RX3042H User's Manual Revision 0.
Table of Contents 1 Introduction............................................................1 1.1 Features ....................................................................1 1.2 System Requirements ...............................................1 1.3 Using this Document .................................................2 1.3.1 Notational conventions ............................................... 2 1.3.2 Typographical conventions ......................................... 2 1.3.3 Special messages .........
3.1 Part 1 — Connecting the Hardware ........................11 3.1.1 Step 1. Connect an ADSL or a cable modem............11 3.1.2 Step 2. Connect computers or a Network ................ 12 3.1.3 Step 3. Attach the AC adapter .................................. 12 3.1.4 Step 4. Power on RX3042H, the ADSL or cable modem and power up your computers .................... 12 3.2 Part 2 — Configuring Your Computers ....................13 3.2.1 Before you begin ......................................................
.2.1 WAN Connection Mode ............................................ 29 5.2.2 PPPoE ...................................................................... 30 5.2.2.1 WAN PPPoE Configuration Parameters ........... 31 5.2.2.2 Configuring PPPoE for WAN ............................ 32 5.2.3 PPPoE Unnumbered ................................................ 33 5.2.3.1 WAN PPPoE Unnumbered Configuration Parameters....................................................... 34 5.2.3.
.1.5.2 Add a Fixed DHCP Lease ................................. 49 6.1.5.3 Delete a Fixed DHCP Lease............................. 49 6.1.5.4 Viewing Fixed DHCP Lease Table .................... 49 6.2 DNS .........................................................................50 6.2.1 About DNS .............................................................. 50 6.2.2 Assigning DNS Addresses ....................................... 50 6.2.3 Configuring DNS Relay ............................................
9.1.4 Default ACL Rules .................................................... 64 9.2 NAT Overview..........................................................65 9.2.1 NAPT (Network Address and Port Translation) or PAT (Port Address Translation) ......................................... 65 9.2.2 Reverse NAPT / Virtual Server ................................. 67 9.3 Firewall Settings – (Firewall/NAT ->Settings) ..........67 9.3.1 Firewall Options ....................................................... 67 9.3.
9.8.2 Special Application Example .................................... 87 10 System Management .........................................89 10.1 Configure System Services ...................................89 10.2 Login Password and System Settings ...................90 10.2.1 Changing Password ............................................... 90 10.2.2 Configure System Settings ..................................... 91 10.3 Viewing System Information ..................................91 10.
12 Troubleshooting ..............................................109 12.1 Diagnosing Problem using IP Utilities ................. 111 12.1.1 ping .......................................................................111 12.1.2 nslookup ................................................................112 13 Index ................................................................. 115 List of Figures Figure 2.1 Front Panel LEDs .......................................................... 7 Figure 2.
Figure 7.1 RIP Configuration Page.............................................. 54 Figure 7.2 Static Route Configuration Page ................................ 56 Figure 7.3 Static Route Configuration ......................................... 57 Figure 7.4 Sample Routing Table ................................................ 58 Figure 8.1 Network Diagram for HTTP DDNS .............................. 59 Figure 8.2 HTTP DDNS Configuration Page ................................ 60 Figure 9.
RX3042H User's Manual Introduction Figure 10.8 Factory Reset Page .................................................. 97 Figure 10.9 Factory Reset Confirmation ...................................... 97 Figure 10.10 Factory Reset Count Down Timer ........................... 97 Figure 10.11 Backup System Configuration Page ........................ 98 Figure 10.12 Restore System Configuration Page ....................... 99 Figure 10.13 Selecting System Configuration from the File Manager ........................
Introduction RX3042H User's Manual Table 5.1 LAN Configuration Parameters ..................................... 28 Table 5.2 WAN PPPoE Configuration Parameters ....................... 31 Table 5.3 WAN PPPoE Unnumbered Configuration Parameters . 34 Table 5.4 WAN Static IP Configuration Parameters ..................... 37 Table 5.5 WAN PPTP Configuration Parameters ......................... 39 Table 5.6 WAN Load Balancing and Line Back Up Configuration Parameters ..................................................
RX3042H User's Manual Introduction Chapter 1 Introduction Congratulations on becoming the owner of RX3042H. Your LAN (local area network) will now be able to access the Internet using your high-speed broadband connection such as those with ADSL or cable modem. This User's Manual will show you how to set up the RX3042H, and how to customize its configuration to get the most out of this product. 1.
RX3042H User's Manual Introduction • For system configuration using the web-based GUI: a web browser such as Internet Explorer 6.0 or newer. 1.3 Using this Document 1.3.1 Notational conventions • Acronyms are defined the first time they appear in the text. • For brevity, RX3042H is sometimes referred to as the “router” or the ”gateway”. • The terms LAN and network are used interchangeably to refer to a group of Ethernet-connected computers at one site.
RX3042H User's Manual Getting to Know RX3042H Chapter 2 Getting to Know RX3042H 2.1 Parts List In addition to this document, RX3042H should come with the following: • The system unit • AC adapter • Ethernet cable (“straight-through” type) 2.2 Hardware Features LAN • 4-port Fast Ethernet switch • Auto speed negotiation WAN • Dual 10/100M Ethernet ports • Auto MDI/MDIX 2.3 Software Features 2.3.
Getting to Know RX3042H RX3042H User's Manual contains a pool of network ports to be used for translation. Every packet is translated with the globally valid IP address; the port number is translated with a free pool from the pool of network ports. • Reverse NAPT – Also called inbound mapping, port mapping,or virtual server. Any packet coming to the router can be relayed to an internal host based on the protocol, port number and/or IP Address specified in the rule.
RX3042H User's Manual Getting to Know RX3042H ACL is a very appropriate measure for providing isolation of one subnet from another. It can be used as the first line of defense in the network to block inbound packets of specific types from ever reaching the protected network. The RX3042H Firewallʼs ACL methodology supports: • Filtering based on destination and source IP address, port number and protocol • Use of the wild card for composing filter rules • Filter Rule priorities 2.3.2.
