Download SoftRouter Plus User Guide

VICOMSOFT
SoftRouter Plus
User Guide
For Macintosh
© 1999, Vicomsoft, a division of Vicom Technology Ltd.
The Vicomsoft software and documentation are copyrighted with all rights reserved.
Under the copyright laws, they may not be copied, in whole or in part, without the written
consent of Vicomsoft This exception does not allow copies to be made for others, whether or
not sold. Under the law, copying includes translating into another language or format. All
third party trade marks are acknowledged.
Changes to Documentation or Software. Vicomsoft reserve the right to revise this Guide
and/or the Vicomsoft software and to make any changes without the obligation to notify
any person of such changes.
License, Warranty, Limitation of Liability. Details of the software License, Warranty and
Limitation of Liability are found in Appendix C of this User Guide. Users of Vicomsoft
software are specifically referred to these matters.
Support. Support for Vicomsoft products is provided to registered users through the
following contacts.
Contacting Vicomsoft
Support and Product Information
World Wide Web:
Email - Information:
http: //www.vicomsoft.com/
[email protected]
USA & Canada
Email - Support:
Email - Sales:
Address:
Telephone:
Fax :
[email protected]
[email protected]
465 Fairchild Drive, Suite 201, Mountain View, CA 94043
650 691 9520
650 691 9838
UK & International
Email - Support:
Email - Sales:
Address:
Telephone:
Fax :
[email protected]
[email protected]
2 Durley Road, Bournemouth, BH2 5JJ, England
+44 (0) 1202 293 233
+44 (0) 1202 310 241
Doc: MacSRP - 07/99
Table of Contents
1
2
3
4
5
6
7
Introduction ........................................................................... 9
What is the Vicomsoft SoftRouter Plus? ................................. 9
What is the Vicomsoft WebCache Server? ............................. 9
About this Guide.................................................................. 11
What Do you Need?............................................................. 13
Information Required from your Internet Service Provider...... 15
Installing the SoftRouter Plus............................................... 16
Auto Setup the SoftRouter Plus ............................................. 17
Using the Vicomsoft SoftRouter Plus..................................... 18
Purchase Product Online....................................................... 20
SoftRouter Plus Scenarios ..................................................... 21
SoftRouter Plus Port Capabilities ......................................... 21
Scenarios ............................................................................. 23
Network to Internet Integration............................................ 24
Local Area Network Integration ........................................... 24
Wide Area Network Integration........................................... 25
PPP Serving ......................................................................... 26
MultiNoding/IP Aliasing..................................................... 27
Multihosting on Web Servers................................................ 28
The Open Transport IP Address............................................. 29
TCP/IP Client Applications on the SoftRouter Plus Computer 29
TCP/IP Server Applications on the SoftRouter Plus Computer 30
Multi-Homing...................................................................... 31
Customizing the SoftRouter Plus........................................... 33
Setting SoftRouter Plus Preferences ....................................... 33
Editing Ports in Basic User Mode........................................... 42
General Settings................................................................... 42
Login Options....................................................................... 46
Connect Options ................................................................... 48
Advanced Edit Port Settings Options .................................... 51
Access Rights....................................................................... 51
PPP Options ......................................................................... 52
Operating the SoftRouter Plus .............................................. 53
About User Modes................................................................. 53
Starting and Stopping the SoftRouter Plus ............................ 54
The SoftRouter Plus Menus.................................................... 55
The SoftRouter Plus Status Window...................................... 56
The Port List Display........................................................... 57
Managing Local Users........................................................... 60
Managing Remote Users........................................................ 61
Vicomsoft WebCache Server ................................................ 62
Vicomsoft WebCache Server Transparent Access................... 63
WebCache Status Window ................................................... 64
Offline Mode ....................................................................... 64
Display catalog of cached pages........................................... 65
Display local server list....................................................... 66
WebCache Server Administration ........................................ 69
Local Administration ........................................................... 69
General................................................................................ 69
Proxy................................................................................... 71
Cache Control ...................................................................... 72
Security............................................................................... 73
Advanced ............................................................................ 73
WebHeader ......................................................................... 75
3
Table of Contents
Remote Administration of the WebCache..............................76
Administering cached web sites............................................. 76
Remote WebCache Configuration ..........................................79
Remote WebHeader Configuration........................................81
Create or Modify a WebHeader ............................................82
8 The DNS Server and Cache...................................................83
The Domain Name Server .....................................................83
Local Name Resolution .........................................................84
Fixed Address Resolution......................................................84
9 The DHCP Server .................................................................87
What is a DHCP Server? ......................................................87
Configuring DHCP ................................................................87
Customizing the DHCP Server ..............................................88
DHCP Clients File................................................................90
10 Setting Up Remote Access Services ........................................93
PPP Serving ..........................................................................94
Dial-In Client Security.........................................................96
Setting up Dial-In Ports ........................................................98
Setting Up Remote Access Clients ..........................................99
11 Inbound Mapping and Firewall Protection............................ 103
Inbound Mapping ................................................................ 103
12
IP Addressing and Routing................................................... 105
TCP/IP Addressing ............................................................. 105
TCP/IP Routing................................................................... 107
The SoftRouter Plus Routing Process..................................... 111
13 Internet Filters ................................................................... 115
Administering Internet Filters............................................. 115
User Defined Filter............................................................. 115
Protocol Filters................................................................... 119
14 Multihosting ...................................................................... 123
How Does SoftRouter Plus Multihosting Work? ................... 123
Multihosting Setup ............................................................. 124
15 The Vicomsoft Administrator Console ................................. 127
Remote Management ........................................................... 127
16 Troubleshooting.................................................................. 131
Testing the SoftRouter Plus ................................................. 131
Modem Problems................................................................. 134
Login Problems.................................................................... 134
Tracing Ports....................................................................... 134
Problems with Internet or Local Hosts.................................. 135
Performance Considerations ................................................ 136
APPENDICES .......................................................................... 137
A
B
C
Manual Client Configuration............................................... 137
Setting up Macintosh Open Transport Clients....................... 138
Setting up Macintosh MacTCP Clients ................................. 139
Setting up Other Windows Clients ...................................... 142
Setting up Unix Clients ....................................................... 143
AppleScript Commands ...................................................... 145
AppleScript, SoftRouter Plus Commands ............................. 146
Legal and CommercialÊMatters ........................................... 149
Legal Matters ..................................................................... 149
Table of Contents
Commercial Matters............................................................150
Feedback ............................................................................150
D Vicomsoft SoftRouter Plus Worksheet..................................151
Index ..................................................................................158
5
Additional User Upgrades
Additional User Upgrades
Your Vicomsoft SoftRouter Plus software license allows you to use it for the licensed number
of concurrent users.
Licenses for additional concurrent users are available. Prices and ordering information can
be found on the Vicomsoft Web Site at:
http://www.vicomsoft.com/
Alternatively, please email [email protected] or use the other contact information
provided at the front of this Guide.
7
1
Introduction
What is the Vicomsoft SoftRouter Plus?
