Manuale d’uso / di manutenzione del prodotto Wireless 11n del fabbricante 3Com
Vai alla pagina of 182
http://www.3Com.com/ Part No. 10016794 Rev AA Published July 200 8 Wir eless 11n ADSL Fir ewall Router User Guide WL-603 3CRWDR300 A-73 3CRWDR30 0B-73.
3Com Corporati on 350 Campus Drive, Marlborough, M A USA 01752-3064 Copyright © 2004, 2005, 2006 , 2007, 2008, 3Com Corporation . All rights rese rved.
C ONTENTS A BOUT T HIS G UIDE Naming Convention 7 Conventions 8 Feedback About This User Guide 9 Related Documentat ion 9 I NTR ODUCING THE R OUTER W ire less 11n ADSL Fir ewall Router 11 Router Advan.
Windows Vista 29 Windows XP 30 Macintosh 30 Disabling PPPoE and PPTP Client S oftware 31 Disabling Web Pr oxy 31 R UNNING THE S ETUP W IZARD Accessing the Router using the 3Com Detect Applicat ion 33 .
DNS 88 Clone MAC addr ess 89 Firewall 90 SPI 90 Special Applications 94 Virtual Servers 95 DMZ 96 PC Privileges 97 Schedule Rule 99 URL Filter 100 Advanced 101 Security 101 VLAN 104 Static Routes 106 .
Support/Feedback 134 Support 134 Feedback 134 T ROUBLESHOOTING Basic Connection Checks 135 Browsing to the Router Configu ration Screens 1 36 Connecting to the Intern et 136 Forgotten P assword and Re.
S AFETY I NFORMATION E ND U SER S OFTWARE L ICENSE A GREEMENT O BTAINING S UPPORT FOR Y OUR 3C OM P RODUCTS Register Y ou r Product to Gain Service Benefits 160 Solve Problems Online 160 Purchase Exte.
.
A BOUT T HIS G UIDE This guide describes how to install and configure the 3Com W ireless 11n ADSL Firewall Router (3CRWDR300 A-73, 3CRWDR300B-73). This guide is intended for use by th ose responsible .
8 A BOUT T HIS G UIDE Conventions T able 1 and T a ble 2 list conventions that are used thr oughout this guide. Ta b l e 1 Notice Ic ons Icon Notice Type Description Information note Information that describes important features or instructions.
Feedback About This Us er Guide 9 Feedback About This User Guide Y our suggestions ar e ve ry important to us. Th ey will help make our documentation more useful to you. Please e-mail comments about t his document to 3Com at: pddtechpubs_comments@3com.
10 A BOUT T HIS G UIDE.
1 I NTR ODUCING THE R OUTER Welcome to the world of networking with 3Com ® . In the modern business environment, communication a nd sharing information is crucial. Computer networks have proved to be one of the fastest modes o f communicat ion but, until r ecently , only lar ge businesses could affo rd t he networking advantage.
12 C HAPTER 1: I NTRODUCING THE R OUT ER Figure 1 Example Network Without a Router When you use the Router in your netwo rk ( Figure 2 and Figure 3 ), it becomes your connect ion to the In ter net. Connections can be made directly to the Router , or to an OfficeConnect Switch or Hub, expanding the number of computers you can have in your network.
Wireless 11n ADSL Firewall Router 13 Figure 3 Example Network Using a Fir ewall Route r (without splitter).
14 C HAPTER 1: I NTRODUCING THE R OUT ER Router Advantages The advanta ges of the Route r include: ■ Shared Internet connection for both wir ed and wireless computers ■ High speed 802.
Minimum System and Component Requirements 15 Minimum System and Component Require ments Y our Router requir es th at the computer(s) an d components in your network be configured with the following: ■ A computer with an operating system that supports TCP/IP networking protocols (for example W indows 2000/XP ,/Vista, Unix, Mac OS 8.
16 C HAPTER 1: I NTRODUCING THE R OUT ER 1 Power LED (Illuminated Logo) White The 3Com logo serves as power OK i ndicator . This LED will light if the ro uter is r eceiving power fr om the powe r adapter . If it is not lit check the power adapter connection s.
Physical Features 17 7 WPS LED Blue WiFi Protected Setup (WPS) is a standard for easy and secure establishment of a wir eless network, allowing wireless clients to connect securely to r outers and access point s. The WPS LED shows the statu s of the WPS function.
18 C HAPTER 1: I NTRODUCING THE R OUT ER The rear panel ( Figur e 5 ) of the Router contains one ADSL port, f our LAN ports, one W iFi on/off button, a rese t button, one power adapter socket, and one WPS button. Figure 5 Router - Rear Panel 1 Wir eless An tennae The antennaes should be placed in a ‘V’ position when initially installed.
Physical Features 19 4 WiFi On/Off button Use this button to tur n on/tur n off the wireless function. Pr ess the button for 3 seconds. 5 Reset Button If you want to reset your Router to factory default settings, or cannot access the web manage ment interf ace (for examp le, due to a lost password), then you may use this button.
20 C HAPTER 1: I NTRODUCING THE R OUT ER.
2 I NSTALLING THE R OUTER Introduction This chapter will guide you thr ough a basic installation of the Router , including: ■ Connecting the Router to the Inter net. ■ Connecting the Router to your network. ■ Setting up your computers for networking with the Router .
22 C HAPTER 2: I NSTALLING THE R OUTER When positioning your Router , ensur e : ■ It is out of direct sunlight and away from sour ces of heat . ■ Cabling is away from power lines, fluor e scent lighting fixtures, and sources of electrical noise such as radios, transmitters and broadband amplifiers.
Powering Up the Router 23 Mounting Instructions for Wood W alls T o wall mount the un it: 1 Make two holes 98 mm (3 .9 in.) apart. 2 Fix two suitable screws dir ectly in to the wall, leaving their heads 3 mm (0.12 in.) clear of the wall surface . The screws should be at least 20 mm (0.
