Asus Rx3041h User manual

RX3041H

User’s Manual

Revision 1.3

Aug. 19, 2004

Table of Contents

1Introduction ..............................................1

1.1 Features................................................................................................................1

1.2 System Requirements..........................................................................................1

1.3 Using this Document............................................................................................1

1.3.1 Notational conventions...............................................................................1

1.3.2 Typographical conventions........................................................................1

1.3.3 Special messages......................................................................................2

2Getting to Know the RX3041H.................3

2.1 Parts List...............................................................................................................3

2.2 Front Panel ...........................................................................................................3

2.3 Rear Panel............................................................................................................4

2.4 Major Features......................................................................................................4

2.4.1 Firewall and NAT Features........................................................................4

2.4.1.1 Address Sharing and Management..............................................5

2.4.1.2 ACL (Access Control List) .............................................................5

2.4.1.3 Stateful Packet Inspection.............................................................5

2.4.1.4 Defense against DoS Attacks........................................................6

2.4.1.5 Application Command Filtering.....................................................6

2.4.1.6 Application Level Gateway (ALG).................................................7

2.4.1.7 URL Filtering..................................................................................7

2.4.1.8 Log and Alerts................................................................................7

2.4.1.9 Remote Access..............................................................................7

3Quick Start Guide.....................................9

3.1 Part 1 — Connecting the Hardware.....................................................................9

3.1.1 Step 1. Connect an ADSL or a cable modem...........................................9

3.1.2 Step 2. Connect computers or a LAN........................................................9

3.1.3 Step 3. Attach the AC adapter...................................................................9

3.1.4 Step 4. Turn on the RX3041H, the ADSL or cable modem and power up

your computers.........................................................................................10

3.2 Part 2 — Configuring Your Computers..............................................................11

3.2.1 Before you begin......................................................................................11

iii

3.2.2 Windows® XP PCs:.................................................................................11

3.2.3 Windows® 2000 PCs:..............................................................................11

3.2.4 Windows® 95, 98, and Me PCs ..............................................................12

3.2.5 Windows® NT 4.0 workstations:..............................................................12

3.2.6 Assigning static IP addresses to your PCs .............................................13

3.3 Part 3 — Quick Configuration of the RX3041H.................................................13

3.3.1 Buttons Used in Setup Wizard.................................................................14

3.3.2 Setting Up the RX3041H..........................................................................14

3.3.3 Testing Your Setup ..................................................................................20

3.3.4 Default Router Settings............................................................................20

4Getting Started with the Configuration

Manager.................................................21

4.1 Log into the Configuration Manager ..................................................................21

4.2 Functional Layout...............................................................................................22

4.2.1 Setup Menu Navigation Tips....................................................................22

4.2.2 Commonly Used Buttons and Icons........................................................22

4.3 Overview of System Configuration ....................................................................23

5Configuring LAN Settings.......................25

5.1 LAN IP Address..................................................................................................25

5.1.1 LAN IP Configuration Parameters...........................................................25

5.1.2 Configuring the LAN IP Address..............................................................25

5.2 DHCP (Dynamic Host Control Protocol)............................................................26

5.2.1 Introduction...............................................................................................26

5.2.1.1 What is DHCP?............................................................................26

5.2.1.2 Why use DHCP?..........................................................................26

5.2.2 DHCP Server Configuration.....................................................................27

5.2.2.1 DHCP Configuration Parameters................................................27

5.2.2.2 Configuring DHCP Server...........................................................27

5.2.2.3 Viewing Existing IP Address Lease.............................................28

5.2.3 Fixed DHCP Lease..................................................................................28

5.2.3.1 Fixed DHCP Lease Configuration Parameters...........................28

5.2.3.2 Add a Fixed DHCP Lease...........................................................29

5.2.3.3 Delete a Fixed DHCP Lease.......................................................29

5.2.3.4 Viewing Fixed DHCP Lease Table..............................................29

5.3 DNS.....................................................................................................................29

5.3.1 About DNS................................................................................................29

5.3.2 Assigning DNS Addresses.......................................................................30

5.3.3 Configuring DNS Relay............................................................................30

5.4 Viewing LAN Statistics........................................................................................31

6Configuring WAN Settings.....................33

6.1 WAN Connection Mode......................................................................................33

6.2 PPPoE ................................................................................................................33

6.2.1 WAN PPPoE Configuration Parameters.................................................33

6.2.2 Configuring PPPoE for WAN...................................................................35

6.3 Dynamic IP..........................................................................................................36