The Vicomsoft SoftRouter Plus is a TCP/IP software router application that runs on a single
Macintosh and interconnects local and wide area networks of computers to each other as
well as to the Internet.
The SoftRouter Plus uses a Network Address Translation system to connect a private TCP/IP
network to the public Internet. This allows multiple ÒclientÓ computers to share a single
Internet connection and a single IP address, simultaneously. This feature provides an
effective Firewall, preventing any unwanted intrusion to your private network from the
public Internet.
The SoftRouter Plus supports a variety of connection methods to the Internet, including
modem, ISDN cards and Terminal adapters (TA), cable access, hardware routers, leased
line and xDSL. A modem or an ISDN connection to the Internet is dialled automatically on
demand, using PPP or SLIP protocol and disconnected when no longer in use.
Local area networks can use Ethernet, Token Ring or AppleTalk (via LocalTalk or
AppleTalk routing).
Wide area Intranet links can be set up to use PPP or SLIP for dial-in or dial-out. Throughout
this manual we will refer to PPP as the connection method, in each instance you may also
use SLIP. The SoftRouter Plus can be used as a Remote Access Server, with password
security.
For a basic Internet access the SoftRouter Plus configures itself and your client computers
automatically, employing a familiar Macintosh user interface. Client configuration is
achieved using a built-in DHCP Server, supporting multi-subnet fixed and dynamic IP
address management for up to 1023 clients.
9
Chapter 1.
Introduction
Vicomsoft
SoftRouter Plus
What is the Vicomsoft WebCache Server?
The Vicomsoft WebCache Server is an application module that captures copies of Internet
web pages and images that are requested by its clients and serves them locally when they
are asked for again.
Web caching can enhance performance for network users, as each client benefits from the
locally stored information requested by all users. It can also reduce Internet bandwidth
utilization by reducing repeated downloads of the same information. These benefits apply
regardless of the performance of your direct Internet connection.
The Router products provide integrated transparent access to the WebCache Server. When
Transparent mode is switched on all web connections to port 80 are redirected to the
specified caching server address and caching server responses are returned through the
Router to the client. If Transparent Access is switched off then cache redirection is disabled
and all web connections are routed normally. The client and the caching server are unaware
of the redirection process and neither need to be reconfigured when the Transparent mode is
enabled or disabled.
The transparent access feature can be used with the Vicomsoft WebCache Server module or
you can use it to direct clients to your existing web caching server.
The Vicomsoft WebCache module can be run on the same host machine as the Router
software or on separate hardware, allowing you to optimize your network and hardware
usage and performance.
10
Vicomsoft
SoftRouter Plus
Chapter 1.
Introduction
About this Guide
The Vicomsoft SoftRouter Plus offers a comprehensive set of TCP/IP routing and network
administration facilities. To provide a progressive introduction to these capabilities and
the product, this User Guide define two levels of complexity, referred to as the Basic and
Advanced User Modes.
The first chapters include information on the following subjects:
¥
¥
¥
System and network requirements for SoftRouter Plus configurations.
SoftRouter Plus scenarios and configuration options.
Operating and customizing the SoftRouter Plus.
The later chapters explain how you can use the SoftRouter Plus to:
¥
¥
¥
¥
¥
¥
¥
Control user access to the SoftRouter Plus and to public network locations.
Manage inbound connections through the firewall to internal servers.
Monitor and log user activity.
Provide secure dial-in remote access to your LAN.
Customize the built-in DHCP Server to support multiple LAN segments and fixed
addresses.
Configure manual routing tables to work with other gateways and routers in a multisegment Intranet.
Configure and Setup Multihosted web sites with the SoftRouter Plus.
Here we describe each Chapter and its contents.
Chapter 2 describes the SoftRouter PlusÕs scenarios and configuration options. While
Chapter 3 describes how the SoftRouter Plus works with Open Transport. Chapters 4 and 5
provide reference material on the SoftRouter PlusÕs operating and configuration facilities.
Chapters 6 and 7 provide full details on the Vicomsoft WebCache server how to configure
and Administer the cache, and how to use the WebHeader features.
Chapters 8 through 12 provide detail on features, such as how to configure the SoftRouter
PlusÕs DNS Server feature, the DHCP Server and setting up remote access, as well as the
concepts of TCP/IP addressing, routing and firewalls. These are the Advanced User Mode
features of the software.
Chapter 13 explains the Internet Filters, allowing you to lock out access to specific sites
from inside the SoftRouter Plus.
Chapter 14 describes the SoftRouter Plus's Multihosting feature, allowing you to host
multiple IP addresses on one computer.
Chapter 15 describes the SoftRouter Plus's Administrator Console feature. This feature
allows you control and adjust your SoftRouter PlusÕs configuration from either your local
network or from a remote location on the Internet or a dial in connection.
Chapter 16 describes hints and tips for solving problems with the SoftRouter PlusÕs
configuration and setup.
If you are not familiar with TCP/IP routing concepts, we recommend that you set up the
SoftRouter Plus by following the QuickStart Guide.
By the end of Chapter 5 you should be able to connect clients on your Local Area Network
through the SoftRouter Plus to your Internet Service Provider and should have an
understanding of the way the SoftRouter Plus operates. This will provide a starting point
for understanding the later material in this User Guide.
11
Chapter 1.
Introduction
Vicomsoft
SoftRouter Plus
What Do you Need?
To use the SoftRouter Plus to access the Internet you need an account with an Internet Service
Provider. The equipment and information you require in order to connect will depend on the
kind of service you choose. The service may be:
¥
¥
A dial-up service for which you are responsible for providing a suitable modem/ISDN
and any routing facilities required at your premises. This is the most common type of
service.
In this case you need to obtain from your Service Provider all the information specified
in the next Chapter.
A leased line or cable service, for which the Service Provider installs connection and
routing equipment at your premises. You then connect your Ethernet network directly to
the Service ProviderÕs equipment.
In these cases your Provider may assign you an IP address for your Internet connection.
In some cases you may also be expected to provide other items, such as a Domain Name
Server or a mail server.
If you are required to provide the connection equipment, you should select the fastest modem
or ISDN facility you can, as this will minimize the delays for users accessing web and FTP
sites. The SoftRouter Plus supports analog modems and external ISDN Terminal Adapters
(TA) via the Macintosh serial ports using the Modem Control panel or Apple Modem Tool
software (which is supplied with the SoftRouter Plus). You must ensure that the cable you
use to connect your Macintosh to the modem is a high speed serial cable supporting
hardware handshaking.
Various internal ISDN cards are also supported via the Comms Toolbox connection software
provided by the card manufacturers. At the time of writing, Vicomsoft has tested the
SoftRouter Plus with cards made by Sagem, Hermstedt, 4-Sight, Harmonix and SCii.
If your Internet service is provided through an Ethernet interface, for example, via a cable
modem, xDSL modem or a router, the SoftRouter Plus computer requires a separate Ethernet
interface for this connection. This may be the built-in Ethernet interface on the Macintosh
or a plug-in Ethernet card.