Getting to Know RX3042H RX3042H User's Manual 2.3.2.4 Application Level Gateway (ALG) Applications such as FTP open connections dynamically based on the respective application parameter. To go through the firewall on the RX3042H, packets pertaining to an application, require a corresponding allow rule. In the absence of such rules, the packets will be dropped by the RX3042H Firewall.
RX3042H User's Manual Getting to Know RX3042H 2.4 Finding Your Way Around 2.4.1 Front Panel The front panel contains LED indicators that show the status of the unit. 1 2 3 4 5 Figure 2.1 Front Panel Label and LEDs Table 2.2 Front Panel Label and LEDs LED Label Color 1 Power Green 2 Status Green Status Indication ON RX3042H is powered on. OFF RX3042H is powered off. USB 3 1-2 Identifies the USB port. Green OFF USB device is not detected. ON USB device is detected.
RX3042H User's Manual Getting to Know RX3042H 2.4.2 Rear Panel The rear panel contains the ports for the unitʼs data and power connections. 6 7 8 9 10 11 Figure 2.2 Rear Panel Labels and Connectors Table 2.3 Rear Panel Labels and LEDs Label Indication 6 1--4 LAN Ports: connect to your PC's Ethernet port, or to the uplink port on your LAN's hub/switch, using the Ethernet cable. 7 Dual WAN or WAN + DMZ WAN ports:Connect to your WAN device, such as ADSL or cable modem.
RX3042H User's Manual Getting to Know RX3042H 2.4.3 Bottom View 12 12 12.Wall Mount Slots: You may use these slots to hang RX3042H on the wall to save space. Depending on your particular requirement by taking into account the location of the power outlet, power cord length, Ethernet cable length and etc., you can hang RX3042H in 4 different orientations: front panel up, rear panel up, left side up or right side up. 2.
Getting to Know RX3042H RX3042H User's Manual 2. Line up the wall mount slots with the screws and maneuver RX3042H so that both screws are inserted into the wall mount slots as indicated in the following figures. The wall mount design supports 4 different orientations: rear side up, rear side down, rear side to the left and rear side to the right. Screw Wall mount slot Line up the wall amount slot with both screws.
RX3042H User's Manual Quick Start Guide 3 Quick Start Guide This Quick Start Guide provides basic instructions for connecting the RX3042H to a computer or a network and to the Internet. • Part 1 provides instructions to set up the hardware. • Part 2 describes how to configure Internet properties on your computer(s). • Part 3 shows you how to configure basic settings on the RX3042H to get your LAN connected to the Internet.
Quick Start Guide 3.1.2 RX3042H User's Manual Step 2. Connect computers or a Network. If your LAN has no more than 4 computers, you can use an Ethernet cable to connect computers directly to the built-in switch on the device. Note that you should attach one end of the Ethernet cable to any of the port labeled 1 – 4 on the rear panel of the router and connect the other end to the Ethernet port of a computer.
RX3042H User's Manual Quick Start Guide You should verify that the LEDs are illuminated as indicated in Table 3.1. Table 3.1 LED Indicators This LED: ...should be: POWER Solid green to indicate that the device is turned on. If this light is not on, check if the AC adapter is attached to the RX3042H and if it is plugged into a power source.
Quick Start Guide RX3042H User's Manual 1. In the Windows task bar, click the button, and then click Control Panel. 2. Double-click the Network Connections icon. 3. In the LAN or High-Speed Internet window, right-click on icon corresponding to your network interface card (NIC) and select Properties. (Often this icon is labeled Local Area Connection). The Local Area Connection dialog box displays with a list of currently installed network items. 4.
RX3042H User's Manual Quick Start Guide and then click button. You may be prompted to install files from your Windows 2000 installation CD or other media. Follow the instructions to install the files. 7. If prompted, click button to restart your computer with the new settings. Next, configure the PCs to accept IP addresses assigned by the RX3042H: 8. In the Control Panel, double-click the Network and Dial-up Connections icon. 9.
Quick Start Guide RX3042H User's Manual Protocol, and then click button. 5. Select Microsoft in the Manufacturers list box, and then click TCP/IP in the Network Protocols list, box and then click button. You may be prompted to install files from your Windows 95, 98 or Me installation CD or other media. Follow the instructions to install the files. 6. If prompted, click button to restart your computer with the new settings.
RX3042H User's Manual Quick Start Guide protocols. If the list includes TCP/IP Protocol, then the protocol has already been enabled. Skip to step 9. 4. If TCP/IP does not display as an installed component, click button. 5. In the Select Network Protocol dialog box, select TCP/IP, and then click button. You may be prompted to install files from your Windows NT installation CD or other media. Follow the instructions to install the files.
Quick Start Guide RX3042H User's Manual server). • You maintain different subnets on your LAN. However, during the first time configuration of your RX3042H, you must assign an IP address in the 192.168.1.0 network for your PC, say 192.168.1.2, in order to establish connection between the RX3042H and your PC as the default LAN IP on RX3042H is preconfigured as 192.168.1.1. Enter 255.255.255.0 for the subnet mask and 192.168.1.1 for the default gateway.
RX3042H User's Manual Quick Start Guide 13.On any PC connected to one of the four LAN ports on the RX3042H, open your Web browser, and type the following URL in the address/location box, and press : http://192.168.1.1 This is the predefined IP address for the LAN port on the RX3042H. A login screen displays, as shown in Figure 3.2. Figure 3.2 Login Screen If you have problem connecting to the RX3042H, you may want to check if your PC is configured to accept IP address assignment from the RX3042H.
Quick Start Guide RX3042H User's Manual Figure 3.3 System Status Page 15. Follow the instructions described in Chapter 5 “Router Setup” to set up the LAN and WAN settings for RX3042H. After completing the basic configuration for RX3042H, read the following section to determine if you can access the Internet. 3.3.2 Testing Your Setup At this point, the RX3042H should enable any computers on your LAN to use the RX3042Hʼs ADSL or cable modem connection to access the Internet.
RX3042H User's Manual Quick Start Guide If the LEDs do not illuminate as expected or the web page does not display, see Appendix 12 for troubleshooting suggestions. 3.3.3 Default Router Settings In addition to handling the DSL connection to your ISP, the RX3042H can provide a variety of services to your network. The device is pre-configured with default settings for use with a typical home or small office network. Table 3.