6.3.1 WAN Dynamic IP Configuration Parameters..........................................36

6.3.2 Configuring Dynamic IP for WAN............................................................36

6.4 Static IP...............................................................................................................37

6.4.1 WAN Static IP Configuration Parameters...............................................37

6.4.2 Configuring Static IP for WAN .................................................................37

6.5 Viewing WAN Statistics......................................................................................38

7Configuring Routes................................41

7.1 Overview of IP Routes........................................................................................41

7.1.1 Do I need to define IP routes?.................................................................41

7.2 Dynamic Routing using RIP (Routing Information Protocol).............................41

7.2.1 Dynamic Routing (RIP) Configuration Parameters.................................41

7.2.2 Configuring RIP........................................................................................42

7.3 Static Routing......................................................................................................43

7.3.1 Static Route Configuration Parameters...................................................43

7.3.2 Adding a Static Route ..............................................................................43

7.3.3 Deleting a Static Route ............................................................................43

7.3.4 Viewing the Routing Table.......................................................................44

8Configuring DDNS .................................45

8.1 DDNS Configuration Parameters.......................................................................46

8.2 Configuring RFC-2136 DDNS Client.................................................................47

8.3 Configuring HTTP DDNS Client.........................................................................48

8.4 Configuring Local Host Table.............................................................................48

8.4.1.1 Add a Host Table Entry ...............................................................49

8.4.1.2 Modify a Host Table Entry...........................................................49

8.4.1.3 Delete a Host Table Entry...........................................................49

8.4.1.4 View the Host Table.....................................................................49

9Configuring Firewall/NAT Settings.........51

9.1 Firewall Overview...............................................................................................51

9.1.1 Stateful Packet Inspection .......................................................................51

9.1.2 DoS (Denial of Service) Protection..........................................................51

9.1.3 Firewall and Access Control List (ACL)...................................................51

9.1.3.1 Priority Order of ACL Rule...........................................................51

9.1.3.2 Tracking Connection State..........................................................52

9.1.4 Default ACL Rules....................................................................................52

9.2 NAT Overview.....................................................................................................52

9.2.1 Static (One to One) NAT..........................................................................52

9.2.2 Dynamic NAT...........................................................................................53

9.2.3 NAPT (Network Address and Port Translation) or PAT (Port Address

Translation)...............................................................................................54

9.2.4 Reverse Static NAT..................................................................................55

9.2.5 Reverse NAPT / Virtual Server................................................................55

9.3 ACL Rule Configuration Parameters.................................................................55

9.4 Configuring Inbound ACL Rules........................................................................57

9.4.1 Add an Inbound ACL Rule.......................................................................58

9.4.2 Modify an Inbound ACL Rule...................................................................58

9.4.3 Delete an Inbound ACL Rule...................................................................59

9.4.4 Display Existing Inbound ACL Rules.......................................................59

9.5 Configuring Outbound ACL Rules .....................................................................59

9.5.1 Add an Outbound ACL Rule....................................................................59

9.5.2 Modify an Outbound ACL Rule................................................................60

9.5.3 Delete an Outbound ACL Rule................................................................60

9.5.4 Display Existing Outbound ACL Rules....................................................61

9.6 Configuring URL Filters......................................................................................61

9.6.1 URL Filter Configuration Parameters......................................................61

9.6.2 Add an URL Filter Rule............................................................................61

9.6.3 Modify an URL Filter Rule........................................................................62

9.6.4 Delete an URL Filter Rule........................................................................62

9.6.5 View Existing URL Filter Rules................................................................62

9.7 Configuring Advanced Firewall Features – (Firewall ÎAdvanced).................62

9.7.1 Configuring Self Access Rules ................................................................63

9.7.1.1 Self Access Configuration Parameters.......................................63

9.7.1.2 Add a Self Access Rule...............................................................63

9.7.1.3 Modify a Self Access Rule...........................................................64

9.7.1.4 Delete a Self Access Rule...........................................................64

9.7.1.5 View Configured Self Access Rules............................................64

9.7.2 Configuring Service List...........................................................................64

9.7.2.1 Service List Configuration Parameters .......................................64

9.7.2.2 Add a Service...............................................................................65

9.7.2.3 Modify a Service ..........................................................................65

9.7.2.4 Delete a Service...........................................................................66

9.7.2.5 View Configured Services...........................................................66

9.7.3 Configuring DoS Settings.........................................................................66

9.7.3.1 DoS Protection Configuration Parameters..................................66

9.7.3.2 Configuring DoS Settings............................................................67

9.8 Firewall Policy List – (Firewall ÎPolicy List) ....................................................68

9.8.1 Configuring Application Filter...................................................................69

9.8.1.1 Application Filter Configuration Parameters...............................69

9.8.1.2 Add an Application Filter..............................................................70

9.8.1.2.1 FTP Example: Add a FTP Filter Rule to Block FTP DELETE

Command.....................................................................................71

