24x8 cable modem plus ac1900 wifi router plus 2 xfinity phone lines (84 pages)
Summary of Contents for Motorola Netopia 3397GP
Page 1
Administrator’s Handbook ® Motorola Netopia Embedded Software Version 7.8.2 Motorola Netopia ® 2200, 3300 and 7000 Series Routers Residential models January 2009...
Page 2
(such as translation, transformation or adaptation) without written permission from Motorola, Inc. Motorola reserves the right to revise this publication and to make changes in content from time to time without obligation on the part of Motorola to provide notification of such revision or change. Motorola provides this guide without warranty of any kind, either implied or expressed, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
Table of Contents Setting up Your Motorola Netopia CHAPTER 1 What’s New in 7.8.2 Important Safety Instructions POWER SUPPLY INSTALLATION......9 TELECOMMUNICATION INSTALLATION .
Page 4
Administrator’s Handbook Expert Mode ..........59 CHAPTER 3 Home Page - Expert Mode Home Page Information .
Page 5
Command Line Interface CHAPTER 5 Overview Starting and Ending a CLI Session Logging In..........131 Ending a CLI Session.
Page 6
Administrator’s Handbook Technical Specifications and Safety Information CHAPTER 6 Description ........245 Power requirements .
Most users will find that the basic Quickstart configuration is all that they ever need to use. This sec- tion may be all that you ever need to configure and use your Motorola Netopia instructions cover installation in Router Mode .
Administrator’s Handbook What’s New in 7.8.2 ❑ WFA WMM Automatic Unscheduled Power Save support. No user configuration required. ❑ Wireless MAC Filter for each SSID. See MAC Address Authorization Settings” on page ❑ Wireless Scheduler. See “Enable Wireless Scheduler” on page 32 ported models)”...
Important Safety Instructions POWER SUPPLY INSTALLATION Connect the power supply cord to the power jack on the Motorola Netopia supply into an appropriate electrical outlet. ☛ CAUTION: Depending on the power supply provided with the product, either the direct plug-in power supply blades, power supply cord plug or the appliance coupler serves as the mains power disconnect.
Administrator’s Handbook Wichtige Sicherheitshinweise NETZTEIL INSTALLIEREN Verbinden Sie das Kabel vom Netzteil mit dem Power-Anschluss an dem Motorola Netopia Stecken Sie dann das Netzteil in eine Netzsteckdose. ☛ Achtung: Abhängig von dem mit dem Produkt gelieferten Netzteil, entweder die direkten Stecker- netzgeräte, Stecker vom Netzkabel oder der Gerätekoppler dienen als Hauptspannung-...
Set up your Gateway ® Refer to your User Manual for instructions on how to connect your Motorola Netopia Gateway to your power source, PC or local area network, and your Internet access point, whether it is a dedicated DSL ®...
-> -> Network Network and -> -> Local Area Properties TCP/IP -> ) -> Internet Pro- -> Properties Control Panel menu -> -> Network Connections -> -> Proper- -> -> Internet Protocol [TCP/IP] “Motorola Netopia® Gateway Quickstart” on page...
Page 13
c. Windows Vista is set to obtain an IP address automatically by default. You may not need to configure it at all. To check, open the Networking Control Panel and select Internet Protocol Version 4 (TCP/IPv4). Click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties window should appear as shown.
Page 14
Network Then go to Step 2. Select Built-in Ethernet Select Configure Using DHCP Close and Save, if prompted. Proceed to the next section Menu -> Control Pan- TCP/IP Control Panel Menu -> -> “Motorola Netopia® Gateway Quickstart” on page...
Portugués do Brasil Select your language from the pull-down menu and click Next. The browser displays the Welcome page. For security, you must create and enter an Administrative password for accessing the Motorola Neto- ® Gateway. • The administrative User name is admin.
Page 16
This user name and password are separate from the user name and password you will use to access the Internet. You may change them later. You will be challenged for this Admin username and password any time that you attempt to access the Motorola Netopia pages.
Page 17
URL in your browser’s location box or by selecting one of your favorite Internet bookmarks. Optional services that you may have contracted with your provider are also available. If you have any questions or encounter problems with your Motorola Netopia Troubleshooting” on page 115, the context-sensitive help in your Gateway’s web pages, or contact your...
CHAPTER 2 Basic Mode Features Using the Web-based user interface for the Motorola Netopia shoot, and monitor the status of your Gateway. ❑ “The Home Page” on page 20 ❑ “Links Bar” on page 22 ❑ “Firewall” on page 23 ❑...
Administrator’s Handbook The Home Page Home Page for a PPPoE Connection Home Page Information The Home page displays information about the following categories: ❑ Connection Information ❑ (supported VoIP models only) Telephone Information ❑ Router Information ❑ Local Network Language Selection Buttons Language Selection Buttons are located at the top of every page.
Page 21
More Buttons ❑ Restart Connection – For a PPPoE connection, clicking this button will resend your current PPPoE login credentials and reestablish your Internet connection. For a DHCP connection, clicking this button will release and renew the DHCP lease from your service provider’s DHCP server, which assigns your local IP address.
Administrator’s Handbook Links Bar The links in the left-hand column of the Home page access a series of pages to allow you to monitor, diagnose, and update your Gateway. The following sections give brief descriptions of these pages. ❑“The Home Page” on page 20 ❑“Firewall”...
Firewall Firewall When you click the link, the Firewall selection page appears. In addition to the recommended Medium setting, for special circumstances, High and Low levels of firewall protection are available. You can also turn all firewall protection Off. Consider your security needs carefully before making any changes here. If you select a different level of firewall protection, click the Firewall Background The following table gives some tips for Firewall settings:...
Page 24
IP standard), hackers can identify an existing device and gain a potential opening for access to an internet-connected device. To protect LAN users and their network from these types of attacks, the Motorola Netopia offers three levels of increasing protection.
Page 25
This table shows how outbound traffic is treated. Outbound means the traffic is coming from the LAN- side computers into the LAN side of the Gateway. Gateway: LAN Side Firewall Setting >> Port Session Type ftp data ftp control telnet external telnet Netopia server http external http Netopia server...
Administrator’s Handbook Wireless Protected Setup Wireless Protected Setup When you click the Setup configuration page appears. Wireless Protected Setup (WPS) is a not a new security protocol. It is simply an easier way to use existing protocols to provide greater security for your wireless network connections. By default, Privacy is set to Wireless Protected Access (WPA-PSK).
Page 27
❑ or by using the Gateway’s WPS Push-button. Start Make sure your wireless clients are running. Click the button to begin the exchange, which may last up to two minutes. Do not power off your Router during the exchange. The Router will display a success message when the exchange has completed.
Administrator’s Handbook Wireless (supported models) Wireless , the 3-D Reach Wireless configuration page appears. When you click Enable Wireless The wireless function is automatically enabled by default. If you uncheck the Enable Wireless check- box, the Wireless Options are disabled, and the Gateway will not provide or broadcast its wireless LAN services.
Enable Wireless Scheduler If you check the Enable Wireless Scheduler checkbox, the screen expands to allow you to set times of day when the wireless radio will turn off and on. This makes it possible to control your wireless LAN’s hours of operation automatically.
Administrator’s Handbook Advanced Configuration Options (optional) Advanced Configuration Options When you click the screen appears. This screen varies its options depending on which form of wireless Privacy you have selected. Operating Mode The pull-down menu allows you to select and lock the Gateway into the wireless transmission mode you want.
Page 31
❑ At Startup – the default setting – causes the Motorola Netopia® Gateway at startup to briefly initial- ize on the default channel, then perform a full two- to three-second scan, and switch to the best channel it can find, remaining on that channel until the next reboot.
Page 32
Administrator’s Handbook Wireless client cards from different manufacturers and different operating systems accomplish con- necting to a wireless LAN and enabling WEP or WPA in a variety of ways. Consult the documentation for your particular wireless card and/or operating system. Block Wireless Bridging Check the checkbox to block wireless clients from communicating with other wireless clients on the LAN side of the Gateway.
Page 33
Privacy ❑ WEP - Automatic: provides an easy way to generate WEP (Wired Equivalent Privacy) keys for encryption of your wireless network traffic. See ❑ WEP - Manual: WEP Security is a Privacy option that is based on encryption between the Router and any PCs (“clients”) you have with wireless cards.
Administrator’s Handbook RADIUS Server authentication RADIUS servers allow external authentication of users by means of a remote authentication database. The remote authentication database is maintained by a Remote Authentication Dial-In User Service (RADIUS) server. In conjunction with Wireless User Authentication, you can use a RADIUS server data- base to authenticate users seeking access to the wireless services, as well as the authorized user list maintained locally within the Gateway.
Page 35
WPA-PSK One of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-down menu. The screen expands to allow you to enter a Pre Shared Key. The key can be between 8 and 63 charac- ters, but for best security it should be at least 20 characters.
Page 36
Administrator’s Handbook WEP-Manual Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Manual from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of net- work data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your cli- ent wireless card) for IP traffic on your LAN.
