Instruction/ maintenance manual of the product se5880 Siemens
Go to page of 86
Part No. 107-7950-001 SIEMENS Business Class se5880 Ethernet Security Router User’s Guide.
Software License and Limited Warranty © Copyright 2004, Siemens Subscriber Networks, Inc. All rights reserved. Print ed in the U.S.A. Siemens Subscriber Networks, Ef ficient Networks, th e Efficient Networks logo, and S peedS trea m(tm) are trademarks of Si emens AG .
• Siemens Subscriber Networks’s limit of liability under the limit ed warranty shall be the actual cash value of the product at t he time the end user ret urns the product for repair, determine d by the price paid by the end user for the product less a reasonab le amount for usage.
SIEMENS se5880 Ethernet Security Router User’s Guide SIEMENS i T able of Content s Chapter 1 Product Specif ications Front Panel.......... ............. ............. ................ ............. ............. ................ ............. ......
SIEMENS se5880 Ethernet Security Router User’s Guide SIEMENS ii T able of Content s Dynamic Host Configuration Protocol ........... ................ ................ ................ ............. ................ ... 1 8 Chapter 4 User Setup User Management.
SIEMENS se5880 Ethernet Security Router User’s Guide SIEMENS iii View Dropped Packets ........... ................ ............. ................. ............ ................. ............ ......... ....... 59 Configure Firewall Rules ..... ......
SIEMENS 1 Chapter 1 Product S pecifications Front Panel The following table explains the LEDs that appear on the Fron t Panel of the Siemens se5880 router . Back Panel The following table descrcibes the various connections on the back pa nel of the Siemens se5880 router .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 1 Produc t Specifications Hardware Speci fications SIEMENS 2 Hardware Specifications Physical Specifications • Unit Dimensions: – 8.4W x 7D x 1.7H inches – 21.3W x 17.8D x 4.3H cm • Wei g ht : –1 .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 1 Produc t Specifications Sof tware Specificatio ns SIEMENS 3 Sof tware S pecifications Bridging • T ranspa rent bridging including S panning T ree protocol (IEEE 802.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 1 Produc t Specifications Sof tware Specificatio ns SIEMENS 4 Security • Role-based manageme nt • User authentication (P AP/CHAP) wit.
SIEMENS 5 Chapter 2 Inst allation This chapter descr ibes the steps you must take to inst all and conf igure the various co mponents in your network to utilize the Siem ens Ethernet Security Router .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation Hardware In stallation SIEMENS 6 Hardware Inst allation Y ou may position the Siemens broadband router at any convenient location where it will be we ll ventilated. Do not stack it with other device s or place it on the ca rpet.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 7 PC Configuration Y our PC must be configured to use the TCP/IP protocol suite over the In te rnet, and to accept Dynamic Host Configuration Protocol address assign me nts from th e router .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 8 Windows NT 4 1. On your de sktop, right click on the Network Neighborhood icon. This displays the Network window . 2. Click the Protocols tab. 3. Select TCP/IP Protocol from the Network Prot ocols list.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 9 Windows 2000 1. Select St art >Setti ngs >Cont rol Panel . This displays the Cont rol Panel wind ow . 2. Double-click the Network and Dial-up Connection icon.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 10 Windows XP 1. Click St art >Contro l Pane l. This displays the Control Panel window . 2. Double-click the Network Conn ections icon. This displays the Network Connection windo w .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 11 Mac OS 9.x 1. Click Apple -> Control Panels -> TCP/IP . This displays the TCP/IP Control Panel window . 2. Select Ethernet from the Connect via drop-down menu.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 12 Mac OSX 1. Click Apple -> System Preferences . This displays the Syst em Preferences window . 2. Double-click the Network icon under the Internet & Network section.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation PC Configuration SIEMENS 13 Linux 1. From a termina l window , run linuxconfig . This displays the Config window . 2. Click the Adaptor ta b . 3. Enter any information specified by your service provider in the fields un der the appropriate Adapte r tab.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation Configuring the Router SIEMENS 14 Configuring the Router The Siemens Business Class Router family of produc ts provides two user interfaces: a W eb Management Interface and a console- based Command Line Interface (CLI).