One or more local area network (LAN) connections are required on the SoftRouter Plus
Macintosh for the Client computers. These may use any combination of the built-in Ethernet
or LocalTalk interfaces, as well as plug-in Ethernet or Token Ring cards. One network
interface is required for each physical LAN segment you wish to connect.
The SoftRouter Plus supports Ethernet and Token Ring on NuBus or PCI machines. PCI
Ethernet may operate at the 100 MBit/sec fast Ethernet standard. This enables the
SoftRouter Plus to work as a Router between 10 MBit/sec and 100 MBit/sec Networks.
You may also use the SoftRouter Plus as a Remote Access Server, allowing users to dial into
your network to access the internal network servers or to connect through to the Internet. For
this purpose you can add modems or ISDN TAs, using multi-port serial cards to augment the
two Macintosh built-in serial ports if necessary.
The Vicomsoft SoftRouter Plus runs on any MacOS-compatible system with the following
minimum specifications:
¥
¥
¥
¥
¥
12
A Macintosh or MacOS-compatible computer with at least a 68040 processor.
At least 6 MBytes available memory.
Up to 15 MBytes of available disk space.
System Software version 7.5.3 or later.
Open Transport version 1.1.1 or higher.
Vicomsoft
SoftRouter Plus
Chapter 1.
Introduction
Notes on CPU requirements:
1
2
To achieve optimum throughput with an external ISDN TA or a high speed modem, a
Macintosh with a high speed serial port is recommended. These are standard on
Quadra AV and PowerPC models. On lower-specification systems, a high speed port
can be provided using a plug-in serial card.
To support both LocalTalk clients and high speed modem or ISDN on the built-in serial
ports, the Mac should be a PowerPC.
Please read the notes on Performance Considerations in Chapter 15 for more details.
13
Chapter 1.
Introduction
Vicomsoft
SoftRouter Plus
SoftRouter Plus QuickStart Guide
The next section of this User Guide gives a very quick break down of what is required and
how to install your SoftRouter Plus application. We recommend that you use the SoftRouter
Plus QuickStart Guide as your guide for installing the software as it includes more detailed
information.
Information Required from your Internet Service Provider
Before configuring you must have some information with regards to your connection type. To
help you keep a record of this we provide a SoftRouter Plus worksheet at the back of this
Guide, we suggest you print this and fill it in. Please make sure you have the following
information about your Internet account and your network requirements:
General Information
Do you have a static IP address or a dynamic IP address assigned to you by your Internet
Service Provider? If static, what is it?
Did your ISP assign you a subnet mask? If so, what is it?
What is the DNS Address of your ISP (or note the IP address for your own DNS server)?
How are your computers networked together (e.g., via Ethernet, Token Ring or
LocalTalk cabling)?
Dial-up connections
What is the telephone number you must dial in order to establish your PPP or SLIP
Internet connection (if you are using PPP or SLIP)?
What is your username and password information for your PPP or SLIP connection to the
Internet?
Does your ISP require a login script? If so, what are the prompts?
What type of modem, ISDN Terminal adapter or ISDN Card are you using to connect to
the Internet?
xDSL , Router or Cable modem
Did your ISP assign you a default gateway or router IP address? If so, what is it?
It is suggested that once you have the SoftRouter Plus working, you make a copy of the
preferences and perform a ÒSave Config AsÓ from the ÒFileÓ menu. This saves a text file of
your configuration which can be printed. This will help out if any problems arise.
14
Vicomsoft
SoftRouter Plus
Chapter 1.
Introduction
Installing the SoftRouter Plus
To install the SoftRouter Plus, double-click on the ÒInstall SoftRouterÓ icon.
With this installer you have the option to ÒShow Other InstallationsÓ. The first installer
window will install both the SoftRouter Plus and the WebCache Server. The second
window, gives you the option to install the SoftRouter Plus OR the WebCache Server.
Both applications can only be installed onto a disk with a System folder. Drag the
Vicomsoft SoftRouter Plus icon to your Startup Disk on the right. This will create a folder
on the disk called ÒVicomsoft SoftRouter PlusÓ.
The following files are installed:
Vicomsoft SoftRouter Plus folder
¥
¥
¥
¥
¥
¥
¥
¥
The SoftRouter Plus application.
The Vicomsoft Local Administrator application.
The CyberUpdater application.
The Log File Generator application.
The WebCache Server Module application.
Online help files in HTML Format.
One or more ReadMe files providing supplementary information about the version you
have installed.
A LocalHtml Folder. Contained in this folder is an Admin folder, an Images folder and
all the Local HTML files used by the WebCache Server.
¥ Example WebHeader and Template HTML files.
System folder/Extensions folder
¥
¥
¥
Apple Modem ToolÑ Used to make modem PPP and SLIP connections.
Ò-Gateway-ÓÑ Extension enabling TCP/IP client or server applications to be used on the
SoftRouter Plus computer.
ÒVicomsoft System MenuÓÑ Extension enabling a menu option to allow you to control
the SoftRouter Plus without loading the user interface.
System folder/Preferences folder
¥
A ÒVICOM SettingsÓ folder which includes the DHCP Clients file, the Gateway Name
file and all other Preferences files.
15
Chapter 1.
Introduction
Vicomsoft
SoftRouter Plus
Configuring the SoftRouter Plus
To use the SoftRouter Plus to connect a LAN to the Internet you must have a Network
Address Translation (NAT) port for your Internet connection and a Local Area Network port
for your client network. You must also have this
icon in the main Status window to allow
other TCP/IP applications to run on the SoftRouter Plus computer.
Auto Setup the SoftRouter Plus
When the SoftRouter Plus is first launched Darko, the Auto Setup Guru, offers to help you
configure the SoftRouter Plus automatically. You can run this Auto-Setup sequence at any
time by selecting ÒAuto ConfigureÓ from the ÒNetworkÓ menu when the SoftRouter Plus is
turned off.
The Auto Setup Guru will attempt to use your existing configuration, this information can be
changed manually after auto setup is completed.
Start Auto-Setup: will build the configuration without interaction, only prompting you
when key information is required. Select this option if you are using a Modem, ISDN TA,
Cable Modem, xDSL Modem (e.g. ADSL), Router.
Cancel Auto-Setup: will allow you to leave the automatic setup process, without making
any changes. If this is the first time the SoftRouter Plus has been launched, the Status
window will appear with no ports listed. You will then need to manually configure the
SoftRouter Plus. The QuickStart Guide fully explains how to configure the SoftRouter Plus
specially for users of ISDN Card or Lease line connection.
What follows is a list of the steps that Darko will take to configure the SoftRouter Plus.
The Auto setup process is fully described in the Vicomsoft SoftRouter Plus QuickStart
Guide, we suggest you use the QuickStart Guide when you install the SoftRouter Plus.
Step 1 - How will you connect?
First, Darko will ask you how you intend to connect to your Internet Service Provider. You
can connect using an Ethernet connection (xDSL, Cable modem or Router) or you can connect
using a modem or an ISDN Terminal Adapter (TA).