Page 37
Examples: ❑ 40bit: 02468ACE02 ❑ 128bit: 0123456789ABCDEF0123456789 ❑ 256bit: 592CA140F0A238B0C61AE162F592CA140F0A238B0C61AE162F21A09C Use WEP encryption key (1 – 4) #: Specifies which key the Gateway will use to encrypt transmitted traffic. The default is key #1. Save Changes Click the click button. Any WEP-enabled client must have an identical key of the same length as the Router, in order to suc- cessfully receive and decrypt the traffic.
Page 38
Administrator’s Handbook WEP-Automatic Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Automatic from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of net- work data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your cli- ent wireless card) for IP traffic on your LAN.
Page 39
Enable Multiple Wireless IDs This feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. To enable Multiple Wireless IDs, click the button. The Enable Multiple Wireless IDs screen appears to allow you to add up to three additional Wireless IDs.
Page 40
Administrator’s Handbook ❑ You also have the choice of applying WPA Version 1 and 2, WPA Version 1 Only, or WPA Version 2 Only from the pull-down menu. These can be applied to each SSID individually. ❑ If you choose WPA-802.1x privacy, the Configure RADIUS Server option appears, to allow you to specify your RADIUS server information.
Page 41
You do this in the same manner as you do to authorize MAC addresses for the primary SSID. See “Wireless MAC Authorization (optional)” on page Save Changes Click the button. The Gateway will prompt you to restart it. Click the button, and the Gateway will restart with your new settings.
Administrator’s Handbook WiFi Multimedia WiFi Multimedia is an advanced feature that allows you to prioritize various types of data travelling over the wireless network. Certain types of data that are sensitive to delays, such as voice or video, must be prioritized ahead of other, less delay-sensitive types, such as email.
Page 43
The screen expands. Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. ☛ NOTE: It is not recommended that you modify these settings without direct knowledge or instruc- tions to do so.
Administrator’s Handbook Wireless MAC Authorization (optional) MAC Authorization allows you to specify which client PCs are allowed to join the wireless LAN by unique Limit Wireless Access by MAC hardware (MAC) address. To enable this feature, click the Address button. The MAC Authorization screen appears. Enabled Select from the pull-down menu.
Page 45
Submit Click the button. Save Changes When you are finished adding MAC addresses click the button. You will be returned to the 802.11 Wireless page. You can Add, Edit, or Delete any of your entries later by returning to this page.
Administrator’s Handbook Gaming Gaming When you click , the NAT (Games and Other Services) page appears. NAT (Games and Other Services) allows you to host internet applications when NAT is enabled. You can host different games and software on different PCs. From the Service Name pull-down menu, you can select any of a large number of predefined games and software.
Page 47
List of Supported Games and Software Act of War - Direct Action Age of Empires: The Rise of Rome, v.1.0 AIM Talk Asheron's Call Battlefield 1942 BitTornado Blazing Angels Online Buddy Phone CART Precision Racing, v 1.0 Close Combat III: The Russian Front, v 1.0 Combat Flight Sim: WWII Europe Series, v 1.0...
Page 48
Administrator’s Handbook Microsoft Golf 2001 Edition mIRC Chat Monster Truck Madness, v 1.0 MSN Game Zone Need for Speed 3, Hot Pursuit NNTP pcAnywhere (incoming) PPTP Quake 4 Return to Castle Wolfenstein ShoutCast Server Soldier of Fortune Starfleet Command Telnet Timbuktu Unreal Tournament Server Warlords Battlecry...
Page 49
Define Custom Service To configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. ❑ Port Forwarding forwards a range of WAN ports to an IP address on the LAN. ❑ Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers”...
Page 50
Administrator’s Handbook Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Enter the following information: ❑ Service Name: A unique identifier for the Custom Service. ❑ Global Port Range: Range of ports on which incoming traffic will be received. ❑...
Expert Mode Expert Mode allows you to configure a wide variety of specific Gateway and networking settings. Expert Mode is for advanced users and system administrators, and most users will not need to modify these Expert Mode settings. If you need to enter Expert Mode, and click the link, you will be challenged to confirm your choice.
Administrator’s Handbook Troubleshoot Troubleshoot When you click the offer two troubleshooting sub-headings: ❑“Diagnostics” on page 53 ❑“Statistics” on page 54 link, the Links Bar expands to...
Diagnostics This automated multi-layer test examines the functionality of the Gateway from the physical connec- tions to the data traffic being sent by users through the Gateway. You enter a web address URL or an IP address in the Web Address field and click the Results will be displayed in the Progress Window as they are generated.
Administrator’s Handbook Statistics Statistics When you click in the left hand column of links, the links bar expands to display six statisti- cal sub-headings: ❑“DSL” on page 54 ❑“ATM” on page 55 ❑“Ethernet” on page 55 ❑“IP” on page 55 ❑“LAN”...
When you click , the ATM Statistics page appears. The ATM Statistics page: ❑ displays your Gateway's unique hardware (MAC) address. ❑ displays detailed statistics about your WAN data traffic, upstream and downstream. This information is useful for troubleshooting and when seeking technical support. Ethernet Ethernet When you click...
The file can be opened with your favorite text editor. ☛ Note: Some browsers, such as Internet Explorer for Windows XP, require that you specify the Motorola Netopia is necessary to allow the “download” of the log text file to the PC. Clear All Logs Save to File ®...
Help Help Click the link in the left-hand column of links to display a page of explanatory information. Help is available for every page in the Web interface. Here is an example:...
CHAPTER 3 Expert Mode Using the Expert Mode Web-based user interface for the Motorola Netopia troubleshoot, and monitor the status of your Gateway. This section covers the following topics: ❑ “Home Page - Expert Mode” on page 60 ❑ “Help” on page 62 ❑...
Administrator’s Handbook Home Page - Expert Mode ® The Home Page is the summary page for your Motorola Netopia Gateway. The toolbar on the left side provides links to controlling, configuring, and monitoring pages. Critical configuration and operational status is displayed in the center section.
Page 61
Supported languages in the Americas are Latin American Spanish, Brazilian Portuguese, and English. More Buttons ❑ Restart Connection – For a PPPoE connection, clicking this button will resend your current PPPoE login credentials and reestablish your Internet connection. For a DHCP connection, clicking this button will release and renew the DHCP lease from your service provider’s DHCP server, which assigns your local IP address.
Administrator’s Handbook Help Click the Help information. Help is available for every page in the Web interface. Here is an example: link in the left-hand column of links to display a page of explanatory...
Links Bar The Links Bar is the frame at the left-hand side of the page containing the major navigation links. These links are available from almost every page, allowing you to move freely about the site. The headings in the following table are hyperlinks. You can click on any heading to read about that feature.
Connection When you click Connection, the Connection Configuration page appears. This screen’s appearance will vary depending on your type of connection to the Internet. Here is an example. Here you can set up or change the way you connect to your ISP. You should only change these settings at your ISP's direction, or by agreement with your ISP.
Page 66
Gateway automatically in the “My Network Places” folder. Double-clicking this icon opens the Gateway’s web UI. PCs using UPnP can retrieve the Gateway’s WAN IP address, and automatically create NAT port maps. This means that applications that support UPnP, and are used with a UPnP-enabled Motorola ® Netopia Gateway, will not need application layer gateway support on the Motorola Netopia way to work through NAT.
LAN/WAN (supported models) The LAN/WAN Turnaround feature allows Ethernet port 4 to be used as the WAN interface. ❑ When you click the Enable button, the DSL interface is disabled. ❑ When you click the Disable button, the Ethernet port 4 and the DSL interface function normally.
Administrator’s Handbook DHCP Server When you click DHCP Server, the DHCP Server Configuration page appears. The Server configuration determines the functionality of your DHCP Settings. This functionality enables the Gateway to assign your LAN computer(s) a “private” IP address and other parameters that allow network communication.
Page 69
The IP Subnets screen allows you to configure up to seven secondary subnets and their DHCP ranges, by entering IP address/subnet mask pairs: ☛ Note: You need not use this screen if you have only a single Ethernet IP subnet. This screen displays seven rows of editable columns.
Administrator’s Handbook IP Passthrough When you click Passthrough, the IP Passthrough Configuration page appears. The IP passthrough feature allows a single PC on the LAN to have the Gateway’s public address assigned to it. It also provides PAT (NAPT) via the same public IP address for all other hosts on the pri- vate LAN subnet.
When you click NAT, the NAT (Games and Other Services) page appears. NAT Configuration allows you to host internet applications when NAT is enabled. You can host different games and software on different PCs. From the Service Name pull-down menu, you can select any of a large number of predefined games and software.
Page 72
Administrator’s Handbook List of Supported Games and Software Act of War - Direct Action Age of Empires: The Rise of Rome, v.1.0 AIM Talk Asheron's Call Battlefield 1942 BitTornado Blazing Angels Online Buddy Phone CART Precision Racing, v 1.0 Close Combat III: The Russian Front, v 1.0 Combat Flight Sim: WWII Europe Series, v 1.0...
