1. Manuals
  2. Brands
  3. Multitech Manuals
  4. Server
  5. PROXYSERVER MTPSR1-120
  6. User manual

Multitech PROXYSERVER MTPSR1-120 User Manual

Dual ethernet proxyserver
Hide thumbs Also See for PROXYSERVER MTPSR1-120:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
Dual Ethernet ProxyServer
Model MTPSR1-120
User Guide

Advertisement

Table of Contents
loading

Related Manuals for Multitech PROXYSERVER MTPSR1-120

Summary of Contents for Multitech PROXYSERVER MTPSR1-120

  • Page 1 Dual Ethernet ProxyServer Model MTPSR1-120 User Guide...
  • Page 2 User Guide 88301501 Revision B Dual Ethernet ProxyServer (Model No MTPSR1-120) This publication may not be reproduced, in whole or in part, without prior expressed written permission from Multi-Tech Systems, Inc. All rights reserved. Copyright © 1999, by Multi-Tech Systems, Inc.

  • Page 3: Table Of Contents

    Contents Chapter 1 - Introduction and Description Introduction ..............................6 Preview of this Guide ..........................6 Front Panel Description ..........................8 Back Panel Description ..........................9 RS232/V.35 Connector ........................9 Ethernet 1 and 2 10Base-T Connectors ....................9 Command Connector ........................... 9 Power Connector ..........................
  • Page 4 Chapter 5 - Remote Configuration and Management Introduction .............................. 44 Remote Configuration ..........................44 Modem-Based ........................... 44 LAN-Based ............................46 Remote Management ..........................48 Telnet ..............................48 WEB Management ..........................50 Chapter 6 - Warranty, Service and Tech Support Introduction .............................. 52 Limited Warranty ............................

  • Page 5: Chapter 1 - Introduction And Description

    Chapter 1 - Introduction and Description...

  • Page 6: Introduction

    Firewall User Guide Introduction Welcome to Multi-Tech's Dual Ethernet ProxyServer, model number MTPSR1-120 (hereafter, Firewall) a high speed Internet access device that provides firewall protection to your corporate secured (private) LAN and allows Internet access to the Internet Services Network (public LAN) that resides outside the firewall.
  • Page 7 Chapter 1 - Introduction and Description Chapter 4 - Firewall Software Chapter 4 describes the Firewall software package designed for the Windows ® environment. This chapter describes the Firewall software from an applications standpoint, and in so doing, not every screen is shown, nor is each field within a screen defined. For explanations and parameters of each field within a dialog box please refer to the online Help provided within the software.

  • Page 8: Front Panel Description

    Firewall User Guide Front Panel Description The front panel, shown in Figure 1-2, contains four groups of LEDs that provide the status of the LAN connection, link activity, and general status of the Firewall. The Ethernet 1 and Ethernet 2 LEDs display the activity of the public and private LANs, in whether the Firewall is connected to the LAN, transmitting or receiving packets, and if a collision is in progress.

  • Page 9: Back Panel Description

    Chapter 1 - Introduction and Description Back Panel Description The cable connections for the Firewall are made at the back panel. In addition to the Power connector, Three groups of connectors are used on the Firewall: the Command Port, Ethernet 1 &...

  • Page 10: Specifications

    Firewall User Guide Specifications • Protocols - Point-To-Point Protocol (PPP), and Serial Line Internet Protocol (SLIP) Ethernet Ports • Two Ethernet Interface - 10Base-T (twisted pair) RJ-45 connectors. Command Port • Single 19.2K bps asynchronous Command Port using a short RJ-45 to DB-25 cable with a DB-25 female connector WAN Link •...

  • Page 11: Chapter 2 - Installation

    Chapter 2 - Installation...

  • Page 12: Safety Warnings

    Firewall User Guide Safety Warnings Never install telephone wiring during a lightning storm. Never install telephone jacks in wet locations unless the jack is specifically designed for wet locations. Never touch uninsulated telephone wires or terminals unless the telephone line has been disconnected at the network interface.