RX3042H User's Manual Using the Configuration Manager 4 Using the Configuration Manager The RX3042H includes a preinstalled program called the Configuration Manager, which provides an interface to the software installed on the device. It enables you to configure the device settings to meet the needs of your network. You access it through your web browser from any PC connected to the RX3042H via the LAN or the WAN ports. This chapter describes the general guides for using the Configuration Manager. 4.
Using the Configuration Manager RX3042H User's Manual Figure 4.1 Configuration Manager Login Screen 2. Enter your username and password, and then click . The first time you log into the program, use these defaults: Default Username: admin Default Password: admin Note: You can change the password at any time (see section 10.2 Login Password and System Settings on page 66). The System Information page displays every time you log into the Configuration Manager (shown in Figure 4.3 on page 20). 4.
RX3042H User's Manual Using the Configuration Manager Figure 4.2 Typical Configuration Manager Page 4.2.1 Menu Navigation • To expand a group of related menus, double click the menu or the icon: • To contract a group of related menus, double click the menu or the icon: • To open a specific configuration page, double click the menu or the icon: 4.2.2 Commonly Used Buttons and Icons The following buttons or icons are used throughout the application.
Using the Configuration Manager 4.3 RX3042H User's Manual Overview of System Configuration To view the overall system configuration, log into the Configuration Manager, or click the Status menu if you have already logged on. Figure 4.3 shows sample information available in the System Status page. Figure 4.
RX3042H User's Manual Router Setup 5 Router Setup This chapter describes how to configure the basic settings for your router so that the computers on your LAN can communicate with each other and have access to the Internet. Network setup consists of LAN and WAN configurations. 5.1 LAN Configuration 5.1.1 LAN IP Address If you are using RX3042H with multiple PCs on your LAN, you must connect your LAN to the Ethernet ports on the built-in Ethernet switch.
RX3042H User's Manual Router Setup Table 5.1 LAN Configuration Parameters Settings Description Host Name For identification only. IP Address The LAN IP address of the RX3042H. This IP address is used by your computers to identify the RX3042Hʼs LAN port. Note that the public IP address assigned to you by your ISP is not your LAN IP address. The public IP address identifies the WAN port on the RX3042H to the Internet.
RX3042H User's Manual Router Setup 5. Click "Apply" to save the settings. If you were using an Ethernet connection for the current session, and changed the IP address or subnet mask, the connection will be terminated. 6. You will see the following message displayed as shown below. 7. You will be prompted to log back into the Configuration Manager once the timer elapses. 5.
Router Setup RX3042H User's Manual Figure 5.2 Network Setup Configuration Page-WAN Configuration 5.2.2 PPPoE PPPoE connection is most often used by ADSL service providers. Figure 5.3.
RX3042H User's Manual Router Setup 5.2.2.1 WAN PPPoE Configuration Parameters Table 5.2 describes the configuration parameters available for PPPoE connection mode. Table 5.2. WAN PPPoE Configuration Parameters Setting Description Link Select a port to configure. Available options are WAN1, WAN2 or DMZ. Connection Select PPPoE from the connection mode drop-down list. Mode PPPoE Session Select the PPPoE session ID for this PPPoE session. Note that only two simultaneous PPPoE sessions are supported.
RX3042H User's Manual Router Setup Setting Description Connect on Click on the Enable or Disable radio button to enable Demand or disable this option. Status On: PPPoE connection is active. Off: No PPPoE connection is active. Connecting: RX3042H is trying to connect to your ISP using PPPoE connection mode. Manual Click the Disconnect or Connect button to disconnect Disconnect/ or connect using the PPPoE connection mode. Connect 5.2.2.
RX3042H User's Manual Router Setup connection mode, the range of MTU is from 546 to 1492. The default value is 1492. 10.Enter appropriate connection settings for “Disconnect after Idle (min)” and “Connect on Demand”. 11.Click "Apply" to save the settings. 5.2.3 PPPoE Unnumbered Some of the ADSL service providers may offer PPPoE unnumbered service. Choose this connection mode if your ISP provides such service. Figure 5.4.
RX3042H User's Manual Router Setup 5.2.3.1 WAN PPPoE Unnumbered Configuration Parameters Table 5.3 describes the configuration parameters available for PPPoE Unnumbered connection mode. Table 5.3. WAN PPPoE Unnumbered Configuration Parameters Setting Description Link Select a port to configure. Available options are WAN1, WAN2 or DMZ. Connection Mode Select PPPoE Unnumbered from the connection mode drop-down list. Traditionally, each network interface must have a unique IP address.
RX3042H User's Manual Router Setup Setting Description MTU You may specify the maximum size of the transmitted packet. For PPPoE, the range of MTU is from 546 to 1492. The default value is 1492. Disconnect after Idle (min.) Enter the inactivity timeout period at which you want to disconnect the Internet connection when there is no traffic. A value of 0 means no activity time out. Note that SNTP service may interfere with this function if there are activities from the service.
Router Setup RX3042H User's Manual secondary DNS servers if you want to use your preferred DNS servers; otherwise, skip this step. 9. (Optional) Change the MTU value if necessary. If you do not know what value to enter, leave it as is. For dynamic IP connection mode, the range of MTU is from 546 to 1492. The default value is 1492. 10.Enter appropriate connection settings for Disconnect after Idle (min) and Connect on Demand. 11.Click Apply to save the settings. 5.2.
RX3042H User's Manual Router Setup by the DHCP server of your ISP. 4. (Optional) Change the MTU value if necessary. If you do not know what value to enter, leave it as is. For dynamic IP connection mode, the range of MTU is from 546 to 1500. The default value is 1500. 5. Click Apply"to save the settings. 5.2.5 Static IP Figure 5.6. WAN – Static IP Configuration 5.2.5.1 WAN or DMZ Static IP Configuration Parameters Table 5.4 describes the configuration parameters available for static IP connection mode.