24 C HAPTER 2: I NSTALLING THE R OUTER Figure 6 Connecting the Router (with splitter) Figure 7 Connecting the Router (without splitter) 1 Run the provided telephone cable fr om the wall jack pr oviding ADSL service to the ADSL port on your Router .
Connecting the Router 25 2 Then: ■ If you are using a full-rate (G.dmt) connection, your service provider will attach the outside ADSL line to a data/voice splitter . In this case you can connect your phones and comput er dir ectly to the splitter as shown below ( Figure 8 ): or ■ If you are using a splitterless (G.
26 C HAPTER 2: I NSTALLING THE R OUTER Figure 9 Installing without a splitter Y ou have now completed the har d ware installation of your Router . Next you need to set up your computers so that they can make use of the Router to communicate with the Internet.
3 S ETTING U P Y OUR C OMPUTERS The Router has the ability to dynamica lly allocate netw ork addr esses to the computers on your network, usi ng DHCP . However , your computers need to be configured correctly for this to take place. T o change t he configuration of your computers to a llow this, follow the instructions in this chapter .
28 C HAPTER 3: S ETTING U P Y OUR C OMPUTER S Figure 10 Local Ar ea Properties Screen 6 Ensure that the opt ions Obtain an IP addr ess automatically , and Obtain DNS server address automatically are both selected as shown in Figur e 11 . Click OK . Figure 11 Internet Protocol (TCP/IP) Properties Scr een 7 Restart your computer .
Obtaining an IP Address Automaticall y 29 Windows Vista 1 From the Win dows Start Menu, se lect Settings > Network . 2 Click on Organize . Select Properties . 3 Click on Manage network > Connections . 4 Double click Local Area Connection . Select Proper ties and click continue .
30 C HAPTER 3: S ETTING U P Y OUR C OMPUTER S Windows XP 1 From the Win dows Start Menu, select Control Panel . 2 Click on Network and Internet Connections . 3 Click on the Network Connectio ns icon. 4 Double click on LAN or High Speed Connection icon.
Disabling PPPoE and PPTP Client Software 31 Disabling PPPoE and PPTP Client Software If you have PPPoE client software installed on your computer , yo u will need to disable it. T o do this: 1 From the Win dows Start Menu, select Settings > Control Panel .
32 C HAPTER 3: S ETTING U P Y OUR C OMPUTER S.
4 R UNNING THE S ETUP W IZAR D Accessing the Router using the 3Com Detect Application The 3Com Detect application works by automatically locating your Router , establishing wh at IP add re ss it is us ing and then launching your default web browser to connect directly to it.
34 C HAPTER 4: R UNNING THE S ETUP W IZARD Figure 15 3Com Detect Application If the computer has multiple networ k adapters, select the ad apter that connects the computer to the network or the Router , click Next .
Accessing the Setup Wizard 35 Figure 18 Router List Scr een Accessing the Setup Wizard The Router setup program is Web-based, which means that it is accessed through your W eb br owser (Netscape Navigator 4.7 or higher , Inter net Explorer 6.0 or higher , or Mozilla 1.
36 C HAPTER 4: R UNNING THE S ETUP W IZARD 4 T o log in as an administr ator , enter the pa sswor d (the def ault pa ssword is admin ) in the System Password field and click Lo g in (see Figure 20 ).
Accessing the Setup Wizard 37 The W izard will then launch automatically (refer to Figure 24 ). Y ou will be guided step by step through a basic setup procedur e. ■ if the Router has been configured previously , the We lc o m e screen will appear ( Figure 22 ).
38 C HAPTER 4: R UNNING THE S ETUP W IZARD Figure 23 Passwor d Screen 1 T o change the cu rrent passwor d, enter the password in the Current Password field. 2 Enter the new password in the New Password field, and enter it again in the Confirm New Password field.
Accessing the Setup Wizard 39 Wizard - Time and Time Zone The Time and Time Zone scr een allows you to set up the time for the Router . Figure 25 Time and T ime Zone Screen 1 Select the correct base date and time.
40 C HAPTER 4: R UNNING THE S ETUP W IZARD Wizard - Con nection Ty p e The Connection T y pe scre en allows you to set up the Router for the type of Intern et connection you have. Before setting up your connection type, have your account information from your ISP r eady .
Accessing the Setup Wizard 41 PPPoE PPPoE is often used for DSL connection . T o set up the Router for u se with a PPPoE (PPP over Ethe rnet) connection , use the following procedure: Figure 27 PPPoE Scr een 1 Enter your use r name in the Username field.
42 C HAPTER 4: R UNNING THE S ETUP W IZARD PPPoA T o set up the Router for use with a PPP over A T M (PPPoA ) connection, use the following procedur e: Figure 28 PPPoA Scr een 1 Enter your use r name in the Username field. 2 Enter your pa sswor d in the Password field.
Accessing the Setup Wizard 43 Bridge Mode (for a single PC) Selecting the Bridge mode sets the device into 1483 bridging mode in which the device connects LANs and W AN together . It operates as a Data Link Layer device that acts to limit the traffic between two network segments by filtering the data between them based on the har d ware address.
44 C HAPTER 4: R UNNING THE S ETUP W IZARD Routing Mode over A TM The Routing Mode over A T M uses fixe d/static IP addresses, which ar e provided by your ISP , to conn ect to the Inter net. Obtain the information on this screen fr om your ISP . Figure 30 Routing mode over A TM Screen 1 Enter your Internet IP address in the WAN IP field.
Accessing the Setup Wizard 45 Dynamic/Fixed IP in 1483 Bridge Mode (For Multiple PCs) For bridge mode to work, you need to assign an IP address to the Router . Y ou can either configure the Router to obtain an IP addr ess automatically from a DHCP server or assign a fi xed or static IP address to it.
46 C HAPTER 4: R UNNING THE S ETUP W IZARD Wizard - LAN Settings Th e LAN Settings screen allows you to set the default IP addr ess and DHCP client IP range for the Router .
