Widows sE o ech a remt 2 canara d k feet horkoa d shii Sek Tear Hes cant pat of lhe comccnen vi be Faaled Toses sets nchided in a component click Desk Conmponsnts il WEEN Expla O Ba Ure Meah File ond Pin Senicos fel ES Update Sic Cadires Decaipion Conia aail ol smaka rabvark edeled cars nec ar pido aok Tola dik space sequined La 4B Odak Space s33 on dek each ME buat lt Back ll Hest I Csnzel 5 In the Networking Services window select Universal Plug and Play or UPnP User Interface and click OK Networking Services To add or remove a component click the check box A shaded box means that only part of the component will be installed To see what s included in a component click Details Subcomponents of Networking Services C ERIP Listener 0 0 MB O B Simple TCP IP Services 0 0 MB amp Universal Plug and Play 0 2 MB Description Allows your computer to discover and control Universal Plug and Play devices Total disk space required 0 0 MB Space available on disk 2387 9 MB 6 Click Next to start the installation and follow the instructions in the Windows Components Wizard 7 At the end of the procedure the wizard prompts you that the installation was successful Click Finish to quit speedtouch 197 Chapter 8 Troubleshooting Adding IGD Discovery a
50. the BLUE active queue management algorithm Priority Select the subqueue priority algorithm Choose between gt wfqd Weighted Fair Queuing WFQ is used for the four AF queues The realtime queue has priority over the WFQ queues which have priority over the best effort queue gt strict Priority queuing is used Strict Priority scheduling is used between all queues The higher the queue number the higher the priority gt wrr Weighted Round Robin WRR is used for the four AF queues Each queue is scheduled in turn with a circular round wrapping WFQ queue Weight A number between 1 and 97 Represents the weight of the queue used for WFQ or WRR Max highest queue rate Represents a percentage of the interface bandwidth for rate limiting of the Real Time queue In case of congestion the Real Time queue will only use this percentage of the interface bandwidth when there is also traffic on the other queues This prevents other queues from starvation when the highest uses all bandwidth Max highest queue burst Represents the Real Time queue burst size in kilobytes for rate limiting S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 4 Overview E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Connections The Connections menu consists of the following topics ATM view configure SpeedTouch s ATM interfaces Routed PPPoE view configure the Routed PPP over Ethernet
51. the access rights you have on a directory you can use one of commands following commands cd access another directory than the one currently open Example ftp gt cd dl dir list the directory files Example ftp gt dir bin set the transfer mode to binary turn on the hashing option upload files Example ftp gt put C MyBackupFiles user ini A configuration file must be uploaded to the dl directory get download files Example ftp gt get user ini Downloading the configuration file must be done from the dl directory quit FTP Speedtouch PO Chapter 1 Your SpeedTouch FIP file transfer To allow correct file transfers set the transfer mode to binary At the ftp prompt type bin and press Enter Turn on the hashing option to see the progression of the file transfer At the ftp prompt type hash and press Enter Example home doejohn 1 Sftp 192 168 1 254 Connected to 192 168 1 254 220 Inactivity timer 120 seconds Use site idle lt secs gt to change Name 192 168 1 254 doejohn 331 SpeedTouch 00 90 D0 01 02 03 User doejohn OK Password requir ed Password 330 OK ftp gt ftp gt bin 200 TYPE is now 8 bit binary ftp gt ftp gt hash 200Hash mark printing on 8192 bytes hash mark ftp gt cd di 250 Changed to dl ftp gt put C user ini 200 Connected to 192 168 1 10 port 1271 150 Opening data connection for user ini 226 File written
52. v1 0 4 4 1 Introduction Accessing the Connectivity Check page Checking you Internet Connectivity Analysing the test results E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Connectivity Check This page enables you to perform a connectivity check on an Internet service of your SpeedTouch Connectivity Check This page enables you to perform a connectivity check on an Internet service of your SpeedTouch Choose an Internet service and click the button ta launch the tests Internet Service ta Check Internet Check Connectivity Proceed as follows 1 On the left menu click Broadband Connection 2 In the Pick a task list click Check connectivity to the Internet Proceed as follows 1 In the Internet Service to Check list click the Internet service that you want to check 2 Click Check Connectivity 3 The SpeedTouch lists the test results in the Test Results list If the test is successful you will get a list of green check marks Otherwise a red cross will indicate which tests have failed Connectivity Check This page enables you to perform a connectivity check on an Internet service of your SpeedTouch Choose an Internet service and click the button ta launch the tests Internet Service ta Check Internet Check Connectivity Test Results L r a ATM Ethernet PPP Internet ARRARK Y Connectivity to Gateway 101 101 101 1 Y Con
53. 0 01 11 00 91 7541 To overview a history of ping tests 1 Select the ping test entry 2 Click History Traceroute The Traceroute table provides a list of configured traceroute test entries By default no traceroute tests are configured To add a traceroute test see Add delete a traceroute test below Per traceroute test entry following information is shown in the table an intuitive Test name of the traceroute Test the traceroute test entry Owner the traceroute Target Address host or IP address v v v Ww the traceroute test Status being either gt Stopped gt In Progress Select a traceroute test entry to gt Modify traceroute test properties gt Perform a traceroute test and view test results and history see traceroute tests and results gt Delete the entry see Add delete a traceroute test 120 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Add delete a traceroute test Modify traceroute test properties traceroute tests and results E DOC CTC 20050429 0104 v1 0 To add a traceroute test entry 1 Click New if an entry is currently selected click Cancel first 2 Type a name for the traceroute test entry 3 Type the host name or IP address of the target to traceroute 4 Click Apply To delete a traceroute test 1 Select the traceroute test entry to delete 2 Click Delete To modify a traceroute test entry 1 Select the traceroute test entry 2 Click Modify Pinal
54. 7 Chapter 7 Software Upgrade 188 system software downgrade The following window shows the system software version currently active on the SpeedTouch as well as one or more system software versions available on the CD SpeedTouch Upgrade Wizard ioj x Software Image Specify which system software you want to transter to the SpeedT ouch Device SpeedTouch CPO4S6D TON BANT G 5 3 Select the system software and continue re Beart Veron Corie Date Renak sd z ka bin BANT G 5 3 20 0 25 01 2005 Firmware Details Have Disk speedtouch cma For more information on a found software version click Firmware Details Select the appropriate system software version and click Next If your Service Provider has included a separate disk with dedicated upgrade system software click Have Disk to navigate to the location of the appropriate file The following window will allow you to overview your selection Click Next to continue A progress bar will be displayed Finally click Finish to close the wizard Via the identical procedure it is also possible although not recommended to downgrade the SpeedTouch by uploading an older system software than the current running version However be aware that functionality added by previous upgrades may be lost that system password settings may be lost as well as end to end connectivity and other configuration settings Q In case o
55. Board Name Serial Number Product Code v v v wv Most of the information is also listed on the identification label on the bottom of the SpeedTouch E DOC CTC 20050429 0104 v1 0 S D e d tO U C n 107 Chapter 5 Expert Configuration 5 2 3 Overview Connections Start stop PPP sessions Connections The Connections page allows you to start and stop PPP connection sessions All existing PPP connections are listed in the Connections table If no PPP connections have been defined this table is empty Interface Destination Mode tink State a Internet RELAY always on idle down Specify your username and password User Password Save this password mj In the Connections table per interface following information is provided gt Interface the name of the PPP connection interface gt Destination the name of the ATM interface of the PPP connection gt Mode the PPP connection mode being either gt always on by default the session will always be active gt dial in the session is only activated if you explicitly Dial in gt dial on demand the session is automatically started as soon as outgoing traffic has been generated gt Link the actual PPP link status being either gt idle no PPP link set up gt connecting PPP link set up pending gt connected PPP link set up gt empty in case of an idle listening PPP connection gt State the PPP connection interface state being eithe
56. C CTC 20050429 0104 v1 0 To activate your new content level 1 2 3 4 On the Toolbox menu click Parental Control In the upper right corner click Configure In the Content Level list select your new content level The new content level is now active Speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 9 10 Overview Configure Firewall The Overview page summarizes the overall security policy configured on your SpeedTouch The Configure page allows you to select the security level of the SpoeedTouch Firewall This page summarizes the overall security policy configured on your SpeedTouch Security Settings Security Level High Use this Security Level to block all outgoing connections except well known applications ONS HTTP HTTPS FTP TELNET IMAP POP and block all incoming connections Game amp Application sharing is not allowed by the firewall Medium Use this Security Level to allow all outgoing connections except Windows protocols Netbios RPC SMB and block all incoming connections Game amp Application sharing is allowed by the firewall Standard Use this Security Level to allow all outgoing connections and block all incoming traffic Game amp Application sharing is allowed by the firewall Low Use this Security Level to allow all outgoing connections and block all incoming traffic except Internet Con
57. Configuration For more information see 4 3 2 SpeedlTouch Easy Setup on page 5b gt Configure the time settings of your SpeedTouch gt Select Auto configuration if you want the SpeedTouch to use a time server to synchronise its clock to a dedicated time server gt Clear Auto configuration to manually configure the SpeedTouch time settings gt Disable enable web browsing interception or set it to automatic o If you disable web browsing interception or set it to automatic you will not be able to use Web Site Filtering Click Apply to save your settings Speedtouch Chapter 4 Basic Configuration 4 3 9 Backup amp Restore Introduction This page allows you to gt Save your current configuration gt Restore a previously saved configuration Backup amp Restore This page enables you to save and restore the configuration of your SpeedTouch Follow instructions below Backup current configuration In order to store the current configuration of your SpeedTouch click on the Backup Configuration Now button You will be prompted by your web browser to store the configuration file locally on your hard disk Choose a location and store the file on your computer Backup Configuration Nowy Restore saved configuration You can restore 4 configuration file you have previously stored on your computer Click on Browse choose the configuration file you want to restore
58. D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 6 2 Device Settings Accessing the device Proceed as follows settings page 4 On the Office Network menu click Devices 2 In the Detected Device s click the name of the device you want to view Overview The Overview page displays following information gt Information allows you to view gt Status shows whether the device is currently connected to the SpeedTouch network gt Type shows the device type gt Connected To shows the interface to which the device is currently connected gt Addressing allows you to view gt Physical Address shows the MAC address of the device gt IP Address Assignment shows whether the device is using a static or dynamic IP address gt IP Address shows the current IP address of the device gt Connection Sharing Gives you an overview of the games or services that are currently assigned to this device Click the name of the game or service to view the used port mappings For more information see 4 5 4 Game or Application Definition on page 71 Configure The Configure page allows you to gt Change the device information gt Allow a game or service running on this device to be initiated from the Internet John Information New Name Jonn Status Active Type Desktop Computer Connected To ethportl Ethernet Addressing Physical Address O0 01 02 98 1f df IP Address Assignment Static
59. Disconnect To view more detailed information on a specific connection click the View more link of the corresponding connection Speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 4 4 Accessing the Internet service Settings page Overview Details Internet Service Settings Proceed as follows 1 On the Broadband Connection menu click Internet Services 2 Click the View more link of the internet service you want to view The Overview page gives you basic information on the selected Internet Service f If you configured a connection you are able to establish terminate the connection by clicking Connect Disconnect The Details page gives you more detailed information on the selected Internet Service Internet Uptime Data Transferred Sent Received KB B Connection Settings PVC Info VPIWCI Type PPP Settings Username Password Disconnect Connection Information O days O 22 44 3 39 282 8 35 PPPoE cpesit rednet budes e i aE e a Connection Mode Always On Service Name Concentrator Name 15031100007146 Redback TCP IP Settings IF Address 101 101 101 39 32 101 101 101 1 10 50 2 20 10 50 2 21 Default Gateway Primary DNS Secondary DNS R If you configured a dial up connection you are able to establish terminate the connection by clicking Connect Disconnect E DOC CTC 20050429 0104 v1 0 speed
60. E E E E 172 LAN TOCAN cesa E E EEEE EEA 173 VEN COIN conen a a E E E E E a a r 174 EN VO a E E ene ee ee eee 175 CoriCalE Seenen Een EE ONE RAE T R 176 AVN E e rE OEE E E ee 177 DEDU eee E A E E E E E OA E 178 SIP FBA eoa RS 179 Software KeysS cccccccsssceeseecseeeeeseseueeeessensueeersaesaess 181 Software Upgrade ccccecccceeeeeeeeeeeeeeeeeeeeaeeeeeeeees 183 Embedded Update Page 10ccccseeeeeesnneeeseenneeeseenneeeeeeeneeeneenes 184 Upgrade Wizard on Setup CD 2 0c ceeeee nee e ee eeee ee eeeeeeennenees 186 Upgrade via a BOOTP TFTP Server c ccessneeesnneessnneeeseneees 189 Troubleshooting is tasranenavawevestececerceetieennsieomaaseneeerdiis 191 General SpeedTouch Troubleshooting 00s 0eesseeeesenneenees 192 Wired Ethernet TroubDleShooting ccccceeeessecceeeeeeeesseeeeeeteesseeeseettneesaaeeenes 193 Wireless Ethernet Troubleshooting cccccecscccee eee eeesseceeeeeeessaeeeeeeenneesaaeeengs 194 Upgrade Troubleshooting winssegedeciduameumcsctaaenanadsecesunancatwencestenwaneanesteeceanritecese 195 UPnP on Windows XP Systems 0ccceeeeeeeeeeeeeeeeeeeeeeeeeenes 197 Reset to Factory Defaults 22000ceeeneeeee en eeeeeeeeeeeeneeeeeneeenees 199 Speedtouch Contents Contents E wi S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Used Symbols Terminology Typographical Conventions Documentation and software upda
61. Empires Add Speedtouch Chapter 2 Local Network Setup Chapter 2 Local Network Setup 2 1 Local network Standard wiring procedure Ethernet link check Device settings Managed Ethernet Switch Wired Ethernet The Ethernet ports on the backpanel allow you to connect the SpeedTouch to an existing 10 or 100 Base T Ethernet network or one or more computer s with installed Ethernet card Using the SpeedTouch Ethernet switch you can create a local Ethernet network of up to four devices without needing extra networking devices p In the SpeedTouch package a yellow full wired straight through RJ 45 RJ 45 Ethernet cable is included Use the yellow Ethernet cable provided to wire your computer s Ethernet port to one of the SpeedTouch s Ethernet ports The Ethernet cable can also be used to wire any Ethernet port of your SpeedTouch to an external hub or switch EL Please follow the installation instructions supplied with the external hub or switch for connections and Ethernet cabling LED indicators allow you to check your Ethernet See 1 2 SpeedTouch LED Behaviour on page 9 for more information Once you ve connected a device you are able to personalise its settings For more information see Device settings on page 19 Your SpeedTouch intelligently switches data between the devices on your LAN using priority queuing to ensure that higher priority messages are deli
62. IP connectivity S refresh all diagnostical counters and values next to a category Expand the applicable category next to a category Collapse the applicable category Speedtouch Chapter 5 Expert Configuration Chapter 5 Expert Configuration ews Overview Messages Configuration syslog The Syslog page consists of two sections gt Messages gt Configuration Messages Configuration Message buffer view options Facility all i Severity debug stop AutoRetresh Facility sees ec re eee ete current time System UpTime 00 02 51 leale porge xDSL linestate up downstream 2336 kbit s upstream 544 kbit s System UpTime 00 01 29 alin naice LOGIN User Administrator logged in on HTTP from 192 168 1 10 security Aatice System UpTime 00 00 00 FIREWALL level changed to Disabled This section allows to overview system log and alert messages your SpeedTouch generated during operation System log messages are used to provide a historical overview of events errors and messages generated during SpeedTouch operation Per message following information is shown gt Facility gt Severity gt The system message content and time of generation By default the table is automatically refreshed every 30 seconds and shows all system log messages gt Click Stop AutoRefresh to stop the automatic refreshing of the table The Message buffer view options menu becomes
63. NOT be authenticated gt CHAP CHAP authentication is forced If not successful the connection will NOT be authenticated b PAP PAP authentication is forced If not successful the connection will NOT be authenticated gt Local IP and Remote IP During PPP session setup IP addresses are negotiated Typically at the client side these fields are left empty This forces the client to ask the server for addresses To setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration gt Primary DNS and Secondary DNS During PPP session setup the BRAS will normally provide the DNS server IP addresses Typically at the client side these fields should therefore be left empty In cases where the DNS server IP addresses are not provided by the BRAS or to setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration Statistics For a running PPP session the fourth tab allows you to overview following connection statistics gt IP address local IP address assigned by the server gt Bytes received Number of bytes received on this PPP connection gt Bytes dropped Number of bytes failed to transmit gt Bytes sent Number of bytes transmitted over this PPP connection a speedtouch Chapter 5 Expert Configuration 5 4 3 Introduction Creating a Routed PPPoA connection entry Additional configura
64. P PBX menu consists of General Location Service Call Logging v v v wv Call Screening The General page allows you to gt Change the default proxy and registrar By default these fields are left empty This implies that if you configure a SIP User to use the default settings this User Agent is only allowed to register to the SIP PBX gt Enable disable call screening Port Listening on port 5060 Default proxy and registrar Default outbound proxy Default outbound registrar Proxy behaviour Forward timeout 1 7 5 Location service properties Allow all registrations Jw Call screening status Active D SIP PBS status disabled speedtouch 179 Chapter 5 Expert Configuration Chapter 5 Expert Configuration Location Service Call Logging Call Screening The Location Service page allows you to gt View the registered users gt Add new SIP users All inbound and outbound SIP sessions that cross the multi media SIP PBX can be monitored from the SpeedTouch web interface Both successful and failed calls will be shown This is a useful tool to supervise the SIP communications involving your LAN User Agents The Syslog Settings tab allows you to log SIP call information to the syslog To increase SIP communications security it may make sense to block sessions originating from either side of the network that are associated with particular users or
65. P connections gt On Demand A PPP connection is triggered by specific frames arriving at the Ethernet port gt Idle Time Limit Allows you to specify after which time limit the PPP connection is released Otherwise stated if no traffic passes over the PPP connection for Idle Time the connection is closed gt Authentication allows you to select the default PPP authentication mechanism when starting the PPP session Via the drop down box three authentication methods can be selected for the connection gt Auto default Preferably the CHAP Challenge Handshake Authentication Protocol will be used However if not successful PAP Password Authentication Protocol authentication is used instead If in turn PAP fails the connection will NOT be authenticated gt CHAP CHAP authentication is forced If not successful the connection will NOT be authenticated b PAP PAP authentication is forced If not successful the connection will NOT be authenticated gt Local IP and Remote IP During PPP session setup IP addresses are negotiated Typically at the client side these fields are left empty This forces the client to ask the server for addresses To setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration gt Primary DNS and Secondary DNS During PPP session setup the BRAS will normally provide the DNS server IP addresses Typically at the client side these
66. RAA AARNA RA RAA RAN RARARA MARRAN KRAANA RENNARAR ANANN ARNR ARARNAR NARRAN KANANA BARRAN KRAANA RRA RAN KARAN N ARAR AAR NAANA EARRANN NA RAR NAN KRR ENA RRA RAR RERAN NRN RAAR RNAAR ARNA RAR RNAAR AREARE 4 For other Operating Systems the wireless client will in most cases be configured via dedicated client managers Speedtouch Chapter 2 Local Network Setup Wireless device Once you ve connected a device you are able to personalise its settings SettingS For more information see Device settings on page 19 Information New Name ourLaptop Status Active Type Generic Device Connected To WLAN Wireless Allowed on WLAN a Addressing Physical Address OO 30 flidd er ff IP Address Assignment DHCP IP Address 192 168 1 64 Always use the same T address DHCP Lease Time 1 day 0 00 00 Apply Cancel Connection Sharin Game or Service ABC Another Bittorent Client g Aca To add a wireless device to the Access Control List ACL select Allowed on WLAN S D e d tO U C n E DOC CTC 20050429 0104 v1 0 2 2 3 Introduction Security settings Network Name SSID Access Control List ACL E DOC CTC 20050429 0104 v1 0 Wireless Security Since the SpeedTouch wireless environment is a radio environment precautions must be taken to ensure that your wireless network is safe from malicious intruders To secure your wireless network following wireless
67. Site Filtering Web Site Filtering Firewall Firewall Intrusion Detection Address Filtering Disabled Security Level Disabled Dynamic DNS Intrusion Detection Dynamic DNS User Management GA Office Network SE au Enabled Disabled User Management Expert Mode Ka Ce Logged In As Administrator Switch User ET THOMSON BRAND E DOC CTC 20050429 0104 v1 0 S D e d tO U C n 67 Chapter 4 Basic Configuration 4 5 1 Remote Assistance Enabling Remote This page allows you to make your SpeedTouch accessible for remote support Assistance Remote Assistance Remote assistance is currently disabled By clicking on the Enable Remote Assistance button your SpeedTouch will be accessible from your broadband connection After 20 minutes of inactivity or on reboot remote assistance will be automatically disabled Provide the following parameters to your ISP URL https 101 101 101 39 51003 Username tech Password yvhxj3mtq Enable Remote Assistance Quit o You must be connected to the Internet to be able to enable remote assistance To use remote assistance 1 If needed type a password in the Password box 2 Click Enable Remote Assistance 3 Pass the information listed under gt URL gt Username gt Password to your technical support in order for them to be able to access your SpeedTouch Once the technical support is connected no other connecti