RX3042H User's Manual Router Setup Setting Description Subnet Mask WAN subnet mask provided by your ISP. Typically, it is set as 255.255.255.0. Gateway Address Gateway IP address provided by your ISP. It must be in the same subnet as the WAN on the RX3042H. Primary/ You must at least enter the IP address of the Secondary DNS primary DNS server. Secondary DNS server is Server optional MTU You may specify the maximum size of the transmitted packet.
RX3042H User's Manual Router Setup 9. Click Apply to save the settings 5.2.6 PPTP Some of the service providers require user to login using PPTP connection. 5.2.6.1 WAN PPTP Configuration Parameters Table 5.5 describes the configuration parameters available for PPTP connection mode. Table 5.5. WAN PPTP Configuration Parameters Setting Link Connection Mode WAN Interface IP Description Select a port to configure. Available options are WAN1, WAN2 or DMZ.
Router Setup Setting Connect on Demand Disconnect after Idle (min) Status RX3042H User's Manual Description Click on the Enable or Disable radio button to enable or disable this option. Enter the inactivity timeout period at which you want to disconnect the Internet connection when there is no traffic. A value of 0 means no activity time out. Note that SNTP service may interfere with this function if there are activities from the service. On: PPTP connection is active. Off: No PPTP connection is active.
RX3042H User's Manual DHCP Server Configuration 5.2.6.2 Configuring PPTP for WAN Follow the instructions below to configure PPTP settings: 1. Open the Network Setup configuration page by clicking the Router Setup ->Connection menu. 2. Select which WAN port (WAN1/WAN2) to configure for PPTP connection mode. 3. Select PPTP from the WAN Connection Mode drop-down list as shown in Figure 5.7. 4. Select how WAN IP is to be obtained – static or dynamic.
DHCP Server Configuration RX3042H User's Manual requirement on the WANs. Another feature supported is fail-over for the WAN ports. If one of the WAN links is down, RX3042H will direct the traffic destined for the downed WAN port to the still active WAN port. The line back up function is another feature supported to ensure uninterrupted Internet access. When the primary WAN link is down, the Internet access is automatically switched to the backup WAN link. 5.3.
RX3042H User's Manual DHCP Server Configuration Setting Description Connectivity will need to disable this feature. Otherwise, RX3042H will Check (Cont.) make incorrect judgment regarding the WAN link status and thus affect the behavior of the load balancing or line back up. Connectivity The interval that RX3042H will check for the WAN link Check Interval status. The allowable value is 1 to 60 seconds. Connectivity Enter the IP address of the specific network device that the traffic will pass through.
DHCP Server Configuration RX3042H User's Manual Follow the instructions below to set up WAN load balancing: 1. Open the Load Balancing configuration page by clicking the Router Setup ->Load Balance menu. 2. Select Auto Mode in the Load Balance field. 3. Enter the ratio of the traffic amount that you want to distribute between the two WANs. The allowable value is from 0 to 100%. The sum of the two numbers is 100%. 4. Select whether you need to enable or disable connectivity check.
RX3042H User's Manual DHCP Server Configuration 6 DHCP Server Configuration 6.1 DHCP (Dynamic Host Control Protocol) 6.1.1 What is DHCP? DHCP is a protocol that enables network administrators to centrally manage the assignment and distribution of IP information to computers on a network. When you enable DHCP on a network, you allow a device — such as the RX3042H — to assign temporary IP addresses to your computers whenever they connect to your network.
DHCP Server Configuration 6.1.3 RX3042H User's Manual Configuring DHCP Server Note: By default, the RX3042H is configured as a DHCP server on the LAN side, with a predefined IP address pool of 192.168.1.100 through 192.168.1.149 (subnet mask 255.255.255.0). To change this range of addresses, follow the procedures described in this section. First, you must configure your PCs to accept DHCP information assigned by a DHCP server: 1. Open the DHCP Server Configuration page, shown in Figure 6.
RX3042H User's Manual DHCP Server Configuration Table 6.1. DHCP Configuration Parameters Field Description Enable Check or uncheck this box to enable or disable DHCP server service for your LAN. IP Address Pool Begin/ End Specify the lowest and highest addresses in the DHCP address pool. Lease Time The amount of time in seconds the assigned address will be used by a device connected on the LAN.
DHCP Server Configuration 6.1.4 RX3042H User's Manual Viewing Current DHCP Address Assignments When the RX3042H functions as a DHCP server for your LAN, it keeps a record of any addresses it has leased to your computers. To view a table of all current IP address assignments, just open the DHCP Server Configuration page and click on the link “Current DHCP Lease Table” located at the bottom of the configuration page. A page displays similar to that shown in Figure 6.2.
RX3042H User's Manual DHCP Server Configuration Figure 6.3. Fixed DHCP Lease Configuration Page 6.1.5.2 Add a Fixed DHCP Lease To add a fixed DHCP lease, follow the instructions below: 1. Open the Fixed DHCP Lease configuration page, as shown in Figure 6.3, by clicking Advanced ->DHCP Server menu. 2. Enter the MAC address and the desired IP address of the host requiring a fixed IP address. Table 6.2 describes the fixed DHCP lease configuration parameters in detail. Table 6.2.
DHCP Server Configuration RX3042H User's Manual DHCP Lease configuration page by clicking Advanced ->DHCP Server menu 6.2 DNS 6.2.1 About DNS Domain Name System (DNS) servers map the user-friendly domain names that users type into their Web browsers (e.g., “yahoo.com”) to the equivalent numerical IP addresses that are used for Internet routing. When a PC user types a domain name into a browser, the PC must first send a request to a DNS server to obtain the equivalent IP address.
RX3042H User's Manual DHCP Server Configuration Note: If you specify the actual DNS addresses on the PCs or in the DHCP pool, the DNS relay feature is not used. 6.2.3 Configuring DNS Relay When you specify the deviceʼs LAN port IP address as the DNS address, then the Internet Security Router automatically performs “DNS relay”; i.e., because the device itself is not a DNS server, it forwards domain name lookup requests from the LAN PCs to a DNS server at the ISP.
Routing RX3042H User's Manual DNS address (other than the LAN IP address) in a DHCP pool or statically on a PC, then that address will be used instead of the DNS relay address.
