1. Manuals
  2. Brands
  3. Multi-Tech Manuals
  4. Network Router
  5. RouteFinder RF850
  6. User manual

Multi-Tech RouteFinder RF850 User Manual

Multi-tech routefinder internet security appliance user guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
®
RouteFinder
Internet Security Appliance
RF850
RF860
User Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the RouteFinder RF850 and is the answer not in the manual?

Questions and answers

Related Manuals for Multi-Tech RouteFinder RF850

Summary of Contents for Multi-Tech RouteFinder RF850

  • Page 1 ® RouteFinder Internet Security Appliance RF850 RF860 User Guide...
  • Page 2 Furthermore, Multi-Tech Systems, Inc. reserves the right to revise this publication and to make changes from time to time in the content hereof without obligation of Multi-Tech Systems, Inc. to notify any person or organization of such revisions or changes.

  • Page 3: Table Of Contents

    Setting Up HTTP Proxy and URL Filtering ..................... 38   Chapter 6 – RouteFinder Software ........................41   Menu Bar ................................ 41   Administration ..............................42   Administration > System Setup ......................... 42 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 4 DHCP Server > Fixed Addresses ......................101   Tracking ................................ 102   Tracking > Accounting ..........................102   Tracking > Update Services ........................103   Tracking > Backup ..........................105   Tracking > Version Control ........................107 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 5 Appendix D – Hardware Upgrades & Add-ons and Software Add-ons ............162   Hardware Upgrades and Add-ons ........................ 162   Software Add-ons ............................163   Appendix E – RouteFinder Maintenance ......................164 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 6 GNU GENERAL PUBLIC LICENSE ......................171   Kaspersky Standard End User License Agreement ................173   Appendix I – Waste Electrical and Electronic Equipment Directive (WEEE) ..........175   Glossary ................................176   Index ................................... 187 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 7: Chapter 1 - Product Description And Specifications

    The Quick Start Guide is intended to provide the experienced system administrator the information needed to quickly get the RouteFinder up and running. The User Guide with more detailed information is provided on the RouteFinder CD or the Multi-Tech Systems, Inc. Web site.

  • Page 8: Safety Warnings

    The battery has an estimated life expectancy of ten years. When it starts to weaken, the date and time may be incorrect. If the battery fails, send the board back to Multi-Tech for battery replacement.

  • Page 9: Ship Kit Contents

    RouteFinder hard drive. Note: If any of these items are missing, contact Multi-Tech Systems or your dealer or distributor. Inspect the contents for signs of any shipping damage. If damage is observed, do not power up the RouteFinder; contact Technical Support at Multi-Tech Systems, Inc. for advice.

  • Page 10: Typical Applications

    Internet hackers. The RouteFinder provides a full- featured firewall based on Stateful Packet Inspection technology and NAT protocol to provide security from intruders attempting to access the office LAN. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 11: Specifications

    Shared Internet Access Automatic Dial-Backup Integrated Modem Dual WAN Load Balancing Internet/VPN Failover High Availability QoS/Bandwidth Allocation PPPoE DHCP Client/Server User Authentication (Web Access) Live Updates Warranty 2 Years 2 Years Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 12 32° to 120° F (0-50°C) Humidity: 25-85% Humidity: 25-85% noncondensing noncondensing Approvals FCC Part 68 FCC Part 68 FCC Part 15 (Class A) FCC Part 15 (Class A) CE Mark CE Mark UL60950 UL60950 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 13: Chapter 2 - Installation And Setup

    (LAN on eth0) ___.___.___.___ ___.___.___.___ Network Card connected to the external network (WAN on eth1) ___.___.___.___ ___.___.___.___ ___.___.___.___ Network Card connected to the WAN2 / DMZ (eth2) ___.___.___.___ ___.___.___.___ Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 14: Front Panel

    When functioning normally, the LED blinks. The LED is a solid light when the RouteFinder is booting up, saving the configuration, restarting, or updating the firmware. Power Lights when power is being supplied to the RouteFinder. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 15: Cabling Procedure

    RouteFinder as shown below. It is up to you to provide the bracket-to-rack mounting screws. Use the rack manufacturer’s documentation and procedures to safely and securely install the RouteFinder into the rack. RouteFinder Shown from the Back Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 16: Setting Up A Workstation And Starting The Routefinder

    Click Start | Settings | Control Panel. Double-click the Network Connections icon. The Network Connections screen displays. Right-click the Local Area Connection icon and choose Properties from the drop down list. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 17 IP address, click the button for Obtain an Select Internet Protocol [TCP/IP]. IP address automatically. • Click the Properties button. Close out of the Control Panel. Repeat these steps for each PC on your network. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 18: Open A Web Browser

    If someone else is already logged into the RouteFinder or you were logged in recently, the following message displays. Click Yes. (If you click No, you are returned to the Login screen.) Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 19: Web Management Software Opens

    When you click one of the Menu Bar buttons, the first sub-menu option displays. You can choose other sub-menu screens by clicking the screen name in the sub-menu list. This is an example of the Networks & Services sub-menu. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 20: Screen Buttons

    PPTP Interfaces Enable/Disable SMTP Proxy Accounting Self Monitor IPSec PPTP Packet Filter Port Scans View Logs HTTP Access DHCP SMTP Virus Quarantine POP3 Virus Quarantine SMTP Spam Quarantine Administrative Authentication DDNS Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 21: Chapter 3 - Configuration Using Web Management Software

