MicroNet BroadLink SP3353 Installation guide

Installation Guide
BroadLink ADSL Router
Model No. SP3353
Copyright C 2002 All Rights Reserved.
CE Declaration of conformity
This equipment complies with the requirements relating to electromagnetic
compatibility, EN55022 class A for ITE, the essential protection requirement of
Council Directive 89/336/EEC on the approximation of the laws of the Member
States relating to electromagnetic compatibility.
FCC Warning
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to Part 15 of the FCC Rules. These limitations are designed
to provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency
energy and, if no installed and used in accordance with the instructions, may cause
harmful interference to radio communications. However, there is no guarantee that
interference will not occur in a particular installation. If this equipment does cause
harmful interference to radio or television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
?? Reorient or relocate the receiving antenna.
?? Increase the separation between the equipment and receiver.
?? Connect the equipment into a different outlet from that the receiver is
?? Consult your local distributors or an experienced radio/TV technician for help.
?? Shielded interface cables must be used in order to comply with emission limits.
Changes or modifies to the equipment, that are not approved by the party
responsible for compliance could affect the user’s authority to operate the
Company has an on-going policy of upgrading its products and it may be possible
that information in this document is not up-to-date. Please check with your local
distributors for the latest information. No part of this document can be copied or
reproduced in any form without written consent from the company.
All trade names and trademarks are the properties of their respective companies.
Copyright 2002 All Rights Reserved.
Copyright C 2002 All Rights Reserved.
Table of Contents
Chapter 1
About This ADSL Router . . . . . . . . . . . . . . . . . . . . . . . . .
Micronet Limited Warranty
Customer Support
ADSL Router SP3353
About This User’s Guide
Package Information
Product Specification
Chapter 2
ADSL (Asymmetric Subscriber Line) . . . . . . . . . . . . . . . .
What is ADSL?
Chapter 3
Introduction To Internet ADSL Router . . . . . . . . . . . . . . .
The Front Panel
The Real Panel
Installing and Using Internet ASDL Router
Chapter 4
System Configuration of this ADSL Router . . . . . . . . . . .
Error Log
Remote Access
Chapter 5
Configuration of this ADSL Router . . . . . . . . . . . . . . . . . .
Save Config
LAN Connection
WAN Connection
IP Routes
DHCP Server
DNS Client
DNS Relay
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
NAT Configuration
NAT Advanced Configuration
Firewall Policy Configuration
Firewall Trigger Configuration
Chapter 7 Hardware Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7.1. Gs7070
7.2. Ethernet
Chapter 8
Application of SP3353 . . . . . . . . . . . . . . . . . . . . . . . . . . .
Internet Access
Port Forwarding
NAT Port Mapping
DNS Setting
Chapter 9
Appendix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 10 Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 6
Chapter 1
About This ADSL Router
1.1. Congratulations!
Congratulations on your purchase of Micronet’s BroadLink ADSL Router. This
router is offering complete ADSL telecommunications and networking solutions for
your home or branch office. This chapter provides an overview of the asymmetric
digital subscriber line (ADSL) Discrete Multi-Tone (DMT) router.
1.2. Micronet Limited Warranty
Micronet warrants to the original end user (purchaser) that this product is free from
any defects in materials or workmanship for a period of up to two (2) years from the
date of purchase.
During the warranty period, and upon proof of purchase, should the product have
indications of failure due to faulty workmanship and/or materials, Micronet will, at
its discretion, repair or replace the defective products or components without
charge for either parts or labor, and to whatever extent it shall deem necessary to
restore the product or components to proper operating condition. Any replacement
will consist of a new or re-manufactured functionally equivalent product of equal
value, and will be solely at the discretion of Micronet.
This warranty shall not apply if the product is modified, misused, tampered with,
damaged by an act of God, or subjected to abnormal working conditions.
Note: Repair or replacement, as provided under this warranty, is the exclusive
remedy of the purchaser. This warranty is in lieu of all other warranties,
express or implied, including any implied warranty of merchantability or
fitness for a particular use or purpose. Micronet shall in no event be held
liable for indirect or consequential damages of any kind of character to the
To obtain the services of this warranty, contact Micronet's Service Center; refer to
the separate Warranty Card for your Return Material Authorization number (RMA).
Products must be returned Postage Prepaid. It is recommended that the unit be
insured when shipped. Any returned products without proof of purchase or those
with an out-dated warranty will be repaired or replaced (at the discretion of
Micronet) and the customer will be billed for parts and labor. All repaired or
replaced products will be shipped by Micronet to the corresponding return address.
1.3. Customer Support
If you have questions about your Micronet product(s) or desire assistance, please
contact Micronet Communications Corporation offices in Taiwan. The telephone
number is 886-2-22183656. Our technical support email address
support@micronet.info is also available.
1.4. ADSL Router SP3353
SP3353 is an ADSL router used for Internet/LAN access via an ADSL line. SP3353
can run maximum upstream transmission rates of 1Mbps and maximum
downstream transmission rates of 8Mbps. The actual rate depends on the copper
category of your telephone wire, distance from the central office and the type of
ADSL service subscribed to. See the sections below for more background
information on DSL and ADSL.
The SP3353's 10/100M auto-negotiating LAN interface enables fast data transfer
of either 10Mbps or 100Mbps in either half-duplex or full-duplex mode depending
on your Ethernet network.
Micronet’s ADSL Router SP3353 is easy to install and to configure. All functions of
the Router are software configurable via the Web-based management Interface.
1.5. About This User's Guide
This user's guide covers all aspects of the SP3353 operations and shows you how
to get the best out of the multiple advanced features of your ADSL Internet Access
Router. It is designed to guide you through the correct configuration of your
SP3353 for various applications.
