Asus Router RX3042H User Manual
Have a look at the manual Asus Router RX3042H User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 379 Asus manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
ix
RX3042H User's Manual Introduction
Figure 10.8 Factory Reset Page ..................................................97
Figure 10.9 Factory Reset Confirmation ......................................
97
Figure 10.10 Factory Reset Count Down Timer ...........................
97
Figure 10.11 Backup System Configuration Page ........................
98
Figure 10.12 Restore System Configuration Page .......................
99
Figure 10.13 Selecting System Configuration from the File Manager
................................................................................. 100
Figure 10.14 System Configuration Restoration Confirmation ...
100
Figure 10.15 System Reboot Counter Timer ..............................
101
Figure 10.16 Firmware Upgrade Page .......................................101
Figure 10.17 Selecting Firmware from the File Manager ...........102
Figure 10.18 Firmware Upgrade Confirmation ...........................
102
Figure 10.19 Firmware Upgrade Progress .................................102
Figure 10.20 System Reboot Count Down Timer for Firmware
Upgrade .................................................................103
Figure 10.21 Restart System Page ............................................104
Figure 10.22 Configuration Manager Logout Page ....................
104
Figure 10.23 Confirmation for Closing Browser (IE) ...................
104
Figure 12.1 Using the ping Utility ................................................111
Figure 12.2 Using the nslookup Utility .........................................113
List of Tables
Table 2.1 DoS Attacks ....................................................................5
Table 2.2 Front Panel Label and LEDs ...........................................
7
Table 2.3 Rear Panel Labels and LEDs .........................................
8
Table 3.1 LED Indicators ..............................................................
13
Table 3.2 Default Settings Summary ............................................
21
Table 4.1 Description of Commonly Used Buttons and Icons ......
25
x
Introduction RX3042H User's Manual
Table 5.1 LAN Configuration Parameters .....................................28
Table 5.2 WAN PPPoE Configuration Parameters .......................
31
Table 5.3 WAN PPPoE Unnumbered Configuration Parameters .
34
Table 5.4 WAN Static IP Configuration Parameters .....................
37
Table 5.5 WAN PPTP Configuration Parameters .........................
39
Table 5.6 WAN Load Balancing and Line Back Up Configuration
Parameters ...................................................................42
Table 6.1 DHCP Configuration Parameters ..................................
47
Table 6.2 Fixed DHCP Lease Configuration Parameters .............
49
Table 7.1 Static Route Configuration Parameters ........................
54
Table 7.2 Static Route Configuration Parameters ........................
56
Table 8.1 DDNS Configuration Parameters ..................................
60
Table 9.1 Firewall Options Parameters ........................................
67
Table 9.2 DoS Attack Definition ....................................................
68
Table 9.3 ACL Rule Configuration Parameters .............................
71
Table 9.4 Service Configuration Parameters ................................
73
Table 9.5 Virtual Server Configuration Parameters ......................
81
Table 9.6 Port Numbers for Popular Applications .........................
82
Table 9.7 Special Application Configuration Parameters ..............
86
Table 9.8 Port Numbers for Popular Applications .........................
86
Table 10.1 SNMP Configuration Parameters ................................
94
Table 11.1 IP Address Structure .................................................
106
1
RX3042H User's Manual Introduction
Chapter 1 Introduction
Congratulations on becoming the owner of RX3042H. Your LAN
(local area network) will now be able to access the Internet using
your high-speed broadband connection such as those with ADSL or
cable modem.
This User's Manual will show you how to set up the RX3042H,
and how to customize its configuration to get the most out of this
product.
1.1 Features
• LAN: 4-port Fast Ethernet switch
• WAN: Dual 10/100Base-T Ethernet ports to provide Internet
acc
ess for all computers on your LAN
• Firewall, and NAT (Network Address Translation) functions to
provide secure Internet access for you
r LAN
• Automatic network address assignment through DHCP Server
Services including IP route, DNS and DDNS configuration
• Configuration program accessible via a web browser, such as
Microsoft Internet Explorer 6.0 or newer.