68. SpeedTouch IEEE802 11g compliant Wireless LAN WLAN interface allows you to share its high speed Internet connection with multiple networking clients in a local network without needing to re wire your home The SpeedTouch acts as a wireless Access Point AP connecting wireless clients and transferring data between them The wireless web page consists of four sections gt Access point settings to configure the basic settings of the SpeedTouch wireless access point gt Security to overview and control the security settings and wireless client access to the SpeedTouch s wireless network segment gt Associated stations to overview the wireless stations currently associated with the SpeedTouch wireless access point gt Networks to scan for wireless clients in your neighbourhood and scan for view configure WDS connections with other wireless devices Be aware that in case you are connected wirelessly to the SpeedTouch and you change its wireless access point settings wireless connectivity may be lost 160 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Access point settings E DOC CTC 20050429 0104 v1 0 This section provides an overview and allows you to configure the basic wireless networking parameters for your SpeedTouch wireless access point Networks Network name SSIDi SpeedToucht 23456 Rate E4 Mbps Interoperability Mode 802 11 b g Channel Selection E Regu
69. able Per wireless client present in the access control list the following information is provided and can be re configured gt An intuitive name for the wireless client gt Whether the wireless client is allowed select yes or not select no to exchange data between the wireless clients and the SpeedTouch Regardless of whether registration of wireless clients is controlled via the Association Registration button or not you can always manually add delete clients to from the access control list or define wireless clients that are specifically allowed select yes or not allowed select no to access the SpeedTouch wireless network To delete all wireless clients from the access control list click Flush Be aware that if you are connected wirelessly to the SpeedTouch you will lose your connection speedtouch 165 Chapter 5 Expert Configuration Chapter 5 Associated stations Expert Configuration Networks Other Networks WDS The Associated Stations tab allows you to overview the currently associated clients To add an associated station to the access control list 1 Select the entry you want to explicitly add to the ACL Associated stations that are not present in the ACL yet are identified by the name Not Registered ACL 2 To change the access rights for this station click Access Control Go Change the name of the station optional but recommended 4 Inthe Allowed list click gt
70. access point settings can be personalised gt Your Network Name SSID gt ACL setting gt Data encryption To personalise the wireless security settings on your SpeedTouch 1 Go to the SpeedTouch web pages In the menu select Home Network Click your WLAN On the top right click Configure af N On the Wireless Access Point page you can modify the Security settings Security Broadcast Network Name ia Allow New Devices New stations are allowed automatically Disabled Use WEP Encryption f Use WPA PSK Encryption Apply Cancel On the Wireless Access Point page you can give a new name to your Network Name SSID Under Security you can clear Broadcast Network Name SSID to prohibit the Network Name from being broadcasted The SpeedTouch features a managed Access Control List ACL and a physical registration mechanism in the form of the Association Registration button on the back panel of your SpeedTouch On the Wireless Access Point page you have following options for the ACL New stations are gt Allowed automatically All new stations can access the SpeedTouch gt Allowed via registration Only allowed stations in the ACL have access You can add new stations via the Association Registration button For more information see Registering clients via association button on page 30 gt Not allowed Only allowed stations in the ACL have access speedto
71. age Web Filtering Activation page Standard license activation Web Filtering Activation Proceed as follows 1 On the Toolbox menu click Parental Control 2 In the Pick a task list click Activate Web filtering License This page allows you to gt Activate a Web Filtering evaluation license gt Activate a free 30 days Web Filtering evaluation license Proceed as follows 1 Click Standard 2 In the License Key box type the license key provided by your ISP 3 Click Apply S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration 4 5 8 Content Level Accessing this page Proceed as follows 1 On the Toolbox menu click Parental Control 2 Click Configure 3 Click the Edit link of the content level you want to edit Overview This page gives you an overview of the different categories and their rules Following icons indicate whether the content type is allowed or not The category group is allowed The category group is not allowed PE The group is partly allowed Configure This page allows you to change gt The content level name gt The content level description gt The content level configuration E DOC CTC 20050429 0104 v1 0 S D e d tO U C n Chapter 4 Basic Configuration 4 9 9 Introduction Procedure Content level creation Content level configuration Content level definition New Content Level This page allows you to create
72. ages for the SpeedTouch are digitally signed and encrypted Packages that may have become corrupted or been altered in any way will not be accepted by the SpeedTouch This way the SpeedTouch or its service can never be corrupted or lost Depending on the Operating System your computer is running you can upgrade your SpeedTouch via gt The SpeedTouch Update page all Operating Systems see 7 1 Embedded Update Page on page 184 for more information gt The SpeedTouch Upgrade Wizard Microsoft Windows or Mac OS X see 7 2 Upgrade Wizard on Setup CD on page 186 for more information gt The SpeedTouch BootP client all Operating Systems see 7 3 Upgrade via a BOOTP TFITP Server on page 189 for more information Before you start with upgrading the SpeedTouch always make sure gt To inform all people relying on the SpeedTouch services that service may be down for some short period gt The new system software file is stored on your local disk or another storage device o It is NOT possible to upgrade your SpeedTouch over a wireless connection speedtouch Chapter 7 Software Upgrade 7 1 Introduction Procedure From a remote server Embedded Update Page This procedure is OS independent and supports roll back scenarios Your SpeedTouch provides storage room for two system software packages the active system software the SpeedTouch is currently running
73. all S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 3 8 Updating the speedTouch system software E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Update The Update page allows you to gt View System Information gt View information on the current System Firmware gt Update your SpeedTouch from a remote server Use this option if you want to have yourSpeedTouch check on the internet for new firmware and update if it found one gt Update from a PC Use this option if you want to install on your SpeedTouch that is located on the PC i System Update JL a This page allows you to update your SpeedTouch with the latest software version available Choose a Way to Update your SpeedTouch and follow the instructions System Information Product Name SpeedTouch 585 Serial Number 045207108 Boot Loader Version 1 0 16 Product Code 35723430 Board Name BANT K System Firmware Current Software Version 5 3 0 15 Current Software Variant A Available Software Version No update available Update SpeedTouch from remote server gt To check if 4 new software version is available click on Check For Updates Check For Updates Upgrade from PC gt To Update your SpeedTouch from your PC you may follow the three steps described below 1 Download the latest software to your PC You may Update your SpeedTouch by downloading the latest software from the
74. alls or ceilings It is advisable to use the received signal strength as indicated by the wireless client manager to optimize the antenna position for the link to a given client Concrete walls will die down the radio signal strength and thus affect the connection Speedtouch Chapter 2 Local Network Setup 2 eee Wireless default settings Preparing first time wireless clients Configuring first time wireless clients First time association example Connecting First time Wireless Clients After every Reset to Defaults the SpeedTouch wireless access point configuration is returned to its initial default settings These default settings are gt Security level is low security disabled for an easy first use meaning the data will not be encrypted Wireless security settings are described in 2 2 3 Wireless Security on page 27 gt The SpeedTouch is broadcasting its network name SSID This default network name SSID is printed on the identification label located on the bottom of your SpeedTouch and is unique for each device It consists of the concatenation of the word SpeedTouch and 6 hexadecimal characters without any spaces for example SpeedTouch123456 gt The radio channel number is set to automatically scan for the best radio channel gt Registration is not activated New stations are allowed automatically The Access Control List is open and empty No wireless client
75. assigned In VLAN enabled mode this is only applicable for untagged packets 5 Select the default Priority to be used for tagging outgoing VLAN packets on this interface 6 Mark the Ingress Filtering checkbox to filter out VLAN tagged packets that arrive on an interface that has not the same VID as the packet T Mark the Accept VLAN only checkbox to no longer accept packets arriving on this interface without a VLAN tag 8 Choose your preferred Priority configuration from the list This will make the SpeedTouch to map the priority indication in the VLAN packet IEEE 802 1p value to an internal priority class This internal class can be taken into account in other modules of the SpeedTouch gt Disabled to not perform priority mapping gt Overwrite to set the VLAN priority indication as the internal priority 9 Click Apply The parameters that are marked with an asterisk are only applicable when the SpeedTouch Ethernet bridge is in VLAN enabled mode Next to transparent bridging the SpeedTouch is also capable of operating in a full VLAN ID aware mode By using VLAN tagging it is possible to make distinction between different virtual networks residing on the same physical Ethernet segment and as such define different properties for them On the VLAN page there is an overview of all VLANs that are defined in the SpeedTouch through the Virtual LAN pages and the bridge ports that are member of it Speedto
76. ation The Information page summarizes important information on your SpeedTouch You may need this information when you contact your helpdesk De System Information This page summarizes important information on your SpeedTouch You may need this information when i you contact your helpdesk Product Name SpeedTouch 585 Serial Number 045207108 Software Release 5 3 0 15 Software Variant fo Boot Loader Version 1 0 16 Product Code 35723430 Board Name BANT K eee S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 3 2 Easy Setup Wizard E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration speedlouch Easy Setup This wizard helps you configure your SpeedTouch Internet connection To configure the SpeedTouch using the SpeedTouch Easy Setup wizard 1 On the left menu click SpeedTouch 2 Inthe Pick a task list click Set up 3 The Easy Setup wizard will now guide you through the configuration of your SpeedTouch yj SpeedTouch 620 0436DTO1N Microsoft Internet Explorer p ovide 15 x _ speedtouch Welcome to the SpeedTouch Easy Setup This wizard helps you configure your SpeedTouch To continue click Next aA THOMSON BRAND Speedtouch lt Back Next gt Cancel Speedtouch 55 Chapter 4 Basic Configuration 4 3 3 Accessing the Restart page Restarting your speed Touch Restart Proceed as follows 1 On
77. ay devices Total disk space required 0 0 MB Space available on disk 2387 9 MB 6 Click Next to start the installation and follow the instructions in the Windows Components Wizard 7 At the end of the procedure the wizard prompts you that the installation was successful Click Finish to quit S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 93 Resetting your SpeedTouch Hardware reset E DOC CTC 20050429 0104 v1 0 Chapter 8 Troubleshooting Reset to Factory Defaults You might consider a reset to factory defaults as described below o Be aware that a reset to factory defaults will revoke all configurational changes you made to the SpeedTouch You can choose between gt Hardware reset gt Software reset A reset to factory default settings deletes the configuration profile settings Therefore after the reset a reconfiguration of your SpeedTouch will be needed Also your WLAN clients will have to be re associated as described in 2 2 2 Connecting First time Wireless Clients on page 24 Proceed as follows 1 Make sure the SpeedTouch is powered on 2 Use a pen or an unfolded paperclip to push the recessed reset button on the back panel The reset button is marked with a red circle Keep it pushed until the power LED lights red this will take about 7 seconds aS Ji O4 Asso 15VAC OFF onsole keset ciation AA Go Release the reset button 4 The SpeedTouc
78. ayer protocol Select the Upper Layer Protocol ULP for this interface Choose between gt ip for a Routed IPoA interface gt mac for a Bridged Ethernet Routed ETHoA Bridged PPP over Ethernet PPPoE Routed PPPoE or a PPPoE Relay interface gt ppp for a Routed PPP over ATM PPPoA interface Speedtouch 137 Chapter 5 Expert Configuration 0 4 2 Introduction Creating a Routed PPPoE connection entry Additional configuration Routing Routed PPPoE The Routed PPPoE configuration page allows you to add new Routed PPPoE or Routed PPPoE Relay connection entries or to change settings of existing entries interface Destination Mode tink State e Internet RELAY Always On not connected down Click New to create a new entry To add a Routed PPPoE connection entry 1 Click New 2 In the Interface box type a unique interface name different from the MER interface name 3 In the Destination list click the appropriate Routed Ethernet destination indicated by the Routed Ethernet interface name gt Type user name and password for the account at the ISP optional Ol If applicable type a Service name and or Access Concentrator optional 6 Click Apply Once created per Routed PPPoE connection additional configuration is possible by clicking gt Routing gt Other These parameters can only be modified when the link is down Take the link down first by clicking Hang up
79. c OS X PPPoE client Dial in Client Speedtouch 33 Chapter 3 Internet Connectivity Dial In Clients Embedded PPP dial in clients Broadband host PPPoE dial in clients The SpeedTouch s embedded PPP dial in client allows you to establish an Internet connection for computers residing on your local network using only one computer of the network to control the client If this computer runs gt Any Operating System you can always use the SpeedTouch web pages See 3 1 SpeedTouch Web Pages on page 35 to proceed gt MS Windows XP you can use MS Windows XP s Internet Gateway Device Control Client See 3 2 IGD Control Agent on page 37 to proceed You can also connect to the Internet using a Broadband PPPoE dial in application The PPP over Ethernet connection scenario provides PPP like dial in behaviour over the virtual Ethernet segment To be able to use a broadband dial in application on your computer for connecting to the Internet the SpeedTouch needs to be configured for Bridged Ethernet or Routed PPPoE with PPPoE relay via the SpeedTouch Home Install Wizard on the Setup CD or the embedded Easy Setup If this computer runs gt MS Windows XP you can use the MS Windows XP broadband dial in client See 3 3 MS Windows XP BroadBand Connection on page 39 for more information gt Mac OS X you can use a Mac OS X broadband dial in client See 3 4 Mac OS X PPPoE Dial in C
80. c SpeedTouch services show members of service groups Optionally you can click gt Show Hide Dynamic SpeedTouch services to show hide SpeedTouch services that have been dynamically created by the SpeedTouch gt Show Hide members of service groups to show hide all the individual SpeedTouch services that are member of a SpeedTouch service Group Select a service to gt View detailed SpeedTouch service information gt Edit SpeedTouch service properties o Generally it is advised not to alter any of the settings of a SpeedTouch service E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 5 Expert Configuration Edit SpeedTouch Editing SpeedTouch services might be useful in cases where you want to hide service properties protect the service by deviation from the typical service settings or restricting access from to interfaces However o Do not edit SpeedTouch system services unless specifically needed To edit a SpeedTouch system service 1 Select the service 2 In Service properties gt Select or clear Service enabled to respectively enable or disable the service gt Depending on the service either gt Select a Source IP interface gt Type a new Internal TCP UDP port 3 In External TCP UDP Port optionally gt Clear existing External TCP UDP ports if applicable gt Type the port number of an additional external TCP UDP port to add 4 In Allow service
81. crctnr cen oxiasey cnn tenavnsad acaumead descen teen daeereeecateaseuatetiees 68 4 5 2 Game amp Application Sharing ccccccccceeccceeee cece eeseeeeee eee eesseeeeeeeeeeesaaaeeeeeeeeegs 69 4 5 3 Defined Games amp Applications cc ccc cccecc cece eeee cece eee eesaeeeeeeeeeeesganeeeeeneeeaaas 70 4 5 4 Game or Application Definition wiicss cccces se sixdecdens avwiss de ewaxedineeedectiesassiwiencuaeunitess 71 4 5 5 New Game or Application cccccccceeccceeeeee eee eeeeeeeeeeeeeeesaeeeeeeeeeeaaeeeeeeeeeeenaggs 72 M520 VCD come FICO Git cgrteacategetcteeseeeccteasstontetenetoncceuedaisectnensnertanteeseuenaagetosemecsae 73 2 03 7 Web FiIlennG Activ anlON 2 c2itessccsesscenaseabieetacsntanduaessteenadewiaeeaianesiddarsmesiaseenaess 76 ASO Coment Lovell secre chcccsechaseenndias aie SAER ENES 77 ASS New Content Level rerscrressogni nerian a eE tie cenwsiiuecees an eee eee 78 AO PPC erre cq ncetes onset coaasasasteny sted cecum tod san desequateanveaset cease a 80 4 5 11 IVE PAWSION Dotee HON essre sosncnne E E a ane sageeeeceas aes eerecnaaeess 81 AS AZ Dynami DNG ssecteseseseccescseveszeneancheseseeinteddcnannt AA a 82 4 5 13 User Management ecctecccaccecelecaiestececiiseosdecdsrecteasiceeesiandiednateeeccinekeeecacte ecsstensst 83 Ae FELEO oopa E E A E N E N AE E 84 A519 GChangeDelaull User irsana AEEA E 85 kalo AGTU G ee een eens ee en tee ee eee ee 86 4 6 Office Network oii ssecen cece cc cecasebesecceteccwededencececec
82. ct a web site Use this feature if gt Allow is selected under Action for Unknown Sites gt Block is selected under Action for Unknown Sites and you want to make an exception on an allow rule For example you are allowing provider com but you want to deny access to mail provider com gt A content category group is allowed by Content Based Filtering and you want to make an exception For example you are allowing Web Mail content but you want to deny access to mail provider com Proceed as follows 1 Type the URL of the web site you want to block for example mail provider com in the Web Site box 2 In the Action list click gt Block if you want to block this web site gt Redirect if you want to redirect to another page Type the address of the redirect page in the Redirect box 3 Click Add Use this feature if gt Block is selected under Action for Unknown Sites gt Allow is selected under Action for Unknown Sites and you want to make an exception on a block redirect rule For example you are blocking bank com but you want to allow access to netbanking bank com gt A content category group is blocked by Content Based Filtering and you want to make an exception For example you are blocking Finance Investment content but you want to allow access to netbanking bank com Proceed as follows 1 Type the URL of the web site you want to allow for example netba
83. ctivate trust client Select this check box if you want the SpeedTouch to take the IP address suggested by a DHCP client into account S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Server Leases E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration In case the SpeedTouch DHCP server is running this table holds all leases which are assigned by the DHCP server to accepted DHCP clients Following lease parameters are shown gt Client ID The MAC address of the DHCP client gt Address The IP address leased by the DHCP client gt Pool The DHCP server address pool the lease IP address is taken from gt TTL The DHCP server lease s Time To Live in seconds For a permanent DHCP lease TTL displays infinite gt State The DHCP server lease state gt Free in case of statically added DHCP leases Indicating unused DHCP server leases No DHCP request from this particular Client ID has been received by the DHCP server yet gt Used Indicating assigned DHCP leases A DHCP lease has been assigned to this Client ID in the past actually Pool lease time TTL seconds ago As soon as a DHCP request is received the SpeedTouch DHCP server will assign the IP address matching the DHCP client s identity to this client e g in case of a renewal or for static entries If no pre configured lease could be found in the table a new lease will be created when the client s request is granted
84. d Optionally select the rekeying interval Click Apply to immediately apply your changes S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Access Control E DOC CTC 20050429 0104 v1 0 Wireless client access control allows to authorize or explicitly inhibit access between specific wireless clients and the SpeedTouch wireless access point based on the wireless client s MAC address The Access Control tab allows you to manage the SpeedTouch Access Control List ACL By default New stations allowed automatically is selected Any client with the correct wireless settings Network Name and if required Network key will be automatically associated to the SpeedTouch and will be allowed to send receive data via the SpeedTouch wireless access point In case New wireless client allowed is not selected you must manually add the wireless clients and their authorization to the access control list You can use the Association Registration button to allow wireless clients to enter the access control list This button can be found on the back panel of the SpeedTouch or on the Access Control tab Pressing this button triggers the SpeedTouch to unlock the access control list for a time frame of one minute after which the access control list is locked again Any wireless clients trying to associate with the SpeedTouch having the correct wireless settings Network Name and if required Network key will be added to the t
85. d in 8 3 Reset to Factory Defaults on page 199 o However note that resetting the SpeedTouch to its factory settings will revoke all the changes you made to the configuration Make sure that the SpeedTouch is installed and configured as instructed in the Installation and Setup Guide or as instructed by the Service Provider S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 8 Troubleshooting 0 1 1 Wired Ethernet Troubleshooting LAN LED does not light Make sure that UP gt The LAN cable is securely connected to the 10 100Base T port gt You are using the correct cable type for your Ethernet equipment that is UTP CAT5 with RJ 45 connectors a speedtouch Chapter 8 Troubleshooting 0 1 2 Not able to connect wireless clients No wireless connectivity Poor wireless connectivity or reach Wireless Ethernet Troubleshooting Check following gt In case registration is enabled you must press the Association button to register the wireless client or search for wireless devices via the embedded web pages Make sure the SpeedTouch Association Control List is not locked You can check this on the web pages On the Wireless Access Point settings make sure New stations are not allowed is NOT selected Make sure that gt Both wireless client adapter and SpeedTouch are allowed to connect through wireless channels as defined for local regulatory domain The WLAN
86. e DHCP pools make sure that at least one IP address of the SpeedTouch uses the same subnet as the IP addresses in the DHCP pools Under IP Addresses 1 Type the IP address of your choice for example 192 168 1 1 in the left text box N Type subnet mask in the right text box for example 255 255 255 0 3 Click Add 4 Network devices using the same subnet mask can now access the SpeedTouch using this IP address speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 6 9 DHCP Pool DHCP Pool This page allows you to create change a DHCP pool Accessing the DHCP Proceed as follows Pool page 4 On the Office Network menu click Interfaces 2 Click on the name of the interface of which you want to change the DHCP pool settings 3 Click Configure Your _DHCP pool Configure parameters for your DHCP pool Pool Configuration Interface LocalNetwwork sss Start Address fs2168110 000 End Address fs2168120 000000 Subnet Mask 255 255 2550 0 Server fisz1681284 0 Gateway fisz1681284 00 Primary DNS hazae81 254 s Secundary ONS booo oo Primary WINS booo o Secondary WINS booo o o Lease Time Infinite Always give same address to m DHCP clients Apply Cancel 4 Under DHCP Pools click gt Add if you want to add a new DCHP pool gt Edit if you want to edit an existing DHCP pool gt Delete if you want to delete an existing DHCP pool This link will