Accessing the Setup Wizard 47 Wizard - Wir e less Setting The W ireless Settings screen allows you to set up the SSID and radio channel used for the wireless connection. Figure 33 Wireless Setting Scr een 1 Select the channel you want to u se from the Channel drop-down menu.
48 C HAPTER 4: R UNNING THE S ETUP W IZARD Figure 34 Security Mode Scr een 64-bit WEP WEP is th e basic mechanism to transmit you r data securely over the wireless network. Matching encrypti on keys must be set up on your Router and wireless client devices to use WEP .
Accessing the Setup Wizard 49 2 Click Next . Note that all four WEP keys on each device o f the same wireless network must be identical. 128-bit WEP WEP is the ba sic mechanism to tran smit your data securely over the wireless network. Matching encryption keys must be set up on your Router and wireless client devices to use WEP .
50 C HAPTER 4: R UNNING THE S ETUP W IZARD WP A-PSK (no server) WP A (W i-Fi Protected Acc ess) pr ovides dynamic key changes and constitutes the best secur ity solution. If your n etwork does not have a RADIUS server . Select the no server o ption. Note that in home and very small office deployments, PSK is typically used.
Accessing the Setup Wizard 51 WP A with Radius Server WP A (W i-Fi Protected Acc ess) pr ovides dynamic key changes and constitut es the best security so lution. Th is functi on r equir es that a RADIUS server is running on the network. Figure 38 WP A with Radius Server Screen 1 Select WP A with RADIUS server from the Se curity Mode drop-down menu.
52 C HAPTER 4: R UNNING THE S ETUP W IZARD Wizard - Configuration Summary When you have completed the Setup W izard, a configuration summary will appear . V erify the configuration information of the Router and then click Apply to save your settings. 3Com recommends that you print out this page for your recor ds.
5 C ONFIGURING THE R OUTER Navigating through the Router Configuration Screens This chapter describes all the scr eens available thr ough the Router configuration screens, and is provided as a r eference. T o get to the configuration screens, enter the Router ’ s default IP in the location bar of your browser .
54 C HAPTER 5: C ONFIGURING THE R OUTER LAN Settings Y our Router is equipped with a DHCP se rver th at will automatically assign IP addresses to each computer on your network. The factory default settings for the DHCP server will work with most applications.
LAN Settings 55 1 Enter th e Router ’ s IP Address and Subnet Mask in the appropriate fields. The default IP addr ess is 192.168.1.1. 2 If you want to use t he Rou ter as a DHCP Server , check Enable in the DHCP Ser ver field. 3 Enter the IP address range in the IP Pool St art Address and IP Pool End Address fields.
56 C HAPTER 5: C ONFIGURING THE R OUTER ■ Host Name — The client machine’ s ho st name, if config ured. ■ MAC Address — The Media Access Contr o l (MAC) a ddress of the client’ s network card. ■ Client T y pe — Whether the client is connected to the Router by wired or wireless connection.
Wireless Settings 57 Wire less Settings The W ireless Setting s screens allow yo u to configure the settings for the wireless connections. Y ou can enable or disable the wireless connection for your LAN. When disabled, no wireless PCs can gain acce ss to either the Inter net or other PCs on your wired or wir eless LAN through this Router .
58 C HAPTER 5: C ONFIGURING THE R OUTER Configuration The W ireless Configuration Screen allows you to tur n on/ tur n off the wireless function, and set up basic wir eless setting s. Y ou can also enable/disable the W ireless function using the W iFi on/off button at the back of the Router .
Wireless Settings 59 6 Select whether your Router will ope rate in 11b mode only , 11g mode only , 11n mode only , or mixed mode from the Wireless Mode drop-down menu.
60 C HAPTER 5: C ONFIGURING THE R OUTER Encryption This feature pr events any non-authorized par ty fr om r eading or changing your data over the wir e less network. Figure 45 Encryption Scr een Select the wireless security mode that you want to use fr om the drop-down menu, and click Apply .
Wireless Settings 61 64-bit WEP WEP is the ba sic mechanism to tran smit your data securely over the wireless network. Matching encrypti on keys must be set up on your Router and wireless client devices to use WEP . Note that 3Com recommends using WP A/WP A2 to se cu re yo u r w ire l e ss c on n e ct i o n .
62 C HAPTER 5: C ONFIGURING THE R OUTER 128-bit WEP WEP is th e basic mechanism to transmit you r data securely over the wireless network. Matching encryption keys must be set up on your Router and wireless client devices to use WEP . Note that 3Com recommends using WP A/WP A2 to se cu re yo u r w ire l e ss c on n e ct i o n .
Wireless Settings 63 WP A-PSK (no server) WP A (W i-Fi Protected Acc ess) pr ovides dynamic key changes and constitutes the best secur ity solution. If your n etwork does not have a RADIUS server . Select the no server option. For home network or very small business networking environment, PSK is typically used.
64 C HAPTER 5: C ONFIGURING THE R OUTER WP A (with RADIUS Serve r) WP A (W i-Fi Protected Acc ess) pr ovides dynamic key changes and constitut es the best security so lution.
Wireless Settings 65 WPS W i-Fi Protected Setup (WPS) integrates the new WLAN clients into your wireless network easily . Y ou can enable this function by entering the PIN code via the web UI page or by pr e ssing the WPS button on the rear side of the device.
66 C HAPTER 5: C ONFIGURING THE R OUTER ■ WPS-PBC 1 Press the WPS button located on the rear of the Router . Note that this setup process will only be active for 2 minutes. Follow the instruction of your WLAN NIC to set up the WPS. The WPS LED shows the status of th e WPS function.
Wireless Settings 67 Connection Contr ol This feature is used to filter the clients based on th eir MAC addresses. Using this function, you can limit the access right of the wir eless clients to this Router . Check the En able MAC Address Filt ering checkbox, the Connection Control scr een will appear .
68 C HAPTER 5: C ONFIGURING THE R OUTER Client List Y ou can view the list of all wir eless clients th at are connected to the Router . Figure 52 Client List Scr een Click Refresh to update the list. WMM W ireless Multimedia (WMM) mode, which supports devices that meet the 802.