9.8.1.2.2 HTTP Example: Add a HTTP Filter Rule to Block JAVA Applets

and Java Archives .......................................................................73

9.8.1.3 Modify an Application Filter .........................................................74

9.8.1.4 Delete an Application Filter..........................................................75

9.8.2 Configuring IP Pool..................................................................................75

9.8.2.1 IP Pool Configuration Parameters...............................................75

9.8.2.2 Add an IP Pool.............................................................................75

9.8.2.3 Modify an IP Pool.........................................................................76

9.8.2.4 Delete an IP Pool.........................................................................76

9.8.2.5 IP Pool Example..........................................................................77

9.8.3 Configuring NAT Pool..............................................................................78

9.8.3.1 NAT Pool Configuration Parameters...........................................78

9.8.3.2 Add a NAT Pool...........................................................................79

9.8.3.3 Modify a NAT Pool.......................................................................79

vii

9.8.3.4 Delete a NAT Pool.......................................................................80

9.8.3.5 NAT Pool Example......................................................................80

9.8.4 Configuring Time Range..........................................................................81

9.8.4.1 Time Range Configuration Parameters......................................81

9.8.4.2 Add a Time Range.......................................................................82

9.8.4.3 Modify a Time Range ..................................................................82

9.8.4.4 Delete a Time Range...................................................................82

9.8.4.5 Delete a Schedule in a Time Range...........................................82

9.8.4.6 Time Range Example..................................................................83

9.9 Firewall Statistics – Firewall ÎStatistics...........................................................83

10 Configuring Remote Access..................85

10.1 Remote Access ..................................................................................................85

10.2 Manage User Groups and Users.......................................................................85

10.2.1 User Group Configuration Parameters....................................................85

10.2.2 Add a User Group and/or a User.............................................................86

10.2.3 Modify a User Group or a User................................................................87

10.2.4 Delete a User Group or a User................................................................87

10.2.5 User Group and Users Configuration Example ......................................88

10.3 Configure Group ACL Rules..............................................................................88

10.3.1 Group ACL Specific Configuration Parameters......................................88

10.3.2 Add a Group ACL Rule............................................................................88

10.3.3 Modify a Group ACL Rule........................................................................89

10.3.4 Delete a Group ACL Rule........................................................................90

10.3.5 Display Existing Group ACL Rules..........................................................90

10.4 Remote User Login Process..............................................................................90

10.5 Configure Firewall for Remote Access ..............................................................91

11 System Management.............................93

11.1 Configure System Services................................................................................93

11.2 Change the Login Password and Management Station IP Addresses............93

11.2.1 Change the Login Password....................................................................93

11.2.2 Configure Management Stations.............................................................94

11.2.2.1 Management Station Configuration Parameters.....................................94

11.2.2.2 Add a Management Station Group..........................................................95

viii

11.2.2.3 Modify a Management Station Group .....................................................96

11.2.2.4 Delete a Management Station Group......................................................96

11.3 Configure System Identity..................................................................................96

11.4 Setup Date and Time .........................................................................................96

11.4.1 Date/Time Configuration Parameters......................................................97

11.4.2 Maintain Date and Time...........................................................................97

11.4.3 View the System Date and Time.............................................................98

11.5 SNMP Setup.......................................................................................................98

11.5.1 SNMP Configuration Parameters............................................................98

11.5.2 Configuring SNMP ...................................................................................99

11.6 System Configuration Management..................................................................99

11.6.1 Reset to Factory Settings.........................................................................99

11.6.1.1 Reset to Factory Settings Using Configuration Manager .......................99

11.6.1.2 Reset to Factory Settings Using Reset Button......................................100

11.6.2 Backup System Configuration...............................................................100

11.6.3 Restore System Configuration...............................................................100

11.7 Upgrade Firmware............................................................................................101

11.8 Reset the RX3041H .........................................................................................102

11.9 Logout Configuration Manager ........................................................................102

AALG Configuration ...............................105

BSystem Specifications..........................109

B.1 Hardware Specification ....................................................................................109

B.2 Default Settings ................................................................................................109

CIP Addresses, Network Masks, and

Subnets................................................113

C.1 IP Addresses ....................................................................................................113

C.1.1 Structure of an IP address.....................................................................113