Page 73
Microsoft Golf 2001 Edition Midtown Madness, v 1.0 mIRC Chat mIRC DCC - IRC DCC Monster Truck Madness, v 1.0 Motocross Madness 2, v 2.0 MSN Game Zone MSN Game Zone DX Need for Speed 3, Hot Pursuit Need for Speed, Porsche NNTP Operation FlashPoint pcAnywhere (incoming)
Page 74
Administrator’s Handbook Define Custom Service To configure a Custom Service, choose whether to use Port Forwarding or Trigger Ports. ❑ Port Forwarding forwards a range of WAN ports to an IP address on the LAN. ❑ Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers”...
Page 75
Trigger Ports forwards a range of ports to an IP address on the LAN only after specific outbound traffic “triggers” the feature. Enter the following information: ❑ Service Name: A unique identifier for the Custom Service. ❑ Global Port Range: Range of ports on which incoming traffic will be received. ❑...
Administrator’s Handbook Router Password When you click Router Password, the Gateway Password page appears. Here you can change the administrative password that you use when logging onto the Gateway as admin. Passwords are case sensitive fields, and must be 1 to 32 characters long. Store your password in a safe place.
Time Zone Time Zone link, the Time Zone page appears. When you click the You can set your local time zone by selecting the number of hours your time zone is distant from Green- wich Mean Time (GMT +12 – -12) from the pull-down menu. This allows you to set the time zone for gen- eral time stamp purposes.
- LAN-side VLAN with IP interface-to-VLAN binding - Inter-VLAN routing groups to extend VLAN segmentation up through the IP routing layer. ❑ Bridged VLANs - these VLANs are used to bridge traffic from LAN to WAN ❑ Prioritization per VLAN and per port Ethernet Switching/Policy Setup Before you configure any VLANs, the unconfigured Gateway is set up as a router composed of a LAN switch, a WAN switch, and a router in the middle, with LAN and WAN IP interfaces connected to their...
Page 80
Administrator’s Handbook An example of multiple VLANs, using a Netopia Router with VGx managed switch technology, is shown below: To configure VLANs check the Enable checkbox. Edit To create a VLAN select a list item from the main VLAN page and click the button.
Page 81
You can create up to 8 VLANs, and you can also restrict any VLAN, and the computers on it, from admin- istering the Gateway. ❑ VLAN Name – A descriptive name for the VLAN. ❑ Type – LAN or WAN Port(s) can be enabled on the VLAN. You can choose a type designation as fol- lows: By-Port: indicating that the VLAN is port-based.
Page 82
Displayed port interfaces vary depending on the kinds of physical ports on your Gateway, for exam- ple, Ethernet. ® For Motorola Netopia VGx technology models, separate Ethernet switch ports are displayed and may be configured. To enable any of them on this VLAN, check the associated Enable checkbox(es).
Page 83
❑ Click the Submit button. ❑ If you want to create more VLANs, click the Configure link (in the left-hand toolbar) and then the VLAN link, and repeat the process. You can Edit, Clear, Enable, or Disable your VLAN entries by returning to the VLANs page, and select- ing the appropriate entry from the displayed list.
Page 84
Administrator’s Handbook To view the settings for each VLAN, select the desired VLAN from the list and click the Details button. The screen expands to display the VLAN settings.
Session Initiation Protocol (SIP), to transmit sound over a network or the Internet in the ® form of data packets. Certain Motorola Netopia Gateway models have two separate voice ports for connecting telephone handsets. These models support VoIP. If your Gateway is a VoIP model, you can configure the VoIP features.
Page 86
Administrator’s Handbook Registration Interval (in secs) Registrar Server Registrar Port Proxy Server Proxy Port Outbound Proxy Server Outbound Proxy Port User Display Name SIP User Name SIP User Password Auth User ID SIP Line Entry Length of time the VoIP registration will be valid before it will be renewed.
Page 87
Digit Map DTMF Mode Enable Call Forwarding Unconditionally Enable Call Forwarding On Busy Enable Call Forwarding On No Answer Enable Call Waiting Enable Conferencing Enable Do Not Disturb Subscribe for MWI Enable Call Transfer When you are finished entering the required information, click the To configure the second voice port, return to the VoIP SIP Lines screen.
Page 88
Administrator’s Handbook The Home page for a VoIP-enabled Gateway with both phone lines registered is shown below.
Wireless (supported models) Wireless , the 3-D Reach Wireless configuration page appears. When you click Enable Wireless The wireless function is automatically enabled by default. If you uncheck the Enable Wireless check- box, the Wireless Options are disabled, and the Gateway will not provide or broadcast its wireless LAN services.
Administrator’s Handbook Enable Wireless Scheduler If you check the Enable Wireless Scheduler checkbox, the screen expands to allow you to set times of day when the wireless radio will turn off and on. This makes it possible to control your wireless LAN’s hours of operation automatically.
Advanced Configuration Options (optional) Advanced Configuration Options When you click the screen appears. This screen varies its options depending on which form of wireless Privacy you have selected. Operating Mode The pull-down menu allows you to select and lock the Gateway into the wireless transmission mode you want.
Page 92
Motorola Netopia Router. In addition, if you have enabled WEP or WPA encryption on the Motorola Netopia clients must also have WEP or WPA encryption enabled, and must have the same WEP or WPA encryp- tion key as the Motorola Netopia ®...
Page 93
Wireless client cards from different manufacturers and different operating systems accomplish con- necting to a wireless LAN and enabling WEP or WPA in a variety of ways. Consult the documentation for your particular wireless card and/or operating system. Block Wireless Bridging Check the checkbox to block wireless clients from communicating with other wireless clients on the LAN side of the Gateway.
Page 94
Administrator’s Handbook RADIUS Server authentication RADIUS servers allow external authentication of users by means of a remote authentication database. The remote authentication database is maintained by a Remote Authentication Dial-In User Service (RADIUS) server. In conjunction with Wireless User Authentication, you can use a RADIUS server data- base to authenticate users seeking access to the wireless services, as well as the authorized user list maintained locally within the Gateway.
Page 95
WPA-PSK One of the easiest ways to enable Privacy on your Wireless network is by selecting WPA-PSK (Wi-Fi Protected Access) from the pull-down menu. The screen expands to allow you to enter a Pre Shared Key. The key can be between 8 and 63 charac- ters, but for best security it should be at least 20 characters.
Page 96
Administrator’s Handbook WEP-Manual Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Manual from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of net- work data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your cli- ent wireless card) for IP traffic on your LAN.
Page 97
Examples: ❑ 40bit: 02468ACE02 ❑ 128bit: 0123456789ABCDEF0123456789 ❑ 256bit: 592CA140F0A238B0C61AE162F592CA140F0A238B0C61AE162F21A09C Use WEP encryption key (1 – 4) #: Specifies which key the Gateway will use to encrypt transmitted traffic. The default is key #1. Save Changes Click the click button. Any WEP-enabled client must have an identical key of the same length as the Router, in order to suc- cessfully receive and decrypt the traffic.
Page 98
Administrator’s Handbook WEP-Automatic Alternatively, you can enable WEP (Wired Equivalent Privacy) encryption by selecting WEP-Automatic from the Privacy pull-down menu. You can provide a level of data security by enabling WEP (Wired Equivalent Privacy) for encryption of net- work data. You can enable 40-, 128-, or 256-bit WEP Encryption (depending on the capability of your cli- ent wireless card) for IP traffic on your LAN.
Page 99
Enable Multiple Wireless IDs This feature allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network. To enable Multiple Wireless IDs, click the button. The Enable Multiple Wireless IDs screen appears to allow you to add up to three additional Wireless IDs.
Page 100
Administrator’s Handbook ❑ You also have the choice of applying WPA Version 1 and 2, WPA Version 1 Only, or WPA Version 2 Only from the pull-down menu. These can be applied to each SSID individually. ❑ If you choose WPA-802.1x privacy, the Configure RADIUS Server option appears, to allow you to specify your RADIUS server information.
Page 101
You do this in the same manner as you do to authorize MAC addresses for the primary SSID. See “Wireless MAC Authorization (optional)” on page Save Changes Click the button. The Gateway will prompt you to restart it. Click the button, and the Gateway will restart with your new settings.
Administrator’s Handbook WiFi Multimedia WiFi Multimedia is an advanced feature that allows you to prioritize various types of data travelling over the wireless network. Certain types of data that are sensitive to delays, such as voice or video, must be prioritized ahead of other, less delay-sensitive types, such as email.
Page 103
The screen expands. Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. ☛ NOTE: It is not recommended that you modify these settings without direct knowledge or instruc- tions to do so.
Administrator’s Handbook Wireless MAC Authorization (optional) MAC Authorization allows you to specify which client PCs are allowed to join the wireless LAN by unique Limit Wireless Access by MAC hardware (MAC) address. To enable this feature, click the Address button. The MAC Authorization screen appears. Enabled Select from the pull-down menu.
Page 105
Submit Click the button. Save Changes When you are finished adding MAC addresses click the button. You will be returned to the 802.11 Wireless page. You can Add, Edit, or Delete any of your entries later by returning to this page.
Administrator’s Handbook Statistics When you click expands. ☛ Note: Available Statistics links vary by platform. When you click DSL, the DSL Statistics page appears. The DSL Statistics page displays information about the Gateway's WAN connection to the Internet. ❑ Line State: May be Up (connected) or Down (disconnected). ❑...
