Netopia Netopia-3000 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Netopia

Netopia-3000

Page 26 / 161 Scroll up to view Page 21 - 25

Section 3

General

BreakW

ater Basic Firewall

BreakWater delivers an easily selectable set of pre-configured firewall pro-

tection levels. These settings are readily available for simple implementa-

tion through Cayman’s embedded web server interface.

BreakWater provides you and your network with:

•

Protection for all LAN users.

•

Elimination of firewall management software on individual PC’s.

•

Immediate protection through three pre-configured firewall levels.

•

Elimination of the complexity associated with developing firewall rules.

BreakWater Settings

BreakWater Basic Firewall’s

three

settings are:

ClearSailing

ClearSailing provides protection against network initiated inbound traffic,

while securely passing outbound traffic through the Gateway. In conjunc-

tion with Network Address Translation, this setting allows authorized

remote diagnostic support while protecting against undesired inbound

traffic.

SilentRunning

Using this level of firewall protection allows secure transmission of out-

bound traffic, but disables any attempt for inbound traffic to identify the

Gateway. This is the Internet equivalent of having an unlisted number.

LANdLocked

The third option available turns off all inbound and outbound traffic, isolat-

ing the LAN and disabling all WAN traffic.

See

page 69

for

How To Configure BreakWater

instructions includ-

ing a table of user tips.

BreakWater Basic Firewall operates independent of the Gateway’s NAT

functionality.

Downloaded from

www.Manualslib.com

manuals search engine

Page 27 / 161

Section 3

General

VPN IPSec Pass Through

This Cayman service supports your independent VPN client software in a

transparent manner. Cayman has implemented an Application Layer Gate-

way (ALG) to support multiple PCs running IP Security protocols.

This feature has three elements:

On power up or reset, the address mapping function (NAT) of the Gateway’s

WAN configuration is turned on by default.

When you use your third-party VPN application, the Gateway recognizes the

traffic from your client and your unit. It allows the packets to pass through the

NAT “protection layer” via the encrypted IPSec tunnel.

The encrypted IPSec tunnel is established “through” the Gateway.

A typical VPN IPSec Tunnel pass through is diagrammed below:

Typically, no special configuration is necessary to use the IPSec pass

through feature. This feature may need to be disabled for special VPN

clients that are designed to be supported through NAT.

In the diagram, VPN PC clients are shown behind the Cayman Gate-

way and the secure server is at Corporate Headquarters across the

WAN. You cannot have your secure server behind the Cayman Gate-

way.

When multiple PCs are starting IPSec sessions, they must be started

one at atime to allow the associations to be created and mapped.

Cayman

Gateway

Downloaded from

www.Manualslib.com

manuals search engine

Page 28 / 161

Section 3

General

SafeHarbour VPN IPSec T

unnel

SafeHarbour VPN IPSec Tunnel provides a single, encrypted tunnel to be

terminated on the Gateway, making a secure tunnel available for all LAN-

connected Users. This implementation offers the following:

•

Eliminates the need for VPN client software on individual PC’s.

•

Reduces the complexity of tunnel configuration.

•

Simplifies the ongoing maintenance for secure remote access.

A VPN tunnel is a secure link between two networks interconnected over

an IP network providing a secure, cost-effective alternative to dedicated

leased lines.

SafeHarbour employs VPN standards, including:

•

Internet Protocol Security

(IPSec) suite, a series of protocols including

encryption, authentication, integrity, and replay protection.

•

Internet Key Exchange

(IKE), a management protocol of IPSec.

Adherence to VPN standards allows seamless interoperability between a

Cayman Gateway and another standards-based encryptor. SafeHarbour

supports:

•

Symmetric encryption protocols DES, 3DES, Blowfish, and CAST

•

Hash algorithms MD5 and SHA1

•

Diffie-Hellman groups 1, 2, and 5.

Terms are defined in the

Glossary

and

How To

sections.

An important feature of the SafeHarbour VPN IPSec Tunnel is secure

encryption of the configured circuit in

both

directions.

“HQNetOne”

“RemoteNetTwo”

Encrypted IPSec Tunnel

Tunnel Terminates

at Cayman Gateway

Tunnel Terminates

at Standards-based Gateway

IP Network

SafeHarbour VPN IPSec Tunnel Termination

Downloaded from

www.Manualslib.com

manuals search engine

Page 29 / 161

Section 4

Access the User Interface

Using the embedded Web-based user interface for the Netopia Cayman-

series Gateway you can configure, troubleshoot, and monitor the status of

your Gateway. For COS Version 6.3 the Web-based UI has been modified:

•

To accomodate multiple new features of COS 6.3.

•

To make using the entire facility easier.

Open the Web Connection

Once your Gateway is powered up, you can use any recent version of the

best-known web browsers that support javascript and Cascading Style

Sheets from any LAN-attached PC or workstation.

The procedure is:

Step 1

Enter the name or IP address of your Cayman Gateway in the Web browser's

window and click

Enter

For example, you would enter

http://192.168.1.254

if your Cayman Gateway is

using its default IP address. You can enter

http://cayman-2e.

(including the final

period) or

http://cayman-dsl.

if your computer has been configured to obtain its

network configuration from a DHCP server.

Step 2

If an administrator or user password has been assigned to the Cayman

Gateway, enter

Admin

User

as the username and the appropriate

password and click

The Cayman Gateway Home page opens.

eb-based User Interface

Section 4

If the Gateway is not configured, after logon you will see the Quickstart page.

Downloaded from

www.Manualslib.com

manuals search engine

Page 30 / 161

Section 4

Home page

The Home page is the “dashboard” for your Cayman Gateway. The toolbar

at the top provides links to controlling, configuring, and monitoring pages.

Critical configuration and operational status is displayed in the center sec-

tion. If you log on as Admin you see this page.

This example screen is from the Dual Ethernet Gateway.

The Home page differs slightly between DSL and Dual Ethernet Gateways.

Home page - User Mode, DSL Gateway

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular Netopia Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share