Step 2 - Using PPP or Using Ethernet
Using PPP
If you select ÒUsing PPPÓ, Darko will look for previous settings to make a PPP port for your
Internet connection. If you have used MacPPP, FreePPP or Open Transport PPP, Darko will
import the information from the most recently used configuration. If Darko finds an Open
Transport PPP or Remote Access configuration Darko will prompt you to enter your Password
for this connection.
Using Ethernet
If you select ÒUsing EthernetÓ Darko will help you make an Ethernet NAT port for your
Internet connection.
All the information requested for the above steps should have been supplied to you by your
Internet Service Provider. Review the section ÒInformation Required from Your Internet
Service ProviderÓ for more details.
Step 3 - Building a Local Area Network (LAN) Port
16
Vicomsoft
SoftRouter Plus
Chapter 1.
Introduction
If your clients are connected to the SoftRouter Plus using LocalTalk cabling, then select
AppleTalk (MacIP). MacIP allows TCP/IP packets to be carried over a LocalTalk network
to reach the SoftRouter Plus.
If your clients are connected to the SoftRouter Plus using Ethernet or TokenRing cabling, then
select the appropriate connection device.
We strongly recommended that you use two Ethernet devices, if using a Cable modem to
connect to the Internet. This puts you on a separate physical network from the Cable
provider and enables you to use the DHCP server function of the SoftRouter Plus to simplify
network address administration.
Step 4 - Entering a DNS Address
Darko will ask you to enter your DNS address into the field provided. You may have
received the DNS address information from your Internet Service Provider.
If your ISP does not give you a DNS (Domain Name Server) IP address, leave the DNS
Address blank.
Step 5 - Enabling DHCP
The SoftRouter Plus includes a function called DHCP (Dynamic Host Configuration
Protocol) that can send TCP/IP configuration information automatically to the clients on an
Ethernet network. This saves having to configure them manually. If you only have one
Ethernet device, and are using an Ethernet NAT port, this option will not appear.
Note: Many cable modem providers who assign dynamic IP addresses use a DHCP server to
do so. If you are using a cable modem and have a dynamic IP address from your Cable
Provider, you should not opt to assign the computers on your LAN dynamic IP addresses. If
you only have one Ethernet Interface you must configure your client computers manually.
Step 6 - Completed Auto Setup
Once you have completed the Auto Setup you can test your connection by following the
Testing SoftRouter Plus section in the Troubleshooting section of this Guide or you can use
the Online Help by selecting ÒVicomsoft Online HelpÓ from the ÒHelpÓ menu.
You can then move on to Configuring your Client Computers.
17
Chapter 1.
Introduction
Vicomsoft
SoftRouter Plus
Configuring your Client computers
Each Client computer on your local network should be set up to use SoftRouter Plus to connect
to the Internet. PCs, UNIX Systems and Macintoshes have different set up systems.
Example instructions for the most common Client operating systems are provided in detail
in the SoftRouter Plus QuickStart Guide.
If you have any problems with configuring your client machines we suggest you use the
Online Help by selecting ÒVicomsoft Online HelpÓ from the ÒHelpÓ menu.
Using the Vicomsoft SoftRouter Plus
Congratulations. You have set up the SoftRouter Plus and you can now use it to share your
Internet connection. The default SoftRouter Plus configuration should meet basic operating
requirements. However, you may wish to adjust or add to these settings.
The File menu item ÒSave Config AsÓ saves the current setup as a text file that can be
viewed or printed using SimpleText or any other text editor. This will provide a record of
your configuration and will be requested by Vicomsoft if you seek technical assistance.
We also recommend that you make a backup of your Vicom Settings folder, located in the
System folder, Preferences folder.
18
Vicomsoft
SoftRouter Plus
Chapter 1.
Introduction
Purchase Product Online
Once you have connected to the Internet, you will be given the option to Purchase the
product. To Purchase the SoftRouter Plus simply select the ÒPurchaseÓ option in the
ÒNetworkÓ menu and this window will be displayed.
If you have already purchased the SoftRouter Plus, this option will not be available for
selection.
When you click on the Purchase button the SoftRouter Plus will load your Web Browser and
you will be taken to the Vicomsoft OnlineComms Store.
Once you have entered all your details, you will be sent an e-mail to confirm your order.
Once your order has been confirmed and your details checked you will be sent another email along with an attachment and a URL so you can download your newly purchased
SoftRouter Plus.
Once you have downloaded and installed the SoftRouter Plus, the attached file will need
to be copied into your SoftRouter Plus folder. When you next launch the SoftRouter Plus you
will then need to enter the details that have been sent to you along with the file.
Your SoftRouter Plus will then be a fully working version registered to you.
19
2
SoftRouter Plus Scenarios
About this Chapter
This chapter explains some of the Scenarios in which you might wish use the SoftRouter
Plus. The SoftRouter Plus offers a comprehensive range of features to address the following
types of network requirements:
¥
¥
¥
¥
¥
¥
Network Integration with the Internet
Local Area Network Integration
Wide Area Network Integration
PPP Serving
MultiNoding/IP Aliasing
Multihosting on Web Servers
This Chapter provides examples of each of these scenarios to help you determine how to
apply SoftRouter Plus as a solution to your specific network requirements.
We begin by explaining the SoftRouter Plus port capabilities in general and then describes
how SoftRouter Plus ports can be configured for each of the above capabilities. For each
type of configuration, it provides a definition, a network illustration and a checklist of
which port configurations are required.
SoftRouter Plus Port Capabilities
The SoftRouter Plus requires a port for each connected network. Further, there must be a
logical port for each subnet, though multiple ports can be created on a single Ethernet
interface. As a result, it is very important to understand ports: configurations, mapping
ports to physical IP subnets and PPP address mapping. Learning these concepts will make it
easier to determine what kind of port you will require and how to configure it for each
anticipated task .
The SoftRouter Plus supports a variety of connection methods to the Internet, these include,
modem, ISDN cards and Terminal adapters (TA), cable access, hardware routers, leased
line and xDSL. A modem or an ISDN connection to the Internet is dialled automatically on
demand, using PPP protocol and disconnected when no longer in use.
Wide area Intranet links can be set up to use PPP for dial-in or dial-out. The SoftRouter Plus
can be used as a Remote Access Server, with password security.
21
Chapter 2.
SoftRouter Plus Scenarios
Vicomsoft
SoftRouter Plus
Port Configuration Connection Methods
PPP: A PPP port can provide network access for remote clients or they can support
connections to remote dial-up networks such as the Internet or another private network. The
remote network must also support dial-up connections and could include another Vicomsoft
SoftRouter Plus for this purpose. A PPP port can be configured as follows:
Dial upÑAnswer only:
The port is set to accept incoming calls.
Dial upÑDial only
This configuration is used for dialling out to other routers or gateways for wide area
routing connections.
Dial upÑAnswer and Dial
The port is set to accept incoming calls and to dial out when necessary, with the
Network Address Translation checked you can use this option to connect to the Internet
and accept incoming calls.