  • Page 13: V.35 Shunt Procedure

    Chapter 2 - Installation V.35 Shunt Procedure If you are using an external DCE device on the WAN RS232/V.35 port, and the connection will be a V.35 connection, the internal shunt must be moved from the RS232C (default) position prior to cabling and power-up.

  • Page 14: Cabling Your Firewall

    Firewall User Guide Cabling Your Firewall Cabling your Firewall involves making the proper Power, Command Port, and Ethernet connections. An optional WAN connection is provided to connect to an external WAN device. Figure 2-4 shows the back panel connectors and the associated cable connections, and the table that follows details the procedures for connecting the cables to your Firewall.
  • Page 15 Chapter 2 - Installation Turn on power to the Firewall by placing the ON/OFF switch on the back panel to the ON position. Wait for the Fail LED on the Firewall to go OFF before proceeding. This may take a couple of minutes to go OFF. At this time your Firewall is completely cabled.
  • Page 16 Firewall User Guide...

  • Page 17: Chapter 3 - Software Loading And Configuration

    Chapter 3 - Software Loading and Configuration...

  • Page 18: Loading Your Software

    Firewall User Guide Loading Your Software The following loading procedure does not provide every screen or option in the process of installing the Firewall software. The assumption is that the installation is being performed by a technical person with a thorough knowledge of Windows and the software loading process. Additional information on the Firewall software is provided in the Chapter 4, and in the on-line help provided with your Firewall software.
  • Page 19 Chapter 3 - Software Loading and Configuration The Select Program Folder dialog box enables you to use the default or select a different name for the new program group for the Firewall 2.00 software. After accepting the default or selecting a different folder name, press Enter or click Next > to continue. The next dialog box enables you to designate the COM port of your PC that is connected to the Firewall.

  • Page 20: Wizard Setup

    Firewall User Guide Wizard Setup The Wizard Setup screen gives you a process for adding the basic information needed to configure your Firewall. This screen will guide you through entering the IP Address, Net Mask, and Default Route for your Secure (private) LAN. Then you can set up for static or dynamic addressing on the Internet LAN Port, set up the Gateway Parameters, and then do the same for the WAN port, if it is used.
  • Page 21 Chapter 3 - Software Loading and Configuration Internet LAN (LAN 2) Setup WAN Setup If a WAN device is connected to the WAN Port (marked RS-232/V.35), click the WAN option in the Select Port window, then either leave the “ISP Assigned Dynamic IP Address &...

  • Page 22: Default Wan Link Configuration

    Firewall User Guide Default WAN Link Configuration The Default WAN Link(s) Setup dialog box is used only if a device is connected to the RS-232/ V.35 connector on the back panel of the Firewall. This connection enables your Secure (private) LAN to be connected to a local ISP for Internet service.
  • Page 23 Chapter 3 - Software Loading and Configuration Check to ensure that the Fail LED on the Firewall is Off after the download is complete and the Firewall is rebooted. Win3.1 users - you are returned to your Program Manager where the Firewall 2.00 Program Group and Program Items (Windows icons) have been created.
  • Page 24 Firewall User Guide...

  • Page 25: Chapter 4 - Firewall Software

    Chapter 4 - Firewall Software...

  • Page 26: Introduction

    DSL modem by connecting the Ethernet connector on the modem to the LAN 2 connection on the Firewall. Internet Cable/DSL Modem LAN 2 Public MTPSR1-120 Firewall IP Address 192.168.0.101 Mask 255.255.255.0 LAN 1 Private Private LAN Workstation IP Address 192.168.0.107...

  • Page 27: Configuration 2 - Existing Dual-Lan With Router

    Network, which already provides Internet services. This configuration provides firewall and gateway security for the LAN users, and supports Internet access restrictions based on IP address, client protocols, or a list of forbidden sites. Internet MTPSR1-120 Firewall IP Address 192.168.0.101 Internet LAN Mask 255.255.255.0 IP Address 204.26.12.9...

