Allied-Data CopperJet-1616-2P Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Allied-Data

CopperJet-1616-2P

Page 31 / 86 Scroll up to view Page 26 - 30

Chapter 5: Configuring the CopperJet

5.6.6

Configuring PPPoE routed service attached to the Router

PPPoE routed is mostly used when your Service Provider has an Ethernet network which

requires authentication (username and password).

ou need to add detailed configuration information about the WAN service that you are

escription

PPPoE, this is the default WAN connection name.

Virtual Path Identifier. A field in the ATM header. The VPI is

Virtual Channel Identifier. Part of the ATM header. The VCI

ncapsulation:

LLC/SNAP by default.

efault MAC Address:

Use the MAC address of the CopperJet on the WAN side.

AC address:

Fill in the MAC address that you want to use on the WAN

ccess concentrator

Some service provider requires this entry. If the service

ervice name

Some service provider requires this entry. If the service

creating. Your service provider must provide this information.

used to identify the virtual path that a circuit belongs to.

The VPI can be any value between 0 and 4095.

is a tag that identifies which channel a cell will travel over.

The VCI can be a value between 1 and 65535.

side.

provider does not provide this, leave it blank.

Page 29

Page 32 / 86

Chapter 5: Configuring the CopperJet

Authentication

Choose the authentication method provided by your service

provider.

None

You don’t need to set any authentication.

PAP

Password Authentication Protocol, the server sends an

authentication request to the remote user that is dialling in.

PAP passes the unencrypted username and password and

identifies the remote end.

CHAP

Challenge Handshake Authentication Protocol, the server

sends an authentication request to the remote user that is

dialling in. CHAP passes the encrypted username and

password and identifies the remote end.

Username

Fill in the username provided by your service provider.

Password

Fill in the password provided by your service provider.

Password (confirm)

Fill in the password provided by your service provider.

Keep Alive

On by default. Some ISP’s time-out if the connection has

not been used. To avoid it, you can enable keep-alive that

keeps the connection by accessing an Internet site at

regular intervals.

Connect on demand

Off by default. When enabled, the PPP link will be

established when traffic is sent to the Service Provider and

disconnected when traffic has stopped for a certain amount

of time. See also the Maximum Idle Time.

Maximum idle time

0 by default. When

Connect On demand

is enabled, this

time represents the idle time when the PPP link will be

disconnected.

Requested WAN IP address

Fill in 0.0.0.0 when you get an IP address after

authentication, or fill in a fixed IP address provided by your

service provider.

Enable NAT

NAT is by default enabled.

When finished configuring the WAN connection, click on

OK.

Go to the

Configuration

and click on

Save config

to save the new settings into the CopperJet.

Page 30

Page 33 / 86

Chapter 5: Configuring the CopperJet

5.7

Security

The CopperJet has extensive Security functionality like a Stateful Inspection Firewall,

Network Address Translation (NAT) and Filters. One of the most used functionality is NAT.

Security allows you to:

•

Enable Security

•

Enable Firewall

•

Enable Intrusion Detection

•

Configure Security level

•

Configure Security interfaces

•

Configure Firewall Policy

•

Configure Firewall Trigger

•

Configure Intrusion Detection

NAT allows you to:

•

Enable NAT between interfaces

•

Configure global addresses

•

Configure reserved mapping

Go to the

Configuration

menu and select

Securit

y. The

Security Interface Configuration

page is displayed.

This page contains the default Security settings. Before the security options can be

configured, interfaces need to be defined to which the security can be assigned to.

5.7.1 Enabling Security

You must enable

Security

before you can add security functionality like Firewall, NAT or

filters.

In the

Security State

section:

Click on the

Security Enabled

radio button and select

Change State

to update the

Security

State

section. The overall Security is now enabled.

Page 31

Page 34 / 86

Chapter 5: Configuring the CopperJet

5.7.2 Configuring Security Interfaces

Before Security options can be configured, there must be at least 2 Security interfaces

defined and configured. Security interfaces represent the logical connections to and from

the CopperJet. These interfaces are used to enable the security on these connections.

There are three different types of security interfaces available

•

Internal: usually the LAN connection

•

External: usually the WAN connection

•

DMZ: usually a second LAN connection or IP subnet

Note: The security interfaces are directly linked to the LAN and WAN connections. Be sure

that the necessary LAN and WAN connections are configured correctly. The security

interfaces can be assigned to these connections.

Important: When a WAN connection is already configured with NAT enabled, both

the internal and external Security Interfaces are automatically added

and configured. These Security Interfaces can be used to enable the

other security options.

To add a Security Interface, go to the

Configuration

menu and select

Security

. The

ecurity Interface Configuration

page is displayed. Select

Add Interface

at the

Security

Interface

section. The

Firewall: Add interface

page is displayed.

Select the proper WAN or LAN connection from the

Name

section.

•

The Ethernet LAN connection is represented as

ethernet-0

•

The USB LAN connection is represented as

ethernet-1

•

WAN connections are represented as

ppp-0

rfc1483-0

ipoa-0

Select the proper

Interface type

. Usually the LAN connections

ethernet-0

ethernet-1

are

internal

. The WAN connections are usually

external.

Click on

Apply

to add the security interface.

The

Security Interface Configuration

page is displayed and the security interface is added

to the section

Security Interface.

Page 32

Page 35 / 86

Chapter 5: Configuring the CopperJet

5.7.3

Configuring Network Address Translation (NAT)

The Network Address Translator (NAT) implements Port Address Translation (PAT) and

provides Network Address Port Translation (NAPT), also known as IP Masquerading. NAT

allows a single real IP address on the WAN side to be shared among many devices on the

LAN side, each of which have private addresses.

NAT can be enabled directly when configuring the WAN connection. See section 5.6 WAN

Connections for more details.

If NAT is not enabled during configuration of the WAN connection, go to the

Configuration

menu and select

WAN Connections

. The

WAN Connections

page is displayed. Edit the WAN

connection by selecting the

Edit…

hyperlink. The

WAN Connection:edit ’

’

page is

displayed.

Select the

IP Interface

tab. The

Edit IP Interface

page is displayed.

Select the

NAT

tab. The

Edit NAT

page is displayed.

On this page NAT can be enabled or disabled.

Nat Enabled:

false

NAT is disabled

true

NAT is enabled

After you changed the setting, click on

Apply

. Don’t forget to save the changes. Go to the

Configuration

menu and click on

Save config

to save the new settings into the CopperJet.

Page 33

Rate

Popular Allied-Data Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share