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 2 Installation Configuring the Router SIEMENS 15 Router Information Page The Router Information Pag e is the first page you encounter af ter logging into the router . The Router Information p age displays basic rou ter information an d configuration settin gs.
SIEMENS 16 Chapter 3 Easy Setup This chapter descr ibes how to define router config uration settings using the Easy Setup Wizard. These settings control access to the Wide Area Network (W AN ) and Local Area Network (LAN).
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 3 Easy Setup Untrusted Interface Configu ration SIEMENS 17 Using PPPoE If you selected Using PPPoE from the Untrusted Interface Configuration page , perform the following steps t o configure Point-to-Point Protocol over Ethernet: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 3 Easy Setup Untrusted Interface Configu ration SIEMENS 18 Dynamic Host Conf iguration Protocol Dynamic Host Configuration Protocol (DHCP) provides a dynamic, “upon re quest,” IP address to computers and other networked devices.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 3 Easy Setup Untrusted Interface Configu ration SIEMENS 19 T rusted Interface Configuration T rusted Interface information is con figured on the T ruste d Interface Configuration p age. T o configure the T rusted Interface: 1.
SIEMENS 20 Chapter 4 User Setup This chapter describes how to set up users on the router and contro l their access to router functions and to the Internet. T he featur es that cont rol users and their a ccess are listed below . T o access one of these options, click the link o n the left navigat ion pane of the Router Info rmation page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 21 Adding/Modifying A User Account User accounts are used to contr ol access to the router and the Internet. T o add a user account: 1. Click New User on the User Management page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 22 Deleting A User Account T o delete a user account: 1. Select the name of the accoun t you want to delete in the Select User list on the User M anagement p age, then click Delete User .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 23 User Lookup Y ou can specify a primary and secondar y database to us e to identify users when logging into the router . T o configure the primary and secondary d atabases: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 24 Secure Mode Configuration Y ou can enable secure mode to control wheth er an interface is trusted or untrusted. T o configure Secure Mode: 1. Click Secure Mode Configurat ion on the left navigation pane of the User Manageme nt page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 25 Configure the Radius Server Remote Authentication Dial In User Se rvice (RADIUS) is client-server bas e d access control and authentication feature.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 26 Configure the T acPlus Server T acplus allows access control and user authentication to be managed from a remote server .T o configure the T a cplus Server: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup User Managem ent SIEMENS 27 Management Classes All system operations, are p artitioned into functiona l groups called m anagemen t classes . Managem ent classes group functions into the following categ ories.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup Change Password SIEMENS 28 Change Password User passwords a re changed from the Change Passwo rd page. T o change a user password: 1. Click Change Password from the left navigation p ane on the Router Information p age.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 4 User Setup Access Control SIEMENS 29 Access Control Restrict administrative control of the router to a specific set of IP addresses on the Access Control p age. Each remote acc ess method (T elnet, Web, and SNMP) can be c onfigured s eparately .
SIEMENS 30 Chapter 5 Advanced Setup This chapter d escribes how to configure a dvanced featur e s on the router . Advanced features are listed b elow . T o configure o ne of thes e featur es, click the lin k on th e left navigation pane of th e Router Information p age.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup DMZ SIEMENS 31 DMZ One computer on your local network can be configured to allow unrestricted two-way communication with servers or individual users on the Internet. This provid es the ability to run programs that are incompatible with firewalls.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup DMZ SIEMENS 32 6. T o change the server status, se lect Enable or Disable from LAN DHCP Server S t atus .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Router Clock SIEMENS 33 Router Clock Use the Router Clock option to se t the date and time on the router . T o set the current date and time on the router: 1. Click Router Clock on the left navigation pane of the Router Infor mation page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup DHCP SIEMENS 34 DHCP DHCP (Dynamic Host Configuration Protoc ol), is a TCP/IP service protocol that provides dynamic le asing of IP addresses and other con figuration inform ation to client host s on the network.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup QoS SIEMENS 35 QoS Quality of Service ( QoS) active ly manages network resource s to sustain service levels for priority applications. T o configure QoS: 1. Click QoS in the left navigat ion pane of the Router Info rmation page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup QoS SIEMENS 36 Configure QoS Policy QoS policies control how QoS manages network resources. T o configure a QoS policy: 1. Click QoS Policy Page from the lef t navigation p ane of the QoS Configuration p age.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup QoS SIEMENS 37 5. In Source IP , select one of the following: • From/T o : Enables source address checking. S pecify the sour ce IP address or range of IP addresses that must match for this policy to be used.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup QoS SIEMENS 38 Reorder QoS Policies T o move a QoS policy: 1. On the QoS Policy Setting page, select the policy yo u want to move in the IP Policy List drop- down menu and click Move .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Routing T able Configuration SIEMENS 39 Routing T able Configuration Every host has a default routing t able that it uses to determ ine which physical interface address to use for outgoing IP traf fic.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Dial Backup SIEMENS 40 Dial Backup Use the Dial Backup option to co nfigure a backup connec tio n to the Intern et through an internal V . 90 (model 5835 only) o r an external asynchronous m odem connec ted to the console port.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Dial Backup SIEMENS 41 Internal Modem The following Dial Backup Configur ation page is displa yed during Dial Backup config uration if you selected Internal Modem for the connection.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Dial Backup SIEMENS 42 External Modem The following Dial Backup Configur ation page is displa yed during Dial Backup config uration if you selected External Modem for the connectio n.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Switch Managem ent SIEMENS 43 Switch Management Each router provides four or eight Ether net 10/100 s witching port s for connection to the local area network (LAN).