The ATM Statistics page: ❑ displays your Gateway's unique hardware (MAC) address. ❑ displays detailed statistics about your WAN data traffic, upstream and downstream. This information is useful for troubleshooting and when seeking technical support. Ethernet When you click Ethernet, the Ethernet Statistics page appears. The Ethernet Statistics page: ❑...
☛ Note: Some browsers, such as Internet Explorer for Windows XP, require that you specify the Motorola Netopia is necessary to allow the “download” of the log text file to the PC. Clear All Logs button. Save to File ®...
Diagnostics When you click Diagnostics, the Diagnostics page appears. This automated multi-layer test examines the functionality of the Gateway from the physical connec- tions to the data traffic being sent by users through the Gateway. You enter a web address URL in the Web Address field and click the played in the Progress Window as they are generated.
This link allows you to authorize a remotely-located person, such as a support technician, to directly access your Motorola Netopia expert help. You can limit the amount of time such a person will have access to your Gateway. This will prevent unauthorized individuals from gaining access after the time limit has expired.
Update Router When you click Update Router, the Software Upgrade page appears. Operating System Software is what makes your Gateway run and occasionally it needs to be updated. Your Current Software Version is displayed at the top of the page. If you want to check for an updated version without installing it, click the link.
Administrator’s Handbook Reset Router You might need to reset your Gateway to its factory default state, and clear all of your previous settings. Reset Router link allows you to do that. When you click the link, you will be challenged to confirm that this is what you want to do.
Restart Router When the Gateway is restarted, it will disconnect all users, initialize all its interfaces, and copy the Operating System Software and feature keys from its internal storage. When you make configuration changes, you must restart for the changes to take effect.
CHAPTER 4 Basic Troubleshooting This section gives some simple suggestions for troubleshooting problems with your Gateway’s initial configuration. Before troubleshooting, make sure you have ❑ read the User Manual; ❑ plugged in all the necessary cables; and ❑ set your PC’s TCP/IP controls to obtain an IP address automatically.
The first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined in the following section. The first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined below. Motorola Netopia® Router 2210 status indicator lights Power Ethernet Internet...
Page 117
Motorola Netopia® Router 2240N/2241N status indicator lights Power Ethernet Green when power is on. Power when new embedded software is being installed. Solid green Ethernet LAN. Solid green LAN. (Model 2241N only) Solid green when training. Solid green Internet activity on the WAN port. If the physical link comes up, but PPP or DHCP fail, the LED turns red.
Page 118
Administrator’s Handbook Motorola Netopia® Router 2246N status indicator lights Power Power Ethernet 1, 2, 3, 4 Internet Ethernet 1, 2, 3, 4 Action Green when power is on. if device malfunctions. Flashes when new embedded software is being installed. Solid green when connected.
Page 119
Motorola Netopia® Router 2247NWG status indicator lights Power Ethernet 1, 2, 3, 4 Green when power is on. Power when new embedded software is being installed. Solid green Ethernet 1, 2, 3, 4 LAN. Flashes green Wireless fails to initialize, or if wireless is disabled.
Page 120
Administrator’s Handbook Motorola Netopia® Router 2247-42 VoIP model status indicator lights Power Ethernet 1, 2, 3, 4 Wireless Power Ethernet 1, 2, 3, 4 Wireless Internet Phone 1, Phone 2 Line Phone 1, Phone 2 Action Green when power is on.
Page 121
Motorola Netopia® Router 3347-02 status indicator lights Green Power software, or for system failure. Solid Solid Internet when transmitting or receiving data on the WAN port. Solid Ethernet 1, 2, 3, 4 activity on the LAN. Flashes Wireless LAN. Internet...
Page 122
Administrator’s Handbook Motorola Netopia® Router 7000-series status indicator lights Power (DSL 1 & 2: ADSL2+ models only) Ethernet 1, 2, 3, 4 Wireless Wireless Ethernet 1, 2, 3, 4 Action Green when power is on. if device malfunctions. Flashes when new embedded software is being installed.
Page 123
Motorola Netopia® Router 7346/56-series status indicator lights Green when power is on. Power when new embedded software is being installed. Solid green Ethernet 1, 2, 3, 4 LAN. Solid green when training. Flashes Power Ethernet 1, 2, 3, 4 Action if device malfunctions.
Administrator’s Handbook LED Function Summary Matrix Unlit No power Power No signal USB Active No signal DSL Sync No signal DSL Traffic No signal Ethernet Traffic No signal Ethernet Link No signal Internet Wireless is Wireless disabled. If a status indicator light does not look correct, look for these possible problems: State Make sure the power switch is in the ON position.
Page 125
Make sure you have Ethernet drivers installed on the PC. Make sure the PC’s TCP/IP Properties for the Ethernet Network Control Panel is set to obtain an IP address via DHCP. Make sure the PC has obtained an address in the 192.168.1.x range. (You may have EN Traffic Unlit changed the subnet addressing.)
Keep in mind that all of your settings will need to be reconfigured. If you don't have a password, the only way to access the Motorola Netopia® Router is the following: Referring to the following diagram, find the round Reset Switch opening.
The Motorola Netopia® Gateway operating software includes a command line interface (CLI) that lets you access your Motorola Netopia® Gateway over a telnet connection. You can use the command line interface to enter and update the unit’s configuration settings, monitor its performance, and restart it.
Page 128
Administrator’s Handbook “Remote ATA Configuration Commands” on page 148 “DSL Commands” on page 150 “Bridging Settings” on page 151 “DHCP Settings” on page 153 “DMT Settings” on page 159 “Domain Name System Settings” on page 160 “IGMP Settings” on page 162 “IP Settings”...
Overview The CLI has two major command modes: SHELL and CONFIG. Summary tables that list the com- mands are provided below. Details of the entire command set follow in this section. Command atmping clear clear_certificate clear_log configure diagnose download etheroam exit help install...
Page 130
Administrator’s Handbook Command Verbs delete help save script validate view Keywords backup bridge dhcp diffserv dslf-cpewan dslf-lanmgnt dynamic-dns ethernet ethernet-MAC-override igmp ip-maps nat-default pinhole wan-over-ether preferences queue radius security servers snmp system upnp vdsl vlan quit exit CONFIG Commands Status and/or Description Delete configuration list data Help command option Save configuration data...
NCSA Telnet. telnet <ip_address> You must know the IP address of the Motorola Netopia® Gateway before you can make a telnet connec- tion to it. By default, your Motorola Netopia® Gateway uses 192.168.1.254 as the IP address for its LAN interface.
SHELL Prompt When you are in SHELL mode, the CLI prompt is the name of the Motorola Netopia® Gateway followed by a right angle bracket (>). For example, if you open a CLI connection to the Motorola Netopia® Gate- Netopia-3000/9437188>...
Sends an Address Resolution Protocol (ARP) request to match the nnn.nnn.nnn.nnn IP address to an Ethernet hardware address. clear [yes] Clears the configuration settings in a Motorola Netopia® Gateway. If you do not use the optional qualifier, you are prompted to confirm the clear_certificate Removes an SSL certificate that has been installed.
Page 134
Adds the message in the message_string argument to the Motorola Netopia® Gateway diagnostic log. loglevel [ level ] Displays or modifies the types of log messages you want the Motorola Netopia® Gateway to record. If you enter the loglevel command without the optional level argument, the command line interface displays the current log level setting.
DNS information. ping [-s size ] [-c count ] [ hostname | ip_address ] Causes the Motorola Netopia® Gateway to issue a series of ICMP Echo requests for the device with the specified name or IP address. ❑ The hostname argument is the name of the device you want to ping; for example, pia.com...
Page 136
Restarts the heartbeat sequence. reset ipmap Clears the IPMap table (NAT). reset log Rewinds the diagnostic log display to the top of the existing Motorola Netopia® Gateway diagnostic log. reset log command does not clear the diagnostic log. The next show log command will display information from the beginning of the log file.
[ seconds ] Restarts your Motorola Netopia® Gateway. If you include the optional seconds argument, your Motor- ola Netopia® Gateway will restart when the specified number of seconds have elapsed. You must enter restart the complete command to initiate a restart.
Displays the DHCP leases stored in RAM by your Motorola Netopia® Gateway. show diffserv Displays the Differentiated Services and QoS values configured in the Motorola Netopia® Gateway. show dslf device-association Displays LAN devices that conform with the TR111 Gateway requirement. It displays - IP Address, Man- ufacture OUI and Serial number.
Displays the IGMP Snooping Table. See show ip arp Displays the Ethernet address resolution table stored in your Motorola Netopia® Gateway. show ip igmp Displays the contents of the IGMP Group Address table and the IGMP Report table maintained by your Motorola Netopia®...
Displays the current status of a Motorola Netopia® Gateway, the device's hardware and software revi- sion levels, a summary of errors encountered, and the length of time the Motorola Netopia® Gateway status has been running since it was last restarted. Identical to the...
show summary Displays a summary of WAN, LAN, and Gateway information. show vlan Displays detail of VLAN status and statistics. Example: show vlan Displaying vlan segment interfaces ==== vlan mode ==== ==== segment 0 port masks ==== PortPort : 00000000-00000000 GlobalPort : 00000000-00000000 SumPort : 00000000-00000000...