Network Address Translation
This setting can be checked with both, Dial Only and Dial and Answer options. When
selected the SoftRouter Plus will use the Network Address Translation feature when
connected, e.g. to the Internet.
Ethernet: Create an Ethernet port if you need to connect computers using Ethernet cabling.
Each Ethernet interface appears as a separate menu item.
Network Address Translation
When selected in combination with an Ethernet Card the SoftRouter Plus will use the
Network Address Translation feature when connected, e.g. to the Internet.
Token Ring: Create a Token Ring port if you are connecting to a Token Ring network. Token
Ring is available as a port option if a supported Token Ring adapter is installed.
22
Vicomsoft
SoftRouter Plus
Chapter 2.
SoftRouter Plus Scenarios
Scenarios
The following examples show what you can accomplish with SoftRouter Plus, using the
previous port configurations for the following purposes: Local Area Network Integration,
Wide Area Network Integration, PPP Serving, MultiNoding/IP Aliasing and Multihosting
on Web Servers. While each of these is shown as a separate example for clarity, they can
be combined in more complex configurations as you wish.
The network addresses shown in these examples are in one of the ranges defined by
InterNIC for use by private networks. If the SoftRouter Plus or any of its connected networks
is to connect to the public Internet then, you must use NAT on all Internet ports or all the
network addresses you use must be legal public addresses, correctly assigned for your use by
the InterNIC or an approved delegated authority. (e.g. your ISP)
The SoftRouter Plus supports any TCP/IP Host system, including PCs, Macs, minis,
mainframes, printers, terminal adapters, terminal servers, network computers, routers,
gateways, firewalls, proxy servers, etc.
Please note that the SoftRouter Plus does not provide routing services for protocols other
than IP, such as IPX/SPX, etc.
23
Chapter 2.
SoftRouter Plus Scenarios
Vicomsoft
SoftRouter Plus
Network to Internet Integration
With the SoftRouter Plus, you can connect your entire Local Area Network or even a Wide
Area Network, to the Internet, using just one Internet Connection or account, as illustrated
below.
Internet
192.168.1.254
Internet Connection
Network A
Local Area Network
192.168.1.0
Vicomsoft
SoftRouter Plus
To connect your network(s) to the Internet, you will need the following port configurations on
your SoftRouter Plus machine:
¥
¥
A Network Address Translation port with a legal IP address, which is either a PPP
Dial out or Direct connection via Cable Modem/Leased line, etc.
Ethernet port with an IP address on Network A (e.g., 192.168.1.254)
In addition to its routing capability, the SoftRouter Plus provides a DHCP Server which
allows the use of the SoftRouter Plus to manage the assignment of IP addresses to machines.
Chapter 6 provides more information on the DHCP Server function.
Local Area Network Integration
With the SoftRouter Plus, you can interconnect Ethernet and Token Ring Networks, as
illustrated below.
Network A
10 BaseT Ethernet
192.168.1.0
192.168.1.254
192.168.3.254
Host
System
192.168.2.254
Vicomsoft
SoftRouter Plus
Network B
100 BaseT Fast Ethernet
192.168.2.0
Network C
Token Ring Network
192.168.3.0
To interconnect these networks, you will need the following port configurations on your
SoftRouter Plus machine:
¥
¥
¥
Ethernet port with an IP address on Network A (e.g., 192.168.1.254)
Fast Ethernet port with an IP address on Network B (e.g., 192.168.2.254)
Token Ring port with an IP address on Network C (e.g., 192.168.3.254)
More details of TCP/IP routing are provided in Chapter 12.
In addition to its routing capability, the SoftRouter Plus provides a DHCP Server which
allows you to set the local machines for Server configuration and use the SoftRouter Plus to
manage the assignment of addresses to machines. Chapter 9 provides more information on
the DHCP Server function.
24
Vicomsoft
SoftRouter Plus
Chapter 2.
SoftRouter Plus Scenarios
Wide Area Network Integration
With the SoftRouter Plus you can integrate two or more offices using a wide area network,
as illustrated below. In this example it is assumed that a Branch Office wishes to connect to
its Head Office when users need to access Head Office servers. The Branch Office
SoftRouter Plus initiates a dial-up connection on demand and, once connected, two-way
communications are possible between the two sites.
Network C
Branch Office
192.168.3.0
Network A
Head Office Network
192.168.1.0
Network B
Dial-Up Connection
192.168.1.254
192.168.2.100
Vicomsoft
SoftRouter Plus
192.168.2.101
192.168.3.254
Vicomsoft
SoftRouter Plus
In order for the Head Office to be interconnected and to allow the Branch Office to connect
to their internal network as illustrated above, you will need the following port
configurations on your SoftRouter Plus machine at the Head Office site:
¥
¥
Ethernet port with an IP address on Network A (e.g., 192.168.1.254)
PPP Dial upÑAnswer Only port with an IP address on Network B (e.g., 192.168.2.254)
For the Branch Office to be interconnected and to connect to the Head Office network as
illustrated above, you will need the following port configurations on your SoftRouter Plus
machine at the Branch Office site:
¥
¥
Ethernet port with an IP address on Network C (e.g., 192.168.3.254)
PPP Dial upÑDial out port with an IP address on Network B (e.g., 192.168.2.101)
The Branch Office SoftRouter Plus is set up with its dial-up port as its Default Port, so that
all external access attempts are routed through this port.
More details of the routing table needs of complex configurations are provided in Chapter 9.
25
Chapter 2.
SoftRouter Plus Scenarios
Vicomsoft
SoftRouter Plus
PPP Serving
The SoftRouter Plus includes a PPP Server, which allows for multiple dial-in connections.
Each PPP dial-in port can be set up with a static IP address or you can use dynamic address
assignment.
The following example shows a SoftRouter Plus providing remote access services for up to
two simultaneous remote users. More dial-in ports could be provided by installing a multiport serial interface card. When connected, remote users are able to access the same TCP/IP
facilities on the LAN and other Intranet connections as the locally-connected users.
Network A
192.168.1.0
Dial Up
Connections
Remote Users
192.168.1.254
Vicomsoft
SoftRouter Plus
To set up SoftRouter Plus for remote access using PPP Serving, as illustrated above, you will
need the following port configurations on your SoftRouter Plus machine:
¥
¥
Ethernet port with an IP address on Network A (e.g., 192.168.1.254).
Two PPP Dial upÑAnswer Only ports, both set up for Dynamic addressing.
For more information on PPP Server and Client set-up, refer to Chapter 10.
A Note About Dynamic PPP Address Assignment
When a remote client connects to a PPP dial-in port that is set for dynamic addressing, the
SoftRouter Plus will assign it the next available address above a base IP address. This base
address can be defined manually within the preferences. If the base address is not defined,
the SoftRouter Plus defaults to use the address of the first Ethernet network in the Port
List. For example, if the Ethernet port has an address of 192.168.1.254, the first dial-in PPP
port will be assigned an IP address of 192.168.1.101 upon connection by a client. The next one
is assigned 192.168.1.102 and so on.