  • Page 28: Configuration 3 - New Dual-Lan With T1 Dsu

    Web, FTP, etc. servers. The Internet connection is provided with a T1 DSU connected to the RS232 connection on the back of the unit. Internet T1 DSU WAN Port MTPSR1-120 Firewall IP Address 192.168.0.101 Mask 255.255.255.0 LAN 1 LAN 2...
  • Page 29 Chapter 4 - Firewall Software In the configuration shown in Figure 4-3, the Firewall is connected to the Secured (private) LAN via the LAN 1 connection of the back of the unit. The Internet (public) LAN is connected to the LAN 2 connector on the back of the unit.

  • Page 30: Firewall Program Group

    Firewall User Guide Firewall Program Group This section describes the advanced features of your Firewall software. The major configuration parameters are set when the software is loaded into your PC and the setup configuration is downloaded to the Firewall at the conclusion of the software installation. Our intent is not to cover every dialog box nor every field within a dialog box.

  • Page 31: Configuration Port Setup

    Chapter 4 - Firewall Software Configuration Port Setup The Configuration Port Setup program allows you to set up and configure the configuration port on your Firewall. This dialog is included in the initial installation process. Although parameters can be changed, be sure to note the current status of the software before making any alterations. When you installed the Firewall software, you selected to configure the port as either an IP or COM Port.

  • Page 32: Firewall Configuration

    Firewall User Guide Firewall Configuration To view or change your Firewall configuration in Windows 95/98/NT, click on the Start | Programs | Firewall | Firewall Configuration. After loading, the Firewall Setup menu will appear. The Firewall Setup menu consists of 13 buttons which allow you to display and change the protocol stacks, define the output of the Firewall, perform network management functions, test the communications link, print messages received from the target (the Firewall), and download setup information to the Firewall.

  • Page 33: Changing Ip Parameters

    Chapter 4 - Firewall Software Changing IP Parameters The IP Setup dialog box establishes the IP addressing for your Secured (private) LAN, Internet (public) LAN, and, if the Firewall is directly connected to the Internet via the RS-232/V.35 connector, the WAN port. To change the IP Setup parameters that were configured during the Wizard Setup, click on the IP button in the Firewall Setup menu.
  • Page 34 Firewall User Guide DHCP Relay Agent - Enabling this option allows the Firewall to relay IP address requests from the Internet to the DHCP server through the WAN. If this option is enabled, the DHCP Server Address field becomes active, and the IP address of the DHCP server must be entered.

  • Page 35: Changing Wan Port Parameters

    Chapter 4 - Firewall Software Changing WAN Port Parameters In order to change the WAN port parameters of a DCE device connected to the RS232/V.35 connector on the Firewall, click on the WAN button in the Firewall Setup menu. The WAN Port Setup dialog box is displayed.

  • Page 36: Enabling Ppp/Slip

    Firewall User Guide Enabling PPP/SLIP If you wish to use Point to Point Protocol (PPP) or Serial Line IP Protocol (SLIP) on the WAN port, you can enable it in the PPP/SLIP menu. In order to configure these options, you must first enable the WAN port.
  • Page 37 Chapter 4 - Firewall Software Enabling SLIP If you wish to configure the port for use with SLIP, click on the Enable check box in the SLIP group. The following message appears: Click OK. This value was assigned in the initial software installation and was downloaded to the ProxyServer at the end of the installation.

  • Page 38: Enabling The Dhcp Server

    Firewall User Guide Enabling the DHCP Server The DHCP Server feature of the Firewall manages all the IP address assignments on the Secured (private) LAN port. IP address management becomes completely transparent. To enable the DHCP Server ability in the Firewall, click on the DHCP Server button in the Firewall Setup menu.

  • Page 39: Adding Proxy Applications

    Chapter 4 - Firewall Software Adding Proxy Applications Certain software on your LAN may require a TCP or UDP port usage that is not currently supported by the Firewall. If this is the case, you must refer to the software documentation to determine the proper port usage and number.

  • Page 40: Filtering

    Firewall User Guide Filtering The Filters dialog lets you configure the Firewall so that IP packets that are received by the server can be selectively filtered or forwarded based on their addresses or by the protocol ports to which they are destined. The five filtering methods are: •...