Page 142
Administrator’s Handbook ==== segment 10 port masks ==== PortPort GlobalPort : 00000000-00000000 SumPort ==== vlan active segment ==== Type : 1 Index : 1 Vid : 1 PortMask SwitchMask WirelessMask : 00001000 ==== vlan active link ==== namePtr portType : 1 portIndex : 1 ifId ==== vlan active link ====...
Page 143
Traces the routing path to an IP destination. upload [ server_address ] [ filename ] [confirm] Copies the current configuration settings of the Motorola Netopia® Gateway to a TFTP (Trivial File Trans- fer Protocol) server. The TFTP server must be accessible on your Ethernet network. The server_address argument identifies the IP address of the TFTP server on which you want to store...
Use the segment argument to ping a neighbor switch. Use the end-to-end argument to ping a remote end node. reset dhcp client release [ vcc-id ] Releases the DHCP lease the Motorola Netopia for the specified DSL port. The directly map to the VCC in use. Enter the variable to see the letter assigned to each virtual circuit.
, such as CONFIG Mode Prompt When you are in CONFIG mode, the CLI prompt consists of the name of the Motorola Netopia® Gateway followed by your current node in the hierarchy and two right angle brackets (>>). For example, when you config...
Enter IP addresses in dotted decimal notation (0 to 255). If a command is ambiguous or miskeyed, the CLI prompts you to enter additional information. For exam- ple, you must specify which virtual circuit you are configuring when you are setting up a Motorola Neto- pia® Gateway.
Step Mode: A CLI Configuration Technique The Motorola Netopia® Gateway command line interface includes a step mode to automate the pro- cess of entering configuration settings. When you use the CONFIG step mode, the command line inter- face prompts you for all required and optional information. You can then enter the configuration values appropriate for your site without having to enter complete CLI commands.
ATA is dis- covered, the Gateway compares the MAC address of the ATA with one of the existing profiles stored in ® the database. If there is a match, the configuration is downloaded to the Motorola Netopia ATA, and ®...
Page 149
set ata profile [ 0... 3 ] ata-static-wan-gateway ip_addr Specifies a static gateway WAN IP address for the specified profile. set ata profile [ 0... 3 ] ata-proxy-server ip_addr Specifies a SIP proxy server hostname or IP address for the specified profile. set ata profile [ 0...
You can use the CLI to set up each ATM virtual circuit. set atm option {on | off } Enables the WAN interface of the Motorola Netopia Transfer Mode (ATM) protocol. set atm [vcc n ] option {on | off } Selects the virtual circuit for which further parameters are set.
Bridging lets the Motorola Netopia® Gateway use MAC (Ethernet hardware) addresses to forward non- TCP/IP traffic from one network to another. When bridging is enabled, the Motorola Netopia® Gateway maintains a table of up to 512 MAC addresses. Entries that are not used within 30 seconds are dropped.
Page 152
Administrator’s Handbook set bridge concurrent-bridging-routing {on | off } Enables or disables Concurrent Bridging/Routing. set bridge dhcp-filterset " string " Assigns a filterset named string to the bridge configuration. ☛ NOTE: A filterset can only be configured for the bridge if the system bridge or concurrent bridging/ routing is enabled.
Enables or disables DHCP services in the Motorola Netopia® Gateway. You must enable DHCP services before you can enter other DHCP settings for the Motorola Netopia® Gateway. If you turn off DHCP services and save the new configuration, the Motorola Netopia® Gateway clears its DHCP settings.
Page 154
Administrator’s Handbook set dhcp range [ 2... 8 ] start-address ip_address Specifies the starting IP address of DHCP range n when subnet n option is on. See nets” on page 168. set dhcp range [ 2... 8 ] end-address ip_address Specifies the ending IP address of DHCP range n when subnet n option is on.
Page 155
Option Data Format Unsigned 4 byte integer Unsigned 2 byte integer list Unsigned 2 byte integer Flag IP address 29 - 31 Flag IP address IP address and mask list Flag Unsigned 4 byte integer Flag Unsigned 1 byte integer Unsigned 4 byte integer Flag String (up to 100 characters)
Page 156
Administrator’s Handbook Option Data Format Complex Sub-option list Complex Undefined IP address list 86 - 87 Unicode String Encoded DN list IP address list Complex 91 - 97 Undefined/Weakly defined String (up to 100 characters) 99 - 115 Undefined/Weakly defined Flag Unsigned 2 byte integer list IP address...
Page 157
DHCP Option Filtering Beginning with Firmware Version 7.7, support for DHCP option filtering is provided via the filterset set- tings. set dhcp filterset name " string " rule n type [ dhcp-option | hw-address | requested-option ] Specifies a DHCP filterset named string as one of three possible types: The rule can either specify an option and option contents, dhcp-option;...
Page 158
Administrator’s Handbook set dhcp filterset name " string " rule n match-pool ip_address Specifies the start IP address of the range within a DHCP pool where that range will be used to allocate an address if the wildcard matches. The value 0.0.0.0 means regular processing; 255.255.255.255 means discard. set dhcp filterset name "...
DMT Settings DSL Commands set dmt dsl-annex-support [ off | on ] This controls whether other annex support (just as Annex M) is enabled. Default is off. set dmt type [ lite | dmt | ansi | multi | adsl2 | adsl2+ | readsl2 | adsl2anxm | adsl2+anxm ] Selects the type of Discrete Multitone (DMT) asynchronous digital subscriber line (ADSL) protocol to use for the WAN interface.
Administrator’s Handbook Domain Name System Settings Domain Name System (DNS) is an information service for TCP/IP networks that uses a hierarchical naming system to identify network domains and the hosts associated with them. You can identify a pri- mary DNS server and one secondary server. Common Commands set dns domain-name domain-name Specifies the default domain name for your network.
Page 161
Dynamic DNS Settings Dynamic DNS support allows you to use the free services of www.dyndns.org. Dynamic DNS automati- cally directs any public Internet request for your computer's name to your current dynamically-assigned IP address. This allows you to get to the IP address assigned to your Gateway, even though your actual IP address may change as a result of a PPPoE connection to the Internet.
Other uses include updating the address books of mobile computer users in the field, or sending out company newsletters to a distribution list. Since a router should not be used as a passive forwarding device, Motorola Netopia protocol for forwarding multicasting: Internet Group Management Protocol (IGMP).
Page 163
❑ Querier Version – select a version of the IGMP Querier: version 1, version 2, or version 3. If you know you will be communicating with other hosts that are limited to v1 or v2, for backward compati- bility, select accordingly; otherwise, allow the default v3. ☛...
{ on | off } Enables or disables TCP/IP services in the Motorola Netopia® Gateway. You must enable TCP/IP ser- vices before you can enter other TCP/IP settings for the Motorola Netopia® Gateway. If you turn off...
Page 165
TCP/IP services and save the new configuration, the Motorola Netopia® Gateway clears its TCP/IP set- tings. ARP Timeout Settings set ip arp-timeout [ 60 ... 6000 ] Sets the timeout value for ARP timeout. Default = 600 secs (10 mins); range = 60 secs - 6000 secs (1–100 mins).
Page 166
MD5 authentication is an extension of RIP-2 that increases security by requiring an authentication key when routes are advertised. Depending on your network needs, you can configure your Motorola Netopia® Gateway to support RIP- 1, RIP-2, or RIP-2MD5. If you specify v2-MD5, you must also specify a rip-send-key. Keys are ASCII strings with a maximum of 31 characters, and must match the other Gateway(s) keys for proper operation of MD5 support.
Page 167
A address ip_address Assigns an IP address to the Motorola Netopia® Gateway on the local area network. The IP address you assign to the local Ethernet interface must be unique on your network. By default, the Motorola Neto- pia®...
Page 168
Default IP Gateway Settings set ip gateway option { on | off } Specifies whether the Motorola Netopia® Gateway should send packets to a default Gateway if it does not know how to reach the destination host. set ip gateway interface { Specifies how the Motorola Netopia...
Page 169
[ vccn ] option { on | off } Enables or disables IP routing through the virtual PPP interface. By default, IP routing is turned on. If you turn off IP routing and save the new configuration, the Motorola Netopia® Gateway clears IP routing settings set ip ip-ppp [ vccn ] address ip_address Assigns an IP address to the virtual PPP interface.
Page 170
31 characters, and must match the other Gateway(s) keys for proper operation of MD5 support. set ip ip-ppp vcc n igmp-null-source-addr [ on | off ] Specifies whether you want the Motorola Netopia IGMP packet transmitted from this interface as 0.0.0.0 when mcast-fwd is set to on. This complies with the requirements of TR-101, and removes the need for a publicly advertised IP address on the WAN interface.
Page 171
ARP table entries, static ARP table entries do not time out. You can configure as many as 16 static ARP table entries for a Motorola Netopia® Gateway. Use the fol- lowing commands to add static ARP entries to the Motorola Netopia® Gateway static ARP table:...