Since the DHCP Server function in the SoftRouter Plus also assigns IP addresses and these
default to the address range below the Ethernet Port address, these default address
assignment processes should avoid address assignment conflicts. If you choose to manually
override the default behaviour, please ensure that you select a PPP Server Base address
that is outside of any DHCP Server range you define.
The default IP address we use 192.168.1.254. The DHCP Server defaults to 100 clients with
a range set to 192.168.1.1 to 192.168.1.100 giving you 192.168.1.101 to 192.168.1.253 as IP
addresses that you can assign manually.
26
Vicomsoft
SoftRouter Plus
Chapter 2.
SoftRouter Plus Scenarios
MultiNoding/IP Aliasing
When using the SoftRouter Plus, multiple logical TCP/IP networks can co-exist on a single
Ethernet backbone using a single Ethernet card, as illustrated below. This results in reduced
cost, as you do not need multiple cards to support complex subnet configurations.
In the following example, the SoftRouter Plus provides two logical IP networks on a single
physical Ethernet. This arrangement may be useful during transition from one IP addressing
policy to a new one, to support computers with two different IP address ranges. Or it may be
used to support two different groups of users, with the SoftRouter Plus providing different
access privileges to each.
Networks A, B
Ethernet LAN
192.168.1.0
192.168.2.0
Vicomsoft
Internet Gayeway
To configure multiple TCP/IP networks on a single Ethernet card, as illustrated above,
create the following SoftRouter Plus configuration:
¥
¥
An Ethernet port assigned to an Ethernet interface with an IP address on Network A
(e.g., 192.168.1.254)
An Ethernet port assigned to the same Ethernet interface, with an IP address on
Network B (e.g., 192.168.2.254)
Note: Each address MUST be in a different subnet range, but there is no other limit to the
number of addresses that can be assigned to a single Ethernet interface.
27
Chapter 2.
SoftRouter Plus Scenarios
Vicomsoft
SoftRouter Plus
Multihosting on Web Servers
When using the SoftRouter Plus, you can maintain multiple virtual web servers that are
transparently hosted by the same physical server. Remote browsers will be unaware that
they are accessing a multi-domain site. It works with all web servers since it operates at
the router level and no web server specific plug-ins are required.
In the following example two virtual web sites, on legal IP addresses, are set up as separate
directories within one web server application. The Internet service provider who hosts your
Domain Name Service (DNS) can map two host names to two addresses as follows:
www.firstco.com - 194.196.57.34
www.secondco.com - 194.196.57.35
The SoftRouter Plus redirects access requests for these addresses to the two separate
directories in the physical server.
Internet
Internet
Connection
Ethernet NAT Port
194.196.57.33
Vicomsoft
SoftRouter Plus
LAN Port
192.168.1.x
Web Server
192.168.1.y
Web Server
Web Server
webpages/first/
webpages/second/
To configure SoftRouter Plus for the network illustrated above, you will need the following
port configurations on your SoftRouter Plus machine:
¥
¥
¥
An Ethernet port with a legal static IP address as authorized by InterNIC via your ISP.
In this example, it is 194.196.57.33.
A LAN port with an IP address of 192.168.1.254.
Multi-hosting configuration settings as follows:
194.196.57.34
194.196.57.35
192.168.1.y
192.168.1.y
/webpages/first/
/webpages/second/
Further details for Multihosting configuration facility are provided in Chapter 14.
28
3
The Open Transport IP
Address
About this Chapter
It is possible to run TCP/IP applications such as a web browser, email client or even a mail
or web server on the SoftRouter Plus computer. However, since the SoftRouter Plus is
handling all IP packets, data sent or received by the application must pass through the
SoftRouter Plus rather than Open Transport.
During installation, the SoftRouter Plus places a OpenÊTransport driver file called
Ò-Gateway-Ó in your Extensions folder. When set to use this driver, Open Transport will
send and receive all data through the SoftRouter Plus.
Open Transport must always have an IP address, because of this the SoftRouter Plus selects
one of its port and ÔattachesÕ TCP/IP to that port. The SoftRouter Plus will mark this port
with a
icon in the status window ports list. The SoftRouter Plus computer then assumes
the IP address of that port and will automatically configure your TCP/IP control panel to
allow this to happen.
You can change the ÔattachedÕ port (known as the Mac Port) by highlighting the new port
you wish to attach TCP/IP to and then select ÒChange this MacÕs TCP/IP Address...Ó from
the ÒPortsÓ menu. Note that you should quit any currently running TCP/IP applications
before doing this, and must also be in ÒAdvanced User modeÓ to see this option within the
ÒPortsÓ menu.
TCP/IP Client Applications on the SoftRouter Plus Computer
A client TCP/IP application is any application that uses Open Transport to connect to a
server on your local network or across the Internet. For example, a web browser is a client
application that connects to a web server on a TCP/IP network. Client applications initiate
connections to listening server applications.
Client applications running on the SoftRouter Plus computer are used in exactly the same
way as on any other client computer. The application will be able to access any TCP/IP
network connected to the SoftRouter Plus.
Since the SoftRouter Plus must handle traffic for all machines on the network, the client
application may work more slowly than it would on a stand-alone computer. However, in
most cases the slowdown will not be noticeable.
29
Chapter 3.
The Open Transport IP Address
Vicomsoft
SoftRouter Plus
TCP/IP Server Applications on the SoftRouter Plus Computer
A server TCP/IP application is any application that makes its services available to other
computers connected to the IP network. A prime example is a web or mail server. Server
applications listen for connections initiated by client applications
Server applications running on the SoftRouter Plus computer are reachable on the network
at the IP address of the attached
port. Here is an example:
Port 1 193.119.100.129
Vicomsoft
SoftRouter Plus
Internet
Port 2 192.168.1.254
Port 3 192.168.2.254
Computer E
192.168.2.2
Computer B
192.168.1.2
Computer C
17.254.3.61
Computer A
192.168.1.1
Computer D
192.168.2.1
The SoftRouter Plus computer is running a web server. Open Transport is attached to the
SoftRouterÕs Ethernet port at 192.168.1.254, so the web server is accessible from the Internet
at 193.119.100.129, while the computers on all the internal networks access the web server
at address 192.168.1.254.
Please note that this setup poses a potential security risk, as any computer on the Internet
will be able to access the web server running on the SoftRouter Plus computer. However,
server applications running on other client computers (i.e. computer A or D) will notÊbe
accessible.
It is important that a Mac running Server applications has a fixed IP address. Therefore
Open Transport should be attached to a Port which has a fixed address. If the Internet
connection (e.g. the NAT port) has a dynamic address, an internal network port will
automatically be selected.
30
Vicomsoft
SoftRouter Plus
Chapter 3.
The Open Transport IP Address
Multi-Homing
Open Transport uses the IP address of the attached
port. TCP/IP applications on the
SoftRouter Plus computer are always accessible at the IP address of the attached port for
internal network clients and at the NAT port address for external Internet users, although
this may be one in the same.
For some intranets, it may be a requirement that server applications on the SoftRouter Plus
computer should be accessible at all the IP addresses of the SoftRouter PlusÕs ports. The
Multi-Homing option provides this facility.