87. e SpeedTouch See 1 3 1 Access via the Web Interface on page 12 to access the pages The pages are grouped in gt Basic Mode offering the main configuration tasks gt Expert Mode adding advanced features to the basic mode and presenting the Command Line Interface CLI commands in a graphical user interface Consult gt The SpeedTouch Installation and Setup Guide for more information on setup and installation procedures gt The SpeedTouch Application Notes and Configuration guides for advanced configuration concepts Speedtouch Chapter 4 Basic Configuration 4 1 Navigation components Navigation The SpeedTouch web interface consists of following components Menu Language Bar Navigation Bar Notification Area Tasks v v v v wv Navigation bar Notification area Language bar speedtouch Qs sn a Sour DSL conection is dawn wt Hy tiat yaur spreedToech is correctly coancced to your shone line i Luur Iiu grvulim gurecela shack prar durunea infisah SpeedTouch Men u Saanaa ae Intamin beaan J Heci imd PAi spe wd eet erie Maer eee mo Y Ipikit Arasia BS ae sheds duigurakeru Amadhand Garnnrriirnin reran hane Tarar yrscid as aes Drw iom Ta IL ae II ET ag I Tnnihns fal Cetin ta Foctary Pakad Serag Kis avatar HD lo p Exparl Puda T a i heck aomena baos rere S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 1 1
88. e SpeedTouch logical interface for which this DHCP client applies gt The Address column shows the IP address assigned to the interface given in the first column gt The State column shows the current state of the dynamic interface According to RFC2131 following states are envisaged gt init The DHCP client hasn t been activated yet You can activate a DHCP client entry by selecting it and clicking Enable gt requesting The DHCP client is searching for a DHCP server gt selecting The DHCP client requests a server for an IP address gt bound A dynamic IP address has been assigned by the DHCP server gt renewing The DHCP client requests a known server to extend its lease gt rebinding The DHCP client searches a server to extend its lease gt The Timeout column is filled in for each DHCP client which is currently in the bound state It indicates the lease time of the assigned IP address For each of these interfaces you can configure following fields gt IP Address The preferred IP address to be assigned to the DHCP client If not accepted the remote DHCP server may overrule this address gt Client ID MAC address of the SpeedTouch logical interface to be communicated to the remote DHCP server If empty the SoeedTouch s MAC address is used gt Host name The host name associated with the dynamic IP address to be communicated to the remote DHCP server gt User ID The
89. e cases the Advanced VPN menu should be used Configuring an operational IPSec connection basically consists of the definition of a Peer Profile and a Connection Profile The Peer represents the remote Security Gateway and all the parameters required to set up an IKE Security Association to this Security Gateway A Connection represents the IPSec connection and all its associated parameters All parameters of an IPSec configuration can be adjusted so the functionality of these web pages corresponds to the Command Line Interface CLI Choices have to be made in accordance to the data known to the user and the VPN layout The Advanced VPN menu should be used by skilled persons only as these Q pages allow you to manually adjust configuration components that are in general automatically generated by the SpeedTouch Therefore take care when altering settings in the Advanced VPN menu speedtouch 177 Chapter 5 Expert Configuration Chapter 5 Expert Configuration 0 7 6 Debug Status page This page shows the status of the IKE Security Association Phase 1 and the IPSec Security Association s Phase 2 For an operational VPN connection both an IKE Security Association and an IPSec Security Association should be active Statistics page This page shows the amount of traffic carried over the IKE Security Association Phase 1 and the IPSec Security Association s Phase 2 Logging page On the Logging page you can monitor t
90. e existing VLANs Ps Identification ame b 1 default b 3 Wan b 4 dmz b 5 guest a Click Apply to commit changes YLAN properties Name Vid 2 508 To add a Virtual LAN 1 Click New In the Name box type a unique name that describes the use of the VLAN In the VID box enter the unique VLAN ID to be used for this VLAN Click Apply to create the VLAN you have defined oh N Click Save All to make your changes permanent The Virtual LANs that are defined can be used in the Ethernet Configuration pages as described in 5 4 5 Bridged Ethernet S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration 9 9 Local Networking Overview E DOC CTC 20050429 0104 v1 0 The Connections menu consists of the following topics DHCP DNS View configure the SpeedTouch DHCP settings View configure the SpeedTouch DNS settings Managed Switch View configure the SpeedTouch Managed Switch Wireless View configure the SpeedTouch wireless access point settings Speedtouch 151 Chapter 5 Expert Configuration 0 0 1 Overview DHCP Server server Config DHCP The DHCP web page offers three tabs to configure the SpeedTouch s DHCP functionality gt DHCP Server To configure the general behaviour of the SpeedTouch s DHCP server gt DHCP Relay To configure the SpeedTouch DHCP relay gt DHCP Client To configure t
91. e features all means for management and maintenance of your SpeedTouch It consists of two sections gt System configuration gt System Upgrade Upload File Configuration Files f Language Packs Specify a file to upload Browse The System Configuration section allows you to manage locally stored system files Select gt Upload File to upload a system file to the SpeedTouch See Upload system files on page 112 for more information gt Configuration Files to manage stored configuration files See Manage configuration files on page 113 for more information gt Language Packs to manage stored SpeedTouch web interface language packs See Manage language packs on page 113 for more information Following file types are allowed gt Ani Files with extension ini are SpeedTouch configuration files These files are intended for backing up configurations to back up your current configuration see 4 3 5 Backup amp Restore on page 58 gt tpl Files with extension tpl are configuration templates used by the SpeedTouch Home Install Wizard available on the SoeedTouch Setup CD or the embedded Easy Setup wizard gt Ing Files with extension Ing are language packs for your SpeedTouch These files allow you to select the language in which the SpeedTouch web interface is presented You can only upload files with known extensions however this does not o guarantee th
92. e file is available on your local disk gt To disable your personal firewall software Depending on the BOOTP TFTP server you might need the SpeedTouch Medium Access Control MAC address of your SpeedTouch device To retrieve this address see 4 3 1 Information on page 54 speedtouch Chapter 7 Software Upgrade Chapter 7 Software Upgrade Procedure To upgrade restore the SpeedTouch system software 1 2 4 5 In a preliminary step make sure that a BOOTP server is readily installed on the computer from which you intend to perform the system software upgrade Configure the BOOTP server to use the SpeedTouch system software image file in its reply to BOOTP requests from the SpeedTouch you want to upgrade To identify the BOOTP requests from the SpeedTouch you will need to define an IP range for basic communication between the BOOTP server and the SpeedTouch Depending on the BOOTP server you might also need to specify its MAC address can be found on the web pages see 4 3 1 Information on page 54 Start a telnet session as described in Telnet session on page 14 Put the SpeedTouch in BOOTP with the following CLI command gt software upgrade 6 The SpeedTouch reboots and starts sending BOOTP requests In BOOTP mode the Power LED is solidly lit red and the Ethernet LED is flashing green The BOOTP server will reply to the BOOTP requests and will perform t
93. e validity of a system file Only upload files if these are gt configuration files ini you backed up yourself from this SpeedTouch gt template files tpl that are known to be valid for your SpeedTouch e g stemming from the SpeedTouch Setup CD delivered with your SpeedTouch gt language packs Ing that match your SpeedTouch s Board name and Software release S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Manage configuration files Manage language packs E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration To upload system files 1 Click Browse to specify the file on your local drive you wish to upload 2 Click Upload to upload the system file to your SpeedTouch Each file requires an amount of memory Make sure to limit the number of files to the minimum This table allows you to view configuration files that are currently stored on your SpeedTouch Following configuration files are listed gt Active Configuration showing details on the configuration that is currently running on your SpeedTouch gt Backup Configuration listing configuration backups stored on your SpeedTouch gt Wizard template listing configuration wizard templates that are currently available for the embedded Easy Setup To view the configuration of backup or delete a configuration file 1 Select the configuration file A Details pane shows some extra information on the se
94. ecurity user name and password d The default user is Administrator and the default password is blank 4 The example below shows an FTP session to the SpeedTouch file system ey CO WINDOWS system32 cmd exe ftp 192 168 1 254 Microsoft Windows AF Wersion 5 1 2606 CG Copyright 1985 2061 Microsoft Corp C Documents and Settings nielsenvtftp 192 168 1 254 Connected to 192 168 1 254 226 Inactivity timer 128 seconds Use site idle secs gt to change User 192 168 1 254 none gt gt Administrator Le J 331 SpeedTouch 6 HE 56 5A D9 AB gt Password requ ed Password 238 OK ftp File system structure The structure of the file system is very simple It consists of a single root directory called root and two subdirectories called active and dl gt The root directory contains gt all the necessary files for the SpeedTouch to boot correctly gt the active and the dl directories gt The active directory contains the active software image gt The dl download directory contains the passive software image If you made changes to the SpeedTouch configuration and saved them a user ini configuration settings file is created in the dl subdirectory E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 1 Your SpeedTouch Chapter 1 Your SpeedTouch File system access On the different directories you have following privileges rights C Common FIP Depending on
95. eesausasedeeceescesceucucencie 87 4 6 1 GV CCS T A E EE E E T xe oan tennis aan sees aaa EE areata aes ae T T 88 A0 Dovie SEUHNOS acieissecdub cet cecanxati ses exccticcnndevebasindededetnnsededaendneanitateaseusaccunedacesass 89 4 0 3 Assign Public ee ee ere ee ee eee ee er ere 90 46 4 Wireless Device SetUngsS sissctwssGccnawasssetteamueionsdnenstusedeacsredanenatvenschaegedacimmasetade 91 4 6065 Access PONE SCrlINGS erroni anien a E a 92 AOO Ce 01 0 Ua ale WDS eee ner ee ee eee en ene eee ne ee eee eee ee ee eee 95 MeO WAR ONT ACCS ccs ce cs teats eas eeencea sees cca A E eens 96 46 68 Interface Settings succescsenessamecemcngaedenamtererusadccsatuse Geter bosteareadereccateennnasaateusnannes 97 Ao DACP Poole a E R E 98 5 Expert Configuration cccccsccsecssesseeesseeeeeseeesaees 101 Dl HOMO esise EE Ea aE 103 a speedtouch Contents 5 2 5 2 1 5 2 2 5 2 3 5 2 4 5 2 5 5 2 6 OZ 7 5 2 8 5 2 9 5 2 10 5 3 Dad 5 3 2 5 3 3 5 3 4 5 3 5 5 3 6 5 3 7 5 4 5 4 1 5 4 2 5 4 3 5 4 4 5 4 5 5 4 6 5 4 7 5 4 8 5 4 9 5 5 D 5 1 5 5 2 5 5 3 5 5 4 5 6 5 6 1 5 6 2 SCC OU M sereia Ea 104 Eao CU EE T EEE R EE E ntaete 105 System MTOM aE ON sees ees terse vce tarnee sages ore ateeaeoee eri aiaa aiiai 106 OMI SO ese as re ene eee cen ee a eee 108 Dagnis CS isar Enr EE AEE r EASE 109 Y O aA E A ee pene EEE E E deans 110 By SLC I E eea E E E E E amen conaet 112 Speed Touch SErVICES apararsan ra
96. eges which are the same or lower than your own The password of the new user will be the same as the account name User definition Name New_user Administration Privileges Administrator Apply Cancel Under User definition you can configure gt The name of the new user The password of the new user will be equal to the user name for example if the user name is John Doe the password will be John Doe Also when resetting a user the password will be changed into the user name gt The administration privileges of the new user o You can only add users with less than or equal administration privileges as yourself S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 6 Office Network Menu The Office Network page Viewing wireless client information E DOC CTC 20050429 0104 v1 0 Office Network This menu consists of following items gt Devices Allows you the view configure the devices detected on your local network gt Interfaces Allows you to view configure the interfaces that are available on the SpeedTouch The Office Network gives you an overview of your SpeedTouch network Speedtouch Administrator Help Home gt Office Network oe Office Network ce Wireless L wean SpeedTouch123456 H ee ouc 36Mbps Bimm Toolbox 4h E Ethernet ethporti 100Mbps SpeedTouch Broadband Connection ethport2 100Mbps ethport3 100Mbps
97. em So interface in case of a SpeedTouch 608 WL 620 gt Four RJ 45 ports for managed 10 100Base T Half Full duplex auto sensing MDI MDI X Ethernet switch gt Wireless LAN IEEE 802 11b g Wi Fi compliant access point on the SpeedTouch 608 WL 620 LED indicators for all interfaces One programmable recessed reset button for restoring the factory default settings One push button for wireless association and registration on the SpeedTouch 608 WL 620 On the SpeedTouch 608 WL 620 gt gt gt gt Typical indoor coverage 60m Dynamic rate switching Manual Automatic channel selection Manual Automatic selection of pure 802 11g pure 802 11b or mixed mode 802 11b g network Wireless Distribution System WDS WPA PSK WEP data encryption 16 MB flash 32 MB SDRAM Memory and processor load counters On SpeedTouch 608 WL 620 gt PCMCIA CardBus plug in slot for future extension IPSec acceleration card PSTN back up card GPRS back up card Power supply 18V AC 1000mA with patent pending power cord lock to avoid accidental power plug out speedtouch 5 Chapter 1 Your SpeedTouch 1 1 2 Software Features ADSL compliance ATM features Bridging features Routing features vo v v wv If POTS in overlay G handshake Full Rate ADSL G dmt G lite splitterless ADSL ADSL2 RE ADSL and ADSL2 If ISDN in overlay G handshake G dmt ADSL2 RE ADSL and ADSL2 Up to 16
98. ess Point you want to view or configure The Access Points names are of the following format WLAN Network Name for example WLAN SpeedTouch123456 Overview The Overview page displays a brief overview of the current configuration Details The Details page displays a more detailed overview of the current configuration Configure Under Configuration following fields are available gt Interface Enabled Allows you to enable disable the wireless interface gt Physical Address Displays the Base Service Set Identifier BSSID of the selected Access Point gt Network Name SSID Allows you to change the network name of your WLAN gt Interface Type Allows you to choose between 802 11b 802 11b legacy g 802 11b g 802 11g gt Actual Speed Displays the current transmission speed gt gt gt gt gt Channel Selection Allows you to select a fixed channel or let the SoeedTouch automatically select a channel for you gt Region Displays your region gt Channel Displays the channel that is currently used by the Access Point gt Allow multicast from Broadband Network Allows you to allow deny multicast messages from the Internet 4 Large bandwidth streams like video streams have a large impact on your wireless performance Speedtouch PO Chapter 4 Basic Configuration Under Security following fields are available gt Broadcast Network Name By defaul
99. ess of a connection to a LAN device This page allows you to assign the public IP address of your Internet Connection s to a specific device on your local network You might want to do this if You encounter issues with some applications through the Network Address Translation engine of your SpeedTouch This device is running server applications web server and you want it to be accessible from the internet This device has to be considered as the unique entry to your local network DMZ Internet Service Device Internet Apply Cancel 3 Click Apply A The SpeedTouch prompts you that you will have to make some adjustments as a result of the new configuration click OK 5 Release and renew the IP address of the device H For more information see your operating system s user guide or help 6 If needed reassign server applications to this device S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 6 4 Accessing the wireless device settings page Overview Configure E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Wireless Device Settings Proceed as follows 1 On the Office Network menu click Devices 2 In the Detected Device s click the name of the wireless device you want to view The Overview page displays following information gt Information allows you to view gt Status displays whether the device is currently connected to the SpeedTouch network
100. f a system software downgrade in step 6 you must specifically acknowledge your decision before being able to proceed S D e d tO U C n E DOC CTC 20050429 0104 v1 0 7 3 speedlouch system software management Important note Before you start E DOC CTC 20050429 0104 v1 0 Upgrade via a BOOTP TFIP Server The SpeedTouch system software is based on BOOTP a standard mechanism used for booting diskless stations You can force the SpeedTouch in BOOTP mode allowing a BOOTP TFTP server to manage the SpeedTouch file system and submit upgrade files to it It is recommended only to use the procedure described below if you are familiar with the use of a BOOTP server and the mechanisms on which BOOTP is based Upgrading the system software via the procedure described below will reset the SpeedTouch to its factory default settings Therefore prior to performing an upgrade of the system software it is recommended to back up the SpeedTouch configuration See Accessing the Backup amp Restore page on page 58 on how to make a backup You need a third party BOOTP TFIP server installed on the computer from which you want to perform the SpeedTouch system software upgrade Make sure gt That the SpeedTouch is connected to your computer via its Ethernet or USB port It is NOT possible to upgrade your SpeedTouch if you are connected wirelessly gt A valid SpeedTouch system software imag
101. file contain the ISDN parameters A Type user name and password for the account at the ISP 5 f needed enter the ISDN parameters of your ISP 6 Click Apply Once created per Routed PPPol connection additional configuration is possible by clicking 1 Routing 2 Other These parameters can only be modified when the link is down Take the link down first by clicking Hang up Following fields are available gt Destination Controls the networks that can be reached via this particular PPP connection Specify the remote host or network in prefix notation e g 172 16 0 0 16 gt Label Allows you to assign a label to this connection S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities Following fields are available gt Mode A PPP connection can be established in three ways gt Manually You have to press the Dial In button of a particular connection gt Always On The SpeedTouch automatically tries to establish PPP connections gt On Demand A PPP connection is triggered by specific frames arriving at the Ethernet port gt Idle Time Limit Allows you to specify after which time limit the PPP connection is released Otherwise stated if no traffic passes over the PPP connection for Idle Time the connection is closed gt Authentication allows you to select the default PPP authe
102. g Allowed sharing in order to use applications like Peer to Peer file sharing PtoP Internet Games Web serving FTP serving WebCams IRC DDC and Instant Messaging such as AIM ICQ Yahoo and MS Messenger Proxying allowed Select this check box to allow the firewall to act as a proxy server A proxy server acts both as a server and a client for the purpose of making requests on behalf of other clients Requests are serviced internally or by passing them on to other servers A proxy interprets and if necessary rewrites a request message before forwarding it For example HTTP Intercept a speedtouch Chapter 5 Expert Configuration Creating a firewall rule Proceed as follows to create a new security level and to add rules 1 of N 6 7 170 Select one of the six security levels Click Customize Type name and description for the new security level and click Apply Click New to add a rule Fill in all the fields gt Index The index of the firewall rule The firewall hierarchically goes through the rules starting from rule 1 When no rule is hit the firewall will block the traffic because of his default behaviour gt Name The name of the rule gt Source Interface The source interface e g lan1 want dmz1 gt Source IP Select The name of the source IP expression gt Destination Interface The destination interface e g lani want dmz1 gt Destination IP Select
103. g Lew ork SS A gs z LP et Tira fal Hyaa tuni Mermet Soom Mae Location genie atic aA Show Bult ia Ethernet l Pree f W Conner using PRPCE Berair Provides tells Eina PPPoE fenia Kanz Agden al Aliou Kama pohndood Adee Parami seeeeaea wa al casti o thie com puser tu S Erro cies Sa a a De EL ferent opine ir Shaw P PoF slain in menu bar 3 a Chick th beck to prerim forties tanget a Apply Mow 4 Enter the Account Name and Password provided by your Service Provider 4 Select Save password in case you want the computer to remember 7 the password for this account name Optionally you can enter a name for this connection in the Service Provider field All other fields may stay empty 5 Click Apply Now a speedtouch Chapter 3 Internet Connectivity Dial In Clients starting a broadband Proceed as follows Internet session 4 Click the Internet Connect dockling If the Internet Connect dockling is not available go to the Applications folder on the system startup disk and double click Internet Connect 2 The following window appears 60 Built in Ethernet Configuration Built in Ethernet B fa Service Provider Name johndoe MylSP Password eeseeseesses W Show PPPoE status in menu bar These settings can be changed in Network Preferences f Edit Make sure Built in Ethernet is selected in the Configuration list 3 If needed enter use
104. ge allows you to enable disable NAPT on a specific interface Interfaces Mappings Templates Interface Group NPT State loop local Disabled UF mi Internet wan Enabled Dow C lani lan Disabled UF m wand wan Enabled BOOT C dmzi1 drz Disabled UF m guesti guest Disabled UF Proceed as follows to enable disable an interface 1 Select the interface that has to be enabled disabled 2 Click Save All to make the settings permanent The Mappings page allows you to map one or more private IP addresses into one or more public IP address on a specific interface Depending on your needs following fields are available gt Interface The name of the IP interface that needs to be NAT ed gt Protocol The IP protocol on which address translation has to be applied This allows the SpeedTouch to link specific traffic protocol dependent to a chosen private host gt Outside address The outside typically public IP address es gt Inside address The inside typically private IP address es gt Access list You can use the access list to define the address es that are allowed to use the outbound connections gt Foreign address Foreign address is to define the address es that are allowed to use the inbound connections gt Flags gt Description 4 If you selected NAPT you will have to specify a port range for the inside and outside address Speedtouch 131 Chapter 5 Expert Configuration
105. ger be visible in the list of available networks of your wireless client By default the interoperability mode allows for both IEEE 802 11g complaint wireless clients and IEEE 802 11b compliant wireless clients to connect to the SpeedTouch To change the interoperability mode 1 Select the desired option gt 802 11g and b to allow both IEEE802 11b and IEEE802 11g compliant wireless clients to connect to the SpeedTouch gt 802 11g only to allow only IEEE802 11g compliant wireless clients 2 Click Apply to immediately apply your changes By default the SpeedTouch chooses its radio channel automatically at start up of the access point on basis of the least interference with other access points To update the channel 1 Click update to let the SpeedTouch re evaluate the aerial conditions to base the new channel selection on Your changes will immediately be applied Wireless associated clients always follow the access point s radio channel selection They will change their channel into that of the new updated channel selection To configure a fixed channel 1 In the Channel Selection list click the desired channel Be aware of your region limitations 2 Click Apply to immediately apply your changes To return to auto mode 1 In the Channel Selection list click auto 2 Click Apply to immediately apply your changes S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Enable disable the wireless interface secur