    Set the current Day, Month, Year, Hour, and Minute Administration System Setup Submenu and first screen listed on the submenu (System Setup) display when you click on your Menu choice (Administration) System Time Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 22: Second Configuration Step - Using The Wizard Setup

    It is suggested that you read the legal information and license agreements before beginning the configuration. This information can be found in the RouteFinder User Guide on the RouteFinder CD. RouteFinder Initial Configuration Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 23: The Wizard Setup Screen - Configuration Example

    192.168.2.1. Test your workstation to see that it can access the Internet. If a connection is established, then the settings have been entered correctly. Your Basic Configuration Is Now Complete. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 24: Chapter 4 - Configuration Examples

    Create a new network name for the Remote LAN by entering a Name, IP Address, and Subnet Mask. For this example, enter the following: Name: Remote-LAN IP Address: 192.168.25.0 Subnet Mask: 255.255.255.0 Click Add to add the network to the list. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 25: Vpn Setup

    Go to the VPN > IPSec screen. Click the VPN Status check box to enable IPSec. Then click the Save button. Select Add IKE Connection by clicking the corresponding Add button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 26 The VPN > IPSec Status screen displays; this time showing the newly-created VPN tunnel. Important Note: Make sure to check the Status box for this VPN tunnel in order to activate it. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 27 IP Address: 65.126.90.250 Subnet Mask: 255.255.255.255 Click Add to add the network to the list Note: The same address/mask pair should not be present in the current list displayed on the screen. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 28 Go to the VPN > IPSec screen. Click the VPN Status check box to enable IPSec. Then click the Save button. Select Add an IKE Connection by clicking the corresponding Add button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 29 The VPN > IPSec Status screen displays; this time showing the newly-created VPN tunnel. Important Note: Make sure to check the Status box for this VPN tunnel in order to activate it. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 30 Create a new network name for the RF850-WAN by entering the Name, IP Address, and Subnet Mask. For this example, enter the following: Name: RF850-LAN IP Address: 65.126.90.248 Subnet Mask: 255.255.255.255 Click the Add button to add the new network to the list. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 31 Go to the VPN > IPSec screen. Click on the VPN Status check box to enable IPSec. Then click the Save button. Select Add an IKE Connection by clicking the corresponding Add button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 32 The VPN > IPSec Status screen displays; this time showing the newly-created VPN tunnel. Important Note: Make sure to check the Status box for this VPN tunnel in order to activate it. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 33 Create a new network name for the RF850-LAN by entering the Name, IP Address, and Subnet Mask. For this example, enter the following: Name: RF850-LAN IP Address: 192.168.10.0 Subnet Mask: 255.255.255.0 Click the Add button to add the new network to the list. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 34 Go to the VPN > IPSec screen. Click on the VPN Status check box to enable IPSec. Then click the Save button. Select Add an IKE Connection by clicking the corresponding Add button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 35 The VPN > IPSec Status screen displays; this time showing the newly-created VPN tunnel. Important Note: Make sure to check the Status box for this VPN tunnel in order to activate it. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 36: Example 3 - Remote Client-To-Lan Configuration Using Dnat And Aliasing

    Packet Filters > Packet Filter Rules screen Add User Defined Packet Filter Rules LAN – ANY – ANY – Accept ANY – Telnet – Win2k_Pro – Accept ANY – Telnet – Win2k_Server – Accept Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 37: Example 4 - Client-To-Lan Configuration Using Pptp Tunneling

    IPSec Live Log. You will see the connection up and running (if connected), and you will see the statistics related to the data being sent across the tunnel. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 38: Chapter 5 - Url Categorization

    • If you check and Save Transparency, User Authentication is not available. The Transparency option is not shown on this screen since it was not checked and User Authentication was selected. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 39 On the HTTP Proxy > HTTP screen in the URL Categorization section, check the URL Filter box and click Save. These fields are now visible: URL Categories (allowed / filtered) and Networks / Hosts to bypass URL Filtering. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 40 If you decide you do not want one or more of the networks/hosts bypassing the filter, select the name and click the Delete button. The name moves back into the Available Networks/Host box. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 41: Chapter 6 - Routefinder Software

    If you close the browser while configuring the RouteFinder, the last session stays active until the end of the time-out, and no new administrator can log in. The timeout period is set at Administration > Administrative Access > Time Before Automatic Disconnect. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 42: Administration

    Enter the Email Address of the administrator who will receive the email notifications. Click Save. You can delete the entry and change it at any time, if desired. At least one email address must be entered in this field. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 43 The drop down box lists: SMTP/POP3 Messages, SNTP/UUCP/FTP Messages, SMTP Debug Messages, IPSec Debug Messages, IKE Debug Messages, Kernel Messages, Web Access Messages, Boot Messages, Cron Messages, Daemon Messages, and PPTP Debug Messages. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 44: Administration > Ssh

    Do not delete any network in the Allowed Networks/Hosts currently in use. This will cause the RouteFinder to shut down and you will have to manually reboot. For manual reboot instructions, see Administration > Restart > Manual Restart. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 45: Administration > Sntp Client

    Check the SNTP Client box to activate SNTP Client. SNTP Server Address Enter the IP address of the SNTP Server for which the firewall will contact to synchronize its clock. Then click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 46: Administration > Administrative Access