C.2 Network classes................................................................................................113

C.3 Subnet masks...................................................................................................114

DTroubleshooting...................................117

D.1 Diagnosing Problem using IP Utilities..............................................................118

D.1.1 Ping.........................................................................................................118

D.1.2 Nslookup.................................................................................................119

EGlossary...............................................121

FIndex ....................................................127

List of Figures

Figure 2.1. Front Panel LEDs...................................................................................................................................3

Figure 2.2. Rear Panel Connections........................................................................................................................4

Figure 3.1. Overview of Hardware Connections .................................................................................................. 10

Figure 3.2. Login Screen....................................................................................................................................... 14

Figure 3.3. Setup Wizard Home Page.................................................................................................................. 15

Figure 3.4. Setup Wizard – Password Configuration Page ................................................................................. 15

Figure 3.5. Setup Wizard – System Identity Configuration Page ........................................................................ 16

Figure 3.6. Setup Wizard – Date/Time Configuration Page................................................................................. 16

Figure 3.7. Setup Wizard – LAN IP Configuration Page...................................................................................... 17

Figure 3.8. Setup Wizard – LAN DHCP Server Configuration Page...................................................................17

Figure 3.9. Setup Wizard – WAN PPPoE Configuration Page............................................................................ 18

Figure 3.10. Setup Wizard – WAN Dynamic IP Configuration Page...................................................................18

Figure 3.11. Setup Wizard – WAN Static IP Configuration Page........................................................................ 19

Figure 4.1. Configuration Manager Login Screen................................................................................................ 21

Figure 4.2. Typical Configuration Manager Page................................................................................................. 22

Figure 4.3. System Information Page................................................................................................................... 23

Figure 5.1. LAN IP Address Configuration ........................................................................................................... 26

Figure 5.2. DHCP Configuration........................................................................................................................... 28

Figure 5.3. Sample DHCP Lease Table............................................................................................................... 28

Figure 5.4. Fixed DHCP Lease Configuration Page............................................................................................ 29

Figure 5.5. LAN Statistics Page............................................................................................................................ 31

Figure 6.1. WAN PPPoE Configuration Page...................................................................................................... 35

Figure 6.2. WAN PPPoE Configuration Summary............................................................................................... 35

Figure 6.3. WAN Dynamic IP (DHCP client) Configuration ................................................................................. 36

Figure 6.4. WAN Dynamic IP (DHCP client) Configuration Summary................................................................ 37

Figure 6.5. WAN Static IP Configuration.............................................................................................................. 38

Figure 6.6. WAN Static IP Configuration.............................................................................................................. 38

Figure 6.7. WAN Statistics Page........................................................................................................................... 39

Figure 7.1. RIP Configuration............................................................................................................................... 42

Figure 7.2. Static Route Configuration................................................................................................................. 43

Figure 7.3. Routing Table..................................................................................................................................... 44

Figure 8.1. Network Diagram for RFC-2136 DDNS............................................................................................. 45

Figure 8.2. Network Diagram for HTTP DDNS.................................................................................................... 46

Figure 8.3. RFC-2136 DDNS Configuration......................................................................................................... 47

Figure 8.4. HTTP DDNS Configuration ................................................................................................................ 48

Figure 8.5. Host Table Configuration.................................................................................................................... 49

Figure 8.6. Host Table........................................................................................................................................... 49

Figure 9.1 Static NAT – Mapping Four Private IP Addresses to Four Globally Valid IP Addresses.................. 53

Figure 9.2 Dynamic NAT – Four Private IP addresses Mapped to Three Valid IP Addresses.......................... 53

Figure 9.3 Dynamic NAT – PC-A can get an NAT association after PC-B is disconnected............................... 53

Figure 9.4 NAPT – Map Any Internal PCs to a Single Global IP Address .......................................................... 54

Figure 9.5 Reverse Static NAT – Map a Global IP Address to An Internal PC................................................... 54

Figure 9.6 Reverse NAPT – Relayed Incoming Packets to the Internal Host Base on the Protocol, Port

Number or IP Address................................................................................................................................... 54

Figure 9.7. Inbound ACL configuration Example ................................................................................................. 58

Figure 9.8. Inbound ACL List ................................................................................................................................ 58

Figure 9.9. Outbound ACL Configuration Example.............................................................................................. 60

Figure 9.10. Outbound ACL List ........................................................................................................................... 60

Figure 9.11. URL Filter Configuration Example.................................................................................................... 62

Figure 9.12. URL Filter List ................................................................................................................................... 62