Wireless Settings 69 Access Categories – WMM defines f our access categories (ACs): voice, video, best effort, and background. These categories correspond to traffic priority levels and are mapped to IEEE 802.1D priority tags. The direct mapping of the four ACs to 802.
70 C HAPTER 5: C ONFIGURING THE R OUTER CWMin (Minimum Contention W indow) – Th e initial upper limit of the random backoff wait time before wir eless medium access can be attempted. The initial wait time is a random value between zer o and the CWMin value.
Wireless Settings 71 WDS The Router supports WDS (W ir eless Distribution System). WDS enables one or more Access Points to rebr oadcast received signals to extend range and r each, though this can affect the overall throughput of data. Note that WDS implementation can va ry from product to pr oduct.
72 C HAPTER 5: C ONFIGURING THE R OUTER Figure 55 Add WDS scr een On the add WDS screen, enter the MAC address of the access point, up to 4 APs can be added to the AP MAC Address table, and click Apply . Here is an example of how to setup two units of 3Com Router over WDS.
Wireless Settings 73 Figure 56 First Router Add WDS Scr een Access the Web UI of the second Router , repeat the above steps to add the first Router to the WDS table (see Figure 57 ).
74 C HAPTER 5: C ONFIGURING THE R OUTER Advanced The Advanced screen allows you to configure detailed settings for your wire less connection. Please note that y ou should not chan ge this settings unless you are an expert user .
Wireless Settings 75 ■ AP Isolation Mode: AP Isolation is a fu nction to prevent wir eless clients connected with the device f rom communicating with one another .
76 C HAPTER 5: C ONFIGURING THE R OUTER Internet Settings Y ou can configure the settings for your W AN port connection. AT M P V C This feature is used to configur e the parameters for your Inter net connection. The information necessary to complete these screens should be obtained from your ISP .
Internet Settings 77 Disable Selecting this option means that you do not want your Router to connect to the Internet. Figure 60 Disable Internet Connection Screen PPPoE PPP over Ethernet, provides r outing for multiple PCs, this mode is often used for the DSL connection.
78 C HAPTER 5: C ONFIGURING THE R OUTER 1 Select PPPo E fr om the prot ocol dr op-down menu. 2 Enter the IP address and Subnet mask information. 3 Enter the user name assigned to you by your ISP in the Username field. And enter the password assigned to you by your ISP in the Password field.
Internet Settings 79 12 QoS Class: select CBR, UBR or VBR . ■ CBR (constant bit rate): the CBR service class is intended for real-time applications, for example, those r equiring tightly constrained delay and delay variation, such as voice and video applications.
80 C HAPTER 5: C ONFIGURING THE R OUTER PPPoA PPP over A TM, this is a popular choi ce among Eur opean DSL pr oviders. T o configure this function correctly , you should obtain the information from your ISP . Figure 62 PPPoA Settings Scr een 1 Select PPPo A fr om the protocol drop-down menu.
Internet Settings 81 7 IPCP is used by PPP protocol to ge t one IP address fr om the PPP server . IPCP subnet function allows you to obtain a subn et (IP address and netmask), rather than an IP address.
82 C HAPTER 5: C ONFIGURING THE R OUTER Bridge Mode If your ISP limits access to the Internet to specific computers, this means that traffic to/from these computers onl y will be forwar ded.
Internet Settings 83 ■ VBR (variable bit rate): QoS class defined by the A TM Forum for A TM networks. VBR is subdivided in to a real time (RT) class and non-real time (NRT) class. VBR (RT) is used for connections in which there is a fixed timing relationship between samples.
84 C HAPTER 5: C ONFIGURING THE R OUTER Routing Mode over A TM RFC1483/2684 routed encapsulation in routing mode, it carries IP datagrams directly over A TM. DHCP c lient function can also be enabled to obtain an IP address dynamically . Figure 64 Routing Mode over A TM Screen 1 Select Routing mode over A TM from th e protocol drop-down menu.
Internet Settings 85 9 QoS Class: select CBR , UBR or VBR . ■ CBR (constant bit rate): the CBR service class is intended for real-time applications, for example, those r equiring tightly constrained delay and delay variation, such as voice and video applications.
86 C HAPTER 5: C ONFIGURING THE R OUTER Dynamic/Fixed IP in 1483 Bridge Mode Dynamic/Fixed IP in 1483 Bridge Mode u ses the same encapsul ation as 1483 Bridging but with bridging f uncti on disabled. DHCP client function can also be enabled to obtai n an IP address dynamically .
Internet Settings 87 6 If your ISP uses DHCP to automati cally assign IP addresses, check the DHCP Client checkbox. 7 Check the Add Default Rou te checkbox to set this PVC as the default route, this is used when you config ure mor e than one PVC for the Route r .
88 C HAPTER 5: C ONFIGURING THE R OUTER DNS Domain Name Service ( or Server) is an Internet service th at translates domain names into IP addresses. Be cause domain names are alphabetic, they'r e easier to r emember . The Intern et however , is r eally based on IP addresses.
Internet Settings 89 Clone MAC addr ess T o configure the hostname and Clone MAC Address information for your Router , select Internet Settings , then go to the Clone MAC addre ss tab. The Hostname and MAC Address scre en displays. Figure 67 Hostname and Clone MAC Addr ess Screen 1 Some ISPs require a host name.
90 C HAPTER 5: C ONFIGURING THE R OUTER Fire wall This section is for configu ration sett ings of the Router’ s fir ew all function. Y our Router is equipped with a firewall that will protect yo ur network from a wide array of common hacker attacks including Ping of Death (PoD) and Denial of Service (DoS) a ttacks.
Firewall 91 T o enable the firewall function: 1 Select the level of protection (High, Me dium, or Lo w) that you desire from the Firewall level drop-down menu. 2 Click Apply . ■ For low and medium levels of fir ewall protection, refer to Figur e 69 .