Page 172
Administrator’s Handbook SIP Passthrough set ip sip-passthrough [ on | off ] Turns Session Initiation Protocol application layer gateway client passthrough on or off. The default is Session Initiation Protocol, is a signaling protocol for Internet conferencing, telephony, presence, events notification and instant messaging. RTSP Passthrough set ip rtsp-passthrough [ off | on ] Turns Real Time Streaming Protocol application layer gateway client passthrough on or off.
Page 173
Differentiated Services (DiffServ) set diffserv option [ off | on ] Turns the DiffServ option off (default) or on. on enables the service and IP TOS bits are used, even if no flows are defined. Consequently, if the end-point nodes provide TOS settings from an application that can be interpreted as one of the supported states, the Gateway will handle it as if it actively marked the TOS field itself.
Page 174
Administrator’s Handbook set diffserv custom-flows name name protocol [ TCP | UDP | ICMP | other ] direction [ outbound | inbound | both ] start-port [ 0 - 65535 ] end-port [ 0 - 65535 ] inside-ip inside-ip-addr inside-ip-mask inside-ip-netmask outside-ip outside-ip-addr outside-ip-mask outside-ip-netmask qos [ off | assure | expedite | network-control ]...
Page 175
Packet Mapping Configuration set diffserv qos [ network-control-queue | expedite-queue | assured-queue | best-effort-queue ] queue_name Specifies the Diffserv QoS queue mapping associations. ❑ queue_name - the basic queue name to which classified packets are directed. By default the following mappings are created: set diffserv qos network-control-queue basic_q0 set diffserv qos expedite-queue basic_q1 set diffserv qos assured-queue basic_q2...
Page 176
Administrator’s Handbook set diffserv qos dscp-map-23 expedite set diffserv qos dscp-map-24 network-control set diffserv qos dscp-map-25 network-control set diffserv qos dscp-map-26 network-control set diffserv qos dscp-map-27 network-control set diffserv qos dscp-map-28 network-control set diffserv qos dscp-map-29 network-control set diffserv qos dscp-map-30 network-control set diffserv qos dscp-map-31 network-control...
Queue Configuration The Gateway’s WAN interface can now be configured for: ❑ strict priority queuing (as currently) ❑ weighted fair queuing ❑ rate-limiting funnel ☛ Note: The configuration mechanism is designed to be flexible enough to accommodate complex queuing requirements. Configurations not supported by the Gateway will be flagged during configuration verification.
Page 178
Administrator’s Handbook set queue name queue_name option [ on | off ] type [ basic | wfq | priority | funnel ] Creates a queue named queue_name and assigns a type: ❑ basic – Basic Queue ❑ wfq – Weighted Fair Queue ❑...
Page 179
Weighted Fair Queue set queue name wfq option [ on | off ] set queue name wf_queue_name type wfq set queue name wf_queue_name weight-type [ relative | bps ] set queue name wf_queue_name default-input queue_name Specifies the attributes of the Weighted Fair Queue named wf_queue_name . ❑...
Page 180
Administrator’s Handbook set queue name "wfq" entry 4 weight 40000 set queue name "wfq" entry 4 share-bw off set queue name "wfq" entry 4 limit-bw off set queue name "wfq" default-input "basic_q0"...
Page 181
Priority Queue set queue name priority_queue_name option [ off | on ] set queue name priority_queue_name type priority set queue name priority_queue_name default-input queue_name A priority queue can contain up to 8 input queues. For each input queue, the following is configured: set queue name priority_queue_name entry n input input_queue_name set queue name priority_queue_name entry n priority priority_value...
Page 182
PPP, since an intermittent PPP link may make maintenance of dynamic routes problematic. You can configure as many as 32 static IP routes for a Motorola Netopia® Gateway. Use the following commands to maintain static routes to the Motorola Netopia® Gateway routing table:...
Page 183
Specifies the IP address of the Gateway for the static route. The default Gateway must be located on a network connected to the Motorola Netopia® Gateway configured interface. set ip static-routes destination-network net_address metric integer Specifies the metric (hop count) for the static route. The default metric is 1. Enter a number from 1 to 15 for the integer argument to indicate the number of Gateways (actual or best guess) a packet must traverse to reach the remote network.
Administrator’s Handbook IPMaps Settings set ip-maps name name internal-ip ip_address Specifies the name and static ip address of the LAN device to be mapped. set ip-maps name name external-ip ip_address Specifies the name and static ip address of the WAN device to be mapped. Up to 8 mapped static IP addresses are supported.
Network Address Translation (NAT) Default Settings NAT default settings let you specify whether you want your Motorola Netopia® Gateway to forward NAT traffic to a default server when it doesn’t know what else to do with it. The NAT default host function is useful in situations where you cannot create a specific NAT pinhole for a traffic stream because you...
Administrator’s Handbook Network Address Translation (NAT) Pinhole Settings NAT pinholes let you pass specific types of network traffic through the NAT interfaces on the Motorola Netopia® Gateway. NAT pinholes allow you to route selected types of network traffic, such as FTP requests or HTTP (Web) connections, to a specific host behind the Motorola Netopia®...
[vccn] lcp-echo-requests { on | off } Specifies whether you want your Motorola Netopia® Gateway to send LCP echo requests. You should turn off LCP echoing if you do not want the Motorola Netopia® Gateway to drop a PPP link to a nonre- sponsive peer.
Page 188
For example, if the remote peer requires CHAP authentica- tion and has a name and CHAP secret for the Motorola Netopia® Gateway, you must enable CHAP and specify the same name and secret on the Motorola Netopia® Gateway before the link can be estab- lished.
Page 189
option [ off | on | pap-only | chap-only ] Specifying on turns both PAP and CHAP on, or you can select PAP or CHAP. Specify the password when port authentication is turned on (both CHAP and PAP, CHAP or PAP.) Authentication must be enabled before you can enter other information.
Administrator’s Handbook PPPoE with IPoE Settings Ethernet WAN platforms set wan-over-ether pppoe [ on | off ] Enables or disables PPPoE on the Ethernet WAN interface. set wan-over-ether pppoe-with-ipoe [ on | off ] Enables or disables the PPPoE with IPoE support on Ethernet WAN, including VDSL, platforms when pppoe option is set to on.
ADSL platforms You must configure two VCCs with the same VPI/VCI to enable concurrent PPPoE and IPoE support, and you will need to configure the individual settings for each interface for proper operation. set atm vcc n encap pppoe-llc Specifies that the VCC will allow a second VCC with the same VPI/VCI values as the first. pppoe-llc denotes this special case.
All VDSL and Ethernet WAN Motorola Netopia Gateways support Ethernet OAM options. ® More Ethernet Packet-Transfer-Mode (PTM) enabled xDSL Motorola Netopia Gateways will support 802.3ah Ethernet OAM options in future releases. 802.3ah Ethernet OAM exchanges periodic Ethernet OAM heartbeat frames between the endpoints of the physical link being monitored, and thus discovers and keeps-alive the Link connectivity and reports faults if the link goes down.
Command Line Interface Preference Settings You can set command line interface preferences to customize your environment. set preference verbose { on | off } Specifies whether you want command help and prompting information displayed. By default, the com- mand line interface verbose preference is turned off. If you turn it on, the command line interface dis- plays help for a node when you navigate to that node.
Administrator’s Handbook Port Renumbering Settings If you use NAT pinholes to forward HTTP or telnet traffic through your Motorola Netopia® Gateway to an internal host, you must change the port numbers the Motorola Netopia® Gateway uses for its own con- figuration traffic.
Internet Key Exchange (IKE) is the key management pro- tocol of IPsec that establishes keys for encryption and decryption. Because this VPN software imple- mentation is built to these standards, the other side of the tunnel can be either another Motorola ®...
Page 196
Administrator’s Handbook set security ipsec tunnels name "123" dest-int-netmask netmask Specifies the subnet mask of the destination computer or internal network. The subnet mask specifies which bits of the 32-bit IP address represents network information. The default subnet mask for most networks is 255.255.255.0 (class C subnet mask).
Page 197
"123" IKE-mode invalid-spi-recovery { off | on } Enables the Gateway to re-establish the tunnel if either the Motorola Netopia® Gateway or the peer gateway is rebooted. set security ipsec tunnels name "123" xauth enable {off | on } Enables or disables Xauth extensions to IPsec, when IKE-mode neg-method is set to aggressive.
Page 198
Administrator’s Handbook set security ipsec tunnels name "123" local-id-type { IP-address | Subnet | Hostname | ASCII } Specifies the NAT local ID type for the specified IPsec tunnel, when Aggressive Mode is set. set security ipsec tunnels name "123" local-id id_value Specifies the NAT local ID value as specified in the local-id-type for the specified IPsec tunnel, when Aggressive Mode is set.
Page 199
Internet Key Exchange (IKE) Settings The following four IPsec parameters configure the rekeying event. set security ipsec tunnels name "123" IKE-mode ipsec-soft-mbytes (1000) {1-1000000} set security ipsec tunnels name "123" IKE-mode ipsec-soft-seconds (82800) {60-1000000} set security ipsec tunnels name "123" IKE-mode ipsec-hard-mbytes (1200) {1-1000000} set security ipsec tunnels name "123"...