Figure 9.13. Self Access Rule Configuration Example........................................................................................ 63

Figure 9.14. Service List Configuration................................................................................................................. 65

Figure 9.15. Service List........................................................................................................................................ 65

Figure 9.16. DoS Attack Protection List................................................................................................................ 68

Figure 9.17. DoS Configuration Page................................................................................................................... 68

Figure 9.18 Network Diagram for FTP Filter Example – Blocking FTP Delete Command................................. 71

Figure 9.19. FTP Filter Example – Configuring FTP Filter Rule.......................................................................... 71

Figure 9.20 FTP Filter Example – Firewall Configuration Assistant.................................................................... 72

Figure 9.21 FTP Filter Example – Add an FTP Filter to Deny FTP Delete Command....................................... 72

Figure 9.22. FTP Filter Example – Associate FTP Filter Rule to an ACL Rule................................................... 72

Figure 9.23. HTTP Filter Example – Configuring HTTP Filter Rule..................................................................... 73

Figure 9.24. HTTP Filter Example – Associate HTTP Filter Rule to an ACL Rule ............................................. 74

Figure 9.25. Modify an Application Filter............................................................................................................... 74

Figure 9.26 IP Pool Configuration......................................................................................................................... 76

Figure 9.27. Network Diagram for IP Pool Configuration..................................................................................... 77

Figure 9.28. IP Pool Example – Add Two IP Pools – MISgroup1 and MISgroup2............................................. 77

Figure 9.29. IP Pool Example – Deny QUAKE-II Connection for MISgroup1..................................................... 78

Figure 9.30. NAT Pool configuration..................................................................................................................... 79

Figure 9.31. Network Diagram for NAT Pool Example........................................................................................ 80

Figure 9.32. NAT Pool Example – Create a Static NAT Pool.............................................................................. 80

Figure 9.33. NAT Pool Example – Associate a NAT Pool to an ACL Rule......................................................... 81

Figure 9.34. Time Range Configuration ............................................................................................................... 82

Figure 9.35. Time Range Example – Create a Time Range ............................................................................... 83

Figure 9.36. Time Range Example – Deny FTP Access for MISgroup1 During OfficeHours............................ 83

Figure 9.37. Firewall Statistics.............................................................................................................................. 84

Figure 10.1. User Group Configuration................................................................................................................. 86

Figure 10.2. User Group and Users Configuration Example............................................................................... 88

Figure 10.3. Group ACL Configuration Example.................................................................................................. 89

Figure 10.4. Group ACL List ................................................................................................................................. 89

Figure 10.5. Login Console................................................................................................................................... 90

Figure 10.6. Login Status Screen ......................................................................................................................... 90

Figure 10.7. Network Diagram for Inbound Remote Access............................................................................... 91

Figure 10.8. User and User Group Configuration Example................................................................................. 92

Figure 10.9. Group ACL Configuration Example.................................................................................................. 92

Figure 11.1. System Services Configuration........................................................................................................ 93

Figure 11.2. Password Configuration................................................................................................................... 94

Figure 11.3. Management Station Configuration ................................................................................................. 95

Figure 11.4. Management Station Summary ....................................................................................................... 96

Figure 11.5. System Identiy Configuration ........................................................................................................... 96

Figure 11.6. Date and Time Configuration Page.................................................................................................. 98

Figure 11.7. SNMP Configuration......................................................................................................................... 99

Figure 11.8. Existing SNMP Configuration........................................................................................................... 99

Figure 11.9. Default Setting Configuration............................................................................................................ 99

Figure 11.10. Counter Timer for Default Setting Configuration ......................................................................... 100

Figure 11.11. Backup System Configuration...................................................................................................... 100

Figure 11.12. Restore System Configuration..................................................................................................... 101

Figure 11.13. Windows File Browser.................................................................................................................. 101

Figure 11.14. Firmware Upgrade Page.............................................................................................................. 102

Figure 11.15. Counter Down Counter for Firmware Update.............................................................................. 102

Figure 11.16. Router Reset Page....................................................................................................................... 102

xii

Figure 11.17. Counter Down Counter for Router Reset .................................................................................... 102

Figure 11.18. Logout Page.................................................................................................................................. 103

Figure 11.19. Confirmation for Closing Browser (IE) ......................................................................................... 103

Figure D.1. Using the ping Utility......................................................................................................................... 119

Figure D.2. Using the nslookup Utility................................................................................................................. 120

List of Tables

Table 2.1. Front Panel Label and LEDs ..................................................................................................................3