106. groups on account of fraud abuse and so forth S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction How to activate a Software module E DOC CTC 20050429 0104 v1 0 software Keys A Software Key is a tool to disclose or activate services or software modules The following Software modules can be activated gt VPN256 32 VPN16 4 VPN16 1 Integrated VPN IPSec capability SpeedTouch 608 WL 620 ISDN Integrated ISDN Modem full capacity SpeedTouch 608 WL 620 SIP256 SIP Multi Media PBX capability SpeedTouch 620 Proceed as follows to activate a software module 1 2 Browse to the SpeedTouch web pages at http 192 168 1 254 The SpeedTouch Home Page appears Select Expert Mode gt SpeedTouch gt Add On The Add On page appears Name Description ile Status OO O VPM2Z56 32 IPSEC based YPN capability VPN256 32 syle Key Enabled ISDN ISON Backup capability ISDN sw Key Enabled SIP2Z56 Session Initiation Protocol capability SIPZ56 svle Key Enabled Paste the Software Activation Code you received into this box and click Odd add Speedtouch Chapter 6 Software Keys Chapter 6 Software Keys 3 Select the desired software module to open the registration web site on the Internet SEARCH NAVIGATION TOOL products we support we Products Complete this form to receive your new Software Key to upgrade your modem UserName Password
107. h restarts o Your system administrator may have disabled the physical reset button of the SpeedTouch In this case a hardware reset to defaults is not possible speedtouch Chapter 8 Troubleshooting Software reset Proceed as follows 1 ah N Go to the SpeedTouch web pages In the menu select SpeedTouch gt Configuration In the Pick a task list click Reset my SpeedTouch to default settings The SpeedTouch restarts The SpeedTouch returns to the SpeedTouch Home page unless the IP address of your computer is not in the same subnet as the default IP address of the SpeedTouch being 192 168 1 254 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 A 93 THOMSON BRAND O LA vOLO 6Z70G00Z2 9L9 90d J peAseses syfu Ily GOOZ NOSWOHL o Need more help Additional help is available online at www speedtouch com A 93 THOMSON BRAND
108. h priority based queuing scheduling modifying data characteristics Examples of connection parameters include the maximum amount of bandwidth that may be used the guaranteed amount of bandwidth that will always be available the maximum delay the data can experience throughout the network a priority indication Speedtouch Chapter 5 Expert Configuration Configuration The Configuration page allows you to configure IPQoS for a given destination interface for the IPQoS queues instantiation 4 When enabling or disabling IPQoS take the following into account gt if the WAN interface for example PPPoA IPoA is detached at the time of enabling disabling IPQoS then the WAN interface has to be attached in order for the enabling disabling of IPQoS to take effect gt if the WAN interface is attached at the time of enabling disabling IPQoS then the WAN interface has to be detached and then re attached in order for the enabling disabling of IPQoS to take effect Following settings are available gt Name The destination interface for the IPQoS queues instantiation State Disable or enable IPQoS for the interface Discard Determines the packet discard strategy in case of congestion Choose between gt tail Tail Drop arriving packets will be dropped as soon as the destination queue is in an overflow state gt early Early Packet discard arriving packets will be dropped early according to
109. h 123 Chapter 5 Expert Configuration 5 3 1 IP Addresses Overview The IP address table shows all IP addresses configured on any of SpeedTouch s interfaces In the table following information is provided per IP address gt The Interface to which the IP address applies gt The IP address Netmask in prefix notation gt The IP address Type being either gt auto in case the address has been automatically assigned by the SpeedTouch at startup or via negotiation gt extra in case of a manually configured IP address gt You can also assign additional new IP addresses to the SpeedTouch see Add change an IP address In case you select an IP address entry you can gt Make changes to the IP address configuration see Add change an IP address and click Apply b Click Delete to delete the IP address Add change an IP To add a new IP address to the SpeedTouch address 4 Click New 2 Select the Interface to which the IP address must apply interface st Address Netmask Type gt questl 192 168 3 254 24 Extra gt dmzi 192 168 2 254 24 Extra gt lani 10 0 0 138 24 Extra gt lani 192 168 1 254 24 Extra loop 2 Oe Auto e Click Apply to commit changes IP address properties Interface nternet Address mask Obtain an IP address automatically C 3 Either gt Type a valid IP address mask in prefix notation gt Select Obtain an IP address automatically
110. h page consists of two sections gt Managed Ethernet Switch gt provides an overview of each individual Ethernet port gt Allows per Ethernet port to configure some Ethernet port properties gt Mirror Configuration allows you to configure port mirroring and traffic capturing Managed Ethernet Under Managed Ethernet Switch you can select a port to change Switch p State Allows you to enable disable the interface gt Speed Duplex Select either gt auto Auto negotiation of Ethernet communication speed 10Mb s or 100Mb s and Duplex mode half duplex or full duplex gt 10BaseTHD 10Mb s communication speed in half duplex mode gt 10BaseTFD 10Mb s communication speed in full duplex mode gt 100BaseTHD 100Mb s communication speed in half duplex mode gt 100BaseTFD 100Mb s communication speed in full duplex mode Speedtouch E Chapter 5 Expert Configuration Mirror Configuration Port mirroring allows monitoring from one port called mirrored port to another port called mirror capture port This functionality allows any port s Ingress and or Egress traffic to be monitored to a pre defined mirror capture port Depending on your configuration you can mirror from mirror port to mirror capture port gt The outgoing traffic gt The incoming traffic gt Both incoming and outgoing traffic a speedtouch Chapter 5 Expert Configuration 5 5 4 Wireless Overview The
111. he required operations to send the system software to the SpeedTouch After checking whether the received system software is valid for the device the SpeedTouch will start in normal operational mode to complete the upgrade Optionally you can upload the backup configuration as described in 4 3 8 Update on page 61 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction E DOC CTC 20050429 0104 v1 0 Chapter 8 Troubleshooting Troubleshooting This chapter suggest solutions for problems you may encounter while installing or configuring your SpeedTouch If the suggestions do not resolve the problem look at the support pages on http www speedtouch com support or contact your service provider For Internet connection troubleshooting refer to the provided Installation and Setup Guide Speedtouch Chapter 8 Troubleshooting 3 1 speedlTouch does not work speed Touch unreachable Poor SpeedTouch performance General Speedlouch Troubleshooting If none of the LEDs light up make sure that gt The SpeedTouch is plugged into a power socket outlet gt You are using the correct power supply for your SpeedTouch device that is 18V AC gt The power on the SpeedTouch is turned on via the rocker switch on the back panel In case your SpeedTouch is unreachable due to misconfiguration you might consider a hardware reset to factory defaults as describe
112. he SpeedTouch DHCP client DHCP Server S DHeP client Server Config Server Leases Address Pools iName ss StartAddress End Address Interface State PPP b LAN private 192 168 1 64 192 168 1 2553 lanl static b GUEST private 192 168 3 64 192 166 3 253 guestl static b DM2_private 192 168 2 64 192 168 2 2553 dmz1 static Click New to create a new entry The DHCP server configuration is split up in three sections gt Server Config To configure the SpeedTouch DHCP server master settings and behaviour gt Server Leases To overview current the SpeedTouch DHCP server s current leases and or add delete static DHCP lease entries gt Address Pools To overview and add delete DHCP address pools for the SpeedTouch DHCP server As mentioned before the SpeedTouch DHCP server configuring local network hosts can be run in conjunction with one or more SpeedTouch DHCP clients or SpeedTouch DHCP Relay agents each created on behalf of a wide area connection l e for WAN interfaces the SpeedTouch offers DHCP client or DHCP relay support to configure MAC Encapsulated Routing MER or Routed IPoA interfaces independently Following fields are available gt Activate server Select this check box to enable the SpeedTouch DHCP server gt Activate verify first Select this check box to enable IP address conflict network probing before handing out an address to a client gt A
113. he following box ISP Name Youn SP The name you type here will be the name of the connection you are creating lt Back Cancel speedtouch 39 Chapter 3 Internet Connectivity Dial In Clients 8 Select whether the connection will be available to any user or only to yourself New Connection Wizard Connection Availability You can make the new connection available to any user or only to yourself connection that is created for your use only is saved in your user account and is not available unless you are logged on Create this connection for Anyone s use O My use only 9 Fill in the Internet account information This information should be provided by your service provider New Connection Wizard j Internet Account Information You will need an account name and password to sign in to your Internet account Type an ISP account name and password then write down this information and store it in a safe place IF you have forgotten an existing account name or password contact your ISP User name fohnb oe YourlSP Password essed Confirm password IV Use this account name and password when anyone connects to the Internet from this computer JV Make this the default Internet connection X lt Back Cancel 10 At the end of the configuration the following window appears New Connection Wizard Completing the New Connection Wizard You have successfully comple
114. he received and transmitted messages of the IKE and IPSec negotiations Proceed as follows 1 2 3 4 Browse to Expert mode gt VPN gt Debug gt Logging Select the desired level of Trace Detail Select high to see the most detailed level of logging Start the VPN connection Browse again to Expert mode gt VPN gt Debug gt Logging Tear Down All Tunnels On this page you can halt all established VPN tunnels 178 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 8 Availability SpeedTouch SIP PBX Enabling the SIP PBX Overview General E DOC CTC 20050429 0104 v1 0 SIP PBX The VPN feature is only available if you activated the SIP PBX software module For more information see 5 2 10 Add on on page 122 The SpeedTouch has a key role in the enhancement of Voice over IP services for corporations universities or enterprises Using the SpeedTouch integrated multi media SIP PBX the user can secure the SIP communications and manage without involvement of the operator certain local services such as registration blocking sessions screening sessions logging The added value of a PBX is now available in a SIP enabled network To enable the SIP PBX 1 On the SpeedTouch menu click SpeedTouch Services 2 Select the SIP PBX registrar entry 3 Under Service properties click Service enabled 4 Optionally you can change the SIP port in the Internal TCP UDP port box The SI
115. i raceroute test Owner Target Address Status OO O Ei BRAS modem 10 501 20 Stopped Result Status Target IP address FN Current hop count er Current probe count f0 Test attempts PO Eon SY Test Successes Last good path 01 01 70 00 00 00 000000 3 Make your changes A Click Apply to apply your changes to the traceroute test entry To start stop a traceroute test 1 Select the traceroute test entry 2 Click gt Activate to start the traceroute test gt Deactivate a traceroute test that is currently running To view the results of the traceroute test 1 Select the traceroute test entry if needed 2 Click Result To overview a history of traceroute tests 1 Select the traceroute test entry 2 Click History To view a list of hops that have been reached by the traceroute request 1 Select the traceroute test entry 2 Click Hop speedtouch Chapter 5 Expert Configuration Chapter 5 Expert Configuration 5 2 10 Add on Overview Some of the SpeedTouch s extended functionalities require a software activation key to enable the corresponding software module To acquire a software activation key for activating a SpeedTouch software module proceed as follows 1 2 D Q Click the name of the software module you intend to activate This link will forward you to the SpeedTouch software activation key web server Follow the instructions for generating and downloading
116. iate and uninterrupted WAN access is provided 4 In case of direct access the remote organisation might ask for a user name and password on an Internet welcome page gt Dial in access Access must be explicitly established that is by dialling into a Broadband Remote Access Server BRAS Depending on the SpeedTouch configuration dial in access is provided via the SpeedTouch s Routed PPPoA or Routed PPPoE packet services with embedded PPP client The applied connection protocol model depends on the service profile you selected to configure the SpeedTouch and should correspond with the Service Provider s requirements If your ISP provides PPPoE for instance you should configure PPPoE More information on connection protocols can be found in the Internet Connection Configuration Guide There are different ways of dialling in depending on the operating system on your PC and your preferences Dial in method can be used on For more information following operating see system Embedded PPP dial in client Dial in client on MS Windows Mac unix 3 1 SpeedTouch Web embedded pages other Pages MS Windows XP IGD MS Windows XP 3 2 IGD Control Agent Control Agent for UPnP on page 37 Host PPP dial in client for a SpoeedTouch configured in pure bridging mode MS Windows XP MS Windows XP 3 3 MS Windows XP Broadband connection BroadBand Connection Mac OS X PPPoE dial in Mac OS X 3 4 Ma
117. ime frame of one minute will be added to the table The SpeedTouch automatically saves your current configuration at the end of the registration phase Some WLAN clients do not automatically join a WLAN If so follow 7 the instructions for the WLAN client software to initiate the association Successfully registered stations are associated to the SpeedTouch WLAN Depending on your WLAN client adapter a wireless icon may become green or a message similar to the following may appear Successfully joined Wireless network SpeedTouch1 23456 The wireless clients will be added to the SpeedTouch ACL After one minute the ACL is locked 4 The registration procedure can be repeated as often as needed S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 2 Local Network Setup 2 2 90 Extending the Range of Your Wireless Network WDS The SpeedTouch features Wireless Distribution System WDS functionality This feature allows you to extend the range of your wireless network by introducing one or more WDS enabled devices into your wireless network The Wireless Distribution System WDS enables data packets to pass from one wireless access point to another just as if the access points were ports on a wired Ethernet switch WDS allows you to extend the range of your SpeedTouch by means of one or more wireless repeaters like for instance a SpeedTouch 180 The following illustration depicts two WDS enabled de
118. in the United States and or other countries Netscape and Netscape Navigator are registered trademarks of Netscape Communications Corporation Ethernet is a trademark of Xerox Corporation UPnP is a certification mark of the UPnP Implementers Corporation Wi Fi and the Wi Fi logo are registered trademarks of the Wi Fi Alliance Wi Fi CERTIFIED Wi Fi ZONE Wi Fi Alli ance their respective logos and Wi Fi Protected Access are trademarks of the Wi Fi Alliance v v v v Other products may be trademarks or registered trademarks of their respective manufacturers Document Information Status v1 0 May 2005 Reference E DOC CTC 20050429 0104 Short Title User s Guide ST605 608 608 WL 620 R5 3 1 Speedtouch Contents 1 1 1 1 1 1 1 2 1 2 1 3 1 3 1 i Taa 1 3 4 2 1 2 2 2 2 1 2 2 2 2 2 3 2 2 4 2245 3 1 3 2 E DOC CTC 20050429 0104 v1 0 About this User s Guide c ccccseeeeeeeeeeeeeeeaeenaeees 1 VOUF Speedi ouch Meen N 3 SpeedTouch Features 000000000000055050nnnnunnnnnnnnnnnnnnnnnnnnnnnn 4 Hardware SpecMiCali NS sesrripirssnrini rir nA A 5 SOP e FEAU S sesar chet cams ee seh cumnnse ati dagneia REE ES AE EN 6 SpeedTouch LED Behaviour 2200 2eeceeeeeneeneneeeeensneneeeesnenees 9 How to Access your SpeedTouch ooo cc cecccenneeeeeneeeeneneeeeeeenneees 11 Access via the Web Interface cccccceeeeeecee eee e eee seeeeeeee eee s
119. ing wireless In case New stations are allowed via registration you can add a wireless client to clients the ACL via gt Registering clients via web pages gt Registering clients via association button Registering clients via You can add a wireless client to the ACL as follows web pages 1 Go to the SpeedTouch web pages In the menu select Home Network gt Devices Under Pick a task click Search for wireless devices A OQ N The SpeedTouch searches for new wireless stations that use the encryption key of the SpeedTouch Access Point gi The SpeedTouch takes you to the Home Network The new station will be shown next to the name of the SpeedTouch WLAN Click the name of the new station Click Configure Select Allowed on WLAN and click Apply Now the device is added to the ACL and will always be allowed to connect to the SpeedTouch o ON O a speedtouch Chapter 2 Local Network Setup Registering clients via You can easily register new wireless network clients as follows association button 4 Go Push the Association button on the SpeedTouch back panel for at least two seconds The WLAN LED will toggle between green and red The ACL will be unlocked for a time frame of one minute Any new wireless client successfully attempting to connect to the SpeedTouch having the correct wireless settings that is the network name and if required the network key within the t
120. ion To add a new Phonebook entry 1 Click New 2 In the Name box type the Connection Service Name 3 In the Address box type the Virtual Channel Identifiers VPI and VCI for example 8 35 4 Click Apply There are a few limitations on names gt A phonebook name cannot have spaces gt The name INCOMING is reserved for internal use gt For entries of connection service type PPPoA planned to be used for the Relayed PPPoA packet service the phonebook name may not start with capital P or T Microsoft Windows OS restrictions gt Phonebook entries with a name starting with DHCP are reserved for the PPP to DHCP spoofing feature of the SpeedTouch The address format is vpi vci e g 8 35 or vpi vci e g 8 35 VPI Virtual Path Identifier and VCI Virtual Channel Identifier are two parameters identifying ATM Virtual Channels S D e d tO U C n E DOC CTC 20050429 0104 v1 0 QoS Book Interfaces E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration It is the responsibility of the network operator to provide end to end connectivity throughout the network on these virtual channels Due to regional differences or because of the specific policy of your local operator specific VPI VCI values may be required In this case the network operator ISP or corporate administrator will provide the correct values The VPI can range from O to 15 VCI from 32 511 If your SpeedTouch is equip
121. ity security Mode E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration To disable your wireless interface 1 Clear wireless interface enabled 2 Click Apply to immediately apply your changes o All your wireless clients will be disconnected You can also disable your wireless interface by pressing the front panel button for 10 seconds When the WLAN led is extinguished the interface is disabled To enable the wireless interface 1 Select Wireless interface enabled 2 Click Apply to immediately apply your changes You can also enable your wireless interface by pressing the front panel button for 10 seconds until the WLAN led starts flashing The security configuration tab allows you to configure the SpeedTouch gt Security Mode settings gt Access Control settings Three security levels are available for protecting the SpeedTouch wireless network environment gt level 0 No security i e the data will not be encrypted no authentication process will be used gt level 1 Backwards compatible security with any Wi Fi certified client WEP i e encrypting the traffic between the SpeedTouch and the clients by sharing a pre defined 64 bit or 128 bit Network key gt level 2 WPA PSK is the highest form of security available but make sure that your wireless client and client manager are compatible with it By default the SpeedTouch access point uses security level O i
122. k the Internet Connection icon As a result the SpeedTouch s embedded PPP dial in client establishes the Internet connection The Internet Gateway icon displays connected and your PC is online You can open a web browser and surf the Internet Speedtouch Chapter 3 Internet Connectivity Dial In Clients Chapter 3 Internet Connectivity Dial In Clients Internet connection As long as the SpeedTouch s embedded PPP dial in client is connected you are able Status to overview the connection status and some counters by double clicking the Internet Connection icon in your PC s Network Connections window t Internet Connection Status General Internet Gateway Status Connected Duration 00 01 16 Speed 3 3 Mbps Activity Internet Internet Gateway My Computer eo _ S _ P Bytes Sent 3 573 037 5 606 288 Received 4 155 677 12 502 062 Disconnect Terminating an Internet Proceed as follows session 4 2 3 In the Windows task bar click Start Select Settings gt Control Panel gt Network and Internet Connections gt Network Connections In the Network Connections window right click the Internet Connection icon and select Disconnect to close the session gt 4 You can also double click the icon Then the Internet Connection 7 Status window will appear on which a Disconnect button is available to close the session As a result the SpeedTouch s embedded PPP dial in c
123. k the desired Data Security level either 64 bit or 128 bit and Alphanumeric or Hexadecimal 3 In the Encryption key box type a Network key of your choice In case of gt 64 bits Alphanumeric The 40 bits Network key must consist of 5 alphanumeric characters gt 64 bits Hexadecimal The 40 bits Network key must consist of 10 hexadecimal digits gt 128 bits Alphanumeric The 104 bits Network key consists of 13 alphanumeric characters gt 128 bits Hexadecimal The 104 bits Network key consists of 26 hexadecimal digits D Click Apply to immediately apply your changes ol Configure your wireless client s with the same settings a speedtouch Chapter 4 Basic Configuration VVPA PSK The SpeedTouch supports WPA PSK which has 3 improvements regarding to WEP gt gt Authentication via a 4 way handshake to check whether the Pre Shared Keys PSKs are the same gt Stronger encryption types gt Temporal Key Integrity Protocol TKIP default Instead of using a fixed WEP key TKIP uses in pairs temporary session keys which are derived from the PSK during the 4 way handshake For each packet it uses a different key TKIP also provides a message integrity check MIC and a rekeying mechanism in seconds gt Advanced Encryption Standard AES State of the art encryption can only be used if all wireless devices in your WLAN support AES Message Integrity Check MIC Which is a st
124. l wireless client adapters compliant to 802 11g and or 802 11b will be able to communicate with the SpeedTouch and other members of the SpeedTouch W LAN environment However be aware that only 802 11g compliant wireless clients are able to gain full profit of the 54 Mb s Max bandwidth delivered by the SpeedTouch It is highly recommended to use only wireless client adapters that are Wi Fi certified to ensure smooth interoperability with the SpeedTouch s WLAN Speedtouch 21 Chapter 2 Local Network Setup Chapter 2 Local Network Setup 2 2 1 Introduction 802 11b g Wireless Fidelity Access Point Network Name or SSID Radio channels Wireless Basics In this section some key wireless concepts are explained 802 11b is an IEEE standard operating at 2 4 GHz at a speed of up to 11 Mb s 802 11g a newer IEEE standard also operating at 2 4 GHz gives you up to 54 Mb s speed more security and better performance The Wi Fi certification ensures that your SpeedTouch will interoperate with any Wi Fi certified 802 11g and 802 11b compliant wireless device The SpeedTouch Wireless LAN Access Point AP behaves as a networking hub allowing to wirelessly interconnect several devices to the local W LAN and to provide access to the Internet The WLAN s radio link is a shared medium As no physical connection exists between the SpeedTouch and wireless clients a name must be given to all
