Page 121 / 128 Scroll up to view Page 116 - 120
Firewall Issues
113
HomePortal 3801HGV Gateway User Guide
Troubleshooting 3801HGV Gateway
Firewall Issues
The following table provides information to troubleshoot firewall issues:
Diagnostic Issues
The following table provides information to troubleshoot diagnostic issues:
Issue
Possible Cause(s)
What to Do
HTTP service not available
HTTP traffic is disabled
Navigate to
Setting
s >
Firewall
>
Advanced
Configuration
. Select the
HTTP
checkbox from the
Outbound Protocol Control section to enable the HTTP
traffic to pass through the firewall.
Unable to connect to the VPN
tunnel
Unsupported port
Check if the VPN service supports PPPoE, L2TP, PPTP,
and IPSec ports. If not, then you must open the
supported port. To open the supported port, perform port
forwarding, that is, add a new user-defined application.
Issue
Possible Cause(s)
What to Do
Ping/Traceroute/DNS query
does not respond
Incorrect host address is
entered
Ensure that you populate the correct destination IP in
the Host Address text box.
Remote logging error
Syslogging is disabled
Enable Syslog and enter the appropriate server location
to populate the logs at the remote node.
Syslog server is not installed/
enabled on the remote node
Ensure that you install a third party software to populate
the syslogs on the remote node.
Page 122 / 128
114
APPENDIX A
Glossary
Term
Description
Access Point
A device that transports data between a wireless network and a wired network. With
the helpof the system, a wireless base station is an example of an access point that
acts between a wireless node and with other wired PCs and peripherals.
Default Gateway
A device that is placed between network segments (or “subnets”) to ensure that traffic
is properly routed between different subnets. To communicate with a device on
another network, users need to know the default gateway’s IP address.
DHCP (Dynamic Host
Configuration Protocol)
A TCP/IP protocol that allows servers to assign IP addresses dynamically to PCs and
workstations. The PC or workstation “borrows” the IP address for a period of time,
then the IP address returns to the DHCP server for reassignment.
DMZ (Demilitarized Zone)
A computer or small subnetwork that sits between a trusted internal network (such as
a LAN), and an untrusted external network (such as the Internet). Typically, the DMZ
contains devices accessible to Internet traffic, such as Web (HTTP) servers, FTP
servers, SMTP (e-mail) servers, and DNS servers.
DNS (Domain Name System)
The DNS is the way that Internet domain names (such as www.2wire.com) are
located and translated into IP addresses.
DSLAM (Digital Subscriber Line
Access Multiplexer)
A device found in telephone company central offices that takes a number of DSL
subscriber lines and concentrates them onto a single ATM line.
Ethernet
A type of local area network that operates over twisted wire and cable at speeds of up
to 10 Mbps.
ICMP (Internet Control Message
Protocol)
ICMP supports packets containing error, control, and informational messages. For
example, the PING command uses ICMP to test an Internet connection.
Although ICMP is generally harmless, there are some message types that should be
dropped. Redirect (5), Alternate Host Address (6), and Router Advertisement (9) can
be used to redirect traffic from your site. Echo (8), Timestamp (13), and Address
Mask Request (17) can be used to obtain information on whether the host is up, the
local time, and the address mask used on your network, respectively. ICMP
messages are also sometimes used as part of DOS attacks (such as flood ping or
ping of death).
Invalid TCP flags.
Combination of TCP flags (such as SYN/FIN) that signal a malicious attempt to get
past the firewall.
IP (Internet Protocol).
The standard signaling method used for all communication over the Internet.
IP Address.
A numeric identifier for your computer. Just as the post office delivers mail to your
home address, servers know to deliver data to your computer based on your IP
address. IP addresses can be dynamic, meaning that your computer “borrows” the IP
address for the necessary timeframe, or they can be fixed, meaning that the number
is permanently assigned to your computer.
LAN (Local Area Network).
A network connecting a number of computers to each other or to a central server so
that the computers can share programs and files.
MAC (Media Access Control)
Address
A hardware address that has been embedded into the network interface card (NIC)
by its vendor to uniquely identify each node, or point of connection, of a network.
Map to Host Port
When set (not left blank or set to 0), this value provides the mapping offset to the local
computer. For example, if this value is set to 4000 and the range being opened is 100
to 108, the forwarded data to the first value in the range will be sent to 4000.