Table 2.2. Rear Panel Labels and LEDs.................................................................................................................4

Table 2.3. DoS Attacks.............................................................................................................................................6

Table 3.1. LED Indicators...................................................................................................................................... 10

Table 3.2. Default Settings Summary................................................................................................................... 20

Table 4.1. Description of Commonly Used Buttons and Icons............................................................................ 23

Table 5.1. LAN IP Configuration Parameters....................................................................................................... 25

Table 5.2. DHCP Server Configuration Parameters............................................................................................ 27

Table 5.3. DHCP Address Assignment Parameters............................................................................................ 28

Table 5.4. Fixed DHCP Lease Configuration Parameters................................................................................... 29

Table 6.1. WAN PPPoE Configuration Parameters............................................................................................. 33

Table 6.2. WAN Dynamic IP Configuration Parameters...................................................................................... 36

Table 6.3. WAN Static IP Configuration Parameters........................................................................................... 37

Table 7.1. Dynamic Routing (RIP) Configuration Parameters............................................................................. 41

Table 7.2. Static Route Configuration Parameters............................................................................................... 43

Table 8.1. DDNS Configuration Parameters........................................................................................................ 46

Table 9.1. ACL Rule Configuration Parameters................................................................................................... 55

Table 9.2. URL Filter Configuration Parameters.................................................................................................. 61

Table 9.3. Self Access Configuration Parameters ............................................................................................... 63

Table 9.4. Service List configuration parameters................................................................................................. 64

Table 9.5. DoS Protection Configuration Parameters.......................................................................................... 66

Table 9.6. Application Filter Configuration Parameters........................................................................................ 69

Table 9.7. IP Pool Configuration Parameters....................................................................................................... 75

Table 9.8. NAT Pool Configuration Parameters................................................................................................... 78

Table 9.9. Time Range Configuration Parameters............................................................................................... 81

Table 10.1. User Group Configuration Parameters.............................................................................................. 85

Table 10.2. Group ACL Specific Configuration Parameters................................................................................ 88

Table 11.1. Management Station Configuration Parameters .............................................................................. 95

Table 11.2. Date/Time Configuration Parameters................................................................................................ 97

xiii

Table 11.3. Fixed DHCP Lease Configuration Parameters................................................................................. 98

Table A.1. Supported ALG.................................................................................................................................. 105

Table B.1. Hardware Specification...................................................................................................................... 109

Table B.2. System Default Settings.................................................................................................................... 109

Table C.1. IP Address structure.......................................................................................................................... 113

xiv

RX3041H User’s Manual Chapter 1. Introduction

1 Introduction

Congratulations on becoming the owner of the high-speed router, RX3041H. Your LAN (local area network)

will now be able to access the Internet using your broadband connection such as those with ADSL or cable

modem.

This User Manual will show you how to set up your router, and how to customize its configuration to get the

most out of this product.

1.1 Features

 10/100Base-T router providing Internet connectivity for all computers on your LAN

 4-port 10/100Base-T (auto MDI/MDIX, auto speed negotiation) Ethernet switch

 High performance firewall, and NAT (Network Address Translation) to provide secure Internet access

for your LAN

 Automatic network address assignment through DHCP Server

 Services including IP route, DNS and DDNS configuration, RIP, and IP performance monitoring

 Configuration program accessible via a web browser, such as Microsoft Internet Explorer 5.5,

Netscape 7.0.2 or newer.

1.2 System Requirements

In order to use the RX3041H for Internet access, you must have the following:

 ADSL or cable modem and the corresponding service up and running, with at least one public Internet

address assigned to your WAN

 One or more computers each containing an Ethernet 10Base-T/100Base-T network interface card

(NIC)

 (Optional) An Ethernet hub/switch, if you are connecting the device to more than four computers on an

Ethernet network.

 For system configuration using the supplied web-based program: a web browser such as Internet

Explorer v5.5 or newer.

1.3 Using this Document

1.3.1 Notational conventions

 Acronyms are defined the first time they appear in text and in the glossary (Appendix E).

 For brevity, the RX3041H is sometimes referred to as “the router” or “your router”.

 The terms LAN and network are used interchangeably to refer to a group of Ethernet-connected

computers at one site.

 Sequence of mouse actions is denoted by the “Î” character. For instance, System ÎSystem Info

means click the System menu and then click the System Info submenu.

1.3.2 Typographical conventions

 Italics is used to identify terms that are defined in the glossary (Appendix E).

 Boldface type text is used for items you select from menus and drop-down lists, and text strings you

type when prompted by the program.