92 C HAPTER 5: C ONFIGURING THE R OUTER Figure 70 High Level Fir ewall Protection Scr een If you select high level of protec tion, you would have an option to configure additional parameters for the firewall. ■ Fragmentation half-open wait - Configures the number of seconds that a packet state structu re r emains active.
Firewall 93 ■ T otal incomplete TCP/UD P sessions HIGH - Defines the rate of new unestablished sessions that will cause the software to start deleting half-open sessions. ■ T otal incomplete TCP/ UDP sessions LOW - Defines the rate of new unestablished sessions that will caus e the software to stop deleting half-open sessions.
94 C HAPTER 5: C ONFIGURING THE R OUTER Special Applications Sp ecial Applications (port triggering) let you choose specific ports to be open for specific applications to wo rk properly with the Network Address T ranslation (NA T) fe ature of the Router .
Firewall 95 Virtual Servers Th e Virtual servers feature allows you to route external (Inter net) calls for services such as a web serv er (port 80), FTP se rver (Port 21), or other applications through your Router to your inter nal network.
96 C HAPTER 5: C ONFIGURING THE R OUTER 3 Specify the public port that will be seen by clients on the Internet, and th e LAN port which the traffic will be r outed to. 4 Y ou can enable or disable each Vi rtual Server entry by checking or unchecking the appropriate Enabled checkbox.
Firewall 97 address is not known, or if more than one PC on t he Internet w ill need to access the DMZ PC, then set the Public IP Address to 0.0.0.0 . In the default setting, (line 1) refer to Figur e 73 , Public IP address is set to 0.0.0.0 and it is automatically tran sformed by default W AN IP .
98 C HAPTER 5: C ONFIGURING THE R OUTER T o edit or delete specific existing filtering rules, click on Edit or Delete for the appropriate fi ltering rule. Figure 75 PC Privileges Add PC Scr een 1 Enter a descri ption in the Client PC Descri ption field, and the IP address or IP address range into the Client PC IP Address fields.
Firewall 99 Schedule Rule The Router can be configured to restrict access t o the Inter net, email or other network services at specific days and t imes. Define the time in this scre en, and define the ru les in the PC Privileges screen ( see page 97 ).
100 C HAPTER 5: C ONFIGURING THE R OUTER URL Filter T o configur e the URL filter feature, use the table on the URL Filter scr een to specify the Web sites (www .somesit e.com) and/or keywords you want to filter on your network. For example, entering a k eywor d of xxx would block/allow access to any URL that contains the string xxx .
Advanced 101 Advanced The Advanced section allows you to set ad ditional parameter details for the Router . Y o u can configure: ■ Security ■ VLAN ■ Static Routes ■ RIP ■ DDNS ■ SNMP ■ Syslog ■ Proxy Arp ■ QoS Settings Security Use the Security scre en to set the advanced security settings for the Router .
102 C HAPTER 5: C ONFIGURING THE R OUTER ■ NA T — (Network Address T ranslation), NA T is the method by which the Router shares the single IP address assigned by your ISP with the computers on your network.
Advanced 103 ■ MSS Clamping — Y ou might not be ab le to browse some Web sites or to send email messages that contain attachments from an Internet Connection Sharing client comp uter if your outbound connection is through a Wi ndows XP-based Inter net Connection Sharing host computer that uses Point-to- Point Protocol over Ethernet (PPPoE).
104 C HAPTER 5: C ONFIGURING THE R OUTER VLAN A VLAN is a flexible gr o up of device s that can be loca ted anywhere in a network, but they communicate as if they are on the same physical segment. W ith VLANs, you can se gment your network without being restricted by physical connections - a drawback of traditional network design.
Advanced 105 Figure 80 VLAN Scr een Click Add VLAN to create a new entry (see Figur e 81 ). Figure 81 VLAN Pr ofile Screen ■ Enter a descriptio n for your VLAN in the Description field. ■ Enter the IP Address and subnet ma sk in the corresponding fields.
106 C HAPTER 5: C ONFIGURING THE R OUTER Static Routes Y ou can configure static r outes in this screen. Y ou can setup a static route that will get all traf fic with destinat ion to business network to go thro ugh VPN tunnel and the rest outside of the VPN tunnel.
Advanced 107 ■ Gateway — the Router used to route data to the network specified by the network address. ■ Interface — select the interface. Note that you should only configure either the Gateway information or select the Inter face. After you have finishe d making chang es to the table, click Apply .
108 C HAPTER 5: C ONFIGURING THE R OUTER RIP RIP (Routing Information Protocol) - RI P allows the network admin istrator to set up routing information on one RIP-enabled device (this Router), and send that information to all RIP-enabled devices on the net work.
Advanced 109 5 Use the Poison Reverse drop-down menu to enable or disable Poison Reverse on the Router . Enabling Poison Reverse on your Router allows it to indicate to other RIP-enabled devices that they have both routes that point to each other , pr eventing data loops.
110 C HAPTER 5: C ONFIGURING THE R OUTER DDNS The Router provides a list of dynamic DNS providers for you to choose from. Dynamic Domain Na me Server (DDNS) enables you to map a stat ic domain name to a dynamic IP address. This function allows yo u to create a hostname that p oints to your dynami c IP or static IP address or URL.
Advanced 111 SNMP SNMP (Simpl e Network Manage me nt Protocol) allows r emote management of your Router by a PC that has an SNMP management agent installed . Check the En able SNMP box, the table will appear . Figure 87 SNMP Scr een Enter th e System Contact , System Name , and System Location information.
112 C HAPTER 5: C ONFIGURING THE R OUTER Y ou can configure the Router to send statu s messages to the SNMP management agent if a problem occu rs on the network. T o configur e SNMP traps: 1 In the IP Address field, enter the IP addr ess of the PC to which you want your Router to send status messages.
Advanced 113 Proxy ARP Pr oxy ARP is the technique in which one host, usually a Router , answers ARP requests intended for another machine. By “faking” its identity , the Router accepts responsibility for routing packets to the “real” or intended destination.