Subsequent ports will be mapped accordingly; 101 will be sent to 4001, 102 will be
sent to 4002, and so on.
MTU (maximum transmission unit)
The largest size packet or frame, specified in octets (eight-bit bytes), that can be sent
from a computer to the network. The Internet's TCP uses the MTU to determine the
maximum size of each packet in any transmission. If the MTU is too large, the packet
may need to be retransmitted if it encounters a router that can't handle that large a
packet. Too small an MTU size means relatively more header overhead and more
acknowledgements that have to be sent and handled. Most computer operating
systems provide a default MTU value that is suitable for most users. In general,
Internet users should follow the advice of their Internet service provider (ISP) about
whether to change the default value and what to change it to.
Page 123 / 128
115
HomePortal 3801HGV Gateway User Guide
Glossary
NAT (Network Address
Translation)
Enables a LAN to use one set of IP addresses for internal traffic and a second set of
IP addresses for external traffic. This feature is used by the system so an end user
can have an internal computer network in their home, with all its computers using
internal IP addresses, using only one routable IP address, which accesses the
outside (Internet).
PAT (Port Address Translation)
Allows hosts on a LAN to communicate with the rest of a network (such as the
Internet) without revealing their own private IP address. All outbound packets have
their IP address translated to the router’s external IP address. Replies come back to
the router, which then translates them back into the private IP address of the original
host for final delivery.
PPP (Point-to-Point Protocol)
A protocol that allows a computer to access the Internet using a dial-up phone line
and a high-speed modem. This can be accomplished over Ethernet (PPPoE), or over
Asynchronous Transfer Mode (ATM; PPPoA).
PPPoA (Point-to-Point Protocol
over ATM)
A specification for connecting multiple computer users on an Ethernet LAN to a
remote site through common customer premises equipment (such as a modem).
PPPoA combines the Point-to-Point Protocol (PPP), commonly used in dialup
connections, with the ATM (Asynchronous Transfer Mode) protocol, which supports
multiple users in a LAN.
PPPoE (Point-to-Point Protocol
over Ethernet)
A specification for connecting multiple computer users on an Ethernet LAN to a
remote site through common customer premises equipment (such as a modem).
PPPoE combines the Point-to-Point Protocol (PPP), commonly used in dialup
connections, with the Ethernet protocol, which supports multiple users in a LAN.
Protocol Timeout
The amount of time (in seconds) during which a connection in the specified range
remains open when there is no data transfer. After a connection has been established
on a given port, the sender and receiver usually determine when the session is
finished and the connection is closed. However, if the connection is left open and data
transfer stops, the system must eventually close the connection and reclaim the
resources in order to protect your network. In some cases, the system might close the
application during normal operation (for example, if there is a long pause between
data transfer). If this is the case, lengthening the timeout may help.
PVC (permanent virtual circuit)
A virtual circuit that is permanently available. Used to establish connections between
hosts that communicate frequently.
Router
The central switching device in a packet-switched computer network that directs and
controls the flow of data through the network.
Subnet Mask
The IP addressing system allows subnetworks or “interchanges” to be created, and
devices numbers or “extensions” to be established within these subnetworks. These
numbers are created using a mathematical device called a subnet mask. A subnet
mask, like the IP address, is a set of four numbers in dotted decimal notation. Subnet
masks typically take three forms:
• 255.0.0.0
• 255.255.0.0
• 255.255.255.0
The number 255 “masks” out the corresponding number of the IP address, resulting
in IP address numbers that are valid for the network. For example, an IP address of
123.45.67.89 and a subnet mask of 255.255.255.0 results in a sub network number of
123.45.67.0 and a device number of 89.
The subnet mask used for the network typically corresponds to the class of IP
address assigned, as shown in the following table:
Term
Description
IP Address
Class
Dotted-
Decimal
Notation
Ranges
Corresponding
Subnet Mask
Class A
1.xxx.xxx.xxx to
126.xxx.xxx.xxx
255.0.0.0
Class B
128.0.xxx.xxx to
191.255.xxx.xxx
255.255.0.0
Class C
192.0.0.xxx to
223.255.255.xx
x
255.255.255.0
Page 124 / 128
116
HomePortal 3801HGV Gateway User Guide
Glossary
SYN Flood
A method that the user of a hostile client program can use to conduct a denial-of-
service (DOS) attack on a computer server. The hostile client repeatedly sends SYN
(synchronization) packets to every port on the server, using fake IP addresses.