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Switch Managem ent SIEMENS 44 Switch Mirror Configuration The router support s traf fic mirroring on the Ethernet swit ch. This means that Ethernet traf fic from any of the Ethernet ports is mirrored to a target port for analysis.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Switch Managem ent SIEMENS 45 Switch Age Time The Switch Age T ime specifies the aging time of the switch. Wh en the age time expires, the p ort MAC address entry is removed from the t able cont aining this information.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup Command Line Interface SIEMENS 46 Command Line Interface Use the Command Line Interfac e option to use the web interfac e to enter CLI commands. (Refer to the Command Line Interface Guide for available commands.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 5 Advanced Setup File Editor SIEMENS 47 File Editor Use the File Editor to create and edit files stored on the router . These files contain configuration an d other data used by the ro uter .
SIEMENS 48 Chapter 6 Security Setup This chapter descr ibes how to configu re security feature s on the router . Security features a re listed below . T o configure one of these featur es, clic k the link on the left navigat ion pane of the Router In formation page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup NA T SIEMENS 49 NA T Network Address T ranslation (NA T) provides a level of secu rity by hiding the private IP addresses of you r LAN behind the single public IP address of your router .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup SNMP SIEMENS 50 SNMP Simple Network Management Protocol (SNMP) exchanges messages between a manageme nt client and a management agent.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup SNMP SIEMENS 51 SNMP IP Filter Activating an IP Filter range will lim it SNMP requests to only those that originate fr om the designated addresses or LAN. T o activate IP filtering: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup Secure Shell SIEMENS 52 Secure Shell Secure Shell (SSH) secures network services over an insecure network such as the public Internet. The objective of SSH is to make a secu re functional equivalent for telnet.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup Secure Shell SIEMENS 53 Configure SSH T o configure Secure Shell settings: 1. Click Configure SSH from the Secure Shell (SSH) Configuratio n List page. This displays the Configure Secure Shell (SSH) page.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup Secure Shell SIEMENS 54 Load Keys Diffie -Hellman is the key exchange system used for authentication in the establishment and maintenance of SSH connections. The key exchange requir es a Public Key and a Private Key .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup Secure Shell SIEMENS 55 Key Generator Diffie -Hellman is the key exchange system used for authentication in the establishment and maintenance of SSH connectio ns. The Key exchange r e quires a Public key and a Private key .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup Firewall Scri pts SIEMENS 56 Firewall Script s A firewall is any combination of ha rdware and softwar e that secures a network and traf fic to prevent interception or intr usion.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 57 S t ateful Firewall S tateful Firewall varies from the IP Filtering Firewall in that it gathers and maintains state informa tion about each session.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 58 Configure St ateful Firewall T o configure the S tateful Fir ewall: 1. Click St atef ul Firewa ll from the left navigatio n pane of the Router Information p age.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 59 View Dropped Packet s T o view the most recent dropped packet s: 1. Click Dropped Packe ts fr om the lef t navigation pa ne of the S t ateful Fir ewall Conf iguration p age.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 60 Configure Firewall Rules T o configure firewall rules: 1. Click Firewall Rules from the left navig ation pane of the S tatef ul Firewall Configuratio n page .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 61 5. For Ta r g e t , select one of the following to specify the charac teristics a packet must have in order to match the firewall rule: • Protocol/Port S pecifies the protoc ol or port t hat applies to the rule.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup St at eful Firewall SIEMENS 62 Delete Firewall Rules T o delete firewall rules: 1. Click Firewall Rules from the left navig ation pane of the S tatef ul Firewall Configuratio n page .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 63 IKE/IPSec Configuration IKE/IPSec (Internet Key Exchange/Internet Protocol Secu rity) prov ides authentication and encryption of IP traffic for the au thenticity , integrity and privacy of your communications.