Allied-Data CopperJet-1616-2P Router Manual PDF (Setup & Configuration Guide)

Page 41 / 86 Scroll up to view Page 36 - 40

Chapter 5: Configuring the CopperJet

5.7.8.1 Configuring Triggers

A trigger allows an application to open a secondary port in order to transport packets. The

most common applications that require secondary ports are Messenger and NetMeeting.

Triggers are mandatory for these applications to work with NAT of other security options.

This section assumes that you have enabled Security and defined at least 1 security

interface.

To configure a trigger, go to the

Policies, Triggers and Intrusion Detection

section of the

Security Interface Configuratio

n. Click on

Security Trigger Configuration.

The

Security

Trigger Configuration

page is displayed.

5.7.8.2 Adding Triggers

To add a trigger, click on the

New Trigger

link. The

Security Add Trigger

page is displayed.

A list of options is displayed for configuring the Trigger.

Transport Type:

Select a transport type from the drop-down list, depending

on whether you are adding a trigger for a TCP or a UDP

application.

Port Number Start:

Type the start of the trigger port range that the primary

session uses.

Port Number End:

Type the end of the trigger port range that the primary

session uses.

Secondary Port Number Start

:

Type the start of the trigger port range that

the secondary session uses.

Secondary Port Number End:

Type the end of the trigger port range that

the secondary session uses.

Allow Multiple Host

s:

Select

allow

if you want a secondary session to be initiated

to/from different remote hosts. Select

block

if you want a

Page 39

Page 42 / 86

Chapter 5: Configuring the CopperJet

secondary session to be initiated only to/from the same

remote host. Default

allow.

Max Activity Interva

l:

Type the maximum interval time (in milliseconds) between

the use of secondary port sessions. Default

10000

.

Enable Session Chainin

g:

Select

Allow

or

Block

depending on whether you want to

allow multi-level TCP session chaining. Default

allow.

Enable UDP Session Chainin

g: Select

Allow

or

Block

depending on whether you want to

allow multi-level UDP and TCP session chaining. You must

set

Enable Session Chaining

to

Allow

if you want this to

work. Default

allow.

Binary Address Replacemen

t: Select

Allow

or

Block

depending on whether you want to

use binary address replacement on an existing trigger.

Default

allow.

Address Translation Typ

e:

Specify what type of address replacement is set on a

trigger. You must set

Binary Address Replacement

to

Allow

if you want this to work. Default

none.

When finished configuring the Trigger, click on

Appl

y. The

Firewall Trigger Configuration

page is displayed, containing details of the trigger that you have just configured.

5.7.8.3 Deleting Triggers

Each trigger displayed in the

Firewall Trigger Configuration

page has a

Delete

hyperlink

assigned to it. To delete a trigger, click on this link. The

confirmation

page is displayed.

Click on the

Delete

button to delete the Trigger.

The

Firewall Trigger Configuration

page is displayed and details of the deleted trigger have

been removed.

Page 40

Page 43 / 86

Chapter 5: Configuring the CopperJet

5.8

Search Service

The Search Service menu allows you to set auto-provisioning to scan a fixed list of PVCs

for protocols such as RFC 1483, PPPoA and PPPoE. It automatically creates a suitable

transport and attaches it to the IP Stack.

From the Configuration menu, click on

Search service

. The

Edit Scan PVC

page is

displayed.

Click on the

Value

drop-down list and click on

true

. Click on the

Apply

button. The scan

starts, and the Options on this page are updated with the status of the scan:

•

Percent Complete

: displays scan progress (as a percentage)

•

Showtime Polls

: number of times that DSL showtime is checked

•

Max PVCs

: maximum number of PVCs that the scan should look up

•

Found PVCs

: Number of PVCs found by the scan

•

Scan State

:

idle

(not scanning)

waitingForResponse

(currently scanning)

waitingForShowtime

(currently polling DSL showtime)

Aborted

(the scan was stopped before scanning was complete)

FoundPVC

(scanning is complete - at least one PVC found)

noPVCsFound

(scanning is complete - scan failed to detect any PVCs)

•

Version

: version number of the scan module

Page 41

Page 44 / 86

Chapter 5: Configuring the CopperJet

5.9

Zero Installation PPP Bridge (ZIPB)

Dynamic ZIPB, also known as

PPP Half Bridge

, allows a home user to share the public IP

address assigned by their ISP with a single PC on the LAN. This avoids problems caused by

certain applications having to work through NAT, and avoids the need to run a PPP

software stack on a customer’s PC. It is not a bridge, but rather an IP router with

specialized address management.

5.9.1

ZIPB in bridged configurations

In some bridged configurations, a PPPoE/PPPoA client must be installed on each LAN side

PC. No public address is assigned to the device; each LAN side PC uses its public IP

address directly. Enabling ZIPB in your bridged configuration means that there is no

requirement to install third party PPPoE clients on the LAN side PCs, because the CopperJet

runs an embedded PPPoE/PPPoA client.

5.9.2

ZIPB in routed configurations

In NAT routed mode, the PPPoE/PPPoA client is installed on the CopperJet. The CopperJet

uses the public IP address assigned by the ISP, and NAT is used to provide a private

subnet on the LAN. As NAT is being used, ALGs are required for many typical applications.

Certain applications encounter problems when running through NAT. By allowing one PC on

the LAN to temporarily share the public IP address that has been assigned by the ISP, this

PC can run applications without having to go through NAT. The other PCs on the LAN may

access the external network by running through NAT.

5.9.3 Enabling/Disabling ZIPB

To enable or disable ZIPB, go to the

Configuration

menu and select

ZIPB

. The

ZIPB

page is

displayed.

Page 42

Page 45 / 86

Chapter 5: Configuring the CopperJet

Click on the

Enable

button to enable ZIPB. Click on the

Choose which computer will use the

public IP address

drop-down list and select a LAN PC. The public WAN IP address will be

shared with this PC, and the PC will no longer need to go through NAT. Click

Apply

.

Find below an example on how to get ZIPB to work.

Example:

•

Make sure that you have a working routed WAN connection configured.

•

Make sure that the DHCP server of the CopperJet is enabled and that your network

card of your pc is on obtain IP address automatically.

•

When the DHCP server is enabled and the network card of the pc is set to obtain IP

address automatically, the pc name is available in the list.

•

Configured ZIPB as follows:

-

Select “ethernet-0” as LAN interface

-

Select “rfc1483-0 or ppp-0” as WAN interface

-

Select “Increment” as LAN IP address spoof method

-

Click on

Apply

to apply the settings

-

Now enable ZIPB, by clicking on the

Enable

button.

-

As last select the pc from the list. And click on

Apply

.

-

Do an

ipconfig /release

and then

ipconfig /renew

(in a DOS box) on

the pc that you have selected in the list. The pc will get a WAN IP

assigned.

Once the device has retrieved the public IP address via IPCP, the ZIPB process creates a

spoofed IP address and assigns this address to a virtual interface attached to the device’s

LAN interface. The LAN side DHCP server is updated to allow the selected PC to obtain the

public IP address and public DNS server addresses on the next DHCP lease renewal.

Click on the

Disable

button to disable ZIPB again.

Page 43

Rate

Popular Allied-Data Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share