1.6. Package Information
Before you start, please check all the contents of this package. The product
package should include the following:
One ADSL Router
One power adapter
One UTP cable
User’s Manual CD-ROM
Quick Installation Guide
1.7. Product Specifications
ITU G.992.1 (G.DMT) AnnexA / AnnexB
IEEE802.3, 10BASE-T
IEEE802.3u, 100BASE-TX
IEEE802.3u full duplex operation and flow control
1 * ADSL WAN port
4 * 10/100 RJ-45 Fast Ethernet switching ports
WAN Connection
SP3353: 1 * RJ-11 WAN port for AnnexA Type
SP3353/B: 1 * RJ-45WAN port for AnnexB (UR-2) Type
Network Data Rate
Ethernet: Auto-negotiation (10Mbps, 100Mbps)
ADSL: up to 8Mbps downstream and 1Mbps upstream
Transmission Mode
Auto-negotiation (Full-duplex, Half-duplex)
LED Indications
System – Power, Status
Port (Ethernet) – SPEED, LINK, FDX/COL
Software Support
Embedded Web based management interface
LAN/WAN management via Telnet or Web-based management interface
DHCP client/server/relay function
Internet game and multi-media applications support
Firmware upgradeable
PPPoA and PPPoE protocol
Static/Dynamic routing
NAT/NAPT function
Port filtering
Security triggers
IP filtering
Intrusion detection
SNMP v1, v2 and v3 management
VPN PPTP supported
Buffer Memory/MAC address
128Kbyte/4K MAC address table
FCC Class B. CE
Operating Environment
Temperature 0 degree C to 50 degree C
Humidity 10% to 90%
Power Supply
External Power Adapter, 12VDC/1000mA
Chapter 2
ADSL (Asymmetric Digital Subscriber Line)
2.1. What is ADSL?
ADSL is an asymmetrical technology, meaning that the downstream data rate is
much higher than the upstream data rate. It enhances the data capacity of the
existing twisted-pair wire that runs between the local telephone company switching
offices and most homes and offices. ADSL is suitable for Internet users because
more information is usually downloaded than uploaded. For example, a simple
button click in a web browser can start an extended download that includes
graphics and text. ADSL operates in a frequency range that is above the frequency
range of voice services, so the two systems can operate over the same cable.
The advantages of ADSL form the point of view of the Network Service Provider
and the end users:
1. ADSL enables Telcos to use the existing copper wires around the world to
deliver affordable high-speed remote access to the Internet, corporate
networks and on-line services over ordinary phone lines.
2. There is no time wasted for dialing up, ADSL is “always on” and connected,
waiting ready for use.
3. ADSL provides service providers with the capability to use one line to provide
new data services while maintaining the telephone service on the same line,
thus no need to increase any new infrastructures.
4. This new technology empowers the communicating speed nearly 300 times
faster than 24.4 Kbps modems or over 100 times faster than 56Kbps
5. ADSL enables real-time interactive multimedia applications, such as video
conferencing, distance learning and video-on-demand.
6. ADSL provides Telcos with the ability to offer a private, secure channel of
communications between the consumer and the service provider.
7. Data stream travels along the customers’own line. It is quite unlike traditional
telephone and modem services sharing the line with others.
8. Using a customer’s dedicated line, ADSL transmission speeds are not
affected by other users going on line.
9. You can use telephone for normal conversations and high-speed conduit for
data, information, entertainment and more at the same time. It provides
enormous advantages both in office and at home.
2.2. VPI & VCI
The valid range for the VPI is 1 to 255. The VCI is 32 to 65535 since 1 to 31 is
reserved for local management of ATM traffic. Your Telecos should supply you with
these numbers.
ATM is a connection-oriented technology. It sets up virtual circuits over which end
systems communicate. The terminology for virtual circuits involves VC (virtual
channel) and VP (virtual path). VC is the logical connections between end stations
and VP is a bundle of VCs.
We can think of a VP as a cable that contains a bundle of wires. The cable
connects two points, and wires within the cable provide individual circuits between
the two points. In an ATM cell header, a VPI identifies a link formed by a virtual
path and a VCI identifies a channel within a virtual path. The VPI and VCI are
identified and correspond to termination points at ATM switched as shown below.
VPI’s & VCI’s
2.3. Multiplexing
There are two conventions to identify what protocols the virtual circuit (VC) is
carrying. Be sure to use the multiplexing method required by your ISP.
VC-based multiplexing
Each protocol is assigned to a specific virtual circuit, e.g., VC1carries IP, VC2
carries IPX, etc. VC-based multiplexing may be dominant in environments
where dynamic creation of large numbers of ATM VCs in fast and economical.
LLC-based multiplexing
VC carries multiple protocols with protocol identifying information being
contained in each packet header. Despite the extra bandwidth and processing
overhead, this method may be advantageous if it is not practical to have a
separate VC for each carried protocol, e.g., if charging heavily depends on the
number of simultaneous VCs.
2.4. PPPoE
When using SP3353 as a PPPoE client, the PCs on the LAN see only Ethernet and
are not aware of PPPoE. This alleviates the administrator from having to manage
the PPPoE clients on the individual PCs.
What is PPPoE?
PPPoE (Point-to-Point Protocol over Ethernet) emulates a Dial-Up connection. It
allows your ISP to use their existing network configuration with newer broadband
technologies such as ADSL. The PPPoE driver on Micronet SP3353 is transparent
to the PCs on the LAN, which see only Ethernet and are not aware of PPPoE thus
saving you from having to manage PPPoE clients on individual PCs.
An ADSL modem bridges a PPP session over Ethernet from your PC to an ATM
PVC (Permanent Virtual Circuit), which connects to a xDSL Access Concentrator
where the PPP session terminates (see the figure below). One PVC can support
any number of PPP sessions from your LAN. PPPoE provides access control and
billing functionality in a manner similar to dial-up services using PPP.