• User configuration dual-WAN or WAN plus DMZ support
• USB storage support (to be supported with firmware upgrade)
1.2 System Requirements
In order to use the RX3042H for Internet access, you must have the
following:
•
ADSL or cable modem and the corresponding service up and
running, with at least one public Internet address assigned to
your WAN
• One or more computers each containing an Ethernet 10Base-T
or 100Base-T or 1000Base-T network interface card (NIC)
•
(Optional) An Ethernet hub/switch, if you want to connect the
router to more than four computers on an Ethernet network.
2
Introduction RX3042H User's Manual
• For system configuration using the web-based GUI: a web
browser such as Internet Explorer 6.0 or newer.
1.3 Using this Document
1.3.1 Notational conventions
• Acronyms are defined the first time they appear in the text.
• For brevity, RX3042H is sometimes referred to as the “router”
or the ”gateway”.
• The terms LAN and network are used interchangeably to refer
to a group of Ethernet-connected computers at one site.
• Sequence of mouse actions is denoted by the “->” character.
For instance,
System -> Network Setup means click the
System menu and then click the Network Setup submenu.
1.3.2 Typographical conventions
• Boldface type text is used for items you select from menus
and drop-down lists, and text strings you type when prompted
by the program.
1.3.3 Special messages
This document uses the following icons to call your attention to
specific instructions or explanations.
Note: Provides clarification or non-essential
information on the current topic.
Definition: Explains terms or acronyms that may be unfamiliar to many readers. These terms are also included in the Glossary.
Warning: Provides messages of high importance,
including messages relating to personal safety or system integrity.
RX3042H User's Manual Getting to Know RX3042H 3 Chapter 2 Getting to Know RX3042H 2.1 Parts List In addition to this document, RX3042H should come with the following: • The system unit • AC adapter • Ethernet cable (“straight-through” type) 2.2 Hardware Features LAN • 4-port Fast Ethernet switch • Auto speed negotiation WAN • Dual 10/100M Ethernet ports • Auto MDI/MDIX 2.3 Software Features 2.3.1 NAT Features RX3042H provides NAT to share a single high-speed Internet connection and to save the cost of multiple connections required for the hosts on the LAN segments connected to it. This feature conceals network address and prevents them from becoming public. It maps unregistered IP address of hosts connected to the LAN with valid ones for Internet access. RX3042H also provides reverse NAT capability, which enables users to host various services such as e-mail servers, web servers, etc. The NAT rules drive the translation mechanism. The following types of NAT are supported by RX3042H.• NAPT (Network Address and Port Translation)– Also called IP Masqueradi ng or ENAT (Enhanced NAT). Maps many internal hosts to only one globally valid IP address. The mapping usually
Getting to Know RX3042H RX3042H User's Manual 4 contains a pool of network ports to be used for translation. Every packet is translated with the globally valid IP address; the port number is translated with a free pool from the pool of network ports. • Reverse NAPT – Also called inbound mapping, port mapping,or virtual server. Any packet coming to the router can be relayed to an internal host based on the protocol, port number and/or IP Address specified in the rule. This is useful when multiple services are hosted on different internal hosts. 2.3.2 Firewall Features The firewall as implemented in RX3042H provides the following features to protect your network from being attacked and to prevent your network from being used as the springboard for attacks. • Stateful Packet Inspection • Packet Filtering (ACL) • Defense against Denial of Service Attacks • Log 2.3.2.1 Stateful Packet Inspection The RX3042H Firewall uses “stateful packet inspection” that extracts state-related information required for the security decision from the packet and maintains this information for evaluating subsequent connection attempts. It has awareness of application and creates dynamic sessions that allow dynamic connections so that no ports need to be opened other than the required ones. This provides a solution which is highly secure and that offers scalability and extensibility. 2.3.2.2 Packet Filtering – ACL (Access Control List) ACL rule is one of the basic building blocks for network security. Firewall monitors each individual packet, decodes the header information of inbound and outbound traffic and then either blocks the packet from passing or allows it to pass based on the contents of the source address, destination address, source port, destination port, and protocol defined in the ACL rules.