    When Load Balancing is enabled, the options are: Any, WANLINK1 Interface, WANLINK, WANLINK2 Interface, WANLINK2 When Load Balancing is disabled, the options are: Any, LAN, WAN, DMZ, WAN Interface, DMZ Interface Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 47: Administration > Change Root Password

    Use this screen to change the root password of the RouteFinder. Enter the existing password in the Old Password field, enter the new password into the New Password field, and confirm the new password by re- entering it in the Confirmation field. The default password is root. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 48: Administration > Site Certificate

    Select Certificate Store, Physical Stores, and Root Stores. When the certificate has been added to the Root Store, the Completing the Certificate Manager Import Wizard displays. Click Finish. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 49: Administration > License Key

    License Key and serial number information in order for us to update your RouteFinder. • With a valid License Key, you are entitled to use Multi-Tech’s Update service and support. AntiVirus License Key The AntiVirus license key can be purchased from Multi-Tech sales support. Enter the license key.

  • Page 50: Administration > Intrusion Detection

    Detection for the WANLINK1. Then click the Save button. • Network Intrusion Detection for WANLINK2: Check the box to enable Network Intrusion Detection for the WANLINK2. Then click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 51 This selection allows you to choose the corresponding service. The service must have been previously defined in the Services menu. After the rules are defined/selected, click the Add button. The commands can be deleted by clicking Delete under the Command option. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 52: Administration > Tools

    Host entry field (e.g., port 25 for SMTP). Timeout Specify the time that packets can exist. Packet Size Specify the number of data bytes to be sent. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 53 Enter the IP address or the name of the Host if the remote computer to which TCP connectivity is tested. Port Enter the port number into the TCP port entry field. Example: Port number 80 for the HTTP service. The test commences when clicking the Start button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 54 Update button. Important Note: Forcing the DDNS to update more than 5 times without a change in the IP address will result in the IP address being blocked at the DDNS server. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 55: Administration > System Scheduler

    This will change all the settings you have modified. You may want to record current settings for referencing later on. You have the option to Clear All Logs before resetting the factory defaults. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 56: Administration > User Authentication > Local Users

    Edit or Delete You can edit or delete entries in the table by highlighting the desired entries and clicking Edit or Delete under Command. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 57: Administration > User Authentication > Radius & Sam

    A Note About Microsoft IAS For information about Microsoft’s IAS (RADIUS server for MS Windows NT and 2000), see Multi-Tech’s RASExpress RADIUS Setup Reference Guide. The guide also gives you step-by- step setup examples and links to Microsoft’s ISA site.
  • Page 58 Primary Domain Controller name in this field. Backup Domain Controller Address Enter the address of the Backup Domain Controller. Save After entering the above parameters, click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 59: Administration > Version Information

    In the worst case, data could be lost. Since the RouteFinder is now also checking the consistency of the file system, it may have to restart up to three times. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 60: Networks & Services

    Confirm your entries by clicking the Add button. After clicking the Add button, the Networks you have setup display on the lower part of the screen. Example: Name IP Address Subnet Mask Options RemoteLAN 192.168.100 255.255.255.0 Edit | Delete RemoteWAN_IP 204.26.122.3 255.255.255.255 Edit | Delete Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 61 Add local and remote IP addresses on PPTP screen Mac address filtering (destination IP address) on the Packet Filters > Advanced screen Remote Gateway IP and Remote LAN dropdown boxes on the VPN > IPSec > IKE screen Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 62: Networks & Services > Services

    TCP+UDP. ICMP Code Specifies the ICMP type. It is displayed if the type of protocol is ICMP and the ICMP Type is Redirect Network, Network Unreachable, or Time to Live Exceeded. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 63 Packet Filter Rules Add packet filter rules Packet Filters > Advanced MAC Address Based Filtering Network Intrusion Detection Add specific services for Network Intrusion Detection SNAT Add rule DNAT Add rule Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 64: Networks & Services > Network Groups

    Use the Networks to Add button to add networks into the newly named group. Deleting Networks from a Group Networks can be deleted from the newly created group by clicking the Delete Network button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 65: Networks & Services > Service Groups

    They can be viewed on the Networks & Services > Services screen. Deleting Services from a Group Services can be deleted from the newly created group by clicking the Delete Service button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 66: Proxy

    No unassigned networks can use the HTTP proxy if the proxy is configured in the browser. • You must set up the RouteFinder internal IP and port 3128 • User Authentication is possible only in non-transparent mode. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 67: Proxy > Http Proxy

    Banner Filter, Java Script Filter, and Cookie Filter To enable one or any combination of these filters, check the box. Click the corresponding Save button each time you enable a filter. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 68 HTTP Proxy. This take precedence over the status for all networks/hosts. HTTP Transparent Networks Listed When Load Balancing Is Disabled HTTP Transparent Networks Listed When Load Balancing Is Enabled Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 69 Allow and Filter buttons will move a URL Category from Allowed to Filtered box and back again. Categories are setup and controlled by a URL filtering software program built into your RouteFinder. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 70 New users can be added to the Available Users list on the Administration > User Authentication screen. Non-Transparent Mode When the HTTP proxy functions in non-transparent mode, then the authentication mechanism through which the user can be authentication can be configured. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 71: Proxy > Http Proxy > Custom Filters

    Users from Net2 trying to access google.com will not be allowed to access the site. • Users from any other network will be allowed/denied access based on the URL Categorization rules. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 72: Proxy > Smtp Proxy