RX3042H User's Manual 7 Routing Routing You can use Configuration Manager to define specific routes for your Internet and network data communication. This chapter describes basic routing concepts and provides instructions for creating static routes. Note that most users do not need to define static routes. 7.
RX3042H User's Manual Routing 7.2 Dynamic Routing using RIP (Routing Information Protocol) RIP enables routing information exchange between routers; thus, routes are updated automatically without human intervention. It is recommended that you enable RIP in the System Services Configuration Page as shown in Figure 10.1. Figure 7.1. RIP Configuration Page 7.2.1 RIP Configuration Parameters The following table defines the available configuration parameters for static routing configuration. Table 7.1.
RX3042H User's Manual Routing Field Description Passive Mode Enable this mode if RIP configured for this interface will only receive routing information from other routers and not send routing information to other routers. Disable this mode if you want this interface to send and receive routing information to/from other routers. RIP Version (Send) Select the RIP version for sending the routing information. Three options are available: Version 1. Version 2 and Both.
RX3042H User's Manual Routing information. Available options are Version 1, Version 2 and Both. 6. Choose whether authentication is required by clicking the Enable or Disable radio button. 7. (Optional) If authentication is enable, you must also select authentication mode and the desired authentication key. 8. Click Apply to save the settings. 7.3 Static Route Figure 7.2. Static Route Configuration Page 7.3.
RX3042H User's Manual Routing Field Description Subnet Mask Indicates which parts of the destination address refer to the network and which parts refer to a computer on the network. Refer to Appendix 11, for an explanation of network masks. The default route uses a 0.0.0.0 for subnet mask. Gateway Gateway IP address Interface Available option include AUTO, Eth0 (LAN), Eth1 (WAN), PPPoE:0 (unnumbered), PPPoE:1 (1st PPPoE session), PPPoE:2 (2nd PPPoE session).
RX3042H User's Manual Routing 7.3.3 Deleting Static Routes Figure 7.4. Sample Routing Table Follow these instructions to delete a static route from the routing table. 1. Open the Static Route configuration page by clicking the Advanced ->Static Route menu. 2. Click on the Table. icon of the route to be deleted in the Routing WARNING Do not remove the route for default gateway unless you know what you are doing. Removing the default route will render the Internet unreachable. 7.3.
RX3042H User's Manual 8 Configuring DDNS Configuring DDNS Dynamic DNS (DDNS) is a service that allows computers to use the same domain name, even when the IP address changes from time to time (during reboot or when the ISPʼs DHCP server resets IP leases). RX3042H connects to a DDNS service provider whenever the WAN IP address changes. It supports setting up the web services such as Web server, FTP server using a domain name instead of the IP address.
Configuring DDNS 8.1 RX3042H User's Manual DDNS Configuration Parameters Table 8.1 describes the configuration parameters available for DDNS service. Table 8.1. DDNS Configuration Parameters Field Description Interface Select the interface that the DDNS service is to be used. Status Shows the state of DDNS. Enable DDNS Check this box to enable DDNS service; otherwise, keep the box unchecked. Domain Name Enter the registered domain name into this field.
RX3042H User's Manual Configuring DDNS Follow these instructions to configure the HTTP DDNS: 1. First, you should have already registered a domain name to the DDNS service provider, dyndns. If you have not done so, please visit www.dyndns.org for more details. 2. Open the DDNS configuration page by clicking Advanced -> DDNS Service menu. 3. Select the interface that the DDNS service is to be used. 4. Check Enable DDNS checkbox to enable the DDNS service. 5.
RX3042H User's Manual 9 Configuring Firewall Configuring Firewall and NAT The RX3042H provides built-in firewall/NAT functions, enabling you to protect the system against denial of service (DoS) attacks and other types of malicious accesses to your LAN while providing Internet access sharing at the same time. You can also specify how to monitor attempted attacks, and who should be automatically notified.
Configuring Firewall 9.1.2 RX3042H User's Manual DoS (Denial of Service) Protection Both DoS protection and stateful packet inspection provide first line of defense for your network. No configuration is required for both protections on your network as long as firewall is enabled for the RX3042H. By default, the firewall is enabled at the factory. Please refer to section 9.3.1 “Firewall ” to enable or disable firewall service on the RX3042H. 9.1.3 Firewall and Access Control List (ACL) 9.1.3.
RX3042H User's Manual Configuring Firewall • ACL Rules: for controlling all access to the computers on the LAN and DMZ and for controlling access to external networks for hosts on the LAN and DMZ. • Self-Access Rules: for controlling access to the RX3042H itself. Default Access Rules • All traffic from external hosts to the hosts on the LAN and DMZ is denied. • All traffic originated from the LAN is forwarded to the external network using NAT.
Configuring Firewall RX3042H User's Manual Figure 9.1 NAPT – Map Any Internal PCs to a Single Global IP Address Figure 9.
RX3042H User's Manual 9.2.2 Configuring Firewall Reverse NAPT / Virtual Server Reverse NAPT is also called inbound mapping, port mapping, or virtual server. Any packet coming to the RX3042H can be relayed to the internal host based on the protocol, port number and/or IP address specified in the ACL rule. This is useful when multiple services are hosted on different internal hosts. Figure 9.
RX3042H User's Manual Configuring Firewall The RX3042H has an Attack Defense Engine that protects internal networks from Denial of Service (DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can drop ICMP redirects and IP loose/strict source routing packets. For example, a security device with the RX3042H Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems in the Internet.
RX3042H User's Manual Field Configuring Firewall Description SYN/ ICMP/ UDP Check or un-check this option to enable or disable the logging for SYN/ICMP/UDP flooding attacks. These Flooding attacks involve sending lots of TCP SYN/ICMP/UDP to a host in a very short period. RX3042H will not drop the flooding packets to avoid affecting the normal traffic. TCP XMAS/ NULL/ FIN Scan A hacker may be scanning your system by sending these specially formatted packets to see what services are available.