To enable Multi-Homing, select ÒPreferencesÓ from the ÒEditÓ menu. Select the Network
Tab and check the Enable Multi-Homing check-box, then click on OK in the Preferences
window. Multi-Homing is provided as an option, but we recommend that users leave this
option unless they understand the reasons they require it.
Port 1 193.119.100.129
Vicomsoft
SoftRouter Plus
Internet
Port 2 192.168.1.254
Port 3 192.168.2.254
Computer B
192.168.1.2
Computer C
17.254.3.61
Computer A
192.168.1.1
Computer E
192.168.2.2
Computer D
192.168.2.1
The chart below shows the address that each client in the diagram above should use,
depending on which port is mirrored and the Multi-Homing setting.
Multi-Homing
Disabled
Enabled
Mirrored Port
192.168.1.254
Client computer
A
D
C
193.119.100.129
A
B
C
192.168.1.254
A
B
C
193.119.100.129
A
B
C
Server address
192.168.1.254
192.168.1.254
193.119.100.129
193.119.100.129
193.119.100.129
193.119.100.129
192.168.1.254
192.168.2.254
193.119.100.129
192.168.1.254
192.168.2.254
193.119.100.129
SoftRouter Plus must be loaded and turned on before any Server application is loaded,
because it must get its IP address from the SoftRouter Plus.
TCP/IP on the SoftRouter Plus machine must be set to load only when needed, otherwise
nothing will work as expected.
31
4
Customizing the SoftRouter
Plus
About this Chapter
This Chapter describes how to change the following default SoftRouter Plus settings:
SoftRouter Plus Preferences
¥
¥
¥
¥
¥
¥
General
Network
Security
Logging
PPP Server
Web Caching
Port Configurations
¥
¥
¥
Editing ports in Basic User Mode
Advanced Edit Port Settings options
Serial Port Settings Buttons
Setting SoftRouter Plus Preferences
This describes the facilities for changing the SoftRouter Plus preferences. The Preferences
window is opened by choosing ÒPreferencesÓ from the ÒEditÓ pull-down menu.
The Preferences window provides settings for several parts of the SoftRouter Plus,
accessible through the Tabs at the top of the window.
33
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
General
Launch & Quit
Inactive at Application Launch: When selected, SoftRouter Plus will not start routing or
provide any services such as DHCP until it has been manually switched On.
Active at Application Launch: When selected, SoftRouter Plus will start routing and
providing other services such as DHCP as soon as the application is launched.
Set TCP/IP on this Mac to use the SoftRouter Plus on Launch: When selected, the SoftRouter
Plus will automatically configure Open Transport to use one of its port addresses whenever
the SoftRouter Plus application is launched. See Chapter 3 for more details on choosing the
port address. It creates a configuration in your TCP/IP control panel called VICOM. We
recommend users should leave this option switched on unless they know of a configuration
which does not require it. If this option is switched off you must manually configure the
TCP/IP control panel.
Ask For Confirmation Before Quitting: When selected, the SoftRouter Plus prompts the user
for confirmation before quitting if the SoftRouter Plus is switched on. This stops users from
accidentally quitting the SoftRouter Plus when it may be in use by other people. The
prompt will time out after 30 seconds and the SoftRouter Plus will quit.
Show User Interface When Router Application Launches: When selected, the SoftRouter
Plus user interface will be displayed when the router is launched.
Quit Router When Interface Quits: When selected, the SoftRouter Plus router will quit
when the user interface quits.
Display
Packet Scale: This changes the packets per second display. You can select from a range of
scale sizes. The scale changes automatically if throughput increases, but it will not change
back to a lower scale than selected.
Trace Scale: Choose from three trace time scales.
Throughput: This display shows the current rate of throughput through all the SoftRouter
Plus ports per second.
Port Count: Ports can be set to display the number of routed packets, the number of bytes per
second or no traffic information in the SoftRouter Plus Status window.
34
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Display and Log Addresses As Names: When checked, name resolving will be carried-out
on all remote and local addresses when a log is generated. This converts logged IP addresses
to host names where ever possible.
User Mode
Basic User Mode provides the menus and controls you need to configure the SoftRouter Plus
for dial-up Internet access and to support local and dial-in users.
Advanced User Mode provides additional set-up facilities for routing, access, firewall
control and DHCP management. These features are accessed through additional items in
the Network pull-down menu and through extra controls in the Edit Port Settings window.
Sounds
Activity Sounds: The SoftRouter Plus makes sounds during certain activities (such as
starting or stopping the SoftRouter Plus).
Ring on incoming calls: If this option is checked the SoftRouter Plus will make a Òtelephone
ringingÓ sound when an incoming call is received.
35
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Network
Addresses
Default Gateway Address: This is the address the SoftRouter Plus will send packets to
when it knows no explicit route to the destination address. Router, Cable modem and xDSL
users (with static IP Addresses) may need to enter an IP address here.
DNS Addresses: This information is used by the SoftRouterÕs DNS Server as parent DNS
Servers. If you are using DHCP the IP address of the LAN port will be assigned as a DNS
address (If you are using the SoftRouters DNS Server option). These may be the DNS
addresses supplied by your Internet Service Provider or a local DNS Server on your internal
network. You can enter upto 5 DNS Servers, which will be searched in order starting from
the top.
This information will only be passed to the TCP/IP control panel of the SoftRouter Plus
machine if you turn the DNS Server feature off.
WINS Address: The DHCP server can also serve the address of a WINS server, if you have
one.
Default Domain Name: Enter your own Domain name here if you with this information to
be sent to your DHCP Clients.
NAT User Timeout: The SoftRouter Plus allows multiple users to connect simultaneously to
the Internet up to the limit of the license purchased. This user time-out defines the idle
time after which a userÕs NAT connection will be closed. This allows new users to connect
when previous users have finished their Internet sessions. The number of current users is
shown in the SoftRouter Plus Status window, along with the maximum licensed value.
Select ÒView UsersÓ in the ÒFileÓ menu to see a list of the currently connected users and
their remaining times.
DNS Configuration
Enable DNS Caching: When DNS Caching is enabled the SoftRouter to monitor and cache
the results of client requests to remote name servers. If it can resolve a client request using
cached information then it does so, giving a faster response. All other requests are routed to
the remote DNS address defined by the DNS addresses field. This will happen as long as
the DNS Server Offline button is not checked.
36
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Enable DNS Serving: When DNS Serving is enabled the LAN network port address can be
set as the DNS address for its clients. The SoftRouter Plus then serves all their DNS
requests itself.
When a client asks the server to resolve a name the DNS returns the address immediately
if it knows it. Otherwise it forwards the request to the upstream servers, making recursive
requests if necessary and returning the results to the client, caching resolved addresses for
reuse. This will happen as long as the DNS Server Offline button is not checked.
DNS Server Offline: When the SoftRouter is being operated off-line from the Internet this
should be option should be checked. The SoftRouter will then not then attempt to forward
domain name requests to a remote DNS and will only serve cached or local addresses it
already knows.