    For SMTP, a valid name server (DNS) must be enabled. The RouteFinder sends notifications to the administrator even if SMTP is disabled. The RouteFinder processes up to 25 incoming SMTP connections simultaneously preventing Denial of Service (DoS) attacks. The 26 incoming connection is not accepted. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 73 SMTP proxy. If a valid virus license scanner license key is not entered, this option will not be displayed. An anti-virus license must be purchased from Multi-Tech in order to use virus protection, and the license can be uploaded to the RouteFinder from the Administration > License Keys screen.
  • Page 74 (Remember to insert the forwarding of the domains to your internal email server.) All outgoing mail is then forwarded via the SMTP proxy of the RouteFinder. All settings are immediately active and are preserved after leaving the Proxies > SMTP menu. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 75: Proxy > Smtp Proxy > Smtp Spam Filtering

    SMTP SPAM Filtering On this screen the SPAM filtering parameters can be set so that all incoming and outgoing emails sent to the internal mail server(s) will go through the SPAM filtering process. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 76 Control Characters: Exclamation mark (!): Bypass the SPAM check for this entry alone. Example: All email from or to the domain abc.com will be stopped except for *@abc.com !test@abc.com test@abc.com: Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 77 Enter the email address of the spam account. All SMTP spam quarantined emails will be forwarded to this account. The address should be RFC compliant. This is a mandatory field if you checked the Remote SMTP Spam Quarantine Status box. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 78: Proxy > Pop3 Proxy

    RouteFinder. Click the Save button. Email Address of Virus Account Enter the address of the POP3 Virus Email Account. All POP3 virus quarantined emails will be forwarded to this account. Click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 79: Proxy > Pop3 Proxy > Pop3 Spam Filtering

    Once you enter the ID and click the Add button, the ID displays in a list below the entry field. You may enter more than one email ID, and each ID can be deleted. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 80 “as is" is to be searched for in the email, add the words as is. If the entry is to be used as a regular expression, the entry should be enclosed in < >. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 81: Proxy > Pop3 Advanced Configuration

    Socks Default Port: 1080. Almost all clients will default to this port setting, so it normally does not need to be configured. Note: All changes in Proxy become effective immediately without additional notice. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 82 SOCKS users in the User Authentication > Users section. The left box contains SOCKS users and the right box consists of all the local users who are not allowed to access SOCKS. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 83: Proxy > Dns Proxy

    This is a list of all the networks which are allowed to access the DNS proxy. Any other requests are not forwarded to the DNS proxy. Note: You can delete these networks at any time. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 84: Network Setup

    Net mask: 255.255.255.0 (Default) The description is for clarity purposes and is used in all further configurations. Make sure that the RouteFinder IP address is entered as the default gateway in the protected networks. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 85: Network Setup > Interface

    Chapter 6 – RouteFinder Software Network Setup > Interface Network Setup > Interface Network Setup > Interfaces Screen (with Load Balancing Disabled) Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 86 Enter the Primary DNS Address which is the address of the primary DNS server to be used by the local peer through the specific interface. Then click the Save button. This field can be left blank. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 87 If the automatic changes are acceptable, continue editing. If the automatic changes are not acceptable, click your browser‘s Back button and continue. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 88: Network Setup > Ppp

    IP address from the ISP. Local IP Address If the checkbox Enable IP is checked, the IP address has to be entered in this field. Save Click Save to activate these settings. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 89: Change Your Country/Region Code

    Click Enter. The country/region code displays: Example: Country/Region AT Command (hexadecimal) Result code (decimal) Euro/NAM AT%T19,0,34 (default) A list of country/region codes can be found on the Multi-Tech Web site at: http://www.multitech.com/PRODUCTS/Categories/Device_Networking/global_modems/approvals.asp Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 90: Network Setup > Pppoe

    1412. The allowed range of values is 536 to 1452. DNS Address from Peer Check this box if you want to obtain DNS server addresses from the peer (i.e., the ISP). Save Click Save to activate these settings. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 91: Network Setup > Dhcp Client

    Note: If you have Load Balancing enabled, there will be two DHCP Clients: DHCP Client on eth1 and DHCP Client on eth2. Save Click the Save button after enabling this function. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 92: Network Setup > Dynamic Dns (Ddns)

    IP address. For example, if you have registered test.dyndns.org, and the IP address assigned to it is resolved to a.b.c.d, all the sub domains (e.g., dns.test.dyndns.org) will also be resolved to a.b.c.d. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 93: Network Setup > Routes

    Select a Route from the table and click the Delete button. When deleting a Route, the interface adapts accordingly. Note: You can view the Routing Table in Statistics & Logs > Networks > Routing Table. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 94: Network Setup > Masquerading

    IP address. For all data packets that are to go into the Internet, the IP address of the sender is exchanged for the IP address of the external network card. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 95: Network Setup > Snat

    Selects the source addresses of all the packets after the translation. Only one host can be specified here. The entry is confirmed by clicking the Add button. Existing entries can be deleted or edited by clicking the Edit or the Delete buttons. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 96: Network Setup > Dnat

    You cannot map: IP ⇒ IP IP-Range ⇒ IP IP-Range ⇒ IP-Range IP ⇒ IP-Range (load balancing) The “way back" (return) translation is done automatically; you do not need a rule for it. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 97: Network Setup > Load Balancing