Configuring Firewall RX3042H User's Manual 9.3.2.2 Configuring DoS Settings To configure DoS settings, follow the instructions below: 1. Open the Firewall General configuration page as shown in Figure 9.3 by clicking on Firewall ->Security menu. 2. Check or uncheck individual check box for each type DoS protection. 3. Click Apply to save the settings. Figure 9.3. Firewall General Configuration Page 9.4 ACL Rule Configuration Parameters 9.4.1 ACL Rule Configuration Parameters Table 9.
RX3042H User's Manual Configuring Firewall Table 9.3. ACL Rule Configuration Parameters Field Description Filter Direction – choose the available option from the drop-down list to configure the ACL. For dual-WAN configuration, two options are available – LAN ->WAN and WAN ->LAN. For WAN + DMZ configuration, six options are available – LAN ->WAN, WAN ->LAN, LAN ->DMZ, DMZ->LAN, WAN ->DMZ and DMZ ->WAN. ID Add New Rule Number Click on this option to add a new ACL rule.
Configuring Firewall Field RX3042H User's Manual Description NAT None Select this option if you donʼt intend to use NAT in this ACL rule. IP Address Select this option to specify the IP address of the you want the outgoing traffic to use as the source IP address. Note this option is called. Auto RX3042H automatically uses the IP address of the interface that the traffic is to be forwarded as the source IP address.
RX3042H User's Manual IP Address, Subnet Configuring Firewall Select any of these options and enter details as described in the Source IP section above. Service Select a service, from the drop-down list, to which this rule should apply. If the desired service is not listed, click on the Edit button to create a new service. Time Select a time slot during which this rule should apply. Enable Check this box if you want to activate the ACL rule at the time specified.
Configuring Firewall Field RX3042H User's Manual Description This option allows you to select the ICMP message type for the service. The supported ICMP message types are: • • • • • • • • • • • • • • • • • • • • 9.
RX3042H User's Manual Configuring Firewall Figure 9.4. ACL Configuration Page 9.5.1 Add an ACL Rule To add an ACL rule, follow the instructions below: 1. Open the ACL Rule configuration page, as shown in Figure 9.4, by clicking Firewall ->ACL menu. 2. Select an option from the “Filter Direction” drop-down list. For example, if you want to create an ACL to filter traffic originated from LAN and destined to WAN, then choose LAN ->WAN option. 3. Select Add New from the “ID” drop-down list. 4.
Configuring Firewall RX3042H User's Manual explanation of these fields. 8. Assign a priority for this rule by selecting a number from the Move to drop-down list. Note that the number indicates the priority of the rule with 1 being the highest. Higher priority rules will be examined prior to the lower priority rules by the firewall. 9. Click on the Add button to create the new ACL rule.
RX3042H User's Manual 9.5.2 Configuring Firewall Modify an ACL Rule To modify an inbound ACL rule, follow the instructions below: 1. Open the Outbound ACL Rule Configuration Page by clicking Firewall/NAT ->ACL menu. 2. Click on the icon of the rule to be modified in the inbound ACL table or select the rule number from the ID drop-down list. 3. Make desired changes to any or all of the following fields: action, source/destination IP, service, time and log. Please see Table 9.
Configuring Firewall RX3042H User's Manual Figure 9.7. Self-Access ACL Configuration Page 9.6.1 Add a Self-Access Rule To add a Self-Access rule, follow the instructions below: 1. Open the Self-Access Rule Configuration page by clicking Firewall/NAT ->Self-Access ACL menu. 2. Select “Add New” from the “ID” drop-down list. 3. Set desired action (Allow or Deny) from the “Action” drop-down list. 4. Assign a priority for this rule by selecting a number from the “Move to” drop-down list.
RX3042H User's Manual Configuring Firewall Example Figure 9.8 shows a sample self-access ACL configuration to allow HTTP traffic from any one to RX3042H. Figure 9.8. Self-Access ACL Configuration Example 9.6.2 Modify a Self-Access Rule To modify a Self-Access rule, follow the instructions below: 1. Open the Self-Access ACL configuration page by clicking Firewall/NAT ->Self-Access ACL menu. 2.
Configuring Firewall 9.6.4 RX3042H User's Manual View Configured Self-Access Rules To see existing Self-Access Rules, just open the Self-Access ACL configuration page by clicking Firewall/NAT ->Self-Access ACL menu. 9.7 Configure Virtual Server Virtual server allows you to configure up to ten public servers, such as a Web, E-mail, FTP server and etc. accessible by external users of the Internet. Each service is provided by a dedicated server configured with a fixed IP Address.
RX3042H User's Manual Configuring Firewall virtual server configuration. Table 9.5. Virtual Server Configuration Parameters Setting Description ID Add New Number Click on this option to add a new virtual server. Select the ID of a virtual server from the drop-down list to modify its settings. Move to This option allows you to set a priority for virtual server rule check. NAT does the IP and/or port mapping based on the priority of the rules.
Configuring Firewall RX3042H User's Manual Setting Description Redirect Service Select a service, from the drop-down list, to which this rule should apply. If the desired service is not listed, click on the "Edit" button to create a new service. Bypass ACL Check this option if you do not want firewall to perform access control on this virtual server. This means that the virtual server allows anyone to access the service provided.
RX3042H User's Manual Application Netmeeting or VoIP NEWS PC Anywhere PC Anywhere POP3 Powwow Chat Red Alert II SMTP Sudden Strike TELNET Win VNC 9.7.2 Configuring Firewall Service Port Numbers 1503-1503, 1720(ALG) TCP 119-119 TCP 5631 TCP 5631, UDP 5632 TCP 110-110 13233-13233 1234-1237 TCP 25-25 2300-2400 TCP 23-23 UDP 5800-5800 Virtual Server Example 1 – Web Server Figure 9.10 illustrates the network topology for the web server deployment. This web server provides HTTP service using TCP port 8080.
Configuring Firewall RX3042H User's Manual Figure 9.11. Virtual Server Example 1 – Web Server 3. Enter the IP address of the web server, which is 192.168.1.28, in Redirect IP field. 4. Since the web server is not using the standard TCP port, which is 80, for providing the http service, a new service type must be created for http service using TCP port 80. Click on the Edit button on the redirect service field to create a new service type.