  • Page 41: Enabling Virtual Servers

    Chapter 4 - Firewall Software Enabling Virtual Servers The Virtual Server Setup dialog box allows you to assign a virtual address to a statically assigned server. For example, if the ISP assigns static address of 200.2.9.1, you can set up a virtual server so that any requests sent to 200.2.9.1 will access 192.168.0.102.

  • Page 42: Statistics

    Firewall User Guide Statistics The Firewall is capable of providing statistics for the WAN port and for the whole system. These statistics can be useful for troubleshooting and management purposes. To access this information, click Statistics in the Firewall Setup menu. The Statistics dialog box is displayed. From this menu, you can query the details of the WAN port or observe total system statistics such as total system Uptime, and total Calls.

  • Page 43: Chapter 5 - Remote Configuration And Management

    Chapter 5 - Remote Configuration and Management...

  • Page 44: Introduction

    Firewall User Guide Introduction This chapter provides procedures for viewing or changing the configuration of a remote Firewall unit. Two methods are provided to access a remote unit; the first method is modem-based and the second method uses IP. Within the IP method, three applications can be used: 1) LAN-based using Trivial File Transfer Protocol (TFTP), 2) Telnet as a client application, and 3) a standard Web browser on the Internet.
  • Page 45 Chapter 5 - Remote Configuration and Management The Firewall Setup dialog box is displayed. Verify that the Communication Type is set for COM Port and the Select Port field is set for the COM port of your local PC. In the Dial String field, enter the AT command for dialing (ATDT) plus the phone number of the remote ProxyServer.

  • Page 46: Lan-Based

    Firewall User Guide LAN-Based The LAN-based remote configuration requires a Windows Sockets compliant TCP/IP stack. TCP/ IP protocol software must be installed and functional before the configuration program can be used. Local Workstation Remote Firewall TFTP, Telnet or Web Browser Internet Figure 5-2.
  • Page 47 Chapter 5 - Remote Configuration and Management After you have changed the configuration of the remote Firewall, click Download Setup to update the configuration. The remote Firewall will be brought down, the new configuration written to the unit, and the unit will reboot. Click Exit when the downloading is complete.

  • Page 48: Remote Management

    Firewall User Guide Remote Management This section describes typical client applications that can be used to configure the ProxyServer remotely. It is important to note that although any subsequent changes to configuration can be made using these applications, the initial setup and configuration of the ProxyServer must be done on the local PC, using the ProxyServer software provided with your unit.
  • Page 49 Chapter 5 - Remote Configuration and Management Firewall Management Menu The Firewall Management Menu provides two basic options: Firewall Configuration and WAN Device Configuration. A further option enables you to close the Telnet session from this menu by pressing the Esc key. Firewall Management Selecting Option 1 displays the Firewall Management menu with options that allow you to view statistics for IP, TCP, ARP, RARP, ICMP, UDP, WAN and PPP.

  • Page 50: Web Management

    Firewall User Guide WEB Management The ProxyServer can be accessed, via a standard web-browser, from anywhere on the connected Internet. In order to provide this support, the WEB Server option has to be enabled in the Applications Setup dialog box (see Chapter 4 - Firewall Software, Applications).

  • Page 51: Chapter 6 - Warranty, Service And Tech Support

    Chapter 6 - Warranty, Service and Tech Support...

  • Page 52: Introduction

    Customer to MTS’s factory transportation prepaid. MTS WILL NOT BE LIABLE FOR CONSEQUENTIAL DAMAGES AND UNDER NO CIRCUMSTANCES WILL ITS LIABILITY EXCEED THE PURCHASE PRICE FOR DEFECTIVE PRODUCTS. On-line Warranty Registration To register your ProxyServer on-line, click on the following link: http://www.multitech.com/register...

  • Page 53: Tech Support

    Chapter 6 - Warranty, Service and Technical Support Tech Support Multi-Tech has an excellent staff of technical support personnel available to help you get the most out of your Multi-Tech product. If you have any questions about the operation of this unit, call 1- 800-972-2439.

  • Page 54: Service

    Firewall User Guide Service If your tech support specialist decides that service is required, your ProxyServer may be sent (freight prepaid) to our factory. Return shipping charges will be paid by Multi-Tech Systems. Include the following with your ProxyServer: • a description of the problem.