    Important Notes about IP Addresses • The same IP address cannot be entered for two different interfaces • Assigning of the IP address through PPP dial backup is applicable only for WANLink1 (eth1). Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 98 WANLINK1 to be sent out through WANLINK2 and vice versa. This is important when the WANLINK1 and WANLINK2 subnets are different. To enable spoofing, check the box, and then click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 99: Network Setup > High Availability

    Save again. Master / Slave Configuration Status in Cluster Select either Master or Slave to indicate whether the RouteFinder is to act as a Master or Slave in the current cluster. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 100 “key” on you local PC. This option is available only on the Slave. Synchronize Configuration to Slave (or Master) Click this button to synchronize the configuration to the peer system. SSH should be enabled on the LAN for the synchronization to work. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 101: Dhcp Server

    DHCP client with a different MAC address, even if there is no active DHCP connection with that IP address. DHCP Server Fixed Addresses Add Fixed Address Enter both a MAC address and an IP address. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 102: Tracking

    Click the Add button. VPN Accounting VPN-Based Accounting Check the VPN Accounting Status box to have the VPN status monitored by the accounting function. Click the Save button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 103: Tracking > Update Services

    RouteFinder. The patterns and URL categories database can also be updated. System Update service uses FTP connections to download packages. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 104 After clicking the System Update - Livelog button, a list of all downloaded packages along with the download time will be displayed. Virus Update - Livelog After clicking the Virus - Livelog button, a log file of the virus pattern updates will be displayed. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 105: Tracking > Backup

    Once you are sure of the file you want, click the Import button. Passwords will be saved. Note: Backups taken from a previous version cannot be imported. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 106 Maximum Backup to Store Set the maximum number of backups that you want to be retained in the server. Enter a number between 1-20. Adaptive Database Backup Enables Adaptive Database Backup. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 107: Tracking > Version Control

    = no flags = stream wait = no user = root server = /usr/bin/cvs server_args = -f --allow-root=/usr/local/cvs pserver log_on_failure += USERID log_type = FILE /root/bin/temp Restart xinetd Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 108: Packet Filters

    Never place a rule with the entries Any – Any – Any – Accept at the top of your rule set, as such a setting will match all packets, and thus, cause all subsequent rules to be ignored. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 109 Entries can be edited by clicking the Edit button, which loads the data into the entry menu. The entries can then be edited. The changes are saved by clicking the Save button. Delete Rules can be deleted by clicking the Delete button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 110: Packet Filters > Icmp

    To be able to use the tools Trace Route and Ping, the function ICMP on firewall must be enabled. After a successful startup of the RouteFinder, it is recommended that you disable this rule so that the RouteFinder cannot be pinged anymore. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 111: Packet Filters > Advanced

    By default, packets from / via the WAN interface of the RouteFinder, destined to any private address, will be dropped. This option allows enabling/disabling of this feature. Click Save when you make a change. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 112 IP Address of the destination host / network for which the filter rule has to be added. Service The protocol – port part for which the filter rule has to be added. Action Select whether you want the packet to be forwarded or dropped. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 113: Packet Filters > Enable/Disable Log

    Check this box to enable the logging of all access requests from private (LAN), service (DMZ), and public (WAN) network clients to send traffic to the RouteFinder itself on the administrative access port. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 114: Packet Filters > Qos

    In other words, it is based on “best effort” mechanism. IP does not provide a facility to either drop or send packets based on priority – it treats every packet the same. The QoS function adds priority to the dropping/sending of packets. Uplink Bandwidth Options When Load Balancing Is Enabled Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 115 For level one service rules, network rules will be configurable for level two, and vice versa for the network. This priority indicates the order in which the extra bandwidth is distributed. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 116: Introduction To Virtual Private Networks

    Click the Add IKE Connection button. A screen displays for setting up an IKE connection. Add Manual Connection Click the Add Manual Connection button. A separate screen displays for setting up a manual connection. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 117: Vpn (Virtual Private Networks)

    If the authentication method is Secret, this field must be configured. The Secret must be agreed upon and shared by the VPN endpoints; it must be configured at both endpoints of the tunnel. Select Encryption Select the encryption method. 3DES is recommended. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 118: Vpn > Ipsec

    Enter the remote security gateway ID, if required. NetBIOS Broadcast Check this option to enable broadcasts over the connection. It will allow computers on the network to share Microsoft file and printer sharing information. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 119 0xhex (a number between 0x100 - 0xfff is recommended). If you have more than one manual connection, then the SPI Base must be different for each one. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 120 None. NetBIOS Broadcast Check this option to enable broadcasts over the connection. It will allow computers on the network to share Microsoft file and printer sharing information. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 121: Vpn > X.509 Certificates

    The above concept can be extended to link more than two tunnels, provided they all have one common endpoint. The common endpoint between tunnels is called a hub. The other endpoints are called bridge endpoints. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 122 If any packet has a specified source and destination network, the packet will be sent encrypted via the tunnel. Note: Packets are sent via the tunnels only if the tunnels are up and running. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 123: Vpn > Pptp

    (the last IP address in a range of IP addresses to be assigned to remote clients) Range (the total number of IP addresses that can be assigned to remote clients; e.g., 253) Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 124 Enter the name (in lowercase) and password (in lowercase) of the PPTP user. Click the Add button. Allowed Users The names of the users entered above display in this text box. If you wish to delete a name, click the Delete button. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 125: Wizard Setup - Screen Description