Like the architecture shown above, the PPPoE driver makes the Ethernet appear
as a serial link to the PC, while the modem bridges the Ethernet frames to the
Access Concentrator (AC). Between the AC and an ISP, the AC is acting as a L2TP
(Layer 2 Tunneling Protocol) LAC (L2TP Access Concentrator) and tunnels the
PPP frames to the ISP. The L2TP tunnel is capable of carrying multiple PPP
sessions. With PPPoE, the VC (Virtual Circuit) is equivalent to the dial-up
connection and is between the modem and the AC, as opposed to all the way to
the ISP. However, the PPP negotiation is between the PC and the ISP.
Benefits of PPPoE
PPPoE offers the following benefits:
1. It provides a familiar dial-up networking (DUN) user interface.
2. PPPoE lessens the burden on the carriers of provisioning virtual circuits all the
way to the ISP on multiple switches for thousands of users. For PSTN and
ISDN, the switching fabric is already in place.
3. It allows the ISP to use the existing dial-up model to authenticate and to
provide differentiated services.
Chapter 3
Introduction To Internet ADSL Router
Micronet’s Broadlink
SP3353 is an ADSL Router embedded ADSL modem and
built-in 4-port auto-uplink Ethernet switch. Please prepare a PC with an Ethernet
port before configure the ADSL Router.
3.1. The Front Panel
The front panel of the ADSL Router is shown below.
System LEDs
Lights green when the ADSL Router is receiving power.
The LED will be dark for 10 seconds when the system is started.
After that, the LED will blink periodically to show the ADSL Router is
working normally. If the LED stays green/dark that means the system
is fail, you need to try to reboot the system or contact your agent.
Port LEDs (ADSL)
The LED stays light (green) means the port has good linkage to its
associated devices.
The activity LED will blink green when there is traffic transfer to the
Port LEDs (LAN)
A collision occurs when two stations within a collision domain attempt
to transmit data at the same time. Intermittent flashing amber of the
collision LED is normal; the contending adapters resolve each
collision by means of a wait-then-retransmit algorithm. Frequency of
collision is an indicator of heavy traffic on the network. If the
FDX/COL lights amber it means the port is under full-duplex
operation or dark for half-duplex mode.
Every port has a LINK/ACT LED. Steady green (link state) indicates
that the port has good linkage to its associated device. Flashing
green indicates that the port is receiving or transmitting data between
its associated devices.
The SPEED LED indicates the link speed of each port. If the LED
lights green then the connection speed is 100Mbps, off for 10Mbps.
Push the button for 5 seconds, the system will return to factory
default setting. In the meantime, system rewrite flash to default value
and Status LED halts for a while. Approximately 60 seconds later, the
Status LED blinks green periodically, now the whole system
parameters have returned to factory default value. If the process has
been interrupted by any reason (power off… … ), the system will fail.
Befor performing the process, ensure a safe operating environment
3.2. The Rear Panel
The rear panel of the ADSL Router is shown below
Plug the circle end of the power adapter firmly into the rear panel of
the ADSL Router, and the other end put into an electric service outlet
then the system is ready.
10BASE-T: Category 3,4 or 5 UTP/STP
ADSL: RJ-11 for AnnexA (SP3353),
100BASE-TX: Category 5 UTP/STP
RJ-45 ISDN for AnnexB (SP3353/B)
3.3. Installing And Using Internet ADSL Router
This section provides a step-by-step guide to the installation and configuration of
the ADSL Router. It assumes that your computer uses the Windows 95/98 or newer
version and a web browser is installed for configuration purposes. We suggest you
go over the whole section and then do more advanced operation.
3.3.1. Network configuration setup
Steps to build up the network:
(1) Check your ADSL service is enabled and splitter is well installed. If not,
consult to your ISP.
(2) Connect the phone line from the ADSL splitter to the RJ-45 port on the rear
panel of the ADSL Router.
(3) Install the network interface card into your computer by referring to the User
Guide that came with the card.
(4) Connect the computer to the ADSL Router by using standard twisted-pair
cable from the computer’s network interface card to an 10/100Mbps
Ethernet port on the back of the ADSL Router.
(5) Plug-in the power adapter to the ADSL Router and the other side to the wall
3.3.2. Computer configuration setup
In order to communicate with ADSL Router, the connected computer needs to
install the TCP/IP protocol and setup the related address information.
(1) Double click the “My Computer” icon on the desktop screen.
(2) Double click the “Control Panel ? Network”.
(3) Click the “Configuration” tab and check the TCP/IP protocol is available or
not. If yes, skip the procedures 4~5. If no, click the “Add” button.
(4) Select “Protocol” item on the Select Network Component Type window.
After that, click “Add” button.
(5) Select “Microsoft” item on the left side of Select Network Protocol window.
After that, select “TCP/IP” protocol on the Network Protocols block and click
“OK” button.
(6) Select the “TCP/IP” component in the Configuration tab of the Network
window. Click “Properties” button.
(7) The screen will show up the TCP/IP Properties window then start the
setting. First of all, you need to choose the IP address is dynamically
assigned by a DHCP server or fixed.
Dynamically assigned:
- Select the “IP Address” tab and select “Obtain an IP address automatically” (default
- Select the “Gateway” tab and click “Remove” to clear any existing entry of gateway IP
- Select the “DNS Configuration”tab and click “Disable DNS”
- Click “OK”button
If there are some clients who need to get fixed IP addresses for some reasons and the
nodes also need to access Internet through the ADSL Router then the following steps
used to configure system
- Select “Specify an IP address” in the IP Address tab of the TCP/IP Properties window
and enter 192.168.1.x in the IP Address field (the “x” is a number between 2 and 254
used by the ADSL Router to identify individual computers)
- Select the “DNS Configuration”tab and click “Enable DNS”
- Enter the DNS IP Address obtained from your ISP in the “Server Search Order”location.
Click “OK”button.
NOTE: 0. The default IP address of ADSL Router is and subnet mask is
1. For the new network computers to use dynamic IP addresses provided by the
ADSL Router DHCP server, they should not use the range of fixed IP
addresses. For example, the fixed IP addresses already use to the DHCP server must be setup to allocate the dynamic
addresses out of this range.