114 C HAPTER 5: C ONFIGURING THE R OUTER QoS Settings The QoS (Quality of Service) fu nction allows you to differ entiate your network traffic and pr ovide it with high-priority forwarding service. The bandwidth gap between LAN and W AN may significantly degrad e the performance of critical network applications, such as V oIP , gaming, and VPN.
Advanced 115 Tr a f f i c M a p p i n g Up to 16 ru les can be defined to classi fy your network traffic into Dif fserv forwarding gr oups and outgoing connections. Figure 91 T r affic Mapping Screen Click Add , the Edit T raffic Class scr een will appear .
116 C HAPTER 5: C ONFIGURING THE R OUTER Figure 93 Detailed Edit T raf fic Class Screen Enter the information, th en click Apply to make the settings to take effect.
VPN 117 VPN The Router has a V irtual Private Netwo rk (VPN) feature that provides a secure link between r emot e users and the corporate network by establishing an authenticated and encrypt ed tunnel for passing secure data over the Internet.
118 C HAPTER 5: C ONFIGURING THE R OUTER Figure 94 VPN Scr een 1 Check the En able IPSec box, configur ation details screen appears. Figure 95 Enable IPSec Scr een 2 Enter th e Local ID Name of your VPN. (the default is 3ComVPN) 3 Click Add to create a new entry , see Figur e 96 .
VPN 119 Figure 96 Add New VPN T unnel Configuration Scr een On the VPN T unnel Parameter scr e en, 1 Set the VPN T unnel T ype to IPSec . 2 Enter a descriptive n ame for the tu nnel in the Tu n n e l N a m e field. 3 Remote VPN Gateway - select IP address, and then ent er the IP address in the IP Address/Host Name field.
120 C HAPTER 5: C ONFIGURING THE R OUTER 5 Select the Local Party ID , and then enter the ID, Network Addr ess and Subnet Mask o f the Local Secure Gr ou p. The network address of the local secure gr ou p is usually the network address of the local network.
VPN 121 Check the En able L2TP box, configuratio n details screen appears, see Figure 97 . Figure 97 Enable L2TP Scr een 1 Enter th e Pre-shared Key for L2TP Server over IPSec Setting. 2 Define the IP Addr ess Pool for L2TP clients, enter the start/end address.
122 C HAPTER 5: C ONFIGURING THE R OUTER 1 Set the T unnel T ype to L2TP over IPSec . 2 Enter a descriptive n ame for the tu nnel in the Tu n n e l N a m e field. 3 Enter th e User name and Password . 4 Enter th e Idle Timeout value. 5 Set the L2TP T ype Setting to L2TP Server , or L2TP Client.
VPN 123 Figure 100 Add new PPTP VPN T unnel Scr een 1 Set the T unnel T ype to PPTP . 2 Enter a descriptive n ame for the tu nnel in the Tu n n e l N a m e field. 3 Enter th e User name and Password . 4 Enter th e Idle Timeout value. 5 Set the PPTP T ype Setting to PPTP Server , or PPTP Client.
124 C HAPTER 5: C ONFIGURING THE R OUTER System T ools These screens allow you to manage differ ent parameters of t he Router and perform certain administ rative functions. Restart Router Sometimes it may be necessary to r estart (or reboot) the Router .
System Tools 12 5 ■ Backup Configuration — Y ou can save your current configuration b y clicking the Backup button. Saving your conf iguration will allow you to restor e it later if your settings are lost or changed. It is r ecommended that you ba ckup your curr ent conf igurati on befor e performing a firmware update.
126 C HAPTER 5: C ONFIGURING THE R OUTER Time Zone Y ou can set the time settings for the Router on this scr een. Figure 104 Time Z one Screen The Router keeps time by connecting to a Netwo rk T ime Pr otocol (NTP) server . This allows the Router to synchr onize the system clock to the Internet.
System Tools 12 7 Ping The ping tool is used to test if the network is working properly . Figure 105 Ping Scr een 1 Enter the IP address or domain name in the IP Address or Domain Name field, and click Ping . 2 Select from the Number of times to Ping drop-down menu.
128 C HAPTER 5: C ONFIGURING THE R OUTER Tr a c e r o u t e T raceroute is the program that shows you the r oute over the network between two systems, listing all the intermediate routers a connec tion must pass thro ugh to get to its destination.
System Tools 12 9 DNS Lookup DNS Lookup is the process of r esolving an IP address (i.e. 192.168.11.137) to a host name (i.e. xxxcompany .net). Figure 107 DNS Lookup Scr een 1 Enter the IP address or domain name in the IP Address or Domain Name field, and click DNS lookup.
130 C HAPTER 5: C ONFIGURING THE R OUTER Status and Logs Y ou can use the Status Scr een to view version numbers for your Router’ s software and hardwar e and check the status of connections to In ter net, LAN and WLAN interfaces. Status This screen shows Router status and statistics.
Status and Logs 131 ADSL Status This screen shows ADSL mode m status and statistics. Figure 110 ADSL Status Scr een A TM PVC Status This screen shows A TM PVC status an d statistics. ■ Click Disconnect to disconnect from your ISP . ■ Click Connect to make a connection with your ISP .
132 C HAPTER 5: C ONFIGURING THE R OUTER Routing T able This screen displays details for the default routing used by your Router and any routing created using Static Routing or RIP . Figure 112 Routing T able Screen Logs This screen shows any attempts that have been made to gain access to your network as well as the system activities.
Status and Logs 133 T raf fic Statistics This screen shows the traffic statistics. Use the Refre sh button to update the information. Note that the current implementation only shows traffic statistics per forwarding gr o up. Hence if QoS is not enabled, this scr een will always show zer o values.
134 C HAPTER 5: C ONFIGURING THE R OUTER Support/Feedback Y ou can use the Support/Feedback sc r een to obtain support and help, and also provide feedback to 3Com.
6 T R OUBLESHOOTING Basic Connection Checks The Router has been designed to ai d you when detecting and solving possible problems with your network. These problems ar e rar ely serious; the cause is usually a disconnected or damaged cable, or incorr ect configuration.