    Click the PPPoE button. The corresponding entry fields will display. Enter the ADSL User Name and Password provided by the ISP for the PPPoE connection. DHCP Client When selected, no other fields display. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 126 It is highly recommended that you change passwords. Save or Cancel When all of the parameters are set, click the Save button to activate them. Your RouteFinder is now configured. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 127: Statistics & Logs

    4. Unknown - Messages that someone should examine, such as why someone is sending UDP packets from port 20 to some arbitrary port above port 1024 (doesn‘t match any known protocol). Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 128: Statistics & Logs > Uptime

    Interface routes are inserted by the system and cannot be edited. Additional routes can be added in Network Setup > Routes. This is an example of the Statistics & Logs Routing Table report. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 129 SOCK_RAW – The socket is used as a raw socket. SOCK_RDM – This one serves reliably-delivered messages. SOCK_SEQPACKET – This is a sequential packet socket. SOCK_PACKET – Raw interface access socket. UNKNOWN Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 130 DISCONNECTING – The socket is disconnecting. (empty) – The socket is not connected to another one. PID/Program Name Process ID (PID) and process name of the process that has the socket open. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 131: Statistics & Logs > Interfaces

    Shown as a graph. SMTP Status The SMTP Status displays the number of emails in the queue and the number of emails waiting to be processed. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 132: Statistics & Logs > Accounting

    Click the Self Monitor Live Log button to open the report, which provides a record of the processes that have been restarted due to possible abnormal termination. Example of a Self Monitor Live Log Report Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 133: Statistics & Logs > Ipsec

    The PPTP History of Calls displays information about users who have connected so far. It shows connect date and time, user name, interface on which the user is connected, original IP address of the user, and total traffic transmitted and received. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 134: Statistics & Logs > Packet Filter

    View All Logs Select this option to view all logs listed above. Backup Logs Use this section of the screen to backup your log files or to delete the current log files. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 135: Statistics & Logs > Port Scans

    Another screen displays. On this screen, select the time and action to be taken. Actions may be: • Display the file • Search for a pattern in the file • Download the file Click Go. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 136: Statistics & Logs > Http Access

    The report provides IP addresses / user names of the users who have tried to access denied sites. You must configure Proxy > HTTP Proxy > URL Categorization in order to view this report. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 137: Statistics & Logs > Dhcp

    HTTP Administrative Authentication Log Shows all traffic that is directed at the RouteFinder's currently configured administrative HTTP access port. This log view is enabled on the Administration > Administrative Access screen. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 138: Statistics & Logs > Qos

    Statistics & Logs > DDNS Log This screen provides information about the updating of the domain name or IP Address. It lets you know whether the process succeeded or failed on the DDNS Server. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 139: Chapter 7 - User Authentication Methods

    Accounts. Typically, this is also the case if you are running MS Exchange on your network and you want every valid user to be able to use the proxy services. You should use NT SAM (SMB) user authentication. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 140: Authentication Setup

    You can add groups from the local machine or from Domains in which the RADIUS server is a member. Specify the user name as <DOMAIN>\<USER> for authentication to succeed, if required. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 141: Setting Up Nt/2000 Sam (Smb) Authentication

    <DOMAIN>\<USERNAME>. Otherwise, it will be filled in as the <DOMAIN> part. Caution: Disable the Guest account of your NT domain, since this one will allow Any username/password combination to pass! Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 142: Chapter 8 - Frequently Asked Questions (Faqs)

    212.5.63.4:80] and it reaches the RouteFinder, the destination information will be translated into [a.b.c.d:34232 -> 192.168.100.2:81]. If NAT is done before reaching the packet filter, you have to set the packet filter rules correctly. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 143 4. Add one Rule in Packet Filters > Packet Filter Rules: Any NAT_SSH SSH_Server Allow. This way, the destination address of every TCP packet will be translated from a.b.c.d:22 (Firewall) to e.f.g.h:22 (SSH-Server) and back again. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 144 U.S. companies. Several years ago, export policy was changed to allow the unrestricted export of DES to companies that demonstrate plans to implement key recovery systems in a few years. Today, Triple-DES is exportable under the regulations described above. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 145 When using SNAT, you must allow the traffic according to the characteristics after the translation. For example: If you translate SRC 192.168.10.1 into SRC 1.2.10.1, you must allow 1.2.10.1 -> any -> any. (Note that these are examples only!) Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 146 71 is the letter "G", the first letter of an HTTP/1.0 request. Q25. Can the RouteFinder manage a full duplex 100M bps line. A25. The Ethernet ports do support 10/100M bps half-duplex and full duplex lines. The RouteFinder automatically detects the line. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 147: Chapter 9 - Troubleshooting

    Default Gateway of the Client PC is correctly configured • verify proper Network Cable installation Check for updates to the product documentation on the Multi-Tech Web site at http://www.multitech.com/DOCUMENTS/. To troubleshoot TCP/IP connections in Windows 2000, use the Ping, Tracert, and Pathping commands. The Ping command sends an Internet Control Message Protocol (ICMP) packet to a host and waits for a return packet, listing the transit time.
  • Page 148 Attach a monitor and keyboard to the RouteFinder for monitoring and debugging (refer to Chapter 5 of this manual for keyboard and monitor connection information). Run the applicable Statistics & Logs function for the RouteFinder's status and performance. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 149: Appendix A - Disposition Of Events For The Routefinder V3.Xx