  • Page 55: The Multi-Tech Bbs

    Chapter 6 - Warranty, Service and Technical Support The Multi-Tech BBS For customers who do not have Internet access, Multi-Tech maintains a bulletin board system (BBS). Information available from the BBS includes new product information, product upgrade files, and problem-solving tips. The phone number for the Multi-Tech BBS is (800) 392-2432 (USA and Canada) or (612) 785-3702 (international and local).

  • Page 56: About The Internet

    Multi-Tech is a commercial user on the Internet, and we retrieve messages from our customers on a periodic basis. If you prefer to receive technical support via the Internet, you can contact Tech Support at the following address: http://www.multitech.com/_forms/email_tech_support.htm Multi-Tech’s presence includes a Web site at: http://www.multitech.com and an ftp site at: ftp://ftp.multitech.com...

  • Page 57: Appendixes

    Appendixes...

  • Page 58: Appendix A - Tcp/Ip (Transmission Control Protocol/Internet Protocol) Description

    First, choose a domain name for your company. A domain name is the unique Internet name, usually the name of your business, that identifies your company. For example, Multi-Tech’s domain name is multitech.com ( .com indicates this is a commercial organization; .edu denotes educational organizations, .gov denotes government organizations). Next, determine how many IP addresses you’ll need.
  • Page 59 Appendix A - TCP/IP Description UDP, described in RFC 768 (http://info.internet.isi.edu:80/in-notes/rfc/files/rfc768.txt) provides an end-to-end datagram (connectionless) service. Some applications, such as those that involve a simple query and response, are better suited to the datagram service of UDP because there is no time lost to virtual circuit establishment and termination.
  • Page 60 You first choose a domain name for your company. A domain name is the unique Internet name, usually the name of your business, that identifies your company. For example, Multi-Tech’s domain name is multitech.com (where .com indicates this is a commercial organization; .edu denotes educational organizations, .gov denotes government organizations).

  • Page 61: Appendix B - Cabling Diagrams

    Appendix B - Cabling Diagrams Appendix B - Cabling Diagrams WAN Port Cable (RS-232/V.35) 13 12 11 10 9 25 24 23 22 21 20 19 18 17 16 15 14 25-PIN DTE 25-PIN DCE Connector Device RD 3 RTS 4 CTS 5 DSR 6 GND 7...
  • Page 62 Firewall User Guide DB-25 (RS-232) to V.35 Adapter V.35 34-pin Connector Signal Designation Signal Designation Chassis Ground Signal Ground Request To Send Clear To Send Data Set Ready Data Carrier Detect Data Terminal Ready Send Data (A) Receive Data (A) Receive Data (B) Send Data (B) Terminal Timing (A)

  • Page 63: Appendix C - Regulatory Information

    Modem CE Mark EMC and Safety Compliance The CE mark is affixed to the enclosed MultiTech product to confirm compliance with the following European Community Directives: Council Directive 89/336/EEC of 3 May 1989 on the approximation of the laws of Member States relating to electromagnetic compatibility;...
  • Page 64 Firewall User Guide...