136 C HAPTER 6: T ROUBLESHOO TING Browsing to the Router Configuration Screens If you have connected your Router and computers together but cannot browse to the Router configuration screens, check the.
Connecting to the Internet 137 ■ If the ADSL Sync LED is of f or flashes bu t does not go to a steady on state, please go through the following steps befor e contactin g 3Com support. 1 Y our ISP may have upgraded their DSLAM equipment: V erify your 3Com Router has the latest sof tware/firmwar e availa ble installed.
138 C HAPTER 6: T ROUBLESHOO TING ■ Ensure that you have enter ed the correct information into the Router configuration screens as requir ed by your Inter net Service Pr ovider .
Wireless Networking 139 Wire less Networking ■ Ensure that you have an 802.11b or 802.11g or 802.11n wireless adapter for each wireless computer , and that it is correctly installed and configured. V erify that each wir eless computer has either W indows 98 or higher or MAC OS 8.
140 C HAPTER 6: T ROUBLESHOO TING unsure try r elocating both the wireless computers and the Router to establish whether this problem exists. ■ Most wireless computer adapters will scan the channels for the wireless Router .
Power Adapter 141 4 Using the Web br o wser on the computer , enter the following URL in the location bar: http://192.168.1.1 . This will connect you to the Recovery utility in the Router . 5 Follow the on-screen instructions. Enter the path and file name of the software image file.
142 C HAPTER 6: T ROUBLESHOO TING For refer ence, the part nu mber for the power adapter supplied for your region is: 3Com Number Region 3C15VHUS US and Canada 3C15VHUK UK 3C15VHME Europe and Middle E.
Frequently Asked Questions 143 Frequently Asked Questions How do I r eset the Router to Factory Defaults? See Forgotten Password and Re set to Factory Defaults on page 138 . How many computers on the LAN does the Router support? Up to a maximum number of 253 tot al users on the LAN ar e supported.
144 C HAPTER 6: T ROUBLESHOO TING.
A IP A DDR ESSING The Internet Protocol Suite The Internet Pr otocol suite consi sts of a we ll-defined set of communicat ions pr otocols and sever a l standard application pr otocols.
146 A PPENDIX A: IP A DDRESSING For your network to work correctly , all devices on the network must have: ■ The same sub-network ad dress. ■ The same subnet mask. The only value that will be different is the specific host device number . This value must always be unique.
How does a Device Obtain an IP Address and Subnet Mask? 147 This type of IP Address operates on a subnet mask of ‘255.255.0.0’. See Ta b l e 4 for an example about how a network (only four computers repr esented) and a Router might be configured.
148 A PPENDIX A: IP A DDRESSING Auto-IP Addressing Network devices use automatic IP addressing if they are configured to acquire an addr ess using DHCP but are unable to contact a DHCP server . Automatic IP addr essing is a scheme where devices allocate themselves an IP addr ess at random from th e industry s tandard subnet of 169.
B T ECHNICAL S PECIFICATIONS This section lists the technical spec ificatio ns for the 3Com W ireless 11n ADSL Fire wall Router . 3Com Wire less 11n Cable/DSL Firewall Router Interfaces ADSL connectio.
150 A PPENDIX B: T ECHNICAL S PEC IFICATIONS Standard IEEE 802.11g, Direct Sequence Spread Spectrum (DSSS) T ransmission rate: 54 Mbps, automatic fallback to 48, 36, 24, 18, 12, or 6M b p s Maximum channels: 13 Range up to 304.
3Com Wireless 11n Cable/DSL Firewall Router 15 1 Standards Functional: ISO 8802/3 IEEE 802.3 IEEE 802.11b, 802.11g Safety: EN 60950-1: 2001 UL 60950-1 IEC 60950-1: 2001 EMC: FCC Part15 B EN 55022 EN 5.
152 A PPENDIX B: T ECHNICAL S PEC IFICATIONS Ether net Performance The Router complies to the IEEE 802.3i, u and x specifications. Cable Specifications The Router supports the following cable types and maximu m lengths: ■ Category 5 (Fast Ethe rnet or Dual Speed Ethernet) T wisted Pair — shielded and unshi elded cable types.
C S AFETY I NFORMATION Important Safety Information WAR N IN G : W arnings cont ain dire ctions tha t you must fo llow for your personal safety . Follow all directions carefully .
154 A PPENDIX C: S AFETY I NFORMATION WARNING: RJ-45 ports. These are shielded RJ-4 5 data sockets. They cannot be used as telephone so ckets. Only conn ect RJ-45 data connectors to these sockets. Wichtige Sicherheitshinweise VORSICHT : W arn hinweise enthalten Anweisungen, die Sie zu Ihrer eigenen Sicherheit befolgen müssen.
155 VORSICHT : Es sind keine von dem Benutzer zu ersetzende oder zu wartende T eile in dem Gerät vorhanden. W enn Sie ein Problem mit dem Router haben, das nicht mittels der Fehleranalyse in dieser Anleitung behoben werden kann, setz en Sie sich mit Ihrem Lieferante n in V erbindung.
156 A PPENDIX C: S AFETY I NFORMATION conditions ne sont maintenues que si l'équipement auquel il est raccordé fonctionne dans les mêmes conditions. A VERTISSEMENT : Il n’y a pas de parties remplaceables par les utilisateurs ou entretenues pa r les utilisateurs à l’in térieur du moyeu.
D E ND U SER S OFTWAR E L ICENSE A GR EEMENT 3Com Corporation END USER SOFTW ARE LICENSE AGREEMENT YOU SHOULD CAREFULLY READ THE FOLLOWING TERMS AND CO NDITIONS BEFORE DOWNLOADING, INSTALLING AND USING THIS PRODUCT, THE USE OF WHICH IS LICENSED BY 3COM CORPORATIO N ("3COM") TO ITS CUSTOMERS FOR THEIR USE ONLY AS SET FORTH BELOW.