    Access requests logged as Outbound Access Request correspond to LO1.B of Baseline module - version 4.0, ICSA Labs. Figure 4 shows Outbound Access diagram. Figure 5 shows a snapshot of Outbound Access Figure 6 shows a snapshot of Outbound Access with connection tracking. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 150 7. kernel: mtrfToFWd – Denotes the packets that are not accepted by the firewall due to security policy violation. These packets are dropped. 8. kernel: mtrfAR – Denotes the accepted HTTP and HTTPS WEB configuration traffic to the firewall . Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 151 26. FIN – TCP Flag indicates no more data from sender 27. URGP – TCP Urgent pointer 28. PREC – Precedence field II. Inbound Access Log Figure 1 – Inbound Access Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 152 [SRC=204.26.122.9:DST=202.54.39.103:SPORT=41216:DPORT=21] – This corresponds to the “CONTROL connection information” for this data connection. • Dnat ip:port = 192.168.1.76:21” – This corresponds to the “CONTROL connection’s DNATTED ipaddress” for this data connection. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 153 Slno 3 corresponds to a ACTIVE Data connection, originated by the FTP Server: 195.220.108.108, destined to: 192.168.1.212, on destination port: 32824 Remarks: “Outbound [SRC=192.168.1.212:DST=195.220.108.108:SPORT=32823:DPORT=21]” Outbound – Outbound Log [SRC=192.168.1.212: DST=195.220.108.108: SPORT=32823: DPORT=21]” – This corresponds to the CONTROL connection information for this data connection. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 154 V. Access Requests to Firewall Dropped Figure 8 – Access Requests to Firewall Dropped Figure 9 – Snapshot of To Firewall Dropped Log VI. Administrative Authentication Logs Figure 10 – Snapshot of Administrative Authentication Log Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 155 Figure 13 – Snapshot of User Log X. Fragmented Dropped Log Figure 14 – Snapshot of Fragmented Dropped Log XI. ICMP Information Figure 15 – Snapshot of Log with ICMP Information Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 156: Appendix B - The Routefinder Rescue Kernel

    You will need this to import the anti-virus software. Links You Will Need During the Install Process Link to Download Windows FTP Server: http://support.jgaa.com Link to Download Windows WinSCP Client: http://winscp.sourceforge.net/eng/ Link to Download Putty Telnet/SSH Client: http://www.chiark.greenend.org.uk/ Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 157 LAN port via IP address https://192.168.2.1 Configure your RouteFinder with live internet access. Then perform the live update to match the version you were running. Then import the backup configuration file. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 158 LAN port via IP address https://192.168.2.1 Configure your RouteFinder with live internet access. Then perform the live update to match the version you were running. Then import the backup configuration file. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 159 LAN port via IP address https://192.168.2.1. Configure your RouteFinder with live internet access. Then perform the live update to match the version you were running. Then import the backup configuration file. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 160: Appendix C - Table Of Commonly Supported Subnet Addresses

    N.N.N.111 N.N.N.112 N.N.N.113-118 N.N.N.119 N.N.N.120 N.N.N.121-126 N.N.N.127 N.N.N.128 N.N.N.129-134 N.N.N.135 N.N.N.136 N.N.N.137-142 N.N.N.143 N.N.N.144 N.N.N.145-150 N.N.N.151 N.N.N.152 N.N.N.153-158 N.N.N.159 N.N.N.160 N.N.N.161-166 N.N.N.167 N.N.N.168 N.N.N.169-174 N.N.N.175 N.N.N.176 N.N.N.177-182 N.N.N.183 N.N.N.184 N.N.N.185-190 N.N.N.191 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 161 N.N.N.215 N.N.N.216 N.N.N.217-218 N.N.N.219 N.N.N.220 N.N.N.221-222 N.N.N.223 N.N.N.224 N.N.N.225-226 N.N.N.227 N.N.N.228 N.N.N.229-230 N.N.N.231 N.N.N.232 N.N.N.233-234 N.N.N.235 N.N.N.236 N.N.N.237-238 N.N.N.239 N.N.N.240 N.N.N.241-242 N.N.N.243 N.N.N.244 N.N.N.245-246 N.N.N.247 N.N.N.248 N.N.N.249-250 N.N.N.251 N.N.N.252 N.N.N.253-254 N.N.N.255 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 162: Appendix D - Hardware Upgrades & Add-Ons And Software Add-Ons

    Perform the following steps to attach a VGA monitor to the RouteFinder for configuration and reporting. Remove the RouteFinder top cover using the procedure earlier in this chapter. Connect the monitor to the RouteFinder back panel DB15 High Density DSUB connector using a DB9-to-DB15 cable. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 163: Software Add-Ons

    You will receive renewal notices from Multi-Tech prior to the end of your subscription. The latest virus pattern updates can then be downloaded from the Multi-Tech server. The RouteFinder's auto-update feature lets it connect to the server and automatically download and install these new virus pattern files at user-defined intervals.

  • Page 164: Appendix E - Routefinder Maintenance

    To be proactive in solving these issues, keep track of usage reports and logs (refer to the sections on User Authentication, Tracking, and Statistics & Logs in Chapter 3). For information on RouteFinder upgrades and add-ons refer to the preceding section, Software Upgrades and Add-ons. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 165 Several commercial vulnerability scanners may also be used to scan for these vulnerabilities, and the SANS Institute maintains a list of all scanners that provide a focused Top Twenty scanning function at www.sans.org/ Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 166: Appendix F - Ordering Accessories

    Appendix F – Ordering Accessories Appendix F – Ordering Accessories SupplyNet, Inc. supplies replacement transformers, cables, and connectors for select Multi-Tech products. You can place an order with SupplyNet via mail, phone, fax, or the Internet at: Mail: SupplyNet, Inc.