125. lected configuration file 2 Click gt Backup to store the file on a location on your local disk gt Delete to remove the file from your SpeedTouch Some configuration files may be required for the SpeedTouch s system integrity These files are protected and cannot be deleted from your SpeedTouch gt Cancel to return to the configuration file overview Your SpeedTouch is able to display its web interface embedded Easy Setup and this Help in various languages Use the Language bar to change the language in which the SpeedTouch web interface Easy Setup and this Help is displayed For more information see 4 1 2 Language Bar on page 48 Although all language pack files stored on your SpeedTouch are listed only language pack files that match with the board name and the software version of your SpeedTouch can be actually used See System on page 107 for more information to identify your SpeedTouch Speedtouch 113 Chapter 5 Expert Configuration system Upgrade Upload system software Switch to another system software version The System Upgrade section allows you to manage your SpeedTouch s system software and upload or apply a new system software For extended management reasons and roll back scenarios your SpeedTouch provides storage room for two system software packages the active system software the SpeedTouch is currently running and the passive o
126. les f IP GoS Rules Name i Classification Class TCP Ack Class TOS Marking b DSP overwrite dscp defclass disabled b Games Increase 10 10 disabled b Interactive increase 5 5 disabled b Management increase 1 1 disabled b Video increase 10 10 disabled b WoIP overwrite 14 14 disabled default Increase default prioritize disabled Click New to create a new entry The Labels table provides following information per label the packet classification label Name the kind of packet Classification the Class of of classification the TCP Ack class whether TOS Marking is enabled or disabled Proceed as follows to create a new label 1 Click New to add a label 2 Fill in all the fields 3 Click Apply v v v v wv E DOC CTC 20050429 0104 v1 0 S D e d tO U C n 127 Chapter 5 Expert Configuration Routing Rules The Routing Rules section provides an overview of the existing routing rules Proceed as follows to create a new rule 1 Click New to create a new rule 2 Fill in all the fields gt Index The index of the label rule Name The name of the rule Label The label allows to identify packets with matching criteria If such a packet arrives it is labelled with a packet classification label Still no packet classified routing is done Only if you add a route that uses that particular label as route criterion the effective classification based routing is applied Service The ser
127. lient on page 43 for more information or gt A broadband PPPoE dial in client provided by your Service Provider to connect to the Internet 4 Upon availability of OS specific PPPoE dial in client applications the 7 latter method is Operating System independent For PPPoE session connectivity from a Mac OS 8 6 9 x an MS Windows 95 98 SE ME 2000 or a Linux system a host PPPoE dial in application is mandatory S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 3 Internet Connectivity Dial In Clients 3 1 Speedlouch Web Pages Introduction As the SpeedTouch web pages are controllable from any Operating System with an installed web browser the method to establish PPP sessions described below you can use on any computer system For more information on Internet connection setup see the provided Installation and Setup Guide Starting an Internet Proceed as follows session 4 Open a web browser on your computer and browse to the SpeedTouch web pages see 1 3 1 Access via the Web Interface on page 12 for more information Speedtouch Help SpeedTouch SpeedTouch Inf ti Broadband Connection ae Product Name SpeedTouch Software Release 5 3 Update Toolbox pee a ee ee I eee yer Te Broadband Connection Internet Disconnected Connect Office Network Toolbox e Remote Assistance Disabled Expert Mode Ta A wi e Game amp Application Sharing Firewall Di
128. lient will close the Internet connection The Internet Gateway icon displays Disconnected and your computers are off line S D e d tO U C n E DOC CTC 20050429 0104 v1 0 3 3 Prerequisites Configuring a broadband connection E DOC CTC 20050429 0104 v1 0 Chapter 3 Internet Connectivity Dial In Clients MS Windows XP BroadBand Connection To be able to use the MS Windows XP BroadBand Connection your SpeedTouch must be configured for either gt Bridging or gt PPPoE Relay Proceed as follows 1 On the Start menu click Settings gt Control Panel 2 The Control Panel window appears Go to Network and Internet Connections gt Network Connections 3 In the Network Tasks menu click Create a new connection The New Connection Wizard appears New Connection Wizard Welcome to the New Connection Wizard This wizard helps you Connect to the Internet Connect to a private network such as your workplace network Set up a home or small office network To continue click Next Click Next 4 Select Connect to the Internet and click Next 5 Select Set up my connection manually and click Next 6 Select Connect using a broadband connection that requires a user name and password and click Next 7 Give a name to the connection you are creating for example YourlSP Connection Name What is the name of the service that provides your Internet connection Type the name of your ISP in t
129. ly S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration 4 9 13 User Management Overview The Overview page gives you an overview of the currently configured users and their privileges Clicking the name of a user allows you to edit his user account Configure The Configure page allows you to gt Click Add to create a new user account gt Click Delete to remove a user gt Click Edit to change a user account User Management This page provides you with information regarding the users configured on your SpeedTouch Local User Data The table below shows the configured users who are able to access your SpeedTouch You need to configure user privileges if you want to differentiate between people using your SpeedTouch The current privileges of the user are mentioned in the privileges column Username Privileges Default User Administrator Administrator Y Edit Jon User Edit Delete Melissa User Edit Delete Add E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 4 Basic Configuration 4 9 14 Accessing the User Edit page Editing a user account Edit User Proceed as follows 1 On the Toolbox menu click User Management 2 Under Local User Data click on the name of the user you want to edit Pe Edit User This page allows you to edit the user settings Besides resetting your password you re not allowed to change your own settings If you want to
130. m ao m m m m m oa m oa m ao m a m m m oa m m m oa m m m oa m m m ao 1 E Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Delete Meleke 4 9 4 Accessing the Game or Application Definition page Overview Configure Adding a Port Translation rule E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Game or Application Definition Proceed as follows 1 In the Toolbox menu click Game amp Application Sharing 2 Inthe Pick a task list click Modify a game or application 3 Click the name of the game or application you want to view change This page gives you an overview of the port mappings used to allow this service or game to be initiated from the Internet R Consult the user s guide or support pages of your application to know which ports are being used by this application A service is made of one or more TCP UDP port ranges Each incoming port range can be translated into a different internal local network port range Port ranges can be statically assigned to devices or dynamically assigned using an outgoing trigger Under
131. mplying that no encryption is used for wireless networking In case security level 1 or 2 is active select Security Level 0 no encryption to return to security level O Selecting this security level has immediate effect Data will no longer be encrypted Therefore to re access the wireless environment of the SpeedTouch you must first disable security on your wireless client speedtouch Chapter 5 Expert Configuration WEP The Wired Equivalent Privacy WEP algorithm is used to protect wireless communication from eavesdropping WEP relies on a secret key that is shared between the wireless client e g a laptop with a wireless ethernet card and the SpeedTouch The fixed secret key is used to encrypt packets before they are transmitted l e during transmission between client and AP in the air the information in the packets is encrypted To enable level1 WEP 1 2 4 Select Security Level 1 WEP In the Type list click the desired Data Security level either 64 bit or 128 bit and Alphanumeric or Hexadecimal In the Encryption key box type a Network key of your choice In case of gt 64 bits Alphanumeric The 40 bits Network key must consist of 5 alphanumeric characters gt 64 bits Hexadecimal The 40 bits Network key must consist of 10 hexadecimal digits gt 128 bits Alphanumeric The 104 bits Network key consists of 13 alphanumeric characters gt 128 bits Hexadecimal The 104 bits Network key
132. nd Control Your MS Windows XP system is able to discover and control Internet Gateway Devices IGD like the SpoeedTouch on your local network Therefore it is recommended to add the IGD Discovery and Control client to your system Proceed as follows 1 On the Windows task bar click Start 2 Select Settings gt Control Panel gt Add or Remove Programs 3 In the Add or Remove Programs window click Add Remove Windows Components 4 The Windows Components Wizard appears eh wor king Services zj Th ara i Aren Brain i rik bs peek ote n hada we rears eink pai wd ey Sore el ee kal osii nee at s kakal a iaer a ia DE a Gl ri Lay Su evaa ane Lond at vE ER 7 ird Fiver Wl vE AF a leo AISE a Easg toe sier ra ed ed candi Mia Tai oare an eine haba ed wise PoF TH Taik ee raga TSE Tells Fora Mable ar elie TAANE jia Select Networking Services in the Components list and click Details 5 In the Networking Services window Select Internet Gateway Device Discovery and Control Client and click OK Networking Services To add or remove a component click the check box A shaded box means that only part of the component will be installed To see what s included in a component click Details Subcomponents of Networking Services O ERIP Listener 0 0 MB O A Simple TCP IP Services 0 0 MB amp Universal Plug and Play 0 2 MB Description Allows your computer to discover and control Universal Plug and Pl
133. ne gt The System software properties table provides information on the active software gt A link is provided to check for the latest available system software based on the information provided in the System software properties table and your SpeedTouch s serial number gt The Software Versions table allows you to overview the currently stored active and passive system software and to gt Upload system software gt Switch to another system software version Proceed as follows 1 Make sure you have a valid system software for your SpeedTouch readily available on your local disk Use the link provided to check for the latest available system software 2 If a Passive system software version is listed click Remove Passive to remove it from the SpeedTouch storage 3 Click Browse to specify the system software file on your local drive you wish to upload 4 Click Upload to upload the system software to your SpeedTouch Uploading system software may take a few minutes Meanwhile do not browse to another SpeedTouch page in order not to interrupt the upload process If the upload was successful the uploaded system software will be listed as Passive system software version To upgrade your SpeedTouch system software to a new version or in some cases roll back to a previous version 1 Make sure that a Passive system software is correctly uploaded to your SpeedTouch it should be listed in the S
134. nectivity to ONS Server 1 10 50 2 20 V Connectivity to ONS Server 2 10 50 2 21 Speedtouch Chapter 4 Basic Configuration 4 4 2 DSL Connection Overview Click Overview to view brief information on your DSL connection Details Click Details to view a more detailed information on your DSL connection DSL Connection Link Information Uptime 0 days 0 43 10 Modulation G6 992 1 Annex 4 Bandwidth Up Down Ikbas kbps 544 f 2 272 Data Transferred Sent Received KB EB HG a Output Power Up Down idem 11 5 7 5 Line Attenuation Up Down 2 0 0 0 dB SM Margin Up Down dB 5 0 7 6 5 Vendor ID Loca Remote TMMB 4lLcB Loss of Framing ofa iLocal Remote Loss of Signal iLocal Remote Bee Loss of Power iLocal Remote uyu Loss of Link Remote D Error Seconds iLocal Remote oe FEC Errors Up Down o oO CRC Errors Up Down o 0 HEC Errors Up Down o oO S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 4 3 Internet Services information E DOC CTC 20050429 0104 v1 0 Internet Services The Internet Services page displays information on your Internet Connection s EEE EERE eee Eee SEE eee Internet Disconnect View more Type PPPoE Uptime 0 days 0 21 48 IP Address 101 101 101 39 Data Transferred 3 39 282 Sent Received KBB 4 If you configured a dial up connection you are able to establish terminate the connection by clicking Connect
135. nfig and then press Enter 6 Verify that your computer has a valid IP address that is any address but 0 0 0 0 gt No dedicated firewall device or router is placed between your PC and the SpeedTouch gt No personal firewall software is running on your PC To repeat the search for your SpeedTouch click Back or restart the wizard As soon as the wizard finds your SpeedTouch you can continue with the Upgrade Wizard speedtouch PO 3 2 speedTouch not detected by UPnP or IGD Control Client Adding UPnP E DOC CTC 20050429 0104 v1 0 Chapter 8 Troubleshooting UPnP on Windows XP Systems Check on following gt Make sure the UPnP and Internet Gateway Device Control Client Networking components are added to your MS Windows XP system gt Your computer doesn t support UPnP if you run an operating system other than MS Windows XP and MS Windows Millennium gt Make sure that UPnP is not disabled in the SpeedTouch web page see 4 5 2 Game amp Application Sharing on page 69 If you are running Microsoft Windows XP it is recommended to add the UPnP component to your system Proceed as follows 1 On the Start menu click Settings gt Control Panel 2 The Control Panel window appears Click Add or Remove Programs 3 In the Add or Remove Programs window appears click Add Remove Windows Components 4 In the Windows Components Wizard select Networking Services in
136. nformation Product Name SpeedTouch Software Release 5 3 Speedtouch Help SpeedTouch Broadband Connection Internet Disconnected Toolbox e Remote Assistance Disabled e Game amp Application Sharing Firewall Disabled e Dynamic DNS Disabled Office Network T Wireless E Ethernet John No devices detected ET THOMSON BRAND Speedtouch E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration 4 3 Speedtouch The Speedtouch menu The SpeedTouch menu consists of following items gt Information gt Configuration gt Event Logs gt Update The SpeedTouch page The SpeedTouch page gives you some basic information on the SpeedTouch gt Product Information gt Configuration Speedtouch Administrator Help Home gt SpeedTouch SpeedTouch Information e Information Configuration Product Name SpeedTouch 620 Serial Number 0452 T03Y Event Logs Software Release 5 3 0 15 Configuration Service Name Routed PPPoE on 0 35 and 8 35 Time Since Power on 0 days 4 18 58 Update Broadband Connection Pick a task Toolbox Set Up Update Restart Return to Factory Default Settings View event logs Check connectivity to the Internet ae THOMSON BRAND Office Network VIII Expert Mode E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 4 Basic Configuration 4 3 1 Information Inform
137. nking bank com in the Web Site box 2 Click Allow in the Action list 3 Click Add Proceed as follows 1 Type the URL of the web site you want to redirect for example cracks am in the Web Site box Click Redirect in the Action list N 3 Type the URL of the web site you want to redirect to for example mycompany com internetpolicy htm in the Redirect box 4 Click Add S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Redirecting all web sites Configure content based filtering settings E DOC CTC 20050429 0104 v1 0 Proceed as follows 1 2 3 Type in the Web Site box Click Redirect in the Action list Type the URL of the web site you want to redirect to for example mycompany com internetpolicy htm in the Redirect box Click Add Type the URL of the web site you want to redirect to for example mycompany com internetpolicy htm in the Web Site box Click Allow in the Action list Click Add Under Content Based Filtering you are able to gt gt gt Enable disable content based filtering Allow block uncategorized web sites Select a content level in the Content Level list To change a content level definition click the Edit link of the content level you want to change For more information see 4 5 8 Content Level on page 77 speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 9 Accessing this p
138. nt 0 e 10 0 0 024 10 0 0 138 lani 0 e 224 0 0 04 192 168 1 254 lanl 0 Use the input fields below to change the selected entry Click Apply to commit changes Click Delete to remove the selected entry IP routing properties Destination 192 168 3 254 92 Label a Gateway kazoo Interface Metric OO Similar to the IP address table a number of IP Routes are pre configured Other routes are either added via adding an IP address manually or via the address negotiation of a Packet Service connection session e g for Routed PPPoA s or Routed PPPoE s IPCP via the DHCP client e g for Routed Ethernet MER via pre configuration for example for Routed IPoA or by the Routing Information Protocol To add an IP route 1 Click New in the bottom row of the table 2 Specify the Destination IP prefix 3 If needed select a packet classification routing Label in case the route applies for classified packets 4 Either specify the IP address of a directly connected Gateway OR select the Interface to which the route should apply mutually exclusive 5 Click Apply To delete an IP route 1 Select the IP route you want to delete 2 Click Delete An IP prefix is the combination of an IP address and sub net mask and e g 192 6 11 150 24 Speedtouch 129 Chapter 5 Expert Configuration 5 3 9 RIP Overview The RIP web page contains three tabs gt Configuration gt Interfaces gt Neighbo
139. ntication mechanism when starting the PPP session Via the drop down box three authentication methods can be selected for the connection gt Auto default Preferably the CHAP Challenge Handshake Authentication Protocol will be used However if not successful PAP Password Authentication Protocol authentication is used instead If in turn PAP fails the connection will NOT be authenticated gt CHAP CHAP authentication is forced If not successful the connection will NOT be authenticated b PAP PAP authentication is forced If not successful the connection will NOT be authenticated gt Local IP and Remote IP During PPP session setup IP addresses are negotiated Typically at the client side these fields are left empty This forces the client to ask the server for addresses To setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration gt Primary DNS and Secondary DNS During PPP session setup the BRAS will normally provide the DNS server IP addresses Typically at the client side these fields should therefore be left empty In cases where the DNS server IP addresses are not provided by the BRAS or to setup the SpeedTouch as PPP server you are able to supply suitable values according your network configuration Statistics For a running PPP session the fourth tab allows you to overview following connection statistics gt IP address Local IP addre
140. ntry and vice versa At the remote end of the virtual channel the BRAS extracts the PPP frames reconstructs the encapsulated IP packets and forwards these to the Internet If at the end of a session the user disconnects the PPTP application it destroys the tunnel and the Relay subsequently releases the virtual channel Multiple users can initiate terminate tunnels towards the Relay as long as there are free ATM virtual channels on the DSL Line The maximum number of tunnels may however be restricted by DSL provider ISP provisioning rules The SpeedTouch Relayed PPPoA page allows you to overview current active relay session currently maintained by the SpeedTouch Speedtouch Chapter 5 Expert Configuration 0 4 9 Concept The Virtual LAN page Creating a new VLAN Using VLAN Virtual LAN The concept of VLAN was introduced as a way to solve many of the issues of a large Layer 2 environment It controls the traffic on a physical LAN The physical LAN is partitioned into multiple virtual LANs Each VLAN is assigned a number called the VID that identifies it uniquely within the network Traffic between these systems stays bottled up within their VLAN Although different VLANs use a common physical network the traffic of each VLAN is isolated from the other VLANs The Virtual LAN page gives you an overview of the Virtual LANs currently defined on the SpeedTouch It also allows you to add new VLANs and delet
141. o MS Windows XP s Internet Gateway Device IGD Discovery and Control Client that allows you to control the SpeedTouch directly from you PC The IGD control client only allows to connect or to disconnect a fully configured connection Following conditions must be met gt Following subcomponents of Windows XP s Networking Services must be added to your Windows XP system gt UPnP see SpeedTouch not detected by UPnP or IGD Control Client on page 197 gt IGD Discovery and Control Client see Adding IGD Discovery and Control on page 198 UPnP must be enabled on your SpeedTouch To enable UPnP see 4 5 2 Game amp Application Sharing on page 69 Proceed as follows 1 2 3 In the Windows task bar click Start Select Settings gt Control Panel The Control Panel window appears Go to Network and Internet Connections gt Network Connections The Network Connections window appears Network Connections File Edit View Favorites Tools Advanced Help sack hi gt i a Search gt Folders EBk Address sy Network Connections Internet Gateway Network Tasks x E Create a new connection See Also LAN or High Speed Internet i Network Troubleshooter Local Area Connection Enabled i POMEZIA Fast Ethernet Card Other Places a You will find an Internet Gateway icon representing the SpeedTouch IGD Internet connection ability Double clic
142. o p Chapter 4 Basic Configuration 4 9 12 Dynamic DNS What is Dynamic DNS Overview Configure The Dynamic DNS service allows you to assign a dynamic DNS host name e g john dyndns org to a broadband connection even if it is using a dynamic IP address As soon as the device gets a new IP address the dynamic DNS server updates its entry to the new IP address Click Overview to view the different Dynamic DNS clients with their name hostnames interface and IP address The Configure page allows you to assign a Dynamic DNS host name to a broadband connection 1 2 3 Create an account at the Dynamic DNS service of your choice for example www dyndns org WWw no ip com www dtdns com GnuDIP for Linux On the Dynamic DNS page click Configure Select Enabled v v v Ww Dynamic DNS Service lt gt d Configuration Enabled W Interface intemet i stsi s CsY Username MyName Password essees gt Confirm password essees is Service gudip o H Host MyDomainNamel Apply If needed click the broadband connection to which you want to assign the Dynamic DNS hostname in the Interface list Type the user name and password of your Dynamic DNS service account in the corresponding fields In the Service list click your Dynamic DNS service In the Host box type the host name you want to assign to this interface for example myspeedtouch dyndns org Click App
143. ocol port as another existing SpeedTouch service Speedtouch 117 Chapter 5 Expert Configuration 5 2 0 Overview SNTP Client Manual ONTP The Simple Network Time Protocol SNTP web page allows you to configure the SpeedTouch real time clock ISNTP Manual Name IP Address version Status r 7 1 Click Apply to commit changes SNTP properties Name IP Address Version 3 The page contains two sections gt SNTP Client b Manual Selecting Manual immediately disables the SpeedTouch SNTP client As a consequence the SpeedTouch real time clock will no longer be periodically synchronised with an Internet time server As long as the SNTP section is selected automatic time synchronisation of the SpeedTouch real time clock by means of the SpeedTouch SNTP client is guaranteed given that NTP servers are configured of course The SNTP table allows you to overview and add delete NTP servers present on the Internet or your local network to which the SpeedTouch real time clock is able to synchronize its time settings with To add an NTP server 1 Click New if an entry is currently selected click Cancel first 2 Type the host name or IP address of the NTP server You can check the Internet for free accessible real time NTP servers 3 Select the NTP version 1 2 3 or 4 This information is most likely provided with the NTP server s IP address 4 Click Apply