RX3042H User's Manual Configuring Firewall 5. Select the service, HTTP_8080, from the Redirect Service dropdown list. 6. Click Add to save the virtual server settings. 9.7.3 Virtual Server Example 2 – FTP Server Figure 9.10 illustrates the network topology for the FTP server deployment. This FTP server provides FTP service using standard FTP port. Following describes the procedure to setup the FTP server as illustrated in Figure 9.10. 1. Open the Virtual Server configuration page, as shown in Figure 9.
RX3042H User's Manual Configuring Firewall Note: Only one PC can use one particular special application at a time.. 9.8.1 Special Application Configuration Parameters Table 9.7 describes the configuration parameters available for virtual server configuration. Table 9.7. Special Application Configuration Parameters Setting Description Enabled Check this box to activate the policy. Trigger Protocol Select the protocol type from the drop-down list. The available options are TCP, UDP and TCP/UDP.
RX3042H User's Manual Configuring Firewall Application Outgoing Port Number Incoming Port Range ICU II 2019 2000-2038, 2050-2051, 2069, 2085, 3010-3030 MSN Gaming Zone 47624 2300-2400, 28800-29000 PC to Phone 12053 12120, 12122, 150-24220 Quick Time 4 554 6970-6999 wowcall 8000 4000-4020 Yahoo Messenger 5050 5000-5101 9.8.2 Special Application Example Figure 9.14.
Configuring Firewall RX3042H User's Manual 5. Select TCP/UDP from the incoming protocol drop-down list. If you are not sure whether the application uses TCP or UDP protocol, you may select TCP/UDP in this field. 6. Enter incoming port range, in this case: 2300-2400 and 28800-29000 7. In the Comment field, enter the name identifying this application, which is MSN Gaming Zone in this instance. 8. Click Apply to save the settings.
RX3042H User's Manual 10 System Management System Management This chapter describes the following administrative tasks that you can perform using the Configuration Manager: • • • • • • • • • Configure available system services Modify password and configure system settings View system information Modify system date and time Configure SNMP Reset system configuration to factory default settings Backup and restore system configuration Restart system Update firmware 10.
System Management 10.2 RX3042H User's Manual Login Password and System Settings 10.2.1 Changing Password The first time you log into the Configuration Manager, the default username and password (admin and admin) are used. For security reasons, it is advised that you change this password to avoid router configuration from unauthorized changes. Note: This username and password is only used for logging into the Configuration Manager; it is not the same login password that you use to connect to your ISP.
RX3042H User's Manual System Management new password in the same upper and lower case characters that you enter here. 3. Click on Apply button to save the new password. 10.2.2 Configure System Settings Follow the steps below to modify system settings: 1. Open the System Administration configuration page, as shown in Figure 10.2, by clicking the Router Setup ->Administration menu. 2.
System Management RX3042H User's Manual Figure 10.3. System Information Page 10.4 Setup Date and Time RX3042H keeps a record of the current date and time, which it uses to calculate and report various data. Although there is a real time clock inside RX3042H; you may also rely on external time servers to maintain correct time. RX3042H allows you to configure up to three external time servers.
RX3042H User's Manual System Management Figure 10.4. Time Zone Configuration Page To manually change the time for the router: 1. Open the Time Zone configuration page by clicking the Management ->Time Zone menu. 2. Enter the current date and time in the proper fields. 3. Select your time zone from the drop-down list. 4. Click on Apply button to save the settings. The synchronize the time between the real time clock and the external time servers: 1.
System Management RX3042H User's Manual Manager, click the Management ->Time Zone menu. 10.5 SNMP Setup SNMP (Simple Network Management Protocol) as its name suggests is used for network management. You may use the SNMP configuration page to enable or disable the SNMP support. 10.5.1 SNMP Configuration Parameters Table 10.1 describes the configuration parameters available for SNMP setup. Table 10.1.
RX3042H User's Manual System Management Figure 10.5. SNMP Configuration Page 2. Check the SNMP Enable box to enable the SNMP support; otherwise, uncheck the box. 3. Enter the RO (read only) and R/W (read and write) community names. 4. Enter the IP address of the SNMP management station that receives trap messages from the RX3042H. 5. Click on Apply button to save the settings. 10.6 Log Setup Log messages are stored in dynamic memory and will disappear after system is rebooted.
System Management RX3042H User's Manual 1. Open the Log configuration page, as shown in Figure 10.6, by clicking the Management ->Log menu 2. Click Enable Remote Log check box to enable remote logging. 3. Enter the syslog server IP address in the Syslog Server IP Address field. 4. Click on Apply button to save the settings. 10.6.2 View the System Log You may open the firewall log page by clicking Firewall/NAT ->Log menu to see any logged. Figure 10.7 shows a sample log.
RX3042H User's Manual System Management Figure 10.8 Factory Reset Page 2. Click on Apply button to restore the system configuration to the factory default settings. 3. A dialog window as shown in Figure 10.7 will pop up to ask for confirmation. Click on the OK button to proceed; otherwise, click on the Cancel button to cancel the action. Figure 10.9 Factory Reset Confirmation 4. RX3042H will then reboot thereafter to make the factory default configuration in effect.
System Management RX3042H User's Manual Sometimes, you may find that you have no way to access the RX3042H, e.g. you forget your password or the IP address of RX3042H. The only way out in this scenario is to reset the system configuration to the factory default by pressing the reset button for at least 5 seconds. The system configuration will be reverted back to the factory default settings after RX3042H is rebooted. 10.7.2 Backup System Configuration Follow the steps below to backup system configuration: 1.
RX3042H User's Manual System Management 4. Click on button to backup the system configuration. 10.7.3 Restore System Configuration Follow the steps below to backup system configuration: 1. Open the System Configuration Restore page by clicking the Management ->Configuration ->Restore menu. Figure 10.12 Restore System Configuration Page 2. Enter the path and name of the system configuration file that you want to restore in the “Configuration File” text box. Alternatively, you may click on the "Browse...