The DNS Offline mode will normally be used in conjunction with the Vicomsoft WebCache
Server's Off-line feature, permitting transparent off-line operation.
Enable DHCP Serving: When ÒcheckedÓ DHCP is activated and DHCP will serve IP
addresses to your Client machines, please see Chapter 8, The DHCP Server. You must make
sure that you also have the option ÒCan Serve DHCPÓ, please see ÒEditing Ports in Basic
User ModeÓ described later in this chapter for details about this option.
Use RIP Protocol: When checked the Routing Information Protocol (RIP) is utilized. This
allows the SoftRouter Plus to exchange routing table information with other directly
connected TCP/IP routers. This is on by default. For more details about RIP and Routing see
Chapter 10, IP Addressing and Routing.
Disable Port Scanning: When selected, the SoftRouter Plus will not scan for Server
applications on the local network ports. This information will be displayed via the
WebCache and can be accessed via http://vicomsoft.local/
Route local pactets only: When selected, the SoftRouter Plus will only route TCP/IP
packets that relate to ports that the SoftRouter Plus has been configured with.
Enable Multi-Homing: When selected, the SoftRouter Plus will allow access to Server
applications on the SoftRouter Plus computer at the IP addresses of all the LAN ports. More
details on the use of Multi-Homing are provided in Chapter 3, The Open Transport IP
Address.
37
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Security
This security display will change depending on if you have a Remote Management version
of the SoftRouter Plus. If you have a Remote Management version, you will find the
Security options described in Chapter 14, Vicomsoft Remote Administrator Console.
Set Administrator Password: Adding password protection prevents inadvertent or
unauthorized modification of the SoftRouter Plus configuration. When an Administration
password is set, any attempt to change the SoftRouter PlusÕs operational state will be
intercepted with a password challenge. Activity status can still be viewed even when a
password has been set.
To remove the administration password, leave blank entries in the edit boxes.
Administrator Lock Timeout: This is the length of time the User Interface will stay
unlocked. The time starts after you have entered the password, and activity has stopped.
once this time has passed you will need to enter the password before you can edit any of the
settings.
The password control will not take effect until after the current management session has
been closed or Lock User Interface has been selected from the File Menu. The following
screen shot shows the locked interface display.
38
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Logging
Enable logging: When checked the SoftRouter Plus will record user events and traffic
activity to a binary log file.
This file can be processed manually or automatically each day, to generate a text file
listing the information collected. A binary log file can be processed at any time by selecting
ÒGenerate Log file...Ó from the ÒFileÓ menu or by running the Vicomsoft Log Generator
application. Once the binary log file is processed the binary file is deleted.
Automatically Generate Text Log: When checked the SoftRouter Plus will generate a text
log file at the time and day(s) specified.
The SoftRouter Plus logs the following details to the output file:
¥
¥
¥
¥
A header giving the date range for the log.
A log of PPP port connection and disconnection events indicating the instigator, time and
duration for each connection.
A traffic analysis by host address, showing the total volume of traffic in bytes, broken
down for principal applications and the total durations for the data transfer activities.
Attempts to access barred locations. See Chapter 4 for details of the Access Rights
facilities.
39
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
PPP Server
Gateway Name: Assign a name to the SoftRouter Plus. The SoftRouter Plus uses the
Computer Name within Sharing Setup unless otherwise set.
Authenticate Clients Using: Select the type of authentication for remote dial-ins. Options
are Vicomsoft PPP Users, MacOS Users & Groups or Radius Server.
PPP Server Base Address: When set, this will determine the IP address range that remote
dial-in users will receive when they connect, only if the dial in ports are set to Dynamic.
Radius Server Address: If you are using a Radius central server for authentication, enter the
serverÕs IP address here.
Radius Secret: If you are using a Radius central server for authentication, enter the
password in this field for accessing the server.
AppleShare Admin Password: If you are using an AppleShare Server on the same machine
as the SoftRouter Plus and you wish to use MacOS Users & Groups, you will need to enter
your AppleShare Admin Password so the SoftRouter Plus can access Users & Groups.
Please see Chapter 10, Setting up Remote Access Services for more details about setting up
PPP Serving.
40
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Caching
Access the Web Through a Cache: Once this box is checked ensure that the web cache server
Port number in this screen is set to the TCP port number on which the caching server is
operating (e.g. the Cache Port option). The default port number for the Vicomsoft
WebCache Server is 8080. Other caching servers typically use port number 8080 or 8000.
The SoftRouter Plus is configured by default to route all web page requests to the caching
server. If the WebCache Server module is on the same machine as the SoftRouter Plus then
the ÒCache IP Address can be left blank.
In order to use the Transparent caching mode, all client web server requests must pass to the
Internet via the SoftRouter Plus. This can be done most easily by setting up the clients to use
the SoftRouter PlusÕs DHCP Server function. For manually-configured clients, set their
default router to be the SoftRouter PlusÕs address. You do not need to enter anything into the
clients Caching settings within the web browser software.
If you wish to run a browser on the same machine as the caching server and use it to access
the cache then this browser must be set up in Proxy mode. This browser cannot use the
Transparent access mode as the Router would not be able to distinguish between its web
requests and outgoing requests from the caching server on the same machine.
To do this, open the Browser settings and select the Proxy options. Enter the local host
address 127.0.0.1 and port 8080 for HTTP proxy access.
For more details on the Vicomsoft WebCache Server please see Chapters 6 & 7.
41
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Editing Ports in Basic User Mode
The following paragraphs describe the controls in the Basic User Mode. The Advanced User
Mode windows have an expanded set of facilities. These additional facilities are described
later in this chapter.
The SoftRouter Plus needs a port for each connected network, both directly attached and
dial-up. Ports can be created or edited at any time. However, if you edit an existing port
that uses a PPP connection, while it is connected, the port will disconnect if OK is selected
to exit the Edit port window and all the users using the port will be disconnected.
General Settings
You can add new ports, by selecting ÒNew PortÓ, in the ÒPortsÓ menu. You can also manually
Edit Ports by double-clicking the port in the SoftRouter Plus status window or by
highlighting the port you wish to edit and selecting ÒEdit PortÓ from the ÒPortsÓ menu. The
Edit Port settings window will appear:
Port Name: If you type a name into this field it will be shown in the Ports list in the
SoftRouter Plus status window, otherwise a default name will be used.
Connection
Method: This pop-up menu shows the connection methods and includes a list of all installed
interfaces. Only the network interfaces supported by SoftRouter Plus can be selected.
The following methods can be selected for SoftRouter Plus Ports:
¥
¥
¥
42
PPP /SLIP: These are the methods for a dial up connection to the Internet using
a Comms Tool Box Tool, or a dial in connection.
Modem: This option means you will use the details from your Modem control
panel.
Ethernet: This method is used to connect Client computers using Ethernet cabling
and also for Cable modem or xDSL users.
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
¥
¥
AppleTalk (Mac IP): This method sends TCP/IP packets within AppleTalk
packets. It is used to connect Macintosh Clients using LocalTalk cabling.
LeoTCP: