SOYO AVRO3001 User's Manual
Contents
1. 10 MIB D o NO A P E Cn 11 oO D NU S A stt tou 11 SENATO ES 12 ovid Address T AA 12 13 SESOPE CALAPPA GON 14 oremus 15 SG GEO 15 URE BICC ANG 5 oeste qo tmn te ho tens 18 5 5 9 Schedule Rules etc AE M 18 Doo d LACES TOL ee edi roten eser de tov 20 21 6 UPnP Universal Plug and 22 9 24 o TJ ContsuraBon E 24 D 2 6 _ 24 D SLAS 26 20 2 gt 27 SI Se CUO Sree 2 1 DA IDHCP Ghent estoit tomtom on S ov e 28 BON ODPSSEALUS 28 GIOSS AN Q 30 1 Introduction The AVRO 3001 VoIP router is a device that combines a Voice Gateway and a Broadband Router in a single unit The Broadband Router is designed to share a single Internet access among two or more PCs in a household and to provide Internet security for the PCs conn2. Tools Add PC Status 4 Figure 5 15 When you click Add PC the following Access Control Add PC page will appear Client PC Description 1 Client PC IP Address 192 1881 __ _ Client PC Service Service Name Detail Description WWW HTTP TCP Port 80 3128 8000 8001 8080 UAE HTTP Ref URL Blocking Site Page ocking E mail Sending SMTP TCP Port 25 o News Forums Port 119 E mail Receiving TCP Port 110 0 Secure HTTPS TCP 443 D File Transfer FTP TCP Port 21 O Telnet Service TCP Port 23 0 AOL Instant Messenger TCP 5190 NetMeeting H 323 TCP Port 1720 1503 0 DNS UDP Port 53 0 16 Figure 5 16 This page allows you to define service limitations of a specific PC including IP address service type and scheduling rule criteria For URL blocking function you will need to configure the URL address first in the URL Blocking Site page For scheduling function you will also need to configure schedule rule first in the Schedule Rule page You will need to enter the Client PC Description e g NoteBook1 and it s associated IP address 192 168 1 100 then select the service name WWW and E mail Sending and then press OK The following page will then be displayed In the example below the PC with IP address 192 168 1 100 will not be able to use WWW ot send e mail The AVRO 3001 VoIP router supports up to 22 filtering rule
3. User Password Please retype your password Service Name MTU 1454 1440 lt MTU Value lt 1492 Maximum Idle Time 0 min Auto reconnect Figure 5 6 5 2 3 Static IP If your ISP has assigned you a fixed IP address to connect to the internet 10 enter assigned IP address subnet mask and gateway address here System Static IP o WAN D Dynamic IP PPPoE 5 Has your Service Provider given you an address and Gateway address DNS If your Service Provider has assigned a fixed address enter the assigned IP address subnet mask and the gateway address provided Firewall UPnP 0 Lo Lo o DDNS Qos Tools Status iul K OLAN IP address assigned by your Service 0 0 Subnet Mask Figure 5 7 5 2 4 DNS Most service providers provide DNS server via DHCP or PPPoE for speed and convenience If you have a static IP address or if there is a DNS server that you would rather use you need to specify the primary and secondary IP address here When the primary DNS does not work the system will automatically use the secondary DNS T _ _ _ ___________________________________________________ __ s DNS System WAN Domain Name Server DNS is an index of IP addresses and Web addresses If you type P Dynamic iP W
4. When the WAN port setting 15 dynamic IP you can use Release and Renew to release and update WAN port IP address 9 2 Device Status The Device Status page displays the current setting of this device including IP address Subnet mask DHCP server Firewall and UPnP System WAN LAN NAT Firewall UPnP o DDNS o QoS O Tools Status b Internat 9 3 Security Log Device Status View the current setting status of this device Address 182 158 1 1 255 255 255 0 Enabled Enabled Disabled Figure 9 3 This page provides the system security log record when the AVRO 3001 VoIP router boots including user login logout intrusion attempts PPPoE connection NTP connection Get IP from DHCP etc These records can be saved to a host PC You have the option to clear all security recotds in Security log window and press the Refresh button to update current security records System security Log o WAN View any attempts that have been made to gain access to your network 05 22 2004 11 12 08 user from 165 238 2 3 98 login success 0 22 2004 10 03 15 NTP Date Time updated 09 22 2004 10 02 43 Begin to query Firewall 09 22 2004 09 21 47 user from 185 2368 243 98 login success 09 22 2004 08 03 13 NTP Date Time updated UPnP 08 22 2004 8 02 42 Begin query NTP 09 22 2004 06 16 11 Duplicate user login from 68
5. 239 148 113 o DDNS 09 22 2004 06 03 12 NTP Date Time updated 09 22 2004 06 02 40 Begin to query QoS o Tools Sev Status Internet Connection Device Status t Cog Figure 9 4 9 4 DHCP Client Log The DHCP Client Log page displays the IP addresses assigned to PCs in your network You can press the Refresh button to update current IP allocation records System DHCP Client Log View information on LAN DHCP clients currently linked to the product O WAN Numbers of DHCP Clients 2 NAT 192 168 1 22 00 00 72 33 neme soycbean o Firewall 1 192 168 1 3 00 4868 00 00 00 00 o UPnP o DDNS QoS Tools Status Relrash P memet Connection Device Status Security Loy 15 DHCP Lote Figure 9 5 9 5 VoIP Status This page displays the VoIP gateway status including port type port Status time information of each call and Destination This page also displays gatekeeper status 28 VoIP Status Monitoring Phone Port Status Port Type status Start Elapsed Remote Host Destination 1 Phone Set e Line 1 Relay Mode Idle Gatekeeper Status Gatekeeper Registered at 64 200 220 242 AVS Figure 9 6 You can press the Refresh button to update the current VoIP status 29 Glossary 10BASE T IEEE 802 3 specification for 10 M
6. enabled System UPnP Universal Plug and Play Setting OWAN The Universal Plug and Play architecture offers pervasive peer to peer network connectivity o LAN of PCs of all form factors intelligent appliances and wireless devices UPnP enables seamless proximity network in addition to control and data transfer among networked Firewall devices in the home office and everywhere in between UPnP m a ON OFF DDNS QoS Tools Status Apply Cancel Figure 6 1 22 7 DDNS Dynamic DNS provides users on Internet method to tie their domain name to a temporary IP address automatically This can be achieved by changing the DDNS records every time your IP address changes Two DDNS providers are supported TZO com and DynDNS org You must apply for DDNS service from one of the above providers to get a Key You can then enable the DDNS using this page System DDNS Dynamic DNS Settings WAN Dynamic DNS Disable im Firewall cons QoS Tools Apply Cancel O Status Figure 7 1 23 8 Tools The tools feature provided with the AVRO 3001 VoIP router includes Configuration tools save restore configuration and restore to factory defaults and Reset See Figure 8 1 8 1 Configuration Tools The configuration tools includes backup restore and res
7. firewall feature is enabled specific packets can be blocked Stateful Packet Inspection SPI allows full support of different attack types that are using dynamic port numbers This product s firewall can block common attempted intrusions Intrusion Detection Features Intrusion Detection Feature Anti DoSil firewall protection RIP defect Discard Ping To Figure 5 25 SPI and Anti DoS Firewall Activate SPI and Anti DoS protection Protection RIP Defect Reject the RIP packets from WAN Discard PING from WAN Reject all the PING request to the WAN port Table 5 3 When there is an attempted intrusion the AVRO 3001 VoIP router can send an e mail alert to a specified person You will be required to enter the related e mail information such as e mail address and SMTP server Some 20 e mail service providers require you to also enter information when trying to send e mail In this case you will have to enter the POP3 server username and passwotd When hackers attempt to enter your network we can alert you by e mail Your E mail Address 1 SMTP Server Address POPS Server Address Username Password 2 5 5 5 DMZ Figure 5 26 DeMilitarized Zone DMZ can allow direct access from the Internet to a specific PC while keeping other PCs protected within the home network This feature may be required if an application ru
8. the user s authority to operate this equipment 21
9. use flexible standards based connectivity to ad hoc or unmanaged networks whether in the home in a small business public spaces or attached to the Internet Universal Plug and Play is a distributed open networking architecture that leverages TCP IP and the Web technologies to enable seamless proximity networking in addition to control and data transfer among networked devices in the home office and public spaces Virtual Host A network device such as this router or a server configured to perform Network Address Translation NAT Virtual Server Transparently redirects specific service requests such as Web or FTP to a dedicated local server Voice over Internet Protocol VoIP Another way of saying IP Telephony It involves the transmission of telephone calls over a data network like the Internet In other words VoIP can send voice fax and other information over the Internet rather than through the PSTN or regular telephone network 36 Compliances Industry Canada Class B This digital apparatus does not exceed the Class B limits for radio noise emissions from digital apparatus as set out in the interference causing equipment standard entitled Digital Apparatus ICES 003 of the Department of Communications Cet appareil numerique respecte les limites de bruits radioelectriques applicables aux appareils numeriques de Classe B prescrites dans la norme sur le materiel brouilleur Appareils Numeriques 0
10. 03 edictee par le ministere des Communications E141136 LISTED 66 9 Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with instructions may cause harmful interference to radio communications However there 15 no guarantee that the interference will not occur in a particular installation If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution To assure continued compliance example use only shielded interface cables when connecting to computer or pertpheral devices any changes or modifications not expressly approved by the party responsible for compliance could void
11. D indicators 0 O POWER MODEM OK LAN2 LAN3 PHONE Figure 2 1 M AVRO 3001 VoIP router is Powe POWER Dec powered on The VoIP Router is loading firmware Power off or failure WAN connection is functioning Flashin The VoIP Router 15 5 transmitting receiving data WAN connection is not established Internet Internet connection is OK Link No Intetnet connection LAN connection is OK range Ring for incoming voice calls follow the Phone PHONE Rine ring pattern Alert on one second of The phone is on hook 2 2 Rear Panel The rear panel contains the following items LAN1 LAN2 LAN3 MODEM RESET To Computer To Computer To Computer To Modem To Phone To Computer To AC Power Figure 2 2 Description Connect to the powet adapter Reset Press this button for more than 5 seconds to reset and restore the default factory settings Connect your cable DSL modem to this port with an Ethernet Cable LAN 1104 Fast Ethernet port RJ 45 Connect devices on your local area network to this port 1 a PC hub or switch with an Ethernet Cable Connect your telephone to this port 3 Default Values 3 1 Password The default username is user and the default password is user Please note that the username and password is case sensitive For security and management reasons we recommend that you set up a new password after you first login to
12. Dynamic IP The Host name is optional but may be required by some Service Provider s The default E unes address is the 5 physical interface on the product D IP If required by your Service Provider you can use the Clone MAC Address button to copy V DNS the MAC address of the Network Interface Card installed in your PC to replace the WAN O LAN MAC address NAT o Firewall 0l o UPnP 00 06 03 03 04 107 o DDNS QoS O Tools O Status Apply Cancel Figure 5 5 5 2 2 PPPoE PPP over Ethernet This mode allows the AVRO 3001 VoIP router to act as a PPPoE client You will be required to enter the PPPoE username and passwotd originally provided by your High Speed Service Provider The Service Name is normally optional some High Speed Service Providers may require it Enter a Maximum Idle Time to define the maximum period of time for which the Internet connection is maintained during periods of inactivity If the connection is inactive for longer than the Maximum Idle Time then the connection to your High Speed Service Provider will be dropped You can enable the Auto reconnect option to automatically re establish the connection as sooh as you attempt to access the Internet The default setting is Maximum Idle Time of 0 and Auto Reconnect 18 enabled This setting is required to enable incoming calls to complete Use PPPoE Authentication
13. SOYO AVRO 3001 ROUTER USER MANUAL 7 AVRO 3001 5 EN VoIP Routerz INGLOS NETWORKS gt BOLUS TRIAL GLOBAL SOLUTIONS 27 WESTOMEH DAWE WEBSTER 14580 TEL 585 217 8864 FAX 585 872 9627 Manual 1 L CES THREE Ssovo yl Innovation by dealgn Table of Content T IntfoductIOI oso xe eA I MSIE 1 Di Product VOL VIG ted Eh 1 2 2 PAPO tite Panel iei E tace 2 eal td 3 2 betault V alileS 4 4 4 5 2 Other Default 4 4 Login AVRO 3001 VoIP 5 5 Configure AVRO 3001 VoIP 7 Dae Doku PU Ra i Da 7 51 2 PASS WONT SON S DUE 7 8 BZ WINS a osi Se n ol 9 ED Date ties 9 5 2 2 PPPoE PPP over Ethernet ettet 10 NS RAIS
14. all A firewall is designed to prevent unauthorized access to or from a private network Firmware System software stored in a device s memory that controls the device FXS 21 Short for Foreign Exchange Station interface which is used to connect to the telephone set or PBX it provides ringing back dial signal to the telephone devices Gatekeeper G lite H 245 H 323 The gatekeeper maintains a registry of devices in the multimedia network The devices register with the gatekeeper at startup and request admission to a call from the gatekeeper The gatekeeper is 323 entity on the LAN that provides address translation control access and bandwidth management to the LAN for H 323 terminals and gateways standard that defines the more economical splitterless ADSL connection that transmits data at up to 1 5 Mbps downstream and 512 Kbps upstream This ADSL option can be installed without an on site visit by the service provider H 245 16 an International Telecommunication Union ITU T standard that defines the control functions of the network multimedia communication such as the agreement of the mutual communication capability the establishment of the voice and video channel etc H 323 is an International Telecommunication Union ITU T standard that describes packet based video audio and data conferencing H 323 is an umbrella standard that describes the architecture of the conferencing system and refers to a set of o
15. bps Ethernet over two pairs of Category 3 4 or 5 UTP cable 100BASE TX IEEE 802 3u specification for 100 Mbps Fast Ethernet over two pairs of Category 5 UTP cable Asymmetric Digital Subscriber Line ADSL ADSL allows mote data to be sent over existing copper telephone lines than analog or ISDN technologies ADSL supports data rates up to8 Mbps downstream rate and up to 640 Kbps upstream Bandwidth The difference between the highest and lowest frequencies available for network signals Also synonymous with wire speed the actual speed of the data transmission along the cable Demilitarized Zone DMZ A term taken from the military term for a safety zone between battle lines this refers to an area within the firewall Often this is a single machine with access to the internal site and the outside network Denial of Service DoS Action s that prevent any part of an information system from functioning in accordance with its intended purpose Usually flooding a system to prevent it from servicing normal and legitimate requests Domain Name Server DNS An Internet service that translates domain names into IP addresses Every time you use a domain name a DNS service must translate the name into the corresponding IP address Dynamic DNS DDNS A method service which allows a DNS name to be constantly synchronized with a dynamic IP address Dynamic Host Configuration Protocol DHCP 30 DHCP is a protocol used to dynamical
16. can perform a reset Your settings will not be changed To perform the reset click on the APPLY button below You will be asked to confirm your decision The reset will be complete when the power light stops blinking ure Apply Cancel Figure 8 2 25 9 Status These status pages display the status of the system including the connection status of the interfaces firmware and hardware versions system log and DHCP client information The Status and Information page below shows MAC addresses and hardware softwate versions Status and Information You can use the Status page to see the connection status for the product s network interfaces firmware and hardware version numbers INFORMATION LAN MAC Address 00 06 D3 03 04 06 WAN Address 00 06 03 03 04 07 Hardware Version 01 serial Number 01 46000103 1 Boot Code Version 1 0 Model OR3507 Runtime Code Version 0 81 Aug 16 2004 14 21 18 Figure 9 1 9 1 Internet Connection The Internet Connection page displays the status of the Internet Connection including the connection status of the Internet interfaces WAN port IP Subnet Mask Gateway IP and Primary Secondary DNS IP Internet Connection View the current internet connection status and related information Cable DSL CONNECTED 165 236 243 103 Subnet Mask 255 255 255 224 Primary DMS 170 147 45 165 Secondary DNS 170 147 45 166 Figure 9 2 26
17. ccess Control MAC A portion of the networking protocol that governs access to the transmission medium facilitating the exchange of data between network nodes Modem Modulator demodulator a device that allows computers to communicate with each other over telephone lines or other delivery systems by changing digital signals to telephone signals for transmission and then back to digital sionals Modems come in different speeds the higher the speed the faster the data is transmitted Network Address Translation NAT A standard that enables a local area network LAN to use one set of IP addresses for external traffic and a second set of addresses for internal traffic 33 Network Address Port Translation 15 a special case of NAT where internal IP numbers are hidden behind a single external addresses allowing you to connect many local users to the Internet with a single user ISP account With NAPT an almost arbitrary number of connections is multiplexed using TCP port information NTP Network Time Protocol A standard for synchronizing your system clock with the true time defined as the average of many high accuracy clocks around the world Password Authentication Protocol PAP A basic form of authentication in which user s name and password transmitted over a network and compared to a table of name password pairs PBX Short for Private Branch eXchange a private telephone network used with
18. d to run applications that require multiple connections specify the port normally associated with an application in the Trigger Port field select the protocol type as TCP or UDP then enter the public ports associated with the trigger port to open them for inbound traffic Note The range of the Trigger Ports is from 1 to 65535 Trigger Trigger i Public 1 OUDP OUDP 2 OUDP OUDP OUDP OUDP Figure 5 12 14 Some of applications listed below Trigger Port Trigger Public Port Public Type 28800 UDP 2300 2400 UDP TCP MSN Game 47624 28800 zone 6112 6112 Table 5 2 5 5 Firewall The AVRO 3001 VoIP router provides firewall protection by restricting connection parameters to limit the risk of intrusion attempts by defending against a wide array of common intrusion types When the firewall is enabled extra checking will be performed for each of the packets passing through AVRO 3001 VoIP router However this extra checking may affect the performance of the device so it should be used on an as needed basis To enable the firewall feature select Enable from this firewall page By default Firewall is disabled O System Security Settings Firewall O WAN LAN The product provides extensive firewall protection by restricting connection parameters to O NAT limit the risk of hacker attack and defending against a wide array
19. eb address into your browser such as www smc com DNS server will find that name in pp its index and find the matching IP address 202 42 118 222 Most ISPs provide a DNS server D giai ip for speed and convenience Since your Service Provider may connect to the Internet with D ons dynamic IP settings it is likely that the DNS server IP s are also provided dynamically 8 However if there is a DNS server that you would rather use you need to specify the 9 LAN address here NAT o Firewall Domain Name Server DNS UPnP Address DDNS Secondary DNS Address i Js QoS Tools Status x Apply Cancel Figure 5 8 5 3 LAN Settings You can enable DHCP to dynamically allocate IP addresses to each of your PCs connected to the AVRO 3001 VoIP router When DHCP servet is enabled you need to enter the IP address range for the local hosts The 11 default range is 192 168 1 100 through 192 168 1 199 The domain name field is empty in most cases Some ISPs may need you to input a domain name within the Domain Name field O WAN LAN 2 Pe jp jr Firewall Enabled Disabled UPnP DDNS o QoS O Tools DHCP Server Parameters O Status 166 Li _ 100 Lites Lh 199 Figure 5 9 5 4 Settings 5 4 1 Address Mapping The AVRO 3001 VoIP router supports multiple public IP addresses It allow
20. ected to its LAN ports The AVRO 3001 VoIP router also provides Voice over IP VoIP functionality that enables you to make voice calls over the Internet Please read this User Manual for advanced features of this product 1 1 Product Overview The AVRO 3001 VoIP router is equipped with one standard analog telephone port one WAN Fast Ethernet 10 100BaseTX port and four LAN Fast Ethernet 10 100BaseTX ports It also has the ability to route data between any PCs that are connected on the LAN ports of the Gateway up to a maximum of four PCs The AVRO 3001 VoIP router is H 323 v2 compliant for Voice over IP VoIP and it is compatible with most High Speed Internet Service with built in DHCP and PPPoE client The services offered to the internal network are DHCP Server e Network Address Translation NAT e Network Address Port Translation e IPSEC pass through The AVRO 3001 VoIP router has the ability to prioritize voice over data through IP Layer QoS Ethernet Layer CoS Classes of Service and VLAN Tagging The AVRO 3001 VoIP router has 8 LEDs the front panel that provides status indication that can be used for troubleshooting purposes See section 24 2 Hardware Description 2 1 Front Panel The AVRO 3001 VoIP router includes an LED display on the front panel for system powet and port indications that simplifies installation and network troubleshooting The following is the illustration and description of LE
21. hat Enable is not checked o System Time Zone Password Settings eer ole dear a A WAN LAN Firewall o UPnP o DDNS QoS Tools Status Remote Management Set the remote management of this product Enabled b ji lh b a Figure 5 3 The remote user can login using WAN IP The default port number is 8080 For example if your public IP address is 211 20 16 1 then you would type the following string into your browser to remotely access your AVRO 3001 8 VolP router File Edit View Favorites Tools Help C9 j A Search lt 2 Favorites Address 211 20 16 1 8080 Figure 5 4 5 2 WAN Settings The AVRO 3001 VoIP router supports 3 types of WAN connection e Dynamic e PPPoE Static IP 5 2 1 Dynamic IP This mode allows the AVRO 3001 VoIP router to enable its DHCP client to get an IP address from your High Speed Service Provider The Host Name is optional but may be required by some High Speed Service Providers The default MAC address is set to the physical interface on the AVRO 3001 VoIP router If required by your High Speed Service Provider you can use the Clone MAC Addtess button to copy the MAC addtess of the Network Interface Card installed in your PC and replace the WAN MAC address with this MAC address If necessary you can restore the MAC address to the factory setting See Section 8 1 O System
22. in an enterprise Users of the PBX share a certain number of outside lines for making telephone calls external to the PBX Ping A utility used to determine whether a specific IP address is accessible It works by sending a packet to the specified address and waiting for a reply POP3 Post Office Protocol 3 A protocol that provides a simple standardized way for users to access mailboxes and download messages to their computers POTS Short for Plain Old Telephone Service which refers to the standard telephone service that most homes use In contrast telephone services based on high speed digital communications lines such as ISDN and FDDI not POTS The main distinctions between POTS and non POTS services are speed and bandwidth POTS is generally restricted to about 52 Kbps 52 000 bits per second Point to Point Protocol over Ethernet PPPoE A protocol for connecting remote hosts to the Internet over an always on connection by simulating a dial up connection PSTN 34 The POTS network 15 also called Public Switched Telephone Network Quality of Service QoS network protocol used to specify a guaranteed throughput level This protocol is often used by ATM providers to guarantee their customers a minimum end to end latency Router A device used to interconnect networks over local or wide areas and provide traffic control and filtering functions Routing Routing forwards incoming IP packets using statically defi
23. k access to certain Web sites from a particular PC by entering either a full URL NAT address or just a keyword of the Web site Firewall Daceess Control To specify the particular PC go back to the Access Control page and check the box for Filter Http with URL Blocking in the Normal Filtering Table Pb Schedule Rule bun Danson _____ Site 16 Sie2 s Figure 5 19 As shown above when the string chat is entered into the URL Blocking page the PCs connected to the AVRO 3001 VoIP router will not be able to access websites that contains chat in its URL address 5 5 3 Schedule Rule This page allows you to define a schedule rule for use in the Access Control page If you press Add Schedule Rule you will be required to enter a start time and an End time This defined schedule rule will be used under Access Control Add PC All times are displayed as a 24 hour clock ae System This page defines schedule rule names and activates the schedule for use in the Access Control page Schedule Rule Table up to 10 rules o Firewall DURL Bloeki TER PSchedule Rule Rei stocks Edit Delete intrusion Detection DOMZ Add Schedule Rule Figure 5 20 You may filter Internet access for local clients based on rules 18 Edit Schedule Rule Comment Activa
24. ly assign addresses to devices on a network as requested With dynamic addressing a device is assigned the next available IP address from the address pool every time it connects to the network DHCP client suppott is built into all Windows operating systems from Windows 95 on Dynamic IP The term used to describe how IP address is dynamically assigned to computers as and when needed Unlike Static IP addresses the IP address 15 temporary and it changes every time you connect to your ISP Dynamic Routing Dynamic routing uses a routing protocol to exchange routing information with neighbouring routers on the network It calculates routing tables based on a given metric such as least number of hops or shortest path It can respond to changes in the status or traffic on the network re routing traffic as required Ethernet A network communication system developed and standardized by DEC Intel and Xerox using baseband transmission CSMA CD access logical bus topology and coaxial cable The successor IEEE 802 3 standard provides for integration into the OSI model and extends the physical layer and media with repeaters and implementations that operate on fiber thin coax and twisted pair cable File Transfer Protocol FTP A protocol commonly used to transfer files across the Internet Filter When using G lite ADSL a low pass filter 15 required to remove data signals from any line connected directly to a telephone Firew
25. ned routes or a dynamic routing protocol such as RIP 2 Routing Information Protocol RIP A protocol that specifies how routers exchange routing table information SMTP Simple Mail Transfer Protocol it s the protocol that you use to send e mail via yout ISP It is used with both POP3 and IMAP4 Splitter A hardware device used in G dmt to split the data and voice traffic before passing it on to the network and phone system Static IP An IP address which is the same every time you log on to the Internet SPI Stateful Packet Inspection Also referred to as dynamic packet filtering Stateful inspection 15 a firewall architecture that works at the network layer Stateful packet inspection tracks each connection traversing all interfaces of the firewall and makes sure they are valid Transmission Control Protocol Internet Protocol TCP IP Protocol suite that includes TCP as the primary transport protocol and Pas the network layer protocol Uniform Resource Locator URL 35 The global address of documents and other resources on the World Wide Web The first part of the address indicates what protocol to use and the second part specifies the IP address or the domain name where the resource 15 located Universal Plug and Play UPnP Universal Plug and Play is an architecture for pervasive peer to peer network connectivity of intelligent appliances wireless devices and PCs of all form factors It is designed to bring easy to
26. nning on that PC requires direct access to the Internet and or if the ports that need to be opened for inbound requests that cannot be predicted System WAN O LAN O NAT Firewall bAccess Control Filler Blocking b Schedule Rule Pintusion Detection LM o UPnP DDNS o QoS O Tools Status DMZ Demilitarized Zone If you have a local client PC that cannot run an Internet application properly from behind the NAT firewall then you can open the client up to unrestricted two way Internet access by defining a Virtual DMZ Host Enable DMZ No Multiple PCs can be exposed to the Internet for two way communications e g Internet gaming video conferencing or VPN connections To use the DMZ you must set a static IP address for that PC Public IP Address Client PC IP Address 1 165 236 243 103 192 168 1 0 _ 2 o 10 10 10 192 168 1 0 _ 3 Lo Lo Lio 192 168 14 0 401010 Lio 192 168 1 0 5 0 Lio Ll 192 168 1 0 6 0 Lj Lo 0 192 168 1 0 7 0910 Lj 0 192 168 1 0 lt Figure 5 27 21 6 UPnP Universal Plug and Play The Universal Plug and Play architecture offers pervasive peer to peer netwotk connectivity of PCs of all types intelligent appliances and wireless devices UPnP enables seamless connectivity between the router and various networked devices at home For example if you want to use Windows XP Messenger application this feature should be
27. of common attacks However for applications that require unrestricted access to the Internet you can configure Firewall a specific client server as demilitarized zone DMZ O UPnP DDNS ae o QoS Enable or disable Firewall features Enable Disable Tools Status Figure 5 13 5 5 1 Access Control Access Control allows you to block specific PCs on your netwotk from gaining access to the Internet You can block PCs based on either the IP address or the MAC address When the firewall 15 enabled Access Control will be enabled automatically You can disable the filtering feature manually When Access Control 1s enabled all packets will be allowed by default You can use the Normal Filtering Table and the MAC Filtering Table to filter out disallowed traffic 15 System Access Control WAN Access Control allows users to define the traffic type permitted or not permitted to WAN port O LAN service This page includes IP address filtering and MAC address filtering ONAT Enable Filtering Function Yes No Firewall bAccess Control Figure 5 14 Normal Filtering Table You can press Add PC to edit packet filtering rules Firewall bAccess Control hepate Normal Filtering Table up to 10 computers ie intrusion 1 UPnP o DDNS Office 192 168 1100 ETP Always Delete 199 Blocking 0 QoS
28. omatic Time Server Maintenance When you enable this option you will need to configure two different time servers use the options below to set the primary and secondary NTP servers in your area Primary Server 1321634 102 North America Secondary Server 1321534102 America Apply Cancel Figure 5 1 5 1 2 Password Settings Set the passwotd of the user The Idle Time Out value is used for AVRO 3001 VoIP router to log out automatically when there has been no access to the web after this timeout value The default Idle Time Out value is 10 minutes System Time zone Remote Management O WAN O LAN O NAT O Firewall UPnP DDNS QoS O Tools O Status Password Settings Set a password to control the access to this product e Idle Time Out 0 Min Idle Time 70 NO Time Out e Current Password e New Password e Re Enter Password for Verification Figure 5 2 5 1 3 Remote Management The Remote Management feature can restrict the access to your AVRO 3001 VoIP router from the Internet Unless you have a need to access AVRO 3001 VoIP router from outside your home this feature should be disabled You can enable it from a specific IP address ot from any outside IP address The IP setting of 0 0 0 0 allows any person from any IP address to login into the device When the Enabled check box is not checked the remote login feature will be disabled The default setting is t
29. re 5 10 e 5 4 2 Virtual Server The AVRO 3001 VoIP router has NAT router functionality All the IP addresses coming in and going out to the AVRO 3001 VoIP router are converted between public and private IP addresses You can configure the AVRO 3001 VoIP router as a virtual server so that remote users accessing services such as the Web or FTP at your local sites via public IP address can be automatically redirected to local servers configured with private IP address In other words depending on the requested service TCP UDP the AVRO 3001 VoIP router redirects the external service request to the appropriate server After entering parameters for an application you must press the Add button to confirm this setting An alternative approach is to use the Clear button to clear all fields and enter another parameter System WAN LAN NAT D Address Mapping gt virtual Server D Special Application Firewall UPnP o DDNS QoS O Tools Status i Virtual Server You can configure this router as a virtual server so that remote users accessing services such as the Web or at your local site via public addresses can be automatically redirected to local servers configured with private addresses In other words depending on the requested service TCP UDP port number this router redirects the external service request to the appropriate server located at another internal IP address Thi
30. s Normal Filtering Table up to 10 computers Client PC Client PC IP Client Service Schedule Confaur Description Address Rule 9 Always Blocking Edit Delete Notebook 192 168 1 100 WWW E mail Sending Add PC Figure 5 17 MAC Filtering Table You can enter up to 32 MAC addresses The PCs with these MAC addresses will not be permitted to access the Internet i MAC Filtering Table O System o WAN This section helps provides MAC Filter configuration When enabled only MAC addresses O LAN configured will have access to your network All other client devices will get denied access 6 NAT This security feature can support up to 32 devices and applies to clients Firewall MAC Address Control Control MAE EIUS DURL Blocking b Schedule Rule MAC Filtering Table up to 32 computers eiii Detaction o UPnP 1 lee a Iss o DDNS 2 o QoS 5 gt Tools 4 mm m Status 5 6 17 Figure 5 18 5 5 2 URL Blocking You can block access to certain websites from a particular PC by entering either a full URL addtess or just a keyword of the Web site To specify the particular PC you will need to return to the Access Control page and check the box for http with URL Blocking in the Normal Filtering Table O System URL Blocking WAN Disallowed Web Sites and Keywords O LAN You can bloc
31. s user and the default password is user For security reasons you should assign a new password as soon as possible Please note that the login username and password 18 case sensitive Username Password Figure 4 2 4 Once you have successfully logged in first page will appear as below General Setup The product supports advanced Router and VolP Gateway functions You can use these pages to configure the WAN LAN firewall NAT UPnP DDNS and setting Figure 4 3 5 Configure AVRO 3001 VoIP router Please note that changing some settings on the AVRO 3001 VoIP router may cause an interruption if attempted during a call 5 1 System 5 1 1 T me Zone Set the proper time zone and configure the time server for the AVRO 3001 VoIP router The default time zone is Eastern Standard Time When you enable the Automatic Time Server Maintenance option you will need to configure two time servers see example provided below System Pone Password Settings gt Remote Management WAN LAN NAT Firewall UPnP DDNS QoS Tools Status Time Settings Set Time Zone Set the time zone of the product This information is used for log entries and firewall settings GMT 08 00 Pactic Time US amp Canada Tijuana v Configure Time Server NTP You can automatically maintain the system time by synchronizing with a public time server over the Internet 2 Enable Aut
32. s IP addresses used in a private local network to be mapped to one or more addresses used in the public Internet This page allows you to enter up to 10 address mappings between a set of private IP addresses and one public IP address After these settings have been completed the AVRO 3001 VoIP router will map the set of private IP addresses to the public IP address when accessing to the Internet This could be useful in multimedia applications such as gaming and VPN however most users have only one public address and will use only the first mapping on this page System WAN O LAN NAT iA ass V virtual Server D Special Application O Firewall UPnP DDNS o QoS O Tools O Status E Address Mapping Network Address Translation NAT allows IP addresses used in a private local network to be mapped to one or more addresses used in the public global Internet This feature limits the number of public IP addresses required from the ISP and also maintains the privacy and security of the local network We allow one or more than one public IP address to be mapped to a pool of local addresses 1 Global o 2 istransformed as multiple virtual IPs from 192 168 1 9 10192 168 1 0 _ 2 0 o 0 0 is transformed as multiple virtual IPs from 192 168 1 9 10192 168 1 0 3 Global 0 0 istransformed as multiple virtual IPs from 192 168 1 0 101921681 0 Figu
33. s tool can support both port ranges multiple ports and combinations of the two For example e Port Ranges ex 100 150 Multiple Ports ex 25 110 80 e Combination ex 25 100 80 No Protocol LAN WAN Type Port Port 1 19216841 LAN IP Address EN m Ads Geen E 2 1921681 J 3 192 16814 _ Figure 5 11 13 Some popular applications and protocol port numbers mapping are listed below Application 5 323 1720 BTP 1 80 0 Table 5 1 5 4 3 Special Applications Some applications require multiple connections such as Internet gaming and video conferencing These applications cannot work when Network Addtess Translation 15 enabled If you need to run applications that require multiple connections specify the port normally associated with an application in the Trigger Port field Select the protocol type as TCP or UDP and then enter the public ports associated with the trigger port to open them for inbound traffic System O WAN O LAN O NAT gt Address Mapping D Vinual Server D Special Application Firewall o UPnP DDNS QoS O Tools Status Special Applications Some applications require multiple connections such as Internet gaming video conferencing Internet telephony and others These applications cannot work when Network Address Translation NAT is enabled If you nee
34. te Time Period Week Day start Time hh mm Every Day EI sunday Monday os 00 pz zm Tuesday 09 00 h 10 Wednesday os 00 hz 2100 Thursday os 00 17 hm Saturday 1 1 Figure 5 21 As shown above for the schedule rule called Office Hours the active time period is Monday to Friday 9 00 to 17 00 After pressing the OK button the following page will be displayed e Schedule Rule Table up to 10 rules Rule Name Rule Comment Configure OfficeHours OfficeHours Delete Add Schedule Rule Figure 5 22 When we go to the Access Control page select Add PC in the bottom of the Access Control Add PC page the scheduling rule will show Office Hours as shown below Figure 5 23 Scheduling Rule Ref Schedule Rule 19 For example if you were to setup PC of the finance department within a company IP address 192 168 1 100 to 192 168 1 130 they would not be able to access the Internet during office hours In the Access Control page you would see the following page Normal Filtering Table up to 10 computers Client PC Client PC IP Client Service Schedule Confi Description Address tid Pula ontigure Finance 881 100 OfficeHours Edit Delete Add PC Figure 5 24 5 5 4 Intrusion Detection When the SPI Stateful Packet Inspection
35. the system Once you have changed the password it is important that you write it down and keep this information in a safe location If you happen to forget the username and password you can push and hold the reset button for at least 5 seconds or until all of the LEDs flash Your AVRO 3001 VoIP router is now reset to the factory default settings By resetting the Gateway you will loose all changes you have made to date Any customization 1 your PPPoE username and password will need to be reentered 3 2 Default Network Setup LAN Setup IP Address 192 168 1 1 Subnet Mask 255 255 255 0 DHCP Server Enabled DHCP IP Range 192 168 1 100 to 192 168 1 199 WAN Setup DHCP Client Enabled Table 3 1 3 3 Other Default settings Function Settings Time Zone Eastern Standard Time Firewall Off UPnP Off DDNS Off Table 3 2 4 Login AVRO 3001 VoIP router Now that you have successfully connected the AVRO 3001 VoIP router using the Quick Installation Guide and activated your Internet Phone Service you will need to login into the AVRO 3001 VoIP router to configure it for your LAN 1 Open your Web browser i e Internet Explorer or Netscape Navigator 2 In the Address field type in the following address http 192 168 1 1 and press Enter Fie Edit View Favorites Tools Help 258 2 Back we Search e Favorites Figure 4 1 3 The AVRO 3001 VoIP router login screen will appear The default username i
36. ther standards H 245 225 0 and Q 931 to describe its actual protocol Internet Protocol Address IP Address It is the numeric address of a computer on the Internet An IP address is written as a set of four numbers separated by periods each number can range from 0 to 255 Internet Service Provider ISP A company that provides access to the Internet This may be your local telephone or cable company or a dedicated Internet service company 32 Intetnet Protocol Security IPSec security protocol that provides authentication and encryption over the internet Security is provided at the network packet processing layer of network communication rather than the application layer IPsec supports two encryption modes transport and tunnel Transport mode enctypts only the data portion of each packet but leaves the header untouched The more secure tunnel mode encrypts both the header and the data portion On the receiving side an IPsec compliant device decrypts each packet ITSP Short for Internet Telephony Service Provider which is a general term for the organization which provides the Internet Telphony service to the general public Local Area Network LAN group of interconnected computer and support devices LED Light emitting diode used for monitoring a device or network condition MAC Address Media Access Control address the unique physical address of each device s network interface card Media A
37. tore to factory defaults The Backup tool saves the AVRO 3001 VoIP router s current configuration to a file named backup_config bin on your PC If you made any customized settings to the AVRO 3001 VoIP router you may want to save a back up on a disk You can then use the Restore tool to restore the saved configuration to the AVRO 3001 VoIP router The Reset to Factory Defaults s tool will force the configuration of AVRO 3001 VoIP router back to the original factory setting and perform a power reset Contiguration Tools Use the Backup tool to save the router s current configuration to a file on your You can then use the Restore tool to restore the saved configuration to the router Alternatively you can use the Restore to Factory Defaults tool to force the router to perform a power reset and restore the original factory settings Backup Router Configuration Restore from saved Configuration file Restore the router to Factory Defaults Figure 8 1 8 2 Reset In the event that the system stops responding correctly or in some way stops functioning you can perform a reset Your settings will not be changed To perform the reset click on the Apply button that you see on the user interface screen You will be asked to confirm your decision The reset will be complete when the power light stops blinking 24 Reset In the event that the system stops responding correctly or in some way stops functioning you
Download Pdf Manuals
Related Search