(8) The screen will return back to Network window then click “OK” button. At
this moment, the system will prompt you for restarting the Windows. Click
3.3.3. ADSL Router configuration setup
In order to make the whole network operate successfully, it is necessary to
configure the ADSL Router through your computer has a web browser installed.
Please follow up the steps listed below.
(1) Double click the Internet web browser icon on your desktop screen
(Netscape Communicator 4.0 and Internet Explorer 3.0 or update version).
(2) Type into the URL web address location and press Enter.
(3) The Username and Password Required window appears.
- Enter “admin” in the User name location (default value).
- Enter “admin” in the Password location (default value).
- Click “OK” button.
In the home page of the ADSL Router, the left navigation bar shows the options to
configure the system. In the right navigation screen is the summary of system
status, you could view the configurations or click the short cuts for further system
Quick Start
This page allows you to set up some authentication & login details, which your ISP
may require.
(1) Login Type
No Login / DHCP –
If a username and a password are not necessary when establishing your
ADSL service, please check this item.
PPPoE Login –
Some ISPs use PPPoE protocol to establish communication and require
one set of username and password. If they do, you need to check this
item and fill the username and password in the next “PPPoE Login
(2) PPPoE Login Setup
Enter your PPPoE Username and Password provided by your ISP.
(3) PPPoE Login Option
PPPoE Service Name -Some ISPs require PPPoE Service Name when making ADSL service
Dial On Demand –
Enter a number as a predetermined period of time for
auto-disconnection. This device can auto-disconnect from the Internet
when the idle time (minutes) is up.
Keep Alive –
To keep the line always connected, please check the box.
Domain Name for Clients to send with DNS Requests –
Enter your Domain Name to enable Dynamic DNS service.
Chapter 4
System Configuration of this ADSL Router
The system configurations include five items, Error log, Remote Access, Upgrade,
Auto-provisioning and Restart. In this page, system settings and parameters could
be launched.
4.1. Error Log:
You can read here system logs and error messages.
4.2. Remote Access:
After enabling the NAT function, system may temporarily permit remote
administration of this device via WAN port. This feature could prevent outside
intruders from accessing this management interface.
4.3. Upgrade:
You can update the software by yourself easily. Before doing this, you should
obtain the newer firmware from your local distributor and save it into the PC’s hard
disk. Click “Browse” button and specify the file path then click the “Upgrade” button,
the upgrade process will begin.
If the upgrade process has been interrupted by any reason (power off, cable plug
out etc.), the system will fail. Before performing “Firmware Upgrade” process,
ensure a safe operating environment please.
4.4. Autoprovisioning:
If your ISP supports AutoPVC, please enable it here.
4.5. Restart:
Press the “Restart” button to reboot the ADSL Router. IF you would like to reset all
configurations to factory default, please check the “Reset to factory default
settings” box.
Chapter 5
Configuration of this ADSL Router
Micronet SP3353 provides strong router functions. In this chapter, we introduce
you the configuration step by step. Since the Security is more complicated than
others. So we divide the section in the next chapter.
5.1. Save Config:
Click “Save” button here to save and enable the changes you have ever made.
5.2. Authentication:
You can add new user account in this page.
1_ Click “Create a new user”
2_ Enter Username and Password.
3_ The “Login enabled?” item decides this new user the permission to
login to the management console or not. If you choose false, this user
only has the permission to view System Status and Error Logs.
4_ Enter the statement in Comment for identification (Optional).
5_ Click “Create” button to add a new user account or “Reset” to clear all
5.3. LAN Connection:
You can change the IP address of your LAN interface here. Basically, the IP
address will be the Default Gateway and DNS Server of your LAN interface.
5.4. WAN Connections:
Under normal circumstances, leave the factory default value of WAN connections
could make your ADSL working properly and successfully. In some situation, you
may need to assign different system parameters. Please referring to your ISP’s
technical documents first for correct information or consult an experienced
technician for help.
Create a new service –
There is a factory default WAN service, click “Edit” / “Delete” for Modify?
Remove the service.
RFC1483 routed: RFC1483 encapsulation routing mode
RFC1483 bridged: RFC1483 encapsulation bridging mode
PPPoA routed: Point-to-Point Protocol over ATM bridged mode
IPoA routed: IP over ATM Routed mode
PPPoE routed: Point-to-Point over Ethernet routed mode
PPTP: Point-to-Point Tunneling Protocol
Edit PPPoE –
After clicking the “Edit” entry, you could modify PPPoE parameters.
Edit “ATM channel” –
The “ATM channel” is very important parameter, please reference to
your ISP’s technical documents.
Tx Vci/Vpi – Virtual Circuit / Path Identity of ATM transmission rate
Rx Vci/Vpi Virtual Circuit / Path Identity of ATM receiving rate
Edit IP Interface –
The WAN IP interface values
Edit “RIP Version –
RIP protocol values for routing table exchange
Edit TCP MSS Clamp –
MSS Clamping values
5.5. IP Routes:
You can create a Static Routing table manually to administrate the network traffic
when dynamic routing is not effective enough. To start the configuration, click the
“Static Route” and fill in the following data.
Destination –
IP addresses of destination hosts you desire to specify a rout, for
Gateway –
The Gateway IP address to the destination network, for example
Netmask –
Network mask of the destination network.
5.6. DHCP Server:
This function assigns IP addresses to local client computers dynamically. The
DHCP Server Mode default value is “enable”.
5.6.1. DHCP server status:
Default Lease Time –
How many seconds the client computer could use this IP address.
When the Default Lease Time is up, the client computer could extend
the lease time until the Max Lease Time is up. It can be changed from
clicking Configure Box.
Allow Bootp –
Some clients acquire an IP address by BOOTP protocol. In this case,
you could enable this function. Click Configure Box and Advanced
Options, Edit Dhcp Server screen will show in the right frame. Select
True or False to control this feature.