System Management RX3042H User's Manual Figure 10.13 Selecting System Configuration from the File Manager 3. Click on Apply button to restore the system configuration. A dialog window, such as the one below, will pop up to ask for confirmation for restoring the system configuration. Click the OK button to proceed; otherwise, click the Cancel button to cancel the action. Note that the RX3042H will reboot to make the new system configuration in effect. Figure 10.
RX3042H User's Manual System Management Figure 10.15 System Reboot Counter Timer 10.8 Firmware Upgrade ASUSTeK may from time to time provide you with an update to the firmware running on the RX3042H. All system software is contained in a single file, called an image. Configuration Manager provides an easy way to upload the new firmware image. To upgrade the image, follow this procedure: 1. Open the Firmware Upgrade page, as shown in Figure 10.16, by clicking the System ->Firmware Upgrade menu. Figure 10.
System Management RX3042H User's Manual Figure 10.17 Selecting Firmware from the File Manager 3. Click on Apply button to update the firmware. A dialog window, such as the one below, will pop up to ask for confirmation of the firmware upgrade. Click the OK button to proceed; otherwise, click the Cancel button to cancel the action. Figure 10.18 Firmware Upgrade Confirmation 4. Firmware upgrade status and progress will be shown as illustrated in Figure 10.19 Figure 10.
RX3042H User's Manual System Management 5. A count down timer will display, as shown in Figure 10.20, after the firmware upgrade is completed. Youʼll be reconnected back to RX3042H when the counter returns to zero. You may need to manually connect back to the RX3042H if you are not connected back to RX3042H automatically. Figure 10.20 System Reboot Count Down Timer for Firmware Upgrade 6. When you are reconnected to the RX3042H, click Status menu to check if the new firmware is properly upgraded.
System Management RX3042H User's Manual Figure 10.21 Restart System Page 10.9 Logout Configuration Manager To logout of Configuration Manager, open the Logout page by clicking the Logout menu and click on the Apply button. If you are using IE as your browser, a window similar to the one shown in Figure 10.22 will prompt for confirmation before closing your browser. Figure 10.22 Configuration Manager Logout Page Figure 10.
RX3042H User's Manual IP Address, Network Masks, and Subnets 11 IP Addresses, Network Masks, and Subnets 11.1 IP Addresses Note: This section pertains only to IP addresses for IPv4 (version 4 of the Internet Protocol). IPv6 addresses are not covered. This section assumes basic knowledge of binary numbers, bits, and bytes. For details on this subject, see Appendix 11. IP addresses, the Internetʼs version of telephone numbers, are used to identify individual nodes (computers or devices) on the Internet.
IP Address, Network Masks, and Subnets RX3042H User's Manual Table 11.1. IP Address Structure Class A Class B Class C Field 1 Field 2 Network ID Network ID Network ID Field 3 Field 4 Host ID Host ID Host ID Here are some examples of valid IP addresses: Class A: 10.30.6.125 (network = 10, host = 30.6.125) Class B: 129.88.16.49 (network = 129.88, host = 16.49) Class C: 192.60.201.11 (network = 192.60.201, host = 11) 11.2 Network classes The three commonly used network classes are A, B, and C.
RX3042H User's Manual IP Address, Network Masks, and Subnets • A host ID can have any value except all fields set to 0 or all fields set to 255, as those values are reserved for special uses. 11.3 Subnet masks Definition: mask: A mask looks like a regular IP address, but contains a pattern of bits that tells what parts of an IP address are the network ID and what parts are the host ID: bits set to 1 mean “this bit is part of the network ID” and bits set to 0 mean “this bit is part of the host ID.
IP Address, Network Masks, and Subnets Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0 RX3042H User's Manual These are called default because they are used when a network is initially configured, at which time it has no subnets.
RX3042H User's Manual 12 Troubleshooting Troubleshooting This appendix suggests solutions for problems you may encounter in installing or using the RX3042H, and provides instructions for using several IP utilities to diagnose problems. Contact Customer Support if these suggestions do not resolve the problem.
RX3042H User's Manual Troubleshooting Problem PC cannot access Internet (cont.) Troubleshooting Suggestion • Verify with your ISP that the DNS server specified for the PC is valid. Correct the address or configure the PC to receive this information automatically. • Verify that a Network Address Translation rule has been defined on the RX3042H to translate the private address to your public IP address. The assigned IP address must be within the range specified in the NAT rules.
RX3042H User's Manual 12.1 Troubleshooting Diagnosing Problem using IP Utilities 12.1.1 ping Ping is a command you can use to check whether your PC can recognize other computers on your network and the Internet. A ping command sends a message to the computer you specify. If the computer receives the message, it sends messages in reply. To use it, you must know the IP address of the computer with which you are trying to communicate.
Troubleshooting RX3042H User's Manual Using the ping command, you can test whether the path to the RX3042H is working (using the preconfigured default LAN IP address 192.168.1.1) or another address you assigned. You can also test whether access to the Internet is working by typing an external address, such as that for www.yahoo.com (216.115.108.243). If you do not know the IP address of a particular Internet location, you can use the nslookup command, as explained in the following section.
RX3042H User's Manual Index Figure 12.2. Using the nslookup Utility There may be several addresses associated with an Internet name. This is common for web sites that receive heavy traffic; they use multiple, redundant servers to carry the same information. To exit from the nslookup utility, type exit and press at the command prompt.
RX3042H User's Manual 13 Index Index ACL Configuration page, 74 relay, 51 Computers Domain Name System.
RX3042H User's Manual Index Windows Me, 15 Netmask. See Network mask Windows NT 4.
RX3042H User's Manual Index changing, 90 Upgrading firmware, 101 default, 19, 24 User Password Configuration page, 90 recovering, 111 PC configuration, 13 PC Configuration static IP addresses, 17 Ping, 111 Power adapter, 12 Primary DNS, 37 Quick Configuration logging in, 19 Rear Panel, 8 RIP Configuration page, 54 Routing Configuration page, 54, 56 Username default, 19, 24 WAN DHCP, 29 WAN IP address, 29 Web browser requirements, 1 version requirements, 23 Web browsers compatible versions, 23 Windows NT con