158 A PPENDIX D: E ND U SER S OFTWARE L ICENSE A GREEMENT TRADE SECRETS; TITLE : You acknowledge and agree that the str ucture, sequence and organiz ation of the So ftware are the valuable trade secrets of 3Com and its supp liers. You agree to hold such trade secrets in confidence.
159.
E O BTAINING S UPPORT FOR Y OUR 3C OM P R ODUCTS 3Com offers pr oduct registration, ca se management, and r epair services through eSupport.3com.com. Y ou must ha ve a user name and password to access these services, which ar e described in this appendix.
Access Software Downloads 161 Contact your authorized 3Com rese ller or 3Com for ad ditional product and support information. See the table of acces s numbers later in this appendix. Access Software Downloads Y ou are entitled to bug fix / maintenance releases for the version of software that you initially purc hased with your 3Com product.
162 A PPENDIX E: O BTAINING S UPPORT FOR Y OUR 3C OM P RODUCTS T o send a product directly to 3Com for repair , you must first obtain a return materials authorization numbe r (RMA). Products sent to 3Com without authorization numb ers clearly marked on the outside of the package will be returned to the sender unopened, at the sender’ s expense.
Contact Us 163 You can also obtain support in this region using this URL : http://emea.3com.com /sup port/email.h tml You can also obtain non-urgent support in this region a t these ema il addresses: Technical suppo rt and general requ ests: customer_support@3com.
164 A PPENDIX E: O BTAINING S UPPORT FOR Y OUR 3C OM P RODUCTS.
G LOSSARY 802.11b The IEEE specification for wireless Ethe rnet which allows speeds of up to 11 Mbps. The standard pr ovides fo r 1, 2, 5.5 a nd 11 Mbps dat a rates. The rates will switch automatically depending on range and environment. 802.11g The IEEE specification for wireless Ethe rnet which allows speeds of up to 54 Mbps.
166 G LOSSARY Ad Hoc mode Ad Hoc mode is a configuration supported by most wireless clients. It is used to connect a peer to peer network together without the use of an access point. It offers lower performa nce than infr astructure mode, which is the mode the r outer uses.
G LOSSARY 167 DHCP Dynamic Host Configuration Protocol. This protocol automatically assigns an IP address for every computer on yo ur network. W indows 95, W indows 98, W indows NT 4.0, W indows 2000, W indows XP , and W indows Vista contain software that assigns IP addresses to workstations on a network.
168 G LOSSARY Full Duple x A system that allows packets to be transmitted and received at the same time and, in effect, doubles the potential thr oughput of a link. Half Duplex A system that allows packets to transmitted and received, but not at the same time.
G LOSSARY 169 IPSec IP Security . Provides IP network-la yer encryption. IPSec can suppor t large encryption netw orks (such as the Internet) by u sing digital certificates for device authentication. When setting up an IPSec connectio n between two devices, make sure that they support the same encryption method.
170 G LOSSARY PPPoE Point-to-Point Protocol over Ethernet. Point-to-Point Pr otocol is a method of data transmission o riginally creat ed for dial-up connectio ns; PPPoE is for Ethern et connections. PPTP Point-t o-Point T unneling Protocol is a method of secur e data transmission between two remote sites over the Internet.
G LOSSARY 171 TCP/IP T r ansmission Control Protocol/Internet Protocol. This is the name for two of the most well-known protocols developed for t he interconnection of networks. Originally a UNIX standard, TCP/IP is no w supported on almost all platforms, an d is the pr otocol of the Internet.
172 G LOSSARY Wir eless Client The term used to describe a deskt op or mobile PC that is wirelessly connected to your wireless network. Wir eless LAN Service Area Another term for ESSID (Exten ded Service Set Identifier ). Wizard A Windows application t hat automates a procedure such as installation or configuration.
173 R EGULATORY N OTICES For 3Com Wireless 11n ADSL Fir ewall Router G ENERAL S TAT EMENTS The 3Com Wireless 11n ADSL Firewall Router (WL-603) must be installed and used in strict ac cordance with the manufacturer's instructions as described in the user documentation th at comes with the pr oduct.
174 The correction of interference caused by such unau t horized modifi cation, substitution or attachment wi ll be the responsibility of the us er. Changes or modificatio ns not expressly approved by 3Com could void the u ser's au thority to operate this equipment.
175 I NDUSTRY C ANADA - RF C OMPLIA NCE This device complies with RSS-210 of the Indus try Canada Rules. Operation is subject to the followin g two conditions: 1) this device may not cause interf erence and, 2) this devi ce must accept any interference, inc luding interference that may cause unde sired operation of the device.
176 Č esky [Czech ] 3Com Coporation tímto prohlašuje, ze tento RLAN device je ve shod ě se základní mi pozadavky a dalšími p ř íslušnými ustanoveními sm ě rnice 199 9/5/ES.
177 A copy of the signed Declaration of Conformity can be downloaded from the Pro duct Support web page for the 3Com Wireless 11n ADSL Firewall Router at http://w ww.3Com.com. Also available at http://suppo rt.3com.com/do c/WL-603_EU_DOC. pdf. EU - R ESTRICTIONS FOR U SE IN THE 2.
178.
I NDEX Numbers 128-bit WEP 46 128-bit WEP Screen 46 1483 Bridge Mode 55 64-bit WEP Screen 47 A Access Control Scr een 62 Add PC Screen 63 Add Schedule Rule Screen 65 Addresses IP 85 Admin Password Scr.
180 I NDEX configuring 56 MAC Addr ess Filtering Scr een 66 mode 30 N NA T (Network Address T ranslation) 68 NA T -T (NA T T raversal) 68 Network addresse s 85 Networking wirele ss 81 NIC wirele ss 14.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il 3Com Wireless 11n è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del 3Com Wireless 11n - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso 3Com Wireless 11n imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul 3Com Wireless 11n ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il 3Com Wireless 11n, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del 3Com Wireless 11n.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il 3Com Wireless 11n. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo 3Com Wireless 11n insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.