Allow Unknown Clients –
Enable the feature can allow Remote clients access your network
Enabled “True” – DHCP Enabled
“False” – DHCP Disabled
5.6.2. Subnet definitions:
Subnet Value –
The current Network ID of your LAN, factory default value is
Subnet Mask –
The network mask of your LAN interface
Router is DNS Server –
When DHCP server received a request for leasing an IP address, the
specified IP address of DNS server will be sent simultaneously with
leased IP address to the client. If you want to specify another DNS
server, please fill it in.
”True” -- The ADSL Router acts as a DNS server.
”False” – DNS function disabled
Router is Default Gateway –
When DHCP server received a request for leasing an IP address, the
IP address of ADSL Router will be sent simultaneously with leased IP
address to the client.
”True” – The ADSL Router is the Default Gateway
”False” –The ADSL Router is not the Default Gateway
5.7. DNS Client:
Enter the DNS server’s IP addresses and click “Add” button. Every time when DNS
servers reply queries, the ADSL Router makes a copy and saves the record. Next
time, when the same domain name is queried again, the ADSL Router replies
directly according to the records it saved before.
Domain search order –
This function creates a domain search list. The DNS client uses this list
when a user asks for the IP address list for an incomplete domain
name. You can have a maximum of 6 incomplete domain names in the
search string.
5.8. DNS Relay:
Please enter the DNS server IP address. When client hosts query domain names,
ADSK Router will relay the queries to DNS server you specified here.
Chapter 6
SP3353 provides powerful security feature. You can set up different Security Level,
Firewall Policy etc. just what you need.
6.1. Security:
For security or management consideration, you man need to setup system policies
or filters to limit (block) specific IP addresses (ports) from being accessed. The
ADLS Router provides various security functions. In this page, you can setup:
??Security State
??Security Level
??Firewall Policy Configuration
??Firewall Trigger Configuration
??Configure Intrusion Detection
6.2. NAT Configuration:
1. In the Security State / Security item, please select “Enable”
radio-button then click “Change State”.
2. Click “Add Interface” under “Security Interfaces” item to add new
security interface.
3. Choose “iplan” in “Name” item and “internal “ in “Interface Type” item.
4. Click “Apply” button then the “Internal Interface” is added.
5. Repeat the phase 2~4 (Replace “iplan” by “ipwan” and “internal” by
“external” in phase 3) to add the “External Interface”.
6. The “Enable NAT to internal interfaces” button under “Security
Interfaces” item appears, click it to enable NAT (Network Address
Translation) function.
6.3. NAT Advanced Configuration:
6.3.1. Global Address Pools:
A Global Address Pool is a pool of addresses seen from the outside network. The
ADSL Router provides one and above WAN IP interface, you can assign another
outside interfaces for various purposes.
Use Subnet Mask
1. Enter your IP address in “IP Address” item, for example:
2. Enter net mask in “Subnet Mask/IP Address” item, for example:
3. Click “Add Global Address Pool” button to add IP address
Use IP Address Range
1. Enter starting IP address of a range in the “IP Address” item, for
2. Enter starting IP address of a range in the “Subnet Mask/IP Address”
item, for example:
3. Click “Add Global Address Pool” button to add the IP address
Reserved Mappings
A reserved mapping is used so that NAT knows where to route packets on
inbound sessions. The reserved mapping will map a specific global
address and port to an inside address and port. Refer to the following
Reserved Mapping table, when an Internet Browser (Internet Explorer,
Netscape Navigator) knocks port-80 of the Global IP Address --, the Internal IP Address provides HTTP service.
6.4. Firewall Policy Configuration:
The firewall policy could obstruct outside intruders from intruding your
system. After selecting a security level, the preset firewall policies are
Port filters
Port filters are rules that determine how a packet should be handled.
Refer to the following Port filters table; users in the LAN side could access
the port 21 (ftp) and port 80 (http) services in the Internet. But outside
users who access the port 21 and port 80 via WAN port of the device are
not allowed.
Host Validator
The ADSL Router could filter the incoming / outgoing packets for security
or management consideration. You can set up the filter against the IP
addresses to block specific internal users from accessing / being
accessed the Internet. Refer to the following Host Validator table:
1. Any access intention incoming from WAN port to the internal IP
address 192.168.3 will be blocked.
2. Any incoming / outgoing access intention come to / from the IP
addresses in the range of ~ will be
6.5.Firewall Trigger Configuration:
Security triggers are used to deal with application protocols that create
separate sessions. Some application protocols open secondary
connections during normal operations. The most common example of this
is FTP. Rather than allowing a range or port numbers, triggers handle the
situation dynamically, allowing the secondary sessions on when
appropriate. After selecting a security level, the preset Firewall Triggers
are implemented.
Allow Multiple Hosts
Allows multiple hosts to use the same port or not.
Max Activity Interval
The trigger open up until Max Activity Interval expires.
Enable Session Chaining (UDP)
Session chaining which is not needed for FTP but is needed for some
applications, like NetMeeting.
Binary Address Replacement / Address Translation Type
Some applications embed address and / or port information in the payload
of the packet. This function allows you to specify what type of address
replacement is set on a trigger. Incoming packets are searched in order to
find their embedded IP address. The address is then replaced by the
correct inside host IP address, and NAT translates the packets to the
correct destination.
Configure Intrusion Detection
Key in the detection requirement then click Apply box to enable this
Chapter 7
Hardware Setting
In this chapter, we discuss the hardware settings. These settings will influence the
handshaking with DSLAM. Please don’t change the value unless your telephone
service provider does.
7.1. Gs7070:
These are basic port attributes of ADSL port.
7.2. Ethernet:
These are basic port attributes of Ethernet port.