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 64 Easy IKE/IPSec Setup Internet Key Exchange (IKE) is a means of dynamically creating IP Security (IPSec) connections. IPSe c uses encryption and authentication to virtual priva te networks over an insecure n etwor k.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 65 Advanced IKE/IPSec Setup The Advanced IKE/IPSec Setup p age present s informat ion about current IKE a nd IPSec peers, policies and proposals.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 66 IKE Peers Definition IKE peers are those devices known to your internal mod e m as capable of p articipatin g in IKE connections. T o define a new IKE Peer: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 67 IKE Proposals Definition IKE I proposals specify how packets will be encrypted/aut henticated for Phase I. T o define a new IKE proposal: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 68 IKE IPSec Proposals Definition IKE IPSec Proposals specify how p acket s will be encrypted/authen ticated for the final SA. T o define a new IKE IPSec proposal: 1.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 69 5. From th e ESP Encryption T ype drop-down menu, sele ct one of the fo llowing to specify the algorithm to use to encrypt ESP IPS ec packets: • DES : Encrypts usin g a 56-bit key .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 70 IKE IPSec Policies Definition IPSec policies are criteria for pa ckets that IPSec will recognize, an d actions that IPSec will take upon recognition.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup IKE/IPSec Configuration SIEMENS 71 9. In Destination IP Address , enter the IP address of the remote pr ivate network to whic h your router will connect using this policy .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 6 Security Setup VPN Log On SIEMENS 72 VPN Log On VPN Log On start s an IPSec se ssion. IPSec sessions are initiated through Security Ass.
SIEMENS 73 Chapter 7 Monitoring Router This chapter describes how to monitor the health of your router co nnections. Router health can be monitored using the following functions. System Summary T o view system summary information, click System Summary on the left navigation pane of the Router Information page .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter System Summary SIEMENS 74 Ethernet Interface Information Click Ethernet Info on th e left navigation pane of the System Summary page to display inform ation abou t the Ethernet interface.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter System Summary SIEMENS 75 IP Routing Information Click IP Routing Info on the left navigation pane of the System Summary page to disp lay information about the active interfaces in the IP routing t able.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter Diagnostics SIEMENS 76 Diagnostics The Diagnostic feature provides info rmation about var ious component s of your system that might help in diagnosing a problem. T o run diagnostics, click Diagnostics on the lef t navigation p ane of the Router Information page .
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter Diagnostics SIEMENS 77 Interface Information Select Interface information from the dro p down menu and click Execute to display interface information.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter Diagnostics SIEMENS 78 Routing T able Information Select Routing T able information from the drop down menu and click Execute to display information about the configured r outing tab les.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter Diagnostics SIEMENS 79 Memory Usage Select Memory usage from the dr op down menu and click Execute to display memory usage information.
SIEMENS se5880 Ethernet Security Router User’s Guide Chapter 7 Monitoring Rou ter Diagnostics SIEMENS 80 TCP/IP St atistics Select TCP/IP statistics fro m the drop down menu and click Execute to display TCP/IP information.
An important point after buying a device Siemens se5880 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Siemens se5880 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Siemens se5880 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Siemens se5880 you will learn all the available features of the product, as well as information on its operation. The information that you get Siemens se5880 will certainly help you make a decision on the purchase.
If you already are a holder of Siemens se5880, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Siemens se5880.
However, one of the most important roles played by the user manual is to help in solving problems with Siemens se5880. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Siemens se5880 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center