144. oftware Versions table 2 Click Switch Over to restart the SpeedTouch and activate the passive system software version as active version Switching the system software versions may take a few minutes Do not power off your SpeedTouch or interrupt the switch process in any other way During restart the SpeedTouch will switch the passive and active system software the previous active system software will be stored as passive system software version p If for any reason the switch over failed the system software version that q was running as active software version will be retained To ensure correct operation of the SpeedTouch after recovery the previous passive system software may need to be removed instead the active system software will be duplicated as passive system software version S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration 0 2 7 Speedlouch Services Overview The SpeedTouch Services page allows you to view and configure all services that are currently configured on your SpeedTouch The purpose of this page is to centralise the management of all SoeedTouch embedded Services and Applications or otherwise stated all internal modules and engines of the SpeedTouch that accept relay or initiate IP traffic The SpeedTouch Service table provides an overview of registered services and some additional information Services Type _ Protocol SourceIP
145. oints table Select the Access Point to which you want to establish a WDS connection Click Apply og AQ Configure this Access Point with gt The same WEP key if WEP is enabled gt The same fixed channel speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration 4 6 7 Interfaces Interfaces overview This page gives you an overview of the interfaces used on your SpeedTouch If you want to know more on the network settings of a specific interface click the name of De LocalNetwork ethporti f100Mbps ethpoarte f100Mbps ethpoarts f100Mbps ethport4 f100Mbps be WLAN SpeedTouchDobgs1 l 54mbps S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 6 8 Overview Configure Assigning a new IP address to the speedTouch E DOC CTC 20050429 0104 v1 0 Interface Settings The Overview page gives you an overview of the current interface settings Interface LocalNetwork Interface Information Interface Group lan TCP IP Configuration Auto IP Disabled Use DHCP Server Enabled IP Addresses IP Address Mask Type 10 0 0 136 24 Static 192 1668 1 254 24 Static DHCP Pools DHCP Pool Name Address Range Gateway LON private 192 168 1 64 192 168 1 253 192 1686 1 254 The Configure page allows you to gt Change the IP address settings of the SpeedTouch gt Change the DHCP IP address pool settings Before changing th
146. on area i YourI5P is now connected x Speed 100 0 Mbps cc WY m SM 13 49 6 You can open your web browser and surf the Internet Speedtouch Chapter 3 Internet Connectivity Dial In Clients Terminating a Proceed as follows broadband Internet 4 On the Start menu point Connect To and click the name of the connection Session you ve created for example YourlSP If you are using the Classic Start menu go to Start gt Settings gt Network and Dial up connections gt YourlSP 2 The YourlSP Status window appears MyISP Status General Details Connection Status Connected Duration 00 00 32 Speed 100 0 Mbps Activity Sent To kHecewed Bytes 7 405 Compression Ox Errore 0 3 Click Disconnect 4 The connection is released As a result no Internet connectivity exists any more az S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 3 Internet Connectivity Dial In Clients 3 4 Mac OS X PPPoE Dialin Client Prerequisites To be able to use the MS Windows XP BroadBand Connection your SpeedTouch must be configured for either gt Bridging or gt PPPoE Relay Configuring a Proceed as follows broadband connection 4 On the Apple menu click System Preferences 2 Inthe System Preferences window click the Network icon 3 The Network window appears Make sure Built in Ethernet is selected in the Show list and click the PPPoE tab Bea i
147. only be shown if there are more than one DHCP pools Speedtouch PO The DHCP Pool page E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Following settings are available for configuration gt Interface The SpeedTouch interface for which the DHCP pool applies Start Address The start IP address of the DHCP server s address pool End Address The end IP address of the DHCP server s address pool Both the start and end IP address define the IP address range used by the DHCP server to assign leases Subnet Mask The subnet mask of the DHCP server s address pool Server The SpeedTouch IP address used as DHCP server address Gateway The IP address that will be assigned to the DHCP clients as their default gateway Primary DNS The IP address of the primary DNS server Secondary DNS The IP address of the secondary DNS server Primary WINS The IP address of the primary WINS server Secondary WINS The IP address of the secondary WINS server Lease Time The time for which the DHCP client is allowed to use the assigned IP address 4 lf Always give same address to DHCP clients the lease time will be automatically set to Infinite Always give same address to DHCP clients Select this check box if you always want to use the same IP address for the DHCP clients Speedtouch Chapter 4 Basic Configuration Speedtouch E o Introduction Web GUI
148. ons are possible 4 The remote assistance session ends gt If the technical support disables remote assistance gt After 20 minutes of inactivity or after a reboot remote management S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Basic Configuration 4 9 2 Game amp Application Sharing Chapter 4 Overview The Overview page summarizes the games and applications on a particular host on your network for which the SpeedTouch accepts connections coming from the Internet Configure The Configuration page allows you to gt Select Use UPnP to enable UPnP on the SpeedTouch 4 Universal Plug and Play is an architecture for transparent peer to peer connectivity of PCs intelligent appliances and wireless devices It enables seamless operation of a wide range of games and messaging applications gt Select Use Extended Security to only allow the creation of port maps gt Assign a game or application to a specific network device Game amp Application Sharing This page summarizes the games and applications defined on your SpeedTouch Each game or application can be assigned to a device on your local network Universal Plug and Play Universal Plug and Play UPnP is a technology that enables seamless operation of a wide range of games and messaging applications Use UPnP a Use Extended Security D Apply Cancel Assigned Games amp Applications Click on Unassign to disable 4 game
149. our SpeedTouch over a wireless connection During the upgrade procedure in most cases configuration settings are backed up by the wizard and restored after uploading the system software To launch the SpeedTouch Upgrade Wizard 1 Insert the Setup CD in your computer s CD ROM or DVD ROM drive The SpeedTouch CD menu will pop up automatically p If not 1 gt In MS Windows Click Run on the Start menu and enter the following path D Setup exe where D stands for the drive letter of your CD ROM or DVD ROM drive gt On Mac OS X Double click the CD icon and then double click Menu 2 Optionally in the Choose Language window select the language of your choice and click OK 3 The SpeedTouch safety instructions will be displayed in your default web browser Close the window 4 Select I have read and I fully understand the Safety Instructions and Regularity Information and click Continue 5 In the SpeedTouch CD Menu click SpeedTouch Maintenance 6 Click Upgrade My SpeedTouch to start the SpeedTouch Upgrade Wizard 7 See Upgrade procedure on page 187 to continue S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Upgrade procedure E DOC CTC 20050429 0104 v1 0 1 5 Chapter 7 Software Upgrade In the Welcome to the SpeedTouch Upgrade Wizard window click Next SpeedTouch Upgrade Wizard f iol x _ speedtouch Welcome to the SpeedTouch Upgrade Wizard This wizard will g
150. overview E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Expert Configuration The SpeedTouch Expert Mode pages allows for advanced configuration and maintenance of your SpeedTouch device While the Basic pages are mainly constructed to allow you to overview and diagnose the running product and its configuration the Expert Mode pages have been designed to allow in depth configuration of every aspect of your SpeedTouch The following Site Map gives you an overview of all available menus in Expert Mode Speed Touch view information on your SpeedTouch configure or upgrade it IP Router view configure the SpeedTouch IP interfaces IP routing table and NAT entries Connections view configure a broadband connection Local Networking view configure the SpeedTouch DHCP server client the DNS configuration the managed Ethernet switch and the wireless interfaces view configure the SpeedTouch Firewall VPN configure the SpeedTouch for VPN SIP PBX configure the SpeedTouch SIP PBX Back to Basic switch to the Basic Configuration web interface Configuration Speedtouch Chapter 5 Expert Configuration Expert Mode navigation The Navigation and notification area displays the current user and the site navigator as well as notification messages if applicable In addition following action buttons are always available on every page Save All force a save of
151. ow unique identification of your WLAN radio link This is done by the Service Set ID SSID also referred to as Network Name Wireless clients must be part of this SSID environment in order to be able to communicate with other clients on the W LAN including the SpeedTouch The 802 11g standard allows several WLAN networks using different radio channels to be co located The SpeedTouch supports multiple radio channels and is able to select the best radio channel at each start up You can choose to set the channels automatically or manually L The different channels are overlapping To avoid interference with another access point make sure that the separation in terms of frequency is as high as possible It s recommended to keep at least 3 channels between 2 different access points The SpeedTouch supports all channels allowed for wireless networking However depending on local regulations the number of channels actually allowed to be used may be additionally restricted as shown in the table below S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Antennas E DOC CTC 20050429 0104 v1 0 Chapter 2 Local Network Setup Direct the external antenna to allow optimization of the wireless link If for example the antenna is erect wireless links in the horizontal plane are favoured Please note that the antenna characteristics are influenced by the environment that is by reflections of the radio signal against w
152. ped with an ATMF 25 6Mb s interface VPI O to 7 included are cross connected between the DSL port and the ATMF 25 6Mb s port Unless these cross connects are deleted using the CLI these VPI values O 7 cannot be used The QoS Book table displays following parameters gt Name The name of the new QoS entry txctd The name of the Connection Traffic Descriptor CTD for the transmit upstream direction rxctd The name of the CTD for the receive downstream direction The Interfaces tab allows you to configure gt Name The name of the ATM interface to be configured Destination The WAN destination for this ATM interface Typically an ATM phonebook entry Qos name The name of the Quality of Service QoS book entry to apply on this ATM interface Encapsulation The type of encapsulation to be used for this ATM interface Choose between gt llc Logical Link Control LLC Sub Network Access Protocol SNAP gt vemux Virtual Channel MUltipleXing VCMUX gt auto the SpeedTouch will determine the encapsulation method to use Number of retries A number between O and 65535 Represents the number of times the SpeedTouch retries to set up a WAN connection before giving up FCS Enable or disable the inclusion of the Ethernet Frame Check Sequence FCS in the packet header on the WAN side only used for Ilc encapsulation for mac R This parameter is normally left disabled Upper l
153. ple below is shown how the SpeedTouch wireless network is presented towards an MS Windows XP Service Pack 2 system wy Wireless networks detected x One or more of your preferred networks are in range To see the list and connect to a network dick this message jas 15 20 S D e C d tO U C n E DOC CTC 20050429 0104 v1 0 E DOC CTC 20050429 0104 v1 0 Chapter 2 Local Network Setup To associate your wireless client to the SpeedTouch 1 Click the network icon in the notification area EE 2 The Wireless Network Connection window appears i Wireless Network Connection Network Tasks Choose a wireless network T Refresh network list Click an item in the list below to connect to a wireless network in range or to get more Set up a wireless network for a home or small office Related Tasks ae Learn about wireless networking ig Change the order of preferred networks qpe Change advanced settings In the Choose a wireless network list select the SpeedTouch wireless network and click Connect 3 Following window appears Wireless Network Connection You are connecting to the unsecured network SpeedTouchECB3BD Information sent over this network is not encrypted and might be visible to other people Connect Anyway Ci Click Connect Anyway 4 Your computer is now connected to the SpeedTouch wireless network KARA ARNARA ARARA KARANA RRR PA RRRA ANAA NARR RNANA A
154. pplications page click Game amp Application Sharing 2 In the Pick a task list click Create a new game or application New Game or Application Enter the name of the new game or application Name New entry Select how you want to define the new game or application f Clone Existing Game or Application ABC Another Bittorent Client X Manual Entry of Port Maps Next Cancel Proceed as follows 1 Type the name of the game or application in the Name box 2 Click gt Clone Existing Game or Application if you want to start from the port mappings of the selected game or application gt Manual Entry of Port Maps if you want to manually configure the port mapping for this game or application 3 The SpeedTouch creates the game or application and takes you to the Game or Application Definition page to configure the port mappings for this game or application 4 Enter the necessary port mappings and click Add S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 9 6 Web Site Filtering Overview Configure Content levels E DOC CTC 20050429 0104 v1 0 Web Site Filtering The SpeedTouch allows you to block allow particular web sites gt Based on the web site s URL As within a web site lots of references can be made to other URLs it is recommended to use this feature in combination with content based filtering gt Based on the web site s content gt Redirect a web site
155. r gt up WAN connectivity on this interface achieved gt down no WAN connectivity achieved yet To start an idle PPP session 1 Select the applicable PPP connection with Link idle 2 Type edit the Password for the user name 3 Select whether the password should be saved or not 4 Click Dial in to apply your changes and start the PPP connection session To stop an active PPP connection session with Link connecting or connected 1 Select the applicable PPP connection 2 Click Hang up to stop the PPP connection session S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 2 4 Overview E DOC CTC 20050429 0104 v1 0 Diagnostics The Diagnostics page provides in depth information counters and statistical data on the SpeedTouch system settings and its LAN and WAN connections The diagnostics are broken down into three expandable categories gt System gt LAN gt WAN t Expand All E Collapse All System 0O REL Ethernet E x Jiag a Wan Connections Fd IP Connectivity Refresh Per category an overall status is displayed the overall status of the particular category is healthy an error situation has been detected for that category the overall status of the category could not be determined Following action buttons are provided Expand All expand all collapsed categories Collapse All collapse all expanded categories 1 IP Connectivity check all connections on
156. r name and password for your user account at the Service Provider l Click Connect 5 As soon as the connection is established you can open your web browser and surf the Internet Terminating a Proceed as follows broadband Internet 4 Click the Internet Connect dockling session E l PDD If the Internet Connect dockling is not available go to the Applications folder on the system startup disk and double click Internet Connect 2 The following window appears 0 9 Built in Ethernet Configuration Built in Ethernet ry fa Alternate Number Name johndoe MylSP Password sssssse Vv Show modem status in menu bar These settings can be changed in Network Preferences Edit Status Connected to 217 136 58 1 at 8192000 bps Send Receive Connect Time 00 00 11 IP Address 217 136 58 198 Disconnect Make sure Built in Ethernet is selected in the Configuration list 3 Click Disconnect 4 The connection is released As a result no Internet connectivity exists any more S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction Basic and Expert Mode Speed Touch documentation E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Basic Configuration The SpeedTouch comes with embedded HTML pages providing an interface to the software installed on the device It allows easy setup and management of the SpeedTouch via your web browser form any PC connected to th
157. red ping test entries By default no ping tests are configured To add a ping test see Add delete a ping test Select a ping test entry to gt Modify ping test properties gt Perform a ping test and view test results and history see Ping tests and results gt Delete the entry see Add delete a ping test To add a ping test entry 1 Click New if an entry is currently selected click Cancel first 2 Type a name for the ping test entry 3 Type the host name or IP address of the target to ping 4 Click Apply To delete a ping test 1 Select the ping test entry to delete 2 Click Delete To modify a ping test entry 1 Select the ping test entry 2 Click Modify 3 Make your changes 4 Click Apply to apply your changes to the ping test entry speedtouch Chapter 5 Expert Configuration Ping tests and results To start stop a ping test 1 Select the ping test entry 2 Click gt Activate to start the ping test Deactivate a ping test that is currently running To view the results of the ping test 1 Select the ping test entry if needed 2 Click Result Ping Traceroute o Test ner Target Address Status O O gt PingSpeedTouch modem 192 168 1 254 Stopped 5 PingMyPC modem 192 168 1 10 Stopped Result Status Target IP address Min RTT us 509 Max RTT us 509 Avg RTT us 509 Probe responses fi Sent probes fi o RttSumOfSquares ms Last good probe 01 01 7
158. rong mathematical function in which the recipient and transmitter each compute and compare the MIC If they don t match it is assumed that a third person has been trying to read the data To enable WPA PSK 1 2 Select WPA PSK Encryption In the WPA PSK Encryption Key box type a passphrase aka Pre shared key of your choice The passphrase must consist of 8 to 63 ASCII characters or 64 HEX digits In the Encryption list click select the desired Encryption method either TKIP or AES AES is not yet implemented in most clients but AES is implemented in the SpeedTouch because it will be the future security standard Optionally select the rekeying interval Click Apply to immediately apply your changes Configure your wireless client s with the same settings Access control on the Following modes are available Speedlouch gt New stations are allowed automatically All New stations can access the SpeedTouch WLAN New stations are allowed via registration Only allowed stations in the Access Control List ACL have access You can add new stations via registration For more information see Registering new wireless clients on page 94 New stations are not allowed Only allowed stations in the Access Control List ACL have access Registering new Proceed as follows wireless clients 4 2 3 4 R On the Office Network menu click Devices Under Pick a task click Search for wireles
159. rt Configuration 9 6 1 Policy Firewall levels The Level list allows you to choose between the following level gt Disabled All traffic is allowed to pass through your SpeedTouch Game and Application sharing is allowed by the firewall BlockAll Use this Security Level to block all traffic from and to the Internet Game and Application sharing is not allowed by the firewall High Use this Security Level to block all outgoing connections except well known applications DNS HTTP HTTPS FTP TELNET IMAP POP and block all incoming connections Game amp Application sharing is not allowed by the firewall Medium Use this Security Level to allow all outgoing connections except Windows protocols Netbios RPC SMB and block all incoming connections Game and Application sharing is allowed by the firewall Standard Use this Security Level to allow all outgoing connections and block all incoming traffic Game and Application sharing is allowed by the firewall Low Use this Security Level to allow all outgoing connections and block all incoming traffic except Internet Control Management Protocol ICMP Game and Application sharing is allowed by the firewall Level Standard Description Use this Security Level to allow all outgoing c Loose UDP tracking al Game Application Sharing Allowed Iv Praxying allowed al Readonly a Nr Name Action Service Srcintf Src IP Dstintf_ DstIP_ Log Hit
160. s Module level Firewall Level Module al 2 3 4 5 6 5 F ToGuest drop Any Any Any quest Any D 0 I FromL N accept Any lan Any Any Any E T F GuestTow M accept Any quest Any wan Any D 0 Fo DMZTOWAM accept Any dmz Any wan Any D T F WANToDMZ accept Any wan Any drz Any D 0 Fo DMZToDM2Z accept Any dmz Any dmz Any T E ToTunnel accept Any Any Any tunnel Any Li 0 ri FromTunnel accept Any tunnel Any Any Any D D S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Buttons Click gt Customize to create a new firewall level starting from the selected firewall level For more information see Creating a firewall rule on page 170 gt Set Active to activate the selected firewall rule o To save the new configuration click Save All Loose UDP tracking If this check box is gt Selected The source port of the original UDP connection is opened for all hosts which want to connect to this port L This can be configured for example for gaming to allow the client to 7 receive information from other players of the same online game loose udp tracking should be configured to allow incoming packets on the port that was used to start the communication with the server gt Cleared Only returning UDP streams belonging to the same connection are allowed Game amp Application Select this check box to allow the firewall to open ports for games and application Sharin
161. s all expressions that express a relation based on services The Expressions table provides following information per expression gt The Name of the expression gt A Summary of the expression s configuration gt For more detailed information you can expand the expression click To add a new service related expression 1 Click New 2 Inthe Service Expressions Properties table gt Type a Name for the expression gt Select a Protocol to filter on For negative logic select Not gt Type a Source port from to to define the source port range For negative logic select Not gt Type a Destination port from to to define the the destination port range For negative logic select Not 3 Click Apply to add the expression to the table S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration 5 3 3 Classification Overview The Classification page consists of three section gt Labels providing a list of existing packet classification labels and abilities to add modify or delete packet classification label entries gt Routing Rules allow you to associate a routing label used in IP Routing to a data flow by means of classification rules gt IPQoS Rules allow you to associate an IP QoS label used in IP QoS to a data flow by means of classification rules Labels The Labels section provides an overview of existing packet classification labels Labels Routing Ru
162. s devices The SpeedTouch searches for new wireless stations that use the encryption key of the SpeedTouch Access Point The SpeedTouch takes you to the Office Network The new station will be shown next to the name of the SpeedTouch WLAN To view the device settings click the name of the new station For more Information see 6 If needed reassign server applications to this device on page 90 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 6 6 What is WDS Accessing the WDS page Speed Touch configuration E DOC CTC 20050429 0104 v1 0 Configuring WDS The Wireless Distribution System WDS allows you to extend the range of your wireless network by introducing one or more WDS enabled devices into your wireless network Q You can only establish WDS links with WDS enabled devices To access the WDS pages on the SpeedTouch 1 On the left menu click Office Network 2 Under Wireless click the Access Point you want to configure for WDS The Access Points names are of the following format WLAN Network Name for example WLAN SpeedTouch123456 3 Click Configure 4 Under Pick a task list click Configure WDS Proceed as follow 1 Under Pick a task click Scan for wireless accesspoints 2 The SpeedTouch prompts you that all associated stations will loose connectivity for a few seconds Click OK The SpeedTouch lists the results in the Accessible Access P