Chapter 7
Application of SP3353
7.1. Internet Access
BroadLink SP3353 is the ideal high-speed Internet access solution. It supports the
TCP/IP protocol, which the Internet uses exclusively and compatible with all major
ADSL DSLAM (Digital Subscriber Line Access Multiplexer) providers. Think of it as
the equivalent of a modem rack for ADSL. A typical Internet Access application is
shown below. It allows multiple users on the LAN to access the Internet
concurrently by sharing Single User Account.
7.2. Port Forwarding
In many cases, Port Forwarding is called “Virtual Server”. The Virtual Servers
feature allows Internet users to access standard Servers on your LAN, via the
Internet IP Sharer. Normally, Internet users would not be able to access a server on
your LAN because:
Your Server does not have a valid external IP Address.
Attempts to connect to devices on your LAN are blocked by the firewall in this
The "Virtual Server" feature solves these problems and allows Internet users to
connect to your servers. However, your LAN must have an existing connection to
the Internet.
Virtual Server operation is illustrated below.
Both Internet users are connecting to the same IP Address, but using different
protocols. To Internet users, all virtual Servers on your LAN have the same IP
Address. This IP Address is the IP Address allocated by ISP on the Internet
Account screen, for the port(s) which you are using. This address should be static,
rather than dynamic, to make it easier for Internet users to connect to your Servers.
The Internet IP Sharer supports two (2) types of Virtual Servers:
Standard - Standard server types (Web, FTP, etc) are pre-defined. The only data
required is the IP Address of the server on your LAN.
User-defined - Non-standard servers. You must provide additional information
about the server.
Note that the TOTAL number of Virtual Servers which can be used is 10.
7.3. NAT Port Mapping
If your ADSL account within multi-real IP Addresses then Multi-Global IP mapping
function is a useful feature for Internet application. The Multi-Global IP mapping
function helps you dividing the client PCs on the LAN into several groups and each
group access Internet through one real IP Address. You also can set single local IP
Address map to single Global IP Address. Thus it empowers the management and
provides much wider application over ADSL line.
7.4. DNS setting
Domain Name System links names to IP addresses. When you access Web sites
on the Internet, you can type the IP address of the site or the DNS name. When
you type a domain name in a Web browser, a query is sent to the primary DNS
server defined in your Web browser’s configuration dialog box. The DNS server
converts the name you specified to an IP address and returns this address to your
system. From then on, the IP address is used in all subsequent communications.
SP3353 design DNS in DHCP Parameter. It keeps three Name Server for user's
application. You can key in your DNS server in the three boxes. You also can skip
the setting, it will be auto assigned by your ISP.
7.5. AutoPVC
AutoPVC(TR 37) covers auto-configuration for the connection between the DSL
broadband network termination and the network, using ATM. DSL Forum and ATM
Forum have worked in parallel on this aspect of auto-configuration, drawing on the
existing work of both organisations to provide an integrated technical solution.
7.5.1. ATM Switch
ATM is a connection oriented packet switching technology using fixed size packets,
called cells. These cells consist of a header and a payload and are switched
through a public or private ATM network depending on the contents of the header.
End-to-end connections are formed by cross connecting individual ATM segments
in ATM switches. Each ATM cell carries two labels called Virtual Path Identifier
(VPI) and Virtual Channel Identifier (VCI) as part of its header.
An ATM channel, commonly referred to as Virtual Channel, is fully identified by
these two labels. Therefore, multiple ATM channels can reside on your DSL line.
All ATM connections are static, i.e. of type Permanent Virtual Channel (PVC).
7.5.2. ATM traffic handling
ATM traffic at SP3353 is switched to the Ethernet port. Inside ATM VCs any
protocol can be transported. However, at both endpoints (the ATM channels are
terminated), the same protocol must be supported. If not, there will be no
end-to-end connectivity. Only frames recognized/ supported by SP3353 on a
particular ATM connection are extracted, or encapsulated.
Currently the supported encapsulations are:
(1) Transparently Bridged connections – RFC 1483, Ethernet V2.0/IEEE 802.3
bridged PDUs for both the LLC/SNAP method and VC-MUX method
(2) Bridged PPPoE connections – RFC 1483, Ethernet V2.0/IEEE 802.3 bridged
PDUs for bothe the LLC/SNAP method and VC-MUX method
(3) PPPoA-to-PPTP Relaying connections – RFC 2364, PPP PDUs for both the
LLC/NLPID method and VC-MUX method.
The default VCs can be remotely modified via the AutoPVC feature. AutoPVC
operated only when your ISP supports this function. SP3353 supports this function.
You can enable the function by only checking the radio box.
Chapter 8
Service Name, Protocol and Port number
Chapter 9
Address mask
A bit mask used to select bits from an Internet address for subnet addressing. The
mask is 32 bits long and selects the network portion of the Internet address and
one or more bits of the local portion. Sometimes called subnet mask.
ATM Adaptation Layer - This layer maps higher layer user data into ATM cells,
making the data suitable for transport through the ATM network.
Asymmetrical Digital Subscriber Line is an asymmetrical technology, meaning that
the downstream data rate is much higher than the upstream data rate. ADSL
operates in a frequency range that is above the frequency range of voice services,
so the two systems can operate over the same cable.
ADSL Transmission Unit, Central or Remote: the device at the end of an ADSL line
that stands between the line and the first item of equipment in the subscriber
premises or telephone switch. It may be integrated within an access node.
Address Resolution Protocol is a protocol for mapping an Internet Protocol address
(IP address) to a physical machine address that is recognized in the local network.
Asynchronous Transfer Mode - A cell-based data transfer technique in which
channel demand determines packet allocation. ATM offers fast packet technology,
real time, demand led switching for efficient use of network resources.
A high-speed line or series of connections that forms a major pathway within a
This is the capacity on a link usually measured in bits-per-second (bps).
Bit and Byte
(Binary Digit) -- A single digit number in base-2, in other words, either a 1 or a zero.
The smallest unit of computerized data. A set of bits that represent a single
character. There are 8 bits in a Byte.