  • Page 65: Glossary

    Glossary...
  • Page 66 Firewall User Guide Access: The T1 line element made up of two pairs of wire that the telephone company brings to the customer premises. The Access portion ends with a connection at the local telco (LEC or RBOC). Accunet Spectrum of Digital Services (ASDS): The AT&T 56K bps leased (private) line service. Similar to services of MCI and Sprint.
  • Page 67 Glossary Basic Rate Interface (BRI): An ISDN access interface type comprised of two B-channels each at 64K bps and one D- channel at 64K bps (2B+D). Bell Operating Companies (BOC): The family of corporations created during the divestiture of AT&T. BOCs are independent companies which service a specific region of the US.
  • Page 68 Firewall User Guide Centrex: A multi-line service offered by operating telcos which provides, from the telco CO, functions and features comparable to those of a PBX for large business users. See also “Private Branch Exchange”, “Exchange”. Channel: A data communications path between two computer devices. Can refer to a physical medium (e.g., UTP or coax), or to a specific carrier frequency.
  • Page 69 Glossary Data Link Connection Identifier (DLCI): One of the six components of a frame relay frame. Its purpose is to distinguish separate virtual circuits across each access connection. Data coming into a frame relay node is thus allowed to be sent across the interface to the specified “address”. The DLCI is confirmed and relayed to its destination, or if the specification is in error, the frame is discarded.
  • Page 70 Firewall User Guide Encapsulation: A technique used by network-layer protocols in which a layer adds header information to the protocol data unit from the preceding layer. Also used in “enveloping” one protocol inside another for transmission. For example, IP inside IPX. Errored Seconds (ES): Any second of operation that all 1.544M bits are not received exactly as transmitted.
  • Page 71 Glossary Foreign Exchange Station (FXS): See FX, FXO. To generate a call from the computer telephony system to the POTS set, an FXS connection must be configured. Forward Explicit Congestion Notification (FECN): A bit that tells you that a certain frame on a particular logical connection has encountered heavy traffic.
  • Page 72 Firewall User Guide Internetwork Packet Exchange (IPX): A NetWare communications protocol used to route messages from one node to another. IPX packets include network addresses and can be routed from one network to another. An IPX packet can occasionally get lost when crossing networks, thus IPX does not guarantee delivery of a complete message. Either the application has to provide that control, or NetWare’s SPX protocol must be used.
  • Page 73 Glossary Local Exchange Carrier (LEC): The local phone company which provides local (i.e., not long distance) transmission services. AKA “telco”. LECs provide T1 or FT1 access to LDCs (unless the T1 circuit is completely intra-LATA). Inter- LATA T1 circuits are made up of a combination of Access and Long Haul facilities. Local Management Interface (LMI): A specification for frame relay equipment that defines status information exchange.
  • Page 74 Firewall User Guide Object-Oriented: A method for structuring programs as hierarchically organized classes describing the data and operations of objects that may interact with other objects. Office Channel Unit - Data Port (OCU-DP): The CO channel bank used as the interface between the customer’s DSU and the channel bank.
  • Page 75 Glossary Private Branch Exchange (PBX): A telephone exchange located on the customer’s premises. The PBX provides a circuit switching facility for telephone extension lines within the building, and access to the public telephone network. See also “Exchange”. PROM (Programmable Read Only Memory - pronounced “prom”): A permanent memory chip that can be programmed or filled by the customer after by the manufacturer has set initial values.
  • Page 76 Firewall User Guide Router: A device that connects two networks using the same networking protocol. It operates at the Network Layer (Layer 3) of the OSI model for forwarding decisions. Routing Information Protocol (RIP): A distance vector-based protocol that provides a measure of distance, or hops, from a transmitting workstation to a receiving workstation.
  • Page 77 Appendix C - Regulatory Information Systems Network Architecture (SNA): The description of the logical structure, formats, protocols, and operational sequences for transmitting information units through, and controlling the configuration and operation of networks. Tariff: The rate/availability schedule for telephone and ISDN services from a regulated service provider. TCP/IP: A set of communication protocols that support peer-to-peer connectivity functions for both local and wide area networks.
  • Page 78 Firewall User Guide Transport Protocol Data Unit (TPDU): A transport header, which is added to every message, contains destination and source addressing information that allows the end-to-end routing of messages in multi-layer NAC networks of high complexity. They are automatically added to messages as they enter the network and can be stripped off before being passed to the host or another device that does not support TPDU’s.

  • Page 79: Index

    Index Index Gopher ............... 59 HTML ..............59 About the Internet ..........56 HTTP ..............59 About the Multi-Tech Fax-Back Service ....56 Adding Proxy Applications ........36 Applications ............42 Internet ............... 56 Archie ..............59 Internet Gateway Parameters ......34 Internet LAN Port Parameters ......
  • Page 80 Firewall User Guide Software ............. 26 Applications ............ 42 Configuration Port Setup ......... 31 DHCP Server ..........38 Download Firmware Update ......31 Filtering ............40 Firewall Configuration ........32 IP Parameters ..........33 Loading ............18 Program Group ..........30 Proxy Applications ...........

Table of Contents