163. s may compromise end to end connectivity through the SpeedTouch connections The Hostname Table shows all DNS host names with respective IP address the SpeedTouch DNS server is aware of for example entries created via DHCP server replies to leases If not all computers reveal their hostname in the DHCP request or even worse if they do not support DHCP static entries can be added to the local DNS database Proceed as follows 1 Click New 2 In the Hostname field type the name you want to associate to the specified IP address 3 In the Address box type the IP address of the computer 4 Click Add o Make sure to keep the database consistent speedtouch 157 Chapter 5 Expert Configuration 9 9 3 Managed Switch Overview Your SpeedTouch is equipped with a four port 10 100Base T auto sensing MDI MDI X Ethernet switch Each physical Ethernet port of the switch can be managed individually for extended networking control and monitoring purposes Pon Group state Speed Duplex___ ResultType b 1 Enabled Auto 100BaseTFO b 2 Enabled Auto Not connected b 3 Enabled Auto Not connected b 4 Enabled Auto Not connected Select an entry to change its configuration Monitor traffic an capture port Port 1 Capture incoming traffic from ingress mirror port None Capture outgoing traffic from fegress mirror port None Click Apply to commit configuration changes The Managed Switc
164. s of inactivity or on reboot Remote Assistance will be automatically disabled Disabling remote To disable remote assistance access 4 2 3 Go to the SpeedTouch pages as described in 1 3 1 Access via the Web Interface on page 12 In the menu select Toolbox gt Remote Assistance Click Disable Remote Assistance S D e d tO U C n E DOC CTC 20050429 0104 v1 0 2 Local Network Setup Introduction The SpeedTouch offers you following local networking solutions gt gt Wired Ethernet Wireless Ethernet Device settings Once you ve connected a device you are able to personalise its settings 1 2 3 amp E DOC CTC 20050429 0104 v1 0 Go to the SpeedTouch web pages In the menu select Home Network gt Devices Click the name of your device or if the device s settings haven t been personalised yet click the MAC address of the device On the top right click Configure Now you can change the device s name lock its IP address and assign applications and services to the device PCi Information New Name PC Status Active Type Connected To ethifl Ethernet Addressing Physical Address O0 01 02 98 1f df IP Address Assignment DHCP IF Address 192 168 1 64 Always use the same C address DHCP Lease Time 1 day 0 00 00 Apply Cancel Connection Sharin Game or Service FTP Server Unassign HTTP Server World Wide Web Unassign Age of
165. sabled e Dynamic DNS Disabled Office Network 2 ty l Wireless No devices detected E Ethernet John ie THOMSON BRAND By default the SpoeedTouch shows you the Home page 2 Click Connect at the appropriate broadband connection You might be requested to enter your user name and password As a result SpeedTouch s embedded PPP dial in client establishes the Internet connection 3 Now you can surf the Internet Monitoring your You are able to overview and monitor your Internet connectivity as long as the Internet connection session is running via gt The SpeedTouch System Information page see 4 3 1 Information on page 54 gt The SpeedTouch Diagnostics task see 4 4 1 Connectivity Check on page 63 E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 3 Internet Connectivity Dial In Clients Terminating an Internet session To close an active PPP connection 1 Go to the SpeedTouch Home page 2 Click Disconnect at the appropriate broadband connection As a result the SpeedTouch s embedded PPP dial in client will close the Internet connection The Internet Link status will change to Disconnected and your PC is off line S D e d tO U C n E DOC CTC 20050429 0104 v1 0 One Introduction Preconditions Starting an Internet session E DOC CTC 20050429 0104 v1 0 IGD Control Agent MS Windows XP users can easily establish PPP sessions thanks t
166. seeeeeeeteeeeeaaneeeeneges 12 ACESS Via CEN a E tise canant tency E E 13 Poke e s coma sad beeen ee nn E nee nr eee eee ee ae ee E 15 PRCIMIORS ASSIS UNCC erroan anA NEEESE vax nous ene A Aa 18 Local Network Setup c cccccsscsesseeceeeeeseeseeeeseeees 19 Wired ECC UING ius case satenewteneesernueunanowsexsduwsnesesesesuiwendecnabunesectenenenns 20 Wireless Ethernet is cvenavcsniennscorsvanasncasceusnaveenneseeeiveswsesennussaneseenesawes 21 Wireless ASICS srdeceaaier aceon ot toca E aeees sae S sauweneesbanssnaaeeae 22 Connecting First time Wireless Cli nts ccccccee esse cesses ee eeeeeeeeeeaeeeeeeaeenees 24 Ales ctovomeey 216 dG een nen eee tt ee nee eee enn ee ene ane en ee eee eee eee 27 Connecting Additional Wireless Cli Nts ccccccceeesceeeeeesseeeeeesaeeeeeeaeeeeeeeaanees 29 Extending the Range of Your Wireless Network ccccceccceeeee teens enaeeeeeeeeeeenaaas 31 Internet Connectivity Dial In Clients 008 33 SpeedTouch Web Pages 0c ccesseeceseneeeseneeeenneeesneeesennensenees 35 IGD Control Agent aise es descr crews sence cee stectencacceeetaccousebecenseens 37 Speedtouch i Contents Contents 3 3 3 4 4 1 4 1 1 4 1 2 4 1 3 4 1 4 4 1 5 4 2 4 3 4 3 1 4 3 2 4 3 3 4 3 4 4 3 5 4 3 6 4 3 7 4 3 8 4 4 4 4 1 4 4 2 4 4 3 4 4 4 MS Windows XP BroadBand Connection 00ceeesseenneeennnees 39 Mac OS X PPPoE Dial in
167. simultaneous PVCs allowing multiple simultaneous destinations ATM QoS per PVC CBR VBR rt VBR nrt UBR Service monitoring through ITU T 1 620 F4 F5 loopback alarms AIS RDI and continuity checks ATM PING command loopback cells and continuity check generator mode RFC 1483 2684 multiprotocol encapsulation over AAL5 ATM both LLC SNAP and VC based multiplexing supported Multiport self learning transparent bridge per IEEE 802 1D for LAN interconnect Remote bridge ports are isolated from each other Pre defined bridge filters to WAN no filter no CPE to WAN broadcast PPPoE only and to LAN no filter multicast filter Multi port up to 16 PVCs router Static routing automatic routes PPP LAN IP address multi homing Packet classified routing gt Label classification of packet streams based on source and destination IP address source and destination port type of service diffserv bits protocol source interface gt Forwarding of packet streams based on the label classification gt Type of service DSCP marking based on the label classification IGMPv1 v2 v3 forwarding TCP RFC793 UDP RFC768 ICMP RFC792 IPv4 router RFC1812 Dynamic routing RIPv1 RFC 1058 and RIPv2 RFC 1723 2453 configurable per interface S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Networking services gt v v v Ww Security v v v wv v v v wv Configuration gt E DOC CTC 20050429 0104 v1 0
168. situation has been detected for that item DSL Line Info Select DSL Line Info to view the current physical status of the ADSL line The DSL Statistics allow you to view gt Line Status this shows whether the DSL link is synchronised Enabled or not Initialising gt Bandwidth Up Down the maximum available bandwidth of the DSL link in both up and downstream direction gt Uptime The duration of the current Enabled Line Status gt kBytes Tx Rx the amount of kilobytes kBytes sent Tx and received Rx since the establishment of the DSL link In addition per configured Internet Service interface you van view gt The interface s currently assigned or configured local WAN IP address gt The interface s currently assigned or configured primary and secondary DNS server IP address es In case the negotiation of IP addresses failed Unassigned or is displayed for the applicable interface Configuration Select Configuration to view the configuration currently active on the SpeedTouch See 5 2 6 System Update on page 112 for more information Speedtouch PO Chapter 5 Expert Configuration system Select System to view some important system information of the SpeedTouch The System table lists the SpoeedTouch s gt Product Name gt Physical Address This worldwide unique hardware address is also called Medium Access Control MAC address Software Release
169. ss Access Point page in the Pick a task list click Configure WDS oe SpeedTouch123456 Configuration WDS Enabled Iv e Accessible Access Points WDS SSID BSSID Channel Noise There are no networks detected Apply Cancel Pick a task Scan for wireless accesspoints 6 Select WDS Enabled T In the Pick a task list click Scan for wireless access points 8 A warning will be displayed Microsoft Internet Explorer X P WARMING All associated stations will loose connectivity For a few seconds Do you want to continue i Cancel Click OK The SpeedTouch will scan for access points on the same radio channel 10 Select your repeater in the List of Accessible Access Points and click Apply Configuration WDS Enabled e Accessible Access Points WDS SSID BSSID Channel Noise d YourNetwork 00 30 F1 0B B8 3D 3 89 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction Access methods Connection protocols Dial in clients E DOC CTC 20050429 0104 v1 0 Chapter 3 Internet Connectivity Dial In Clients Internet Connectivity Dial In Clients For setting up initial Internet connectivity using the Home Install Wizard on the Setup CD or the embedded Easy Setup refer to the provided Installation and Setup Guide Depending on the configuration of the SpeedTouch you may have gt Direct access As soon as the initial configuration has been done immed
170. ss assigned by the server gt Bytes received Number of bytes received on this PPP connection gt Bytes dropped Number of bytes failed to transmit gt Bytes sent Number of bytes transmitted over this PPP connection a speedtouch Chapter 5 Expert Configuration 0 4 9 Bridged Ethernet Overview The Bridged Ethernet page consists of following sections gt Bridged Ethernet gt VLAN Bridged Ethernet The Bridged Ethernet page allows you to configure the SpeedTouch for IEEE802 1D Transparent Bridging which equally may include preparing it for Bridged PPPoE Next to transparent bridging the SpeedTouch also features full VLAN awareness and as such allow Ethernet interface grouping or VLAN tag based forwarding The Bridged Ethernet page gives you an overview of all interfaces that are connected to the SpeedTouch Ethernet bridge Bridged ethernet lll interface Destination State Port LAN b OBC Internal connected OBC default b ethporti ethif1 connected ethporti default b ethpoart2 ethifz connected ethpoart2 default b ethpoarts ethif 3 connected ethpoarts default b ethport4 ethif4 connected ethport4 default Click Wew to create a new entry Aging Time Aging 10 1000000 seconds S00 Virtual LAN D Bridge properties Under the Bridged Ethernet overview table are the parameters that are applicable for the Ethernet bridge itself Following parameters are configurable gt Aging time
171. stination State be wand bridge connected b dmzi bridge connected b guesti bridge connected Click New to create a new entry Speedtouch 147 Chapter 5 Expert Configuration 5 4 7 Routed IPoA Creating a new Routed To add a new Routed IPoA Ethernet interface proceed as follows IPoA Ethernet Interface 4 Click New 2 Following fields become available gt Interface Name Is a name that has local significance only and allows to reference a particular Routed IPoA interface gt Local IP Address Is an IP address that must be configured on the local Routed IPoA Ethernet interface and is provided by your ISP or system administrator gt Remote IP address Is an IP address that is configured on the device connected at the remote end of the ATM virtual channel and is again supplied by your ISP or system administrator gt Destination Network This input field allows to specify all networks 0 0 0 0 0 a summarized network e g 20 0 0 0 24 20 0 1 0 24 20 0 2 0 24 and 20 0 3 0 24 can be summarized into 20 0 0 0 22 or a specific network e g 20 0 0 0 24 Additional networks can be specified via entries in the forwarding table In the Interface box type a unique interface name In the Destination list select the interface you want to use for this connection Assuming a numbered IPoA link configure the Local and Remote IP addresses If required enable NAPT via the NAPT box by default unchecked For IP connecti
172. t my SpeedTouch No Proceed as follows 1 On the left menu click SpeedTouch 2 Inthe Pick a task list click Return to Factory Default Settings If you want to reset your SpeedTouch to factory defaults click Yes reset my SpeedTouch o If you reset your SpeedTouch to factory default settings all active connections will be disconnected speedtouch Chapter 4 Basic Configuration 4 3 7 Event Logs Event Logging The Event Logs page summarizes the latest events recorded on your SpeedTouch Event Logging aan This page summarizes the last events that have been recorded on your SpeedTouch Choose a display filter Category LAM Recorded Events Time Message 00 23 11 since last boot DHCS server up 00 23 10 since last boot DHCS server went down 00 00 04 since last boot DHCS server up 00 00 03 since last boot WIRELESS interface turned on 00 00 03 since last boot WIRELESS automatic channel selection done channel 1 D D gt a gt aD Recorded Events table The Recorded Events table gives you an overview of the latest event logs that have been recorded since power on The first column of the table indicates the importance of the event log Informational Warning Error The Category list allows you to filter the events shown in the Recorded Events table For example by clicking Security you can view all security related events for example generated by the SpeedTouch firew
173. t the SpeedTouch broadcasts its network name allowing you to easily recognise your wireless network in the list of available networks Once you have configured your wireless clients it is recommended to disable this feature by clearing this check box gt Allow New Devices Allows you to change the access control used by the SpeedTouch gt Encryption Allows you to select an encryption level for your wireless network Following encryption methods are supported by the SpeedTouch gt The Wired Equivalent Protocol WEP gt WPA Pre Shared Key WPA PSK The default WEP key and the default WPA key is printed on the SpeedTouch bottom label o Before configuring the SpeedTouch encryption make sure you know which encryption methods are supported by your wireless client WEP The Wired Equivalent Privacy WEP algorithm protects wireless communication from eavesdropping WEP relies on a secret key that is shared between the wireless client e g a laptop with a wireless ethernet card and the SpeedTouch The fixed secret key is used to encrypt packets before they are transmitted l e during transmission between client and AP in the air the information in the packets is encrypted If your wireless client s supports WPA PSK we recommend you to use WPA PSK because WEP encryption has been proven to have some security issues To enable WEP 1 Select Use WPA PSK Encryption 2 In the WEP Key Length list clic
174. tart Mechanism Either manual dial in or Automatic Start Always On can be selected Click Add to confirm the data and Save All to save the configuration S D e d tO U C n E DOC CTC 20050429 0104 v1 0 5 3 The SpeedTouch as VPN Server Configuration procedure E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration VPN Server In a VPN client server scenario the VPN server is always the responder in the IKE negotiations Various VPN clients can dial in to a VPN server since it supports multiple simultaneous VPN connections A VPN server does not know a priori which remote Security Gateway will attempt to set up a VPN connection In time new users may join the VPN It is an advantage that the SpeedTouch VPN server requires no modifications to its configuration when new clients are added to the VPN The SpeedTouch can establish a secure connection with any Remote Gateway that meets the VPN settings regardless its location in the public network The use of the Extended Authentication protocol can optionally be configured In this case a list of authorized users is composed and stored in the SpeedTouch Perform the following steps to configure your VPN server 1 Select VPN gt VPN Server 2 Fill out the various parameter fields in the VPN Server web page 3 Select the IKE Authentication method Either Preshared Key or Certificate Authentication can be selected 4 Click Apply to confirm the data
175. ted the steps needed to create the following connection MyISP Make this the default connection This connection is firewalled Share with all users of this computer Use the same user name amp password for everyone The connection will be saved in the Network Connections folder To create the connection and close this wizard click Finish Click Finish to complete the configuration The Connect YourlSP window see below appears S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Starting a broadband Internet session E DOC CTC 20050429 0104 v1 0 Chapter 3 Internet Connectivity Dial In Clients Proceed as follows 1 On the Start menu point Connect To and click the name of the connection you ve created for example YourlSP If you are using the Classic Start menu click Start gt Settings gt Network and Dial up connections gt YourlSP 2 The Connect YourlISP window appears me En aa a T lt a M User name JohnDoe ourlSP Password o change fe saved password ciek Aere IY Save this user name and password for the following users Me only f Anyone who uses this computer Cancel Properties Help 3 If requested enter user name and password for your user account at the Service Provider al Click Connect 5 As soon as the connection is established the Connection message box and Dialup window are minimised into an icon in the notificati
176. ter 5 Expert Configuration IP QoS Quality of Service is the ability for an application to obtain the network service it requires for successful operation Nowadays the total amount of data traffic increases while new types of data emerge like voice data video data audio data These new types of data pose new requirements for data transport e g low latency low data loss To meet these requirements the entire network must ensure them via a connection service guarantee Such a connection service guarantee can both be applied to connection oriented networks connection based and to packet oriented networks data stream or data type based confiauration e Meter Name State Discard Priority WFQ queue weights B atm_pyc_O_35 Jw early wt 25 25 25 25 a0 2 kB b atm _pyo_8_35 mi early wt 25 25 25 25 BO 2 kB Click Apply to commit the changes Cancel to abort IP QoS configuration atm_pwo_0_35 Mame State mj Discard early Priority wiq ka WFQ queue Weight 1 WFQ queue Weight 2 9 WFQ queue Weight 3 9 WFQ queue Weight 4 Max highest queue rate Max highest queue burst Quality of Service allows specifying a connection service guarantee via a set of connection parameters Throughout the network this set of connection parameters will be used to handle the connection data in a way to achieve the connection service guarantee This handling includes reserving bandwidt
177. tes E DOC CTC 20050429 0104 v1 0 About this User s Guide A note provides additional information about a topic A tip provides an alternative method or shortcut to perform an action o A caution warns you about potential problems or specific precautions that need to be taken Generally the SpeedTouch 605 i the SpeedTouch 608 i the SpeedTouch 608 i WL and the SpeedTouch 620 i will be referred to as SpeedTouch in this User s Guide In interactive input and output typed input is displayed in a bold font and commands are displayed like this Comments are added in italics Example gt language list CODE LANGUAGE VERSION FILENAME en english 4 2 0 1 lt system gt Only one language is available THOMSON continuously develops new solutions but is also committed to improve its existing products For more information on THOMSON s latest technological innovations documents and software releases visit us at www speedtouch com Speedtouch 1 About this User s Guide About this User s Guide 2 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Introduction Installation Contents safety instructions E DOC CTC 20050429 0104 v1 0 Your Speed Touch With the SpeedTouch 605 i and SpeedTouch 608 i Business DSL Routers and the SpeedTouch 608 WL i and SpeedTouch 620 i Wireless Business DSL Routers you can build a secure small home office network seamlessly
178. th Wi Fi certified tenninals which support the WPA Personal standard Speedtouch S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 2 Local Network Setup 2 2 4 Connecting Additional Wireless Clients Preconditions Make sure that gt The SpeedTouch is powered on and ready for service gt The SpeedTouch has been configured as DHCP server default gt The wireless client adapters have been installed on all computers you want to connect to the WLAN Security issues Depending on the personalised wireless settings gt Make sure to use the same encryption or security level on the client as on your SpeedTouch If for instance WPA PSK is enabled on the SpeedTouch you must also configure the wireless client to use WPA PSK and configure the same WPA PSK passphrase gt In case the Network Name SSID is not broadcasted you must configure the wireless client for the SpeedTouch Network Name Refer to the documentation of your wireless client for more information gt Depending on the ACL settings gt In case New stations are allowed automatically your device will be able to access the SpeedTouch WLAN gt In case New stations are allowed via registration you will need to register Follow the procedure as described in Registering clients via association button on page 30 gt In case New stations are not allowed you will not be able to access the SpeedTouch Register
179. the current configuration of your SpeedTouch CLI access the complete SpeedTouch Command Line Interface in a graphical way open the SpeedTouch help pages If available on your SpeedTouch you are able to change the language of your SpeedTouch web pages via the language action buttons in the top right corner on each of the SpeedTouch pages S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration 5 1 Home Overview The Expert Mode Home page is in fact the same as the SpeedTouch Home page in Basic Mode it provides an instant overview of all aspects of your SpeedTouch configuration and operational status For more information see Home of Basic Configuration web interface a speedtouch Chapter 5 Expert Configuration 9 2 Speedlouch Overview The SpeedTouch menu consists of the following topics Diagnostics view detailed system and configuration information of the SpeedTouch and perform IP connectivity checks on WAN connections Syslog view configure the SpeedTouch system logging engine System Update manage various kinds of system configuration files and to perform a system upgrade SpeedTouch Services view configure existing Speed Touch services or to add new ones SNTP view configure SpeedTouch s real time clock engine SL access the SpeedTouch Service Level Agreement SLA facilities Add on add new or extend e
180. the left menu click SpeedTouch eee ae eee eee ht ee Se eee You are about to restart your SpeedTouch All active connections will be restarted Do you want to proceed es restart my SpeedTouch No Proceed as follows 1 Click Yes restart my SpeedTouch 2 The SpeedTouch restarts 3 The SpeedTouch returns to the Home page S D e d tO U C n E DOC CTC 20050429 0104 v1 0 4 3 4 Overview Details Configure E DOC CTC 20050429 0104 v1 0 Chapter 4 Basic Configuration Configuration The Overview page displays the current configuration of your SpeedTouch The Details page displays more detailed information on the current configuration of your SpeedTouch The Configure page allows you to change the current configuration System Configuration pem This page lets you configure your SpeedTouch Service Configuration You cannot directly edit the service settings of your SpeedTouch In order to modify those settings you must use the Configuration Wizard and follow the instructions appearing on the SCreen Service Name Router Time Configuration Auto configuration D Date dd mm yyyy I C pin Time hh mm ss Timezone UT C 01 00 Amsterdam Bern Rome Ste Summer Time D System Configuration Web Browsing Interception ia Apply Cancel If you want to gt Reconfigure your SpeedTouch Click Configuration Wizard under Service
181. the software activation key If required paste the obtained software key in the Software Activation Code Input display box Click Add to process the software activation key Click Restart to restart the SpeedTouch This allows the SpeedTouch system software to validate the software activation key and to activate the corresponding module t Important The key is unique for each module and for each SpeedTouch device It can not be re used for activating another software module or be copied from or to another SpeedTouch device Once activated the software key can not be disabled anymore via the Add on web page For more information refer to 6 Software Keys on page 181 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 5 9 Overview E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration IP Router The IP Router menu consists of the following topics IP Addresses view configure the IP addresses assigned to any of the SpeedTouch interfaces Expressions view configure interface or IP or Service related expressions view configure packet classification and handling IP Routing view configure the SpeedTouch IP forwarding and routing table view configure the SpeedTouch Routing Information Protocol RIP engine NAT vie configure the SpeedTouch Address Translation information base IP QoS view configure the SpeedTouch IP Quality of Service IPQoS engine Speedtouc