A device connects two or more physical networks and forwards packets between
them. Bridges can usually be made to filter packets, that is, to forward only certain
traffic. Related devices are: repeaters which simply forward electrical signals from
one cable to the other, and full-fledged routers which make routing decisions based
on several criteria.
High-speed transmission. The term is commonly used to refer to communications
lines or services at T1 rates (1.544 Mbps) and above. The speed threshold of
broadband is subjective and can be above or below T1. Some claim 45 Mbps is the
starting point of broadband. In every case however, it implies transmitting at higher
speeds than what was common before. Broadband often refers to Internet access
using cable modems and DSL, both of which deliver speeds above and below T1.
Challenge Handshake Authentication Protocol is an alternative protocol that avoids
sending passwords over the wire by using a challenge/response technique.
A software program that is used to contact and obtain data from a Server software
program on another computer. Each Client program is designed to work with one or
more specific kinds of Server programs, and each Server requires a specific kind of
Client. A Web Browser is a specific kind of Client.
Central Office. Refers to equipment located at a Telco or service provider's office.
Customer Premises Equipment located in a user's premises
Crossover Ethernet Cable
A cable that wires a pin to its opposite pin, for example, RX+ is wired to TX+. This
cable connects two similar devices, for example, two data terminal equipment (DTE)
or data communications equipment (DCE) devices.
Channel Service Unit/Data Service Unit. CSUs (channel service units) and DSUs
(data service units) are actually two separate devices, but they are used in
conjunction and often combined into the same box. The devices are part of the
hardware you need to connect computer equipment to digital transmission lines).
The Channel Service Unit device connects with the digital communication line and
provides a termination for the digital signal. The Data Service Unit device,
sometimes called a digital service unit, is the hardware component you need to
transmit digital data over the hardware channel. The device converts signals from
bridges, routers, and multiplexors into the bipolar digital signals used by the digital
lines. Multiplexors mix voice signals and data on the same line.
Data Communications Equipment is typically a modem or other type of
communication device. The DCE sits between the DTE (data terminal equipment)
and a transmission circuit such as a phone line.
Dynamic Host Configuration Protocol automatically assigns IP addresses to clients
when they log on. DHCP centralizes IP address management on central computers
that run the DHCP server program. DHCP leases addresses for a period of time
which means that addresses are made available to assign to other systems.
Discrete Multi-Tone frequency signal modulation
Domain Name System links names to IP addresses. When you access Web sites
on the Internet, you can type the IP address of the site or the DNS name. When
you type a domain name in a Web browser, a query is sent to the primary DNS
server defined in your Web browser’s configuration dialog box. The DNS server
converts the name you specified to an IP address and returns this address to your
system. From then on, the IP address is used in all subsequent communications.
Domain Name
The unique name that identifies an Internet site. Domain Names always have 2 or
more parts, separated by dots. The part on the left is the most specific, and the part
on the right is the most general.
Downstream rate
The line rate for return messages or data transfers from the network machine to the
user's premises machine.
Digital Subscriber Line technologies enhances the data capacity of the existing
twisted-pair wire that runs between the local telephone company switching offices
and most homes and offices. There are actually seven types of DSL service,
ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The services are either
symmetrical (traffic flows at the same speed in both directions), or asymmetrical
(the downstream capacity is higher than the upstream capacity). DSL connections
are point-to-point dedicated circuits, meaning that they are always connected.
There is no dial-up. There is also no switching, which means that the line is a direct
connection into the carrier’s frame relay, ATM (Asynchronous Transfer Mode), or
Internet-connect system.
A Digital Subscriber Line Access Multiplexer (DSLAM) is a network device, usually
at a telephone company central office, that receives signals from multiple customer
Digital Subscriber Line connections and puts the signals on a high-speed backbone
line using multiplexing techniques. Depending on the product, DSLAM multiplexers
connect DSL lines with some combination of asynchronous transfer mode ATM,
frame relay, or IP networks.
Originally, the DTE (Data Terminal Equipment) was a dumb terminal or printer, but
today it is a computer, or a bridge or router that interconnects local area networks.
Dynamic IP Addresses
A dynamic IP address is an IP address that is automatically assigned to a client
station (computer, printer, etc.) in a TCP/IP network. Dynamic IP addresses are
typically assigned by a DHCP server, which can be a computer on the network or
another piece of hardware, such as the Router. A dynamic IP address may change
every time your computer connects to the network.
The technique used by layered protocols in which a layer adds header information
to the protocol data unit (PDU) from the layer above. As an example, in Internet
terminology, a packet would contain a header from the physical layer, followed by a
header from the network layer (IP), followed by a header from the transport layer
(TCP), followed by the application protocol data.
A very common method of networking computers in a LAN. There are a number of
adaptations to the IEEE 802.3 Ethernet standard, including adaptations with data
rates of 10 Mbits/sec and 100 Mbits/sec over coaxial cable, twisted-pair cable, and
fiber-optic cable. The latest version of Ethernet, Gigabit Ethernet, has a data rate of
1 Gbit/sec.
A gateway is a computer system or other device that acts as a translator between
two systems that do not use the same communication protocols, data formatting
structures, languages, and/or architecture.
Any computer on a network that is a repository for services available to other
computers on the network. It is quite common to have one host machine provide
several services, such as WWW and USENET.
Internet Control Message Protocol is a message control and error-reporting
protocol between a host server and a gateway to the Internet. ICMP uses Internet
Protocol (IP) datagrams, but the messages are processed by the TCP/IP software
and are not directly apparent to the application user.
Internet Protocol. The IP (currently IP version 4, or IPv4), is the underlying protocol
for routing packets on the Internet and other TCP/IP-based networks.
IP Control Protocol allows changes to IP parameters such as the IP address.