  • Page 167: Appendix G - Regulatory Compliance

    No repairs are to be made by you. Repairs are to be made only by Multi-Tech Systems or its licensees. Unauthorized repairs void registration and warranty.
  • Page 168 This precaution may be particularly important in rural areas. Caution: Users should not attempt to make such connections themselves, but should contact the appropriate electric inspection authority, or electrician, as appropriate. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 169: Appendix H - License Agreements

    Woodale Drive, Mounds View, MN 55112. This is a legal agreement between you (either an individual or a single entity) and Multi-Tech Systems, Inc. for the Multi-Tech software product enclosed, which includes computer software and may include associated media, printed materials, and "online" or electronic documentation ("SOFTWARE PRODUCT").
  • Page 170 Multi-Tech Systems, Inc. Copies of the Software may be made to replace worn or deteriorated copies, for archival, or back-up purposes.

  • Page 171: Gnu General Public License

    Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 172 BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 173: Kaspersky Standard End User License Agreement

    Support Services. (ii) Support Services will terminate unless renewed annually by payment of the then current annual support charge and by successful completion of the Support Services Subscription Form again. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 174 (iii) The liability of Kaspersky Lab for Misrepresentation as to a fundamental matter, including a matter fundamental to the maker's ability to perform its obligations under this Agreement, shall be subject to the limitation of liability set out in paragraph 7(iii). Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 175: Appendix I - Waste Electrical And Electronic Equipment Directive (Weee)

    WEEE Directive by banning the presence of specific hazardous substances in the products at the design phase. The WEEE Directive covers all Multi-Tech products being sold into the EU as of August 13, 2005. Manufacturers, distributors and retailers are obliged to finance the costs of recovery from municipal collection points, reuse, and recycling of specified percentages per the WEEE requirements.

  • Page 176: Glossary

    Authentication establishes the integrity of a data stream, ensures that it is not tampered with in transit, and confirms the data stream’s origin. Authentication establishes the legitimacy of users and defines the allowed parameters of the session they establish. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 177 PKI. It is written by PKIX working group of IETF and is specified in document RFC 2510. Compromise – The unintended disclosure or discovery of a cryptographic key or secret. – Certificate Revocation List. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 178 In DNAT, only the IP address – not the port – is translated. Typically, the number of externally visible IP addresses is less than the number being hidden behind the NAT router. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 179 Windows NT or Windows 2000 you must first access a command-prompt window to use it. You then type the command followed by an email address. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 180 Standard Internet open protocols include: Protocol Function TCP/IP basic network communication HTTP browsing File Service IMAP4/SMTP Mail Service Naming Service DNS/LDAP Directory Services Bootp/DHCP Booting Services SNMP Network Administration Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 181 The message digest serves as a "fingerprint" for data. As such, it is an element of most data security mechanisms (e.g., Digital Signatures, SSL, etc.). The hashing function takes variable-length data as input, performs a function on it, and generates a fixed-length hash value. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 182 For example, when adding a service from Networks & Services > Services, enter the source (client) port. The entry options are a single port (e.g. 80), a list separated by commas (e.g. 25, 80, 110), or a port range (e.g. 1024:64000). Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 183 – A simple but excellent SSH and Telnet replacement for Windows 95/98/NT that happens to be free. Installation is simple - you download PuTTY.exe and store it somewhere on your system that's convenient. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 184 – The key used both for encryption and decryption in secret-key cryptography. Secure Channel – A communication medium that is safe from the threat of eavesdroppers. Seed – A random bit sequence used to generate another, usually longer, pseudo-random bit sequence. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 185 Other firewall technologies (e.g., packet filters or application layer gateways) alone may not provide the same level of security as with stateful inspection. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 186 Internet. A VPN can use encryption, user authentication, and/or firewall protection to solve remote access security threats. WAN (Wide Area Network) – A data network, typically extending a LAN beyond a building or campus, linking to other (remote) LANs. Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

  • Page 187: Index

    Certificate of Authority Generation ...... 121 Front Panel ............14 Change Status for LAN ......... 39 Change the country/region code ......89 Change the root password ........47 Glossary .............. 176 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 188 Kaspersky Standard End User License Agreement ............ 173 Packet Filter > ICMP and Using Tools ....52 Lithium Battery Caution ........... 8 Packet Filter Logs ..........134 Load Balancing ............97 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 189 Statistics & Logs > Uptime ........128 Restart manually ........... 59 Statistics & Logs > View Logs ......135 Reverse DNS Test ..........76 Sub-Menu ............. 19 Routes ..............93 Subnet Addresses..........160 Routing table ............128 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)
  • Page 190 Wizard Setup – Configuration Example ....23 Wizard Setup – Screen Description ....125 Universal Resource Locator (URL) ....... 38 Update Service ............ 103 X.509 certificate ..........121 Updating .............. 165 Uptime Logs ............128 Multi-Tech Systems, Inc. RouteFinder RF850/860 User Guide (PN S000400E)

This manual is also suitable for:

Routefinder rf860

Table of Contents