TCP/IP (Transmission Control
Protocol/Internet Protocol)
A method of packet-switched data transmission used on the Internet. The protocol
specifies the manner in which a signal is divided into parts, as well as the manner in
which “address” information is added to each packet to ensure that it reaches its
destination and can be reassembled into the original message.
UDP (User Datagram Protocol)
A TCP/IP protocol describing how data packets reach application programs within a
destination computer.
VPI (Virtual Path Identifier)
Identifier contained in the ATM cell header to designate the virtual path on the
physical ATM link.
VCI (Virtual Channel Identifier)
Identifier contained in the ATM cell header to designate the virtual channel on the
physical ATM link.
Wireless
Transmission of data over radio waves rather than wiring.
Wireless Channel
The 2Wire gateway supports up to 13 wireless channels (based on country
restrictions).
For example, the United States and Canada support channels 1 to 11; Europe and
Australia support channels 1 to 13.
In an 802.1b or 802.11g wireless network, data is transmitted at 2.5GHz. Wireless
nodes communicate with each other using radio frequency signals in the band
between 2.4GHz and 2.5GHz. Neighboring channels are 5 MHz apart; however, due
to the spread spectrum effect of the signals, a node sending signals using a particular
channel will use frequency spectrum 12.5HHz above and below the center channel
frequency. As a result, two separate wireless networks using neighboring channels
(for example, channels 1 and 2) in the same general vicinity will interfere with each
other. Applying two channels that allow the maximum channel separation (such as
channels 1 and 6, or channels 6 and 11) will provide a noticeable performance
increase over networks with minimal channel separation.
The radio frequency channels used in 802.11b/g networks are shown in the following
table:
The preferred channel separation between the channels in neighboring wireless
networks is 25 MHz (5 channels). This means that you can apply up to three different
channels within your wireless network. There are only 11 usable wireless channels in
the United States. It is recommended that you start using channel 1 and expand to
channel 6 (and 11 when necessary), as these three channels do not overlap.
Term
Description
Channel
Frequency
Channel 1
2399.5 MHz-2424.5 MHz
Channel 2
2404.5 MHz-2429.5 MHz
Channel 3
2409.5 MHz - 2434.5 MHz
Channel 4
2414.5 MHz - 2439.5 MHz
Channel 5
2419.5 MHz - 2444.5 MHz
Channel 6
2424.5 MHz - 2449.5 MHz
Channel 7
2429.5 MHz - 2454.5 MHz
Channel 8
2434.5 MHz - 2459.5 MHz
Channel 9
2439.5 MHz - 2464.5 MHz
Channel 10
2444.5 MHz - 2469.5 MHz
Channel 11
2449.5 MHz - 2474.5 MHz
Channel 12
2454.5 MHz - 2479.5 MHz
Channel 13
2459.5 MHz - 2484.5 MHz
Page 125 / 128
117
APPENDIX B
Regulatory Information
Electrical
AC Adapter
The AC adapter is designed to ensure your personal safety and to be compatible with this equipment.
Please follow these guidelines:
Do not use the adapter in a high moisture environment. Never touch the adapter when your
hands or feet are wet
Allow adequate ventilation around the adapter. Avoid locations with restricted airflow
Connect the adapter to a proper power source. The voltage and grounding requirements are
found on the product case and/or packaging
Do not use the adapter if the cord becomes damaged
Do not attempt to service the adapter. There are no serviceable parts inside. Replace the unit
if it is damaged or exposed to excess moisture
Telecommunication Cord
m
To reduce the risk of fire, use only No. 26 AWG or larger UL Listed or CSA Certified
Telecommunication Line Cord.
Internal Telephone ports (VoIP)
Telecommunication equipment connected to this port (e.g., via “Voice 1 & 2” port) should be UL Listed
and the connections shall be made in accordance with Article 800 of the NEC.
Location – Electrical Considerations
m
Due to risk of electrical shock or damage, do not use this product near water, including a
bathtub, wash bowl, kitchen sink or laundry tub, in a wet basement, or near a swimming pool.
Also, avoid using this product during electrical storms. Avoid locations near electrical
appliances or other devices that cause excessive voltage fluctuations or emit electrical noise
(for example, air conditioners, neon signs, high-frequency or magnetic security devices, or
electric motors).

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top