On a local area network (LAN) or other network, the MAC (Media Access Control)
address is your computer's unique hardware number. (On an Ethernet LAN, it's the
same as your Ethernet address.) The MAC layer frames data for transmission over
the network, then passes the frame to the physical layer interface where it is
transmitted as a stream of bits.
Network Address Translation is the translation of an Internet Protocol address used
within one network to a different IP address known within another network.
Any single computer connected to a network.
Plain Old Telephone Service - This is the term used to describe basic telephone
Point to Point Protocol. PPP encapsulates and transmits IP (Internet Protocol)
datagrams over serial point-to-point links. PPP works with other protocols such as
IPX (Internetwork Packet Exchange). The protocol is defined in IETF (Internet
Engineering Task Force) RFC 1661 through 1663. PPP provides router-to-router,
host-to-router, and host-to-hostconnections.
PPP over Ethernet is a protocol for connecting remote hosts to the Internet over an
always-on connection by simulating a dial-up connection.
Public Switched Telephone Network was put into place many years ago as a voice
telephone call-switching system. The system transmits voice calls as analog
signals across copper twisted cables from homes and businesses to neighborhood
COs (central offices); this is often called the local loop. The PSTN is a
circuit-switched system, meaning that an end-to-end private circuit is established
between caller and callee.
Permanent Virtual Circuit. A PVC is a logical point-to-point circuit between
customer sites. PVCs are low-delay circuits because routing decisions do not need
to be made along the way. Permanent means that the circuit is preprogrammed by
the carrier as a path through the network. It does not need to be set up or torn
down for each session.
An RFC (Request for Comments) is an Internet formal document or standard that is
the result of committee drafting and subsequent review by interested parties. Some
RFCs are informational in nature. Of those that are intended to become Internet
standards, the final version of the RFC becomes the standard and no further
comments or changes are permitted. Change can occur, however, through
subsequent RFCs.
Routing Information Protocol is an interior or intra-domain routing protocol that
uses the distance-vector routing algorithms. RIP is used on the Internet and is
common in the NetWare environment as a method for exchanging routing
information between routers.
A system responsible for making decisions about which of several paths network
(or Internet) traffic will follow. To do this, it uses a routing protocol to gain
information about the network and algorithms to choose the best route based on
several criteria known as "routing metrics".
Routing table
Information stored within a router that contains network path and status information.
It is used to select the most appropriate route to forward information along.
Routing Information Protocol
Routers periodically exchange information with one another so that they can
determine minimum distance paths between sources and destinations.
A computer, or a software package, that provides a specific kind of service to client
software running on other computers.
System Network Management Protocol is a popular management protocol defined
by the Internet community for TCP/IP networks. It is a communication protocol for
collecting information from devices on the network.
Spanning-Tree Bridge Protocol (STP)
Spanning-Tree Bridge Protocol (STP) - Part of an IEEE standard. A mechanism for
detecting and preventing loops from occurring in a multi-bridged environment.
When three or more LAN's segments are connected via bridges, a loop can occur.
Because a bridge forwards all packets that are not recognized as being local, some
packets can circulate for long periods of time, eventually degrading system
performance. This algorithm ensures only one path connects any pair of stations,
selecting one bridge as the 'root' bridge, with the highest priority one as identifier,
from which all paths should radiate.
A method of fooling network end stations into believing that keep alive signals have
come from and returned to the host. Polls are received and returned locally at
either end
Static IP Addresses
A static IP address is an IP address permanently assigned to computer in a TCP/IP
network. Static IP addresses are usually assigned to networked devices that are
consistently accessed by multiple users, such as Server PCs, or printers. If you are
using your Router to share your cable or DSL Internet connection, contact your ISP
to see if they have assigned your home a static IP address. You will need that
address during your Router's configuration.
Twisted-pair cable consists of copper-core wires surrounded by an insulator. Two
wires are twisted together to form a pair, and the pair form a balanced circuit. The
twisting prevents interference problems. STP (shielded twisted-pair) provides
protection against external crosstalk.
Straight Through Ethernet Cable
A cable that wires a pin to its equivalent pin. This cable connects two dissimilar
devices, for example, a data terminal equipment (DTE) and a data communications
equipment (DCE) device. A straight through Ethernet cable is the most common
cable used.
For routing purposes, IP networks can be divided into logical subnets by using a
subnet mask. Values below those of the mask are valid addresses on the subnet.
Transmission Control Protocol - The major transport protocol in the Internet suite of
protocols provides reliable, connection-oriented full-duplex streams.
Telnet is the login and terminal emulation protocol common on the Internet and in
UNIX environments. It operates over TCP/IP networks. Its primary function is to
allow users to log into remote host systems.
Trivial File Transfer Protocol - A simple file transfer protocol (a simplified version of
FTP) that is often used to boot diskless workstations and other network devices
such as routers over a network (typically a LAN).VCI
User Datagram Protocol - A connectionless transport protocol that runs on top of
TCP/IP's IP. UDP, like TCP, uses IP for delivery; however, unlike TCP, UDP
provides for exchange of datagrams without acknowledgments or guaranteed
delivery. Best suited for small, independent requests, such as requesting a MIB
value from an SNMP agent, in which first setting up a connection would take more
time than sending the data.
UNI signaling
User Network Interface signaling for ATM communications.
Virtual Channel Identifier
Identifies virtual channels between users or between users and networks.
Virtual Connection (VC)
A link that seems and behaves like a dedicated point-to-point line or a system that
delivers packets in sequence, as happens on an actual point-to-point network. In
reality, the data is delivered across a network via the most appropriate route. The
sending and receiving devices do not have to be aware of the options and the route
is chosen only when a message is sent. There is no pre-arrangement, so each
virtual connection exists only for the duration of that one transmission.
Virtual Path Identifier. Identifies virtual paths between users or between users and
Wide Area Networks link geographically dispersed offices in other cities or around
the globe. Just about any long-distance communication medium can serve as a
WAN link, including switched and permanent telephone circuits, terrestrial radio
systems, and satellite systems.