Page 200
SA Encrypt Type SA Hash Type Invalid SPI Recovery Soft MBytes Soft Seconds Hard MBytes Hard Seconds IPSec MTU Xauth Enable Xauth Username Xauth Password ® Motorola Netopia Gateway On/Off Main/Aggressive IP Address Subnet Hostname ASCII IP Address Subnet Hostname ASCII...
Parameter Descriptions The following tables describe SafeHarbour’s parameters that are used for an IPSec VPN tunnel configu- ration: Table 2: IPSec Configuration page parameters Field Name The Name parameter refers to the name of the configured tunnel. This is mainly used as an identifier for the administrator.
Page 202
Values supported include MD5 and SHA1. N/A will display if NONE is chosen for Auth Protocol. Invalid SPI Enabling this allows the Gateway to re-establish the tunnel if either the Motorola Neto- Recovery pia® Gateway or the peer gateway is rebooted.
Page 203
Xauth Enable Extended Authentication (XAuth), an extension to the Internet Key Exchange (IKE) proto- col. The Xauth extension provides dual authentication for a remote user’s Motorola Neto- ® Gateway to establish a VPN, authorizing network access to the user’s central office.
Page 204
Administrator’s Handbook Stateful Inspection Stateful inspection options are accessed by the security state-insp tag. set security state-insp [ ip-ppp | dsl ] vcc n option [ off | on ] set security state-insp ethernet [ A | B ] option [ off | on ] Sets the stateful inspection option off or on on the specified interface.
Page 205
Sets the exposed list address number. set security state-insp xposed-addr exposed-address# " n " start-ip ip_address Sets the exposed list range starting IP address, in dotted quad format. set security state-insp xposed-addr exposed-address# " n " end-ip ip_address Sets the exposed list range ending IP address, in dotted quad format. 32 exposed addresses can be created.
Page 206
Administrator’s Handbook Packet Filtering Settings Packet Filtering has two parts: ❑ Create/Edit/Delete Filter Sets, create/edit/delete rules to a Filter Set. ❑ Associate a created Filter Set with a WAN or LAN interface set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index forward [ on | off ] Creates or edits a filter rule, specifying whether packets will be forwarded or not.
Page 207
set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dest-ip ip_addr Specifies the destination IP address to match packets (where the packet is going). set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dest-mask mask Specifies the destination IP mask to match packets (where the packet is going). set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index tos value Specifies the TOS (Type Of Service) value to match packets.
Page 208
Administrator’s Handbook set security pkt-filter filterset filterset-name [ input_filter | output_filter ] index dst-compare [ nc | ne | lt | le | eq | gt | ge ] Sets the destination compare operator action for the specified filter rule. dst-compare only displays when the protocol is TCP or UDP.
Identifies the system contact, such as the name, phone number, beeper number, or email address of the person responsible for the Motorola Netopia® Gateway. You can enter up to 255 characters for the contact_info argument. You must put the contact_info argument in double-quotes if it contains embedded spaces.
3000/9437188. A system name can be 1 – 255 characters long. Once you have assigned a name to your Motorola Netopia® Gateway, you can enter that name in the Address text field of your browser to open a connection to your Motorola Netopia® Gateway.
Page 211
A password can be as many as 32 characters. Passwords are case-sensitive. Passwords go into effect immediately. You do not have to restart the Motorola Netopia® Gateway for the password to take effect. Assigning an administrator or user password to a Motorola Netopia® Gate- way does not affect communications through the device.
Page 213
[ on | off ] Enables or disables the Zero Touch option. Zero Touch refers to automatic configuration of your Motorola Netopia® Gateway. The Motorola Neto- pia® Gateway has default settings such that initial connection to the Internet will succeed. If the zero- touch option is set to on, HTTP requests to any destination IP address except the IP address(es) of the configured redirection URL(s) will access a redirection server.
Administrator’s Handbook Syslog set system syslog option [ off | on ] Enables or disables system syslog feature. If syslog option is on, the following commands are avail- able: set system syslog host-nameip [ ip_address | hostname ] Specifies the syslog server’s address either in dotted decimal format or as a DNS name up to 64 char- acters.
Page 215
Default syslog installation procedure Access the Gateway via telnet from the private LAN. DHCP server is enabled on the LAN by default. The product’s stateful inspection feature must be enabled in order to examine TCP, UDP and ICMP packets destined for the Gateway or the private hosts. This can be done by entering the CONFIG interface.
{ off | at-startup | continuous } Specifies the wireless AutoChannel Setting for 802.11G models. AutoChannel is a feature that allows the Motorola Netopia® Gateway to determine the best channel to broadcast automatically. For details, “Advanced” on page set wireless default-channel { 1...14 }...
Page 217
set wireless scheduler end-time hh : min Specifies the time to turn the wireless radio off, when wireless scheduler option is set to on. set wireless multi-ssid option { on | off } Enables or disables the multi-ssid feature which allows you to add additional network identifiers (SSIDs or Network Names) for your wireless network.
Page 218
Administrator’s Handbook set wireless multi-ssid second-ssid-psk { string } set wireless multi-ssid third-ssid-psk { string } set wireless multi-ssid fourth-ssid-psk { string } Specifies a WPA passphrase for the multiple SSIDs, when second-, third-, or fourth-ssid-privacy is set to WPA-PSK. The Pre Shared Key is a passphrase shared between the Gateway and the clients and is used to generate dynamically changing keys.
Page 219
Wireless Multi-media (WMM) Settings Router EDCA Parameters (Enhanced Distributed Channel Access) govern wireless data from your Gateway to the client; Client EDCA Parameters govern wireless data from the client to your Gateway. set wireless wmm option [ off | on ] Enables or disables wireless multi-media settings option, which allows you to fine tune WiFi Multimedia Quality of Service (QoS) by transmitting data depending on Diffserv priority settings.
Page 220
Administrator’s Handbook set wireless wmm router-edca background { aifs 1... 255 } set wireless wmm router-edca background { cwmin value } set wireless wmm router-edca background { cwmax value } Sets values for Gateway WMM background parameters. set wireless wmm client-edca voice { aifs 1... 255 } set wireless wmm client-edca voice { cwmin value } set wireless wmm client-edca voice { cwmax value } set wireless wmm client-edca voice { txoplimit 0...
Page 221
Wireless Privacy Settings set wireless network-id wps [ off | on ] Enables or disables Wireless Protected Setup. See “Wireless Protected Setup” on page set wireless network-id privacy option { off | WEP | WPA-PSK | WPA-802.1x } Specifies the type of privacy enabled on the wireless LAN. off = no privacy; WEP = WEP encryption; WPA-PSK = Wireless Protected Access/Pre-Shared Key;...
Page 222
Administrator’s Handbook set wireless network-id privacy encryption-key1-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key2-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key3-length {40/64bit, 128bit, 256bit} set wireless network-id privacy encryption-key4-length {40/64bit, 128bit, 256bit} Selects the length of each encryption key. 40bit encryption is equivalent to 64bit encryption. The longer the key, the stronger the encryption and the more difficult it is to break the encryption.
Page 223
set wireless mac-auth wrlss-MAC-list mac-address “ MAC-address_string ” allow-access-ssid2 { on | off } set wireless mac-auth wrlss-MAC-list mac-address “ MAC-address_string ” allow-access-ssid3 { on | off } set wireless mac-auth wrlss-MAC-list mac-address “ MAC-address_string ” allow-access-ssid4 { on | off } Designates whether the MAC address is enabled or not for the specified multiple SSID access.
Administrator’s Handbook VLAN Settings You can create up to 8 VLANs, and you can also restrict any VLAN, and the computers on it, from admin- istering the Gateway. See “VLAN” on page 78 for more information. set vlan name name Sets the descriptive name for the VLAN.
Page 225
802.1p priority bit field for tagged IP packets transmitted from this port for this VLAN. All mappings between Ethernet 802.1p and IP-TOS are made via diffserv dscp-map settings. set vlan name name ports port port-pbits [ 0 - 7 ] Specifies the 802.1p priority bit for this port associated with the specified VLAN.
Page 226
Administrator’s Handbook ❑ Assign an IP interface: ip-vcc1 option (off) [ off | on ]: ip-eth-a option (off) [ off | on ]: on ipsec-mgmt1 option (off) [ off | on ]: Netopia-3000/9437188 (vlan)>> Example 2: ❑ An example of a “Triple-Play” setup: set vlan name "LanPorts"...
Page 227
set vlan name "PPPoE_11" id 11 set vlan name "PPPoE_11" admin-restricted off set vlan name "PPPoE_11" seg-pbits 0 set vlan name "PPPoE_11" ports eth0.1 option off set vlan name "PPPoE_11" ports eth0.2 option off set vlan name "PPPoE_11" ports eth0.3 option off set vlan name "PPPoE_11"...
Page 228
Administrator’s Handbook set vlan name "Video_31" inter-vlan-routing group-1 off set vlan name "Video_31" inter-vlan-routing group-2 off set vlan name "Video_31" inter-vlan-routing group-3 off set vlan name "Video_31" inter-vlan-routing group-4 off You must save the changes, exit from configuration mode, and restart the Gateway for the changes to take effect.