182. tion Routing Routed PPPoA The Routed PPPoA configuration page allows you to add new Routed PPPoA connection entries or to change settings of existing entries To add a Routed PPPoA connection entry 1 Click New 2 In the Interface box type a unique interface name different from the MER interface name 3 In the Destination list click the appropriate Routed Ethernet destination indicated by the Routed Ethernet interface name 4 Type user name and password for the account at the ISP optional 5 Click Apply Once created per Routed PPPoA connection additional configuration is possible by clicking gt Routing gt Other These parameters can only be modified when the link is down Take the link down first by clicking Hang up Following fields are available gt Destination Controls the networks that can be reached via this particular PPP connection Specify the remote host or network in prefix notation e g 172 16 0 0 16 gt Label Allows you to assign a label to this connection S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Other This window holds miscellaneous information and configuration possibilities Following fields are available gt Mode A PPP connection can be established in three ways gt Manually You have to press the Dial In button of a particular connection gt Always On The SpeedTouch automatically tries to establish PP
183. tion see 1 3 1 Access via the Web Interface on page 12 Fine tune your SpeedTouch configuration For more information see 1 3 2 Access via CLI on page 13 Backup and restore data on your SpeedTouch For more information see 1 3 3 Access via FTP on page 15 Allow a remote user to help you configuring your SpeedTouch For more information see 1 3 4 Remote Assistance on page 18 E DOC CTC 20050429 0104 v1 0 S D e e d to U C h 1 Chapter 1 Your SpeedTouch 1 3 1 Access via the Web Interface Procedure To access the SpeedTouch via the web interface 1 2 Open a web browser In the address bar type your SpeedTouch s IP address or DNS host name by default that is http speedtouch lan or 192 168 1 254 4 You can access the pages via the http protocol For remote assistance 1 the secure version https in combination with certificates is used provide your ISP with the https link user name and password before he can log on to the pages For more information see 1 3 4 Remote Assistance on page 18 As a result the SpeedTouch Home page appears from where you can navigate to all the configurable aspects of the SpeedTouch Speedtouch Administrator Help Home SpeedTouch sees mss wana SpeedTouch Inf ti Broadband Connection ame a een Product Name SpeedTouch Software Release 5 3 Update Toolbox f o3 S Beh ttt Broadband Connection
184. to another web site If your administrator account is configured as default user make sure to o configure a password for this account or change the default user Otherwise users on your local network can surf to your SpeedTouch to disable your filtering rules For more information see 4 5 13 User Management on page 83 and 4 5 15 Change Default User on page 85 The Overview page displays gt The current Address Based Filtering rules gt The current Content Based Filtering configuration To view which content types are blocked allowed click Details For more information see 4 5 8 Content Level on page 77 o Address based filtering rules have priority over content based filtering rules The Configure page allows you to Deny access to a specific web site Allow access to a specific web site Redirect a web site v v v wv Configure content based filtering settings Following content levels are available gt All Allow all categorized web sites gt Legal Allow all except illegal extreme spam and spyware web sites gt Teenagers Block illegal adult extreme online ordering gambling spam and spyware web sites gt Children Only allow children save web sites gt BlockAll Block all categorized web sites Speedtouch Chapter 4 Basic Configuration Chapter 4 Basic Configuration Deny access to a specific web site Allow access to a specific web site Redire
185. touch Chapter 4 Basic Configuration 4 5 Toolbox The Toolbox menu The Toolbox menu consists of following menu items gt Remote Assistance Allows you to make your SpeedTouch accessible for remote support gt Game amp Application Sharing Allows you to share services and games that you run in your private network towards the internet gt Web Site Filtering Allows you to block allow access to specific web sites gt Firewall Allows you to configure the security level of the SpeedTouch firewall gt Intrusion Detection Allows you to view the intrusions you are protected against gt Dynamic DNS Allows you to assign a DNS host name to your broadband connection s gt User Management Allows you to manage the users configured on your SpeedTouch The Toolbox page The Toolbox page gives you an overview of the available services and their current status You can click on the names of these services to go to the corresponding web page Speedtouch Administrator Help Home gt Toolbox SpeedTouch Toolbox Your SpeedTouch device offers multiple services Broadband Connection Those services enable you to protect your network to ease sharing of games and applications with other people on the Internet or manage your local network Remote Assistance Game amp Application Sharing Remote Assistance Game amp Application Sharing Disabled UPnP Enabled Web
186. trol Management Protocol ICMP Game amp Application sharing is allowed by the firewall Disabled Disable the firewall All traffic is allowed to pass through your SpeedTouch Game amp Application sharing is allowed by the firewall BlockAll Use this Security Level to block all traffic from and to the Internet Game amp Application sharing is not allowed by the firewall Apply Cancel Select one of following security levels gt Medium Use this Security Level to allow all outgoing connections except Windows protocols Netbios RPC SMB and block all incoming connections Game and Application sharing is allowed by the firewall Standard Use this Security Level to allow all outgoing connections and block all incoming traffic Game and Application sharing is allowed by the firewall Low Use this Security Level to allow all outgoing connections and block all incoming traffic except Internet Control Management Protocol ICMP Game and Application sharing is allowed by the firewall Disabled All traffic is allowed to pass through your SpeedTouch Game and Application sharing is allowed by the firewall BlockAll Use this Security Level to block all traffic from and to the Internet Game and Application sharing is not allowed by the firewall E DOC CTC 20050429 0104 v1 0 Speedtouch 4 9 11 Intrusion Detection E DOC CTC 20050429 0104 v1 0 Intrusion Detection Intrusion Detection
187. uch Chapter 2 Local Network Setup Chapter 2 Local Network Setup Data encryption To setup wireless connectivity you can choose different levels of security gt Low Security disabled the default No security the data will not be encrypted no authentication process will be used Medium Use WEP Wired Equivalent Privacy to encrypt the traffic between the SpeedTouch and the clients by sharing a pre defined 64 bit or a 128 bit Network key for secure communication with legacy 802 11b clients 4 The default 64 bits hexadecimal WEP key is printed on the 7 identification label located at the bottom of the SpeedTouch and is unique for each device High Use WPA PSK Wi Fi Protected Access Pre Shared Key encryption the highest form of security available but make sure that your wireless client and client manager are compatible with it EL The default WPA Personal passphrase is printed on the 7 identification label located at the bottom of the SpeedTouch and is unique for each device The WPA Personal passphrase must consist of 8 to 63 ASCII characters or 8 to 64 HEX digits SpeedTouch Home Install Wizard Wireless Security Move the slider to the desired wireless secunty level Level 2 Security WPA Personal You have chosen to operate your network in Level 2 Securty WPA Personal Your network will have the highest protection against intrusion curently available but will only be compatible wi
188. uch Chapter 5 Expert Configuration Chapter 5 Expert Configuration VLAN interface Proceed as follows to add or remove Bridged Ethernet interfaces for a certain VLAN configuration 4 Select the VLAN you wish to edit 2 A listing of all bridge interfaces will appear each followed by a drop down list Change the value of the drop down list to add or remove interfaces from this VLAN gt none which means that this interface is not a member of the selected VLAN gt Tagged which means that this interface is a member of the selected VLAN and that packets coming in and going out of the SpeedTouch will be VLAN tagged gt Untagged which means that this interface is a member of the selected VLAN but that the VLAN functionality will be not visible outside the SpeedTouch This means that inside the SpeedTouch VLAN will be used to isolate interfaces from each other but that outside of the SpeedTouch no VLAN tagging will be used 3 Click Apply speedtouch PO 0 4 6 Introduction E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Routed Ethernet The Routed Ethernet web page allows you to add and modify Routed Ethernet interfaces Routed Ethernet interfaces can be used for creating end to end MAC Encapsulated Routing MER connections or for creating a destination interface to create Routed PPPoE connections on or to apply a routed PPPoE Relay scenario Interface De
189. uide you through the software upgrade of the SpeedTouch To continue click Next 42 THOMSON BAAND speedtouch lt Back i cancel The SpeedTouch Software License Agreement window appears You must accept before continuing Click Yes to accept If you accepted this License Agreement in a previous upgrade this window will not be shown The SpeedTouch Upgrade Wizard will search for the SpeedTouch on the network A progress bar is displayed The SpeedTouch Upgrade Wizard should find your SpeedTouch device on the local network This is indicated by the following window SpeedTouch Upgrade Wizard K ioj x Detected device The Wizard detected the following SpeedTouch device The following device was found h Name SpeedT ouch Serial Number 045201108 IP Address The device is password protected not all information it Version shown Board Info Password Protected Details To continue click Next speedtouch Sercet If more than one device is found a list of available devices will be provided If this is the case select your SoeedTouch device and click Next 4 If the wizard does not find any SpeedTouch on the network an error window appears refer to 8 1 3 Upgrade Troubleshooting on page 195 Q It is NOT possible to upgrade your SpeedTouch over a wireless connection Enter your SpeedTouch security User name and Password speedtouch 18
190. unction Orange Bootloader active Off Power off Ethernet Green Flashing Ethernet activity Ethernet connection no activity Off No Ethernet connection Name Power WLAN Wireless activity WPA encryption On No wireless activity WPA encryption Flashing Wireless activity WEP encryption pC On No wireless activity WEP encryption Red o Flashing Wireless activity no security Pf On No wireless activity no security Off WLAN disabled Green Flashing Data passing through the cardbus On Cardbus is connected no data passing through Cardbus is not connected Plug in Off E DOC CTC 20050429 0104 v1 0 S D e d tO U C a Chapter 1 Your SpeedTouch Chapter 1 Your SpeedTouch Ethernet LEDs Indicator Description qE eveeeemt i ote re on ome conection op fi A LED may be provided per Ethernet port to indicate link integrity or activity Depending on the SpeedTouch product you are using a second LED A may be provided to indicate the 10 100Base T selection Indicator Description Activity Integrity Off No connection on this port friaa Ca S D e d tO U C n E DOC CTC 20050429 0104 v1 0 Chapter 1 Your SpeedTouch 1 3 How to Access your SpeedTouch Access methods Your SpeedTouch is accessible in one of following ways Command Line Interface CLI File Transfer Protocol FTP Remote Assistance Configure your SpeedTouch via HTTP or HTTPS For more informa
191. urs Configuration Neighbours RIP settings details RIP status D RIP version aey f Default metric Poo H Update time 1 3600 seconds wooo Timeout time 1 3600 seconds feo 000t sCsi Csi i i s S Garbage time 1 3600 seconds koo Configuration The Configuration section allows you to enable disable the SpeedTouch RIP functionality and configure the some basic RIP settings Interfaces The RIP Interfaces table allows you to configure interface specific RIP settings such as gt Override the master RIP status enable disable gt Override the master RIP version separately for receiving and sending RIP messages gt Specify whether authorization is needed or not and if so the required authorization string gt Specify whether routed must be included in RIP updates sent to a gateway from which the updates were learned gt Specify whether the interface should transmit RIP updates or not Neighbours Optionally the RIP Neighbours table allows you to define one or more RIP neighbours This may be necessary in cases where multicast messages can not be sent or received among the network S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 3 6 Overview Interfaces Mappings E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration NAT The NAT menu consists of following sections gt Interfaces gt Mappings gt Templates The Interface pa
192. user class identifier option to be associated with the lease gt Lease time The preferred duration of the lease of the dynamic IP address if assigned If not accepted the remote DHCP server may overrule this lease time gt Vendor ID Enable transmission of the vendor class identifier option selected or not cleared Speedtouch PO Deane Overview Configuration Hostname Table E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration DNS DNS is short for Domain Name System It is a network functionality that allows network members to use host names rather than IP addresses for referencing networked computers Configuration Hostname Table DNS properties Domain name lan Activate server fw Apply The DNS web page consists of two sections gt Configuration gt Hostname Table In addition to the host name a local computer needs the DNS domain name to construct a fully qualified name By default the SpeedTouch DNS s domain name is lan You can specify another sub domain name in the domain field and Apply In normal conditions you should never disable the SpeedTouch DNS server surely not in case the SpeedTouch DHCP server is active on the local network as well If required however you can disable the SpeedTouch DNS server by clearing Activate Server and Apply 4 Disabling the SpeedTouch DNS server will disable all DNS forwarding 1 functionality as well Thi
193. vered first and in real time This feature maximizes your network performance The managed Ethernet switch allows you to configure a Virtual Local Area Network VLAN group ports or isolate a port configure secure channel connections define Quality of Service QoS and you can configure port mirroring allowing monitoring from one port to another You can configure the managed Ethernet switch manually using CLI For more information see the SpeedTouch CLI Reference Guide or on the expert web pages see 5 5 3 Managed Switch on page 158 S D e d tO U C n E DOC CTC 20050429 0104 v1 0 2 2 Introduction Wireless client requirements E DOC CTC 20050429 0104 v1 0 Wireless Ethernet The SpeedTouch 608 WL 620Wi Fi certified IEEE 802 11g compliant wireless access point allows multiple computers to connect wirelessly to your local network over the SpeedTouch Wireless LAN environment The SpeedTouch is backward compatible with IEEE 802 11b which means 802 11b and 802 11g devices can coexist in the same wireless network The Wireless Distribution System WDS on your SpeedTouch allows you to extend the range of your wireless network To be able to use WDS you will need to introduce an additional WDS enabled access point into your wireless network To be able to connect the computers make sure that a wireless client adapter WLAN client is installed on each computer you want to connect via the WLAN Al
194. via Interface optionally gt Clear existing interfaces if applicable gt Type the name of the additional interface Ol In Accept service from Remote IP optionally gt Clear existing remote IP addresses if applicable gt Type the IP address of the specific remote IP host 6 Click Apply to apply your changes to the SpeedTouch service 4 You must repeat the procedure for each individual External TCP UDP port interface or remote IP address you want to add Speedtouch PO speedTouch service types E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration The SpeedTouch service can be of following type Indicates a SpeedTouch service that Client is the originator of an IP connection source IP packets Server is the responder of an IP connection listening to IP packets Peer can be an originator or a responder of an IP connection Proxy is a responder on the LAN side and originator on the WAN side of the SpeedTouch iS a responder on one side LAN or WAN and re originates on the other side WAN resp LAN of the SpeedTouch is an assembly of SpeedTouch services Editing such kind of entries will edit all members of that Group Transparent Map uses transparent NAT port mappings Dynamic has been dynamically created or enabled by the SpeedTouch service manager Sibling the service is member of a SpeedTouch Group service Shared uses a prot
195. vice or protocol e g smtp http telnet Source Interface The source interface e g lan1 want dmz1 Source IP Select The name of the source IP expression Destination IP Select The name of the destination IP expression State Select this check box to enable this rule Log Select this check box to generate a syslog message when this label is being used 3 Click Apply IP QoS Rules The IP QoS Rules section provides an overview of the existing routing rules Proceed as follows to create a new rule 1 Click New to create a new rule 2 Fill in all the fields 3 Click Apply S D e d tO U C n E DOC CTC 20050429 0104 v1 0 0 3 4 Overview Adding an IP route Deleting an IP route E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration IP Routing The IP Routing table presents the current content of the SpoeedTouch Routing Information Base It contains all routes to all possible destinations and is consulted by the SpeedTouch any time prior to sending or forwarding any packets Destination Label Gateway interface Metric b 255 255 755 255 32 127 0 0 1 loop 0 e 197 168 1 254 92 127 0 0 1 loop 0 10 0 0 156 32 127 0 0 1 loop 0 be 192 168 2 2 54 32 127 0 0 1 loop 0 E 192 168 3 2 54 32 127 0 0 1 loop 0 e 127 0 0 1 52 127 0 0 1 loop 0 e 192 166 3 0 24 192 1656 3 254 guesti 0 e 192 168 2 0r24 197 166 2 254 dmz1 0 e 192 166 1 0 24 197 166 1 254 la
196. vices communicating via WDS a Sy Zs ea es p eo 1 s N Z w 3 d p Py 4 f lt D E By f i oy Link Ce aan 4i s qd eS n SpeedTouch a aa i o S BB 74 N Ye TS Pa The SpeedTouch allows you to add up to four wireless repeaters Repeaters extend the coverage area of your wireless LAN however bear in mind that throughput is reduced for wireless clients that are connected through a repeater Preconditions Check on following gt Your wireless repeater must be WDS enabled gt Both your SpeedTouch and your wireless repeater must use gt The same WEP key if WEP is enabled o WPA encryption is not supported when using WDS gt The same fixed channel FA The SpeedTouch and your wireless repeater do not necessarily need to use 7 the same SSID Using different SSIDs allows you to force your wireless clients to use either the access point of the SpeedTouch or the one of your wireless repeater E DOC CTC 20050429 0104 v1 0 S D e e d to U C h 31 Chapter 2 Local Network Setup Configuring WDS To configure your WDS on the web pages 1 Go to the SpeedTouch web pages 2 Inthe menu select Home Network 3 Click your WLAN 4 On the top right click Configure If not already done set a fixed channel and check whether the security settings WEP encryption or no encryption on your SpeedTouch are the same as on the repeater ZP 5 On the Wirele
197. vity beyond the local and remote IP address a single or summarized network can be supplied in the Destination Network field In the ultimate case all destination networks can be specified via the so called default route 0 0 0 0 0 8 Click Apply If all field values are correctly specified the Routed IPoA interface is created and attached to the specified ATM virtual channel NO oh Q Generated IP routes In the assumption that Local IP Remote IP and Destination Network are specified 3 IP routes are automatically added gt A host route to Local IP address gt A host route to the Remote IP address gt A network route to the specified Destination Network speedtouch PO 0 4 8 Overview E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration PPTP to PPP Relay The PPTP to PPP Relay referred to as Relay further in this section interacts with a PPTP tunneling application installed on the locally attached computers for example Microsoft s Dial Up Networking A typical user relay interaction scenario is as follows A PPTP Tunnelling application is started on one of the locally attached computers This application establishes a PPTP tunnel to the SpeedTouch and is the trigger for the Relay to come into action The Relay chooses a free PPPoA phonebook entry and from then on relays all PPP frames sourced by the PPTP application from the tunnel to the virtual channel identified by the phonebook e
198. ware release Loss of connectivity Try again later An internal error switchover from Could not install the new software active to passive build failed out of version If problem persists contact disk space occurred Try again your helpdesk later If the problem persists contact your helpdesk gt Upgrade from PC Failed to upload new software version from your computer If Loss of connectivity Try again after problem persists contact your a reboot of your SpeedTouch helpdesk An internal error switch over from active to passive build failed out of disk space occurred Try again after a reboot of your SpeedTouch If the problem persists contact your helpdesk Could not install the new software version If problem persists contact your helpdesk Speedtouch Chapter 8 Troubleshooting Upgrade via Setup CD If the Upgrade Wizard in step 4 as described in Upgrade procedure on page 187 does not find any SpeedTouch on the network an error window will appear stating your SpeedTouch has not been found In this case check that gt The SpeedTouch is turned on and fully initialised gt Your PC is correctly connected to the SpeedTouch gt Your PC has a valid IP address To check this in MS Windows 1 In the Windows task bar click Start 2 Select Run 3 Type cmd in the Open field 4 Click OK A black window will appear with a flashing cursor 5 Type ipco
199. will be denied access to the SpeedTouch based on its physical hardware address 4 The default wireless settings may differ from the settings listed above 7 depending on your Service Provider s requirements If this is the case refer to the installation configuration instructions provided by your Service Provider Make sure that gt The SpeedTouch is powered on and ready for service gt The SpeedTouch is in its default configuration If needed reset the SpeedTouch to its default configuration See 8 3 Reset to Factory Defaults on page 199 for more information gt A wireless client adapter is installed on your computer gt The wireless client adapter s IP configuration is set to dynamically obtain its IP configuration DHCP this is usually the default For more information see the documentation of your wireless client adapter The wireless client must be correctly configured for the default network name As the SpeedTouch broadcasts its network name to the wireless clients you can select the SpeedTouch wireless network from a list of available networks Depending on your wireless client a wireless icon may become green or a message similar to the following may pop up Successfully joined Wireless network SpeedTouch123456 Some wireless clients do not automatically join a wireless network If so follow the instructions for the wireless client software to initiate association In the exam
200. xisting functionality of your SpeedTouch via software key activation Speedtouch PO 5 2 1 Introduction E DOC CTC 20050429 0104 v1 0 Chapter 5 Expert Configuration Easy Setup Click Easy Setup to start the SpeedTouch Easy Setup wizard The Easy Setup wizard provides an easy way to prepare the SpeedTouch for Internet connectivity Depending on the installed wizard templates see Manage configuration files on page 113 for more information you can select from one or more semi automatic scripts helping you to fully configure most aspects of the SpeedTouch with a minimum of effort and risk of wrong or insufficient configurations J SpeedTouch 620 0436DT01N Microsoft Internet Explorer provided Ioj x iS speedtouch Welcome to the SpeedTouch Easy Setup This wizard helps you configure your SpeedTouch To continue click Next ces MSON BRAND speedtouch lt Back Next gt Cancel speedtouch Chapter 5 Expert Configuration 5 2 2 system Information Overview The System Information page is the SpeedTouch expert start page It consists of four sections gt Diagnostics gt DSL Line Info gt Configuration gt System System Self Test LAN DSL Diagnostics Select Diagnostics to view the results of the System Self Test LAN connectivity and DSL synchronisation test aoo the overall status of the particular item is healthy _ an error
Download Pdf Manuals
Related Search