Chapter 1. Introduction RX3041H User’s Manual

1.3.3 Special messages

This document uses the following icons to call your attention to specific instructions or explanations.

Note

Provides clarification or non-essential information on the current

topic.

Definition

Explains terms or acronyms that may be unfamiliar to many

readers. These terms are also included in the Glossary.

WARNING

Provides messages of high importance, including messages

relating to personal safety or system integrity.

RX3041H User’s Manual Chapter 2. Getting to Know the RX3041H

2 Getting to Know the RX3041H

2.1 Parts List

In addition to this document, your router should come with the following:

 RX3041H High Speed Router

 AC adapter

 Ethernet cable (“straight-through” type)

2.2 Front Panel

The front panel contains LED indicators that show the status of the unit.

Figure 2.1. Front Panel LEDs

Table 2.1. Front Panel Label and LEDs

LED

Label Color Status Indication

On Unit is powered on

POWER Green Off Unit is powered off

System malfunctioned if this LED stays on. Note that the

LED is lit during system booting and is turned off

afterwards. This LED is also used along w/ reset button

during system configuration reset. Please refer to the

section 11.6.1.2 “Reset to Factory Settings Using Reset

Button” for further details.

ALARM Green

Off System functions normally.

On WAN link established and active

Flashing Data is transmitted or received via WAN connection

WAN Green

Off No WAN link

On LAN link is established

Flashing Data is transmitted or received via LAN connection

LAN1 –

LAN4 Green

Off No LAN link

Chapter 2. Getting to Know the RX3041H RX3041H User’s Manual

2.3 Rear Panel

The rear panel contains the ports for the unit's data and power connections.

Figure 2.2. Rear Panel Connections

Table 2.2. Rear Panel Labels and LEDs

Label Function

POWER Power Input Jack

Connects to the supplied AC adapter

Reset

Reset Button

1. Reboots the device

2. Used for resetting the system configuration to the factory

settings. Please refer to the section 11.6.1.2 “Reset to Factory

Settings Using Reset Button” for further details.

CONSOLE Console Port

For ASUSTeK internal use only.

WAN WAN Port

Connects to your WAN device, such as an ADSL or a cable

modem.

P1 – P4 LAN Ports

Connects to your PC's Ethernet port, or to the uplink port on the

hub or the switch

2.4 Major Features

2.4.1 Firewall and NAT Features

The firewall implemented in your router provides the following features to protect your network from being

attacked and to prevent your network from being used as the springboard for attacks.

 Address Sharing and Management

 Packet Filtering

 Stateful Packet Inspection

 Defense against Denial of Service Attacks

 Application Content Filtering

 Log and Alert

 Remote Access

RX3041H User’s Manual Chapter 2 Getting to Know the RX3041H

 Keyword based URL Filtering

2.4.1.1 Address Sharing and Management

The RX3041H Firewall provides NAT to share a single high-speed Internet connection and to save the cost of

multiple connections required for the hosts on the LAN segments connected to the RX3041H. This feature

conceals network address and prevents them from becoming public. It maps unregistered IP addresses of

hosts connected to the LAN with valid ones for Internet access. The RX3041H Firewall also provides reverse

NAT capability, which enables SOHO users to host various services such as e-mail servers, web servers, etc.

The NAT rules drive the translation mechanism at the NAT router. The following types of NAT are supported

by the RX3041H.

 Static NAT – Maps an internal host address to a globally valid Internet address (one-to-one). All

packets are directly translated with the information contained in the map.

 Dynamic NAT – Maps an internal host address dynamically to a globally valid Internet address (m-to-

n). The map usually contains a pool of internal IP addresses (m) and a pool of globally valid Internet IP

addresses (n) with m usually greater than n. Each internal IP address is mapped to one external IP

address on a first come first serve basis.

 NAPT (Network Address and Port Translation) – Also called IP Masquerading. Maps many internal

hosts to only one globally valid Internet address. The map usually contains a pool of network ports to

be used for translation. Every packet is translated with the globally valid Internet address; the port

number is translated with a free pool from the pool of network ports.

 Reverse Static – This is inbound mapping that maps a globally valid Internet address to an internal

host address. All packets coming to that external address are relayed to the internal address. This is

useful when hosting services in an internal machine.

 Reverse NAPT – Also called inbound mapping, port mapping, and virtual server. Any packet coming

to the router can be relayed to the internal host based on the protocol, port number or IP Address

specified in the rule. This is useful when multiple services are hosted on different internal machines.

Note

For a complete listing of all NAT ALGs supported, refer to

Appendix A “ALG Configuration” on.