Session Initiation Protocol (SIP), to transmit sound over a network or the Internet in the form of data packets. Certain Motorola Netopia connecting telephone handsets. These models support VoIP. If your Gateway is a VoIP model, you can configure the VoIP features.
Page 230
Administrator’s Handbook set voip phone [ 1 | 2 ] sip-out-proxy-server [ server_name | ip_address ] Specifies the SIP outbound proxy server for the specified phone by fully qualified server name or IP address. set voip phone [ 1 | 2 ] sip-user-display-name name Specifies the user name that is displayed on the web UI Home page, or other caller-id displays for the specified phone.
Page 231
set voip phone [ 1 | 2 ] codec G726_32 priority [ 1 | 2 | 3 | 4 | 5 | 6 | 7 | none ] Assigns a priority to the G726-32 codec, a common audio media type implementation at 32 kbit/s. set voip phone [ 1 | 2 ] codec G726_40 priority [ 1 | 2 | 3 | 4 | 5 | 6 | 7 | none ] Assigns a priority to the G726-40 codec, a common audio media type implementation at 40 kbit/s.
Page 232
Administrator’s Handbook set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-forwarding-all-number phone_number call-forwarding-all-number – specifies the number to which calls are to be forwarded when call-for- warding-all-option is on. set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-forwarding-on-busy-option [ off | on ] call-forwarding-on-busy-option –...
Page 233
set voip phone [ 1 | 2 ] sip-advanced-setting call-feature anonymous-call-block-option [ off | on ] anonymous-call-block-option – if set to on, blocks calls from unidentified sources, such as those with caller-ID blocking. set voip phone [ 1 | 2 ] sip-advanced-setting call-feature call-transfer-option [ off | on ] call-transfer-option –...
Page 234
Administrator’s Handbook Example set voip phone 1 sip-option on set voip phone 1 sip-proxy-server "joe" set voip phone 1 sip-proxy-server-transport UDP set voip phone 1 sip-registrar-setting sip-registrar-server "joe" set voip phone 1 sip-registrar-setting sip-registrar-server-transport UDP set voip phone 1 sip-registrar-setting sip-expires-time 3600 set voip phone 1 sip-out-proxy-server "joe"...
PCs using UPnP can retrieve the Gateway’s WAN IP address, and automatically create NAT port maps. ® This means that applications that support UPnP, and are used with a UPnP-enabled Motorola Netopia ® Gateway, will not need application layer gateway support on the Motorola Netopia Gateway to work through NAT.
Page 236
TR-069 DSL Forum CPE WAN Management Protocol (TR-069) provides services similar to UPnP and TR-064. The communication between the Motorola Netopia 064 is strictly over the LAN, whereas the communication in TR-069 is over the WAN link for some fea- tures and over the LAN for others.
Remote Management settings set remote-mgmt telnet-enable [ on | off ] Enables or disables remote management via telnet of the network specified by network- n /netmask- n . Up to 10 networks may be specified. set remote-mgmt web-enable [ on | off ] Enables or disables remote management via web UI of the network specified by network- n /netmask- n .
Administrator’s Handbook Backup IP Gateway Settings The purpose of Backup is to provide a recovery mechanism in the event that the primary connection fails. A failure can be either line loss, for example by central site switch failure or physical cable break- age, or loss of end-to-end connectivity.
Page 239
set ip backup-gateway option [ on | off ] Turns the backup gateway option on or off. Default is off. set ip backup-gateway interface [ ip-address | ppp-vcc n ] Specifies the backup gateway interface ip address to which you want to direct the backup connection. set ip backup-gateway default ip_address Specifies the ip address of the default gateway.
Administrator’s Handbook VDSL Settings ☛ CAUTION! These settings are for very advanced users and lab technicians. Exercise extreme caution when modifying any of these settings. set vdsl sys-option [ 0x00 - 0xff ] sys-bandplan [ 0x00 - 0xff ] psd-mask-level [ 0x00 - 0xff ] pbo-k1_1 [ 0x00000000 - 0xffffffff ] pbo-k1_2 [ 0x00000000 - 0xffffffff ] pbo-k1_3 [ 0x00000000 - 0xffffffff ]...
Page 241
VDSL Parameter Defaults Parameter Default line-type 0x81 us-max-inter-delay 0x04 ds-max-inter-delay 0x04 us-target-noise-margin 0x0C ds-target-noise-margin 0x0C min-noise-margin 0x0A port-bandplan 0x02 framing-mode 0x90 band-mod 0x11 port-option 0x0A - Annex B 0x06 - Annex A power-mode 0x01 tx-filter 0x02 rx-filter 0x02 dying-gasp Meaning VDSL port line type(auto=0x80, vdsl=0x81, vdsl_etsi=0x82) VDSL port upstream max inter delay...
Page 242
Administrator’s Handbook VDSL Parameters Accepted Values Parameter sys-option sys-bandplan Accepted Values Bit[0]: NTR_DISABLE Bit[1]: ALW_MARGIN_ADJUST. 1: the SNR margin for the optional band is reduced by up to 2.5 dB, but never below a minimum of 4 dB. Bit[2]: SUPPORT_INI Bit[4]: TLAN Enable Bit[5]: PBO Weak mode Enable (Applicable only when PBO Bit[3]=0.
Page 245
VDSL Parameters Accepted Values Parameter band-mod Bit 0, 1: Tx Cfg band 1- All tones on 2- All tones below 640 Khz are turned off 3- All tones below 1.1 Mhz are turned off Bit 2,3: Not used Bit 4,5: Rx Cfg band 1- All tones on 2- All tones below 640 Khz are turned off 3- All tones below 1.1 Mhz are turned off...
Description Communications interfaces: The Motorola Netopia® Gateways have an RJ-11 jack for DSL line connections or an RJ-45 jack for cable/DSL modem connections and 1 or 4–port 10/100Base-T Ethernet switch for your LAN connections. Some models have a USB port that can be used to connect to your PC; in some cases, the USB port also serves as the power source.
● EMC Compatibility, 89/336/EEC, conforming to EN 55 022 This Motorola product is in conformity with the essential requirements and other relevant requirements of the Radio Equipment and Telecommunications Terminal Equipment Directive (R&TTE) 1999/5/EC, following the provision of the Electromagnetic Compatibility Directive (EMC) No. 89/336/EEC and Low Voltage Directive (LVD) No.
It is the responsibility of users requiring service to report the need for service to our Company or to one of our authorized agents. Service can be obtained at Motorola, Inc., 6001 Shellmound Street, Emeryville, California, 94608. Telephone: 510-597-5400. ☛...
Administrator’s Handbook Repairs to the certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may give the telecommunications company cause to request the user to disconnect the equipment.
This equipment not intended to be repaired by the end user. In case of any problems, please refer to the trouble- shooting section of the Product User Manual before calling Motorola Technical Support. ®...
The Software is protected by copyright laws and international copyright treaties. The Software is licensed and not sold to you. This means that although you own the media (CD-ROM or the Product) on which the Software is provided or in which the Software is embedded, Motorola or its licensors retains all ownership of the Software. ●...
Limited Warranty Motorola warrants to you, the end user, that the Product will be free from defects in materials and workmanship under normal use for a period of one (1) year from date of purchase, or two (2) years from date of purchase if you reside in a European Union country.
Administrator’s Handbook Copyright Acknowledgments Because Motorola has included certain software source code in this product, Motorola includes the following text required by the respective copyright holders: Portions of this software are based in part on the work of the following: Copyright (c) 1998-2005 The OpenSSL Project.
Page 255
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2.
électriques et électroniques mis au rebut. Veuillez contacter vos autorités locales pour vous informer des pra- tiques instaurées dans votre region. Si aucun système de collecte n'est disponible, veuillez appeler le Service clientèle de Motorola qui vous apportera son assistance.
Jeśli w danym regionie nie istnieją systemy zbierania odpadów elektryc- znych i elektronicznych, informacje o utylizacji należy uzyskać od biura obsługi klienta firmy Motorola (Motorola Customer Service). Reciclagem do seu equipamento Motorola Não descarte este produto junto com o lixo residencial ou comercial.
Page 258
Administrator’s Handbook Please visit www.motorola.com/recycle <http://www.motorola.com/recycle> for instructions on recycling.
Page 260
Administrator’s Handbook Hardware address Home Page Home Page - Expert Mode Hop count HTTP traffic ICMP Echo IGMP IGMP Snooping IP address IP interfaces IP Passthrough IP routes IPMap table IPSec Tunnel Keywords, CLI LAN Host Discovery Table LCP echo request LEDs Limit Wireless...
Page 261
safety instructions Secondary nameserver Session Initiation Protocol Set bncp command Set bridge commands Set DMT commands Set dns commands Set ip static-routes commands Set ppp module port authentication command Set preference more command Set preference verbose command set security state-insp Set servers command Set servers telnet-tcp command snmp...
Page 262
Administrator’s Handbook Wired Equivalent Privacy Wireless Configuration Wireless ID (SSID) Zero Touch...