RX3042H User's Manual Getting to Know RX3042H 5 ACL is a very appropriate measure for providing isolation of one subnet from another. It can be used as the first line of defense in the network to block inbound packets of specific types from ever reaching the protected network. The RX3042H Firewallʼs ACL methodology supports: • Filtering based on destination and source IP address, port number and protocol • Use of the wild card for composing filter rules • Filter Rule priorities 2.3.2.3 Defense against DoS Attacks The RX3042H Firewall has an Attack Defense Engine that protects internal networks from known types of Internet attacks. It provides automatic protection from Denial of Service (DoS) attacks such as SYN flooding, IP smurfing, LAND, Ping of Death and all re- assembly attacks. For example, the RX3042H Firewall provides protection from “WinNuke”, a widely used program to remotely crash unprotected Windows systems in the Internet. The RX3042H Firewall also provides protection from a variety of common Internet attacks such as IP Spoofing, Ping of Death, Land Attack, and Reassembly attacks. The type of attack protections provided by the RX3042H is listed in Table 2.1. Table 2.1. DoS Attacks Type of Attack Name of Attacks Re-assembly Attacks Bonk, Boink, Teardrop ( New Tear), Overdrop, Opntear, Syndrop, Jolt, IP fragmentation overlap. ICMP Attacks Ping of Death, Smurf, Twinge FloodersLogging only for ICMP Flooder, UDP Flooder, SYN Flooder Port ScansLogging only for TCP SYN Scan, A t t a c k i n g p a c k e t s d r o p p e d : T C P XMAS Scan, TCP Null Scan, TCP Stealth Scan Protection with PF RulesEcho-Chargen, Ascend Kill Miscellaneous Attacks IP Spoofing, LAND, Targa, Winnuke
Getting to Know RX3042H RX3042H User's Manual 6 2.3.2.4 Application Level Gateway (ALG) Applications such as FTP open connections dynamically based on the respective application parameter. To go through the firewall on the RX3042H, packets pertaining to an application, require a corresponding allow rule. In the absence of such rules, the packets will be dropped by the RX3042H Firewall. As it is not feasible to create policies for numerous applications dynamically (at the same time without compromising security), intelligence in the form of Application Level Gateways (ALG), is built to parse packets for applications and open dynamic associations. The RX3042H NAT provides a number of ALGs for popular applications such as FTP, and Netmeeting. 2.3.2.5 Log Events in the network, that could be attempts to affect its security, are recorded in the RX3042H system log file. The log maintains a minimum log details such as, time of packet arrival, description of action taken by Firewall and reason for action.
RX3042H User's Manual Getting to Know RX3042H 7 Table 2.2 Front Panel Label and LEDs LED LabelColorStatusIndication 1PowerGreenONRX3042H is powered on. OFFRX3042H is powered off. 2StatusGreen 3 USB Identifies the USB port. 1-2GreenOFFUSB device is not detected. ONUSB device is detected. 4WAN Identifies the WAN port.1-2 OFFNo link is detected. GreenON100Mbps link is detected. Blinking100Mbps activity is detected. AmberON10Mbps link is detected. Blinking10Mbps activity is detected. 5 LAN Identifies the LAN port. 1-4 OFFNo link is detected. GreenON100Mbps link is detected. Blinking100Mbps activity is detected. AmberON10Mbps link is detected. Blinking10Mbps activity is detected. 2.4 Finding Your Way Around 2.4.1 Front Panel The front panel contains LED indicators that show the status of the unit. Figure 2.1 Front Panel Label and LEDs 12345
Getting to Know RX3042H RX3042H User's Manual 8 Table 2.3 Rear Panel Labels and LEDs LabelIndication 61--4 LAN Ports: connect to your PC's Ethernet port, or to the uplink port on your LAN's hub/switch, using the Ethernet cable. 7Dual WAN or WAN + DMZ WAN ports:Connect to your WAN device, such as ADSL or cable modem. 8USBUSB Ports: connect to USB 1.1 OR 2.0 devices 9Console 10RESET Reset Button: 1. Reboot the device 2. Reset the system configuration to factory defaults if pressed for more than 5 seconds. 11 POWER Power Input Jack: Connect to the supplied AC adapter. 2.4.2 Rear Panel The rear panel contains the ports for the unitʼs data and power connections. Figure 2.2 Rear Panel Labels and Connectors 67891011