2.4.1.2 ACL (Access Control List)

ACL rule is one of the basic building blocks for network security. Firewall monitors each individual packet,

decodes the header information of inbound and outbound traffic and then either blocks the packet from

passing or allows it to pass based on the contents of the source address, destination address, source port,

destination port, protocol and other criterion, e.g. application filter, time ranges, defined in the ACL rules.

ACL is a very appropriate measure for providing isolation of one subnet from another. It can be used as the

first line of defense in the network to block inbound packets of specific types from ever reaching the protected

network.

The RX3041H Firewall’s ACL methodology supports:

 Filtering based on destination and source IP address, port number and protocol

 Use of the wild card for composing filter rules

 Filter Rule priorities

 Time based filters

 Application specific filters

 User group based filters for remote access

2.4.1.3 Stateful Packet Inspection

The RX3041H Firewall uses “stateful packet inspection” that extracts state-related information required for the

security decision from the packet and maintains this information for evaluating subsequent connection

attempts. It has awareness of application and creates dynamic sessions that allow dynamic connections so

Chapter 2. Getting to Know the RX3041H RX3041H User’s Manual

that no ports need to be opened other than the required ones. This provides a solution which is highly secure

and that offers scalability and extensibility.

2.4.1.4 Defense against DoS Attacks

The RX3041H Firewall has an Attack Defense Engine that protects internal networks from known types of

Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding,

IP smurfing, LAND, Ping of Death and all re-assembly attacks. It can drop ICMP redirects and IP loose/strict

source routing packets. For example, the RX3041H Firewall provides protection from “WinNuke”, a widely

used program to remotely crash unprotected Windows systems in the Internet. The RX3041H Firewall also

provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack,

Reassembly and SYN flooding.

The type of attack protections provided by the RX3041H are listed in Table 2.3.

Table 2.3. DoS Attacks

Type of Attack Name of Attacks

Re-assembly attacks Bonk, Boink, Teardrop (New Tear),

Overdrop, Opentear, Syndrop, Jolt

ICMP Attacks Ping of Death, Smurf, Twinge

Flooders ICMP Flooder, UDP Flooder, SYN

Flooder

Port Scans TCP XMAS Scan, TCP Null Scan

TCP SYN Scan, TCP Stealth Scan

TCP Attacks TCP sequence number prediction, TCP

out-of sequence attacks

Protection with PF Rules Echo-Chargen, Ascend Kill

Miscellaneous Attacks IP Spoofing, LAND, Targa, Tentacle

MIME Flood, Winnuke, FTP Bounce, IP

unaligned time stamp attack

2.4.1.5 Application Command Filtering

The RX3041H Firewall allows network administrators to block, monitor, and report on network users access to

non-business and objectionable content. This high-performance content access control results in increased

productivity, lower bandwidth usage and reduced legal liability.

The RX3041H Firewall has the ability to handle active content filtering on certain application protocols such as

HTTP, FTP, SMTP and RPC.

 HTTP – You can define HTTP extension based filtering schemes for blocking

 ActiveX

 Java Archive

 Java Applets

 Microsoft Archives

 URLs based on file extensions.

 FTP – allows you to define and enforce the file transfer policy for the site or group of users

 SMTP – allows you to filter operations such as VRFY, EXPN, etc. which reveal excess information

about the recipient.

 RPC – allows you to filter programs based on the assigned RPC program numbers.

Table of contents

Popular Network Router manuals by other brands

Linksys

Linksys HomeLink HPB200 user guide

Marine WatchMate

Marine WatchMate XG1000 user manual

Yifan

Yifan NR130 user manual

H3C

H3C S3100-52P Operation manual

HP HP ProCurve Series 6600 user guide

Cisco

Cisco CRS user manual

E-Lins

E-Lins H900 Series user manual

Cisco

Cisco HiPort user guide

Motorola

Motorola PTP 300 Series Deployment guide

Binatone

Binatone WR1500N3 Product specifications

NETGEAR

NETGEAR WGR614v9 - 54 Mbps Wireless Router Setup manual

Grandstream Networks

Grandstream Networks GWN7000 user manual

vpacket

vpacket 6100 Series Reference manual

Encore

Encore ENMGS-16+2 user guide

Browan

Browan BW1230 user guide

D-Link

D-Link DIR-457U Quick installation guide

NETGEAR

NETGEAR WNR2000v2 - Wireless- N 300 Router user manual

Billion

Billion BiPAC 7800(N) quick start guide

Asus RX3041H User manual

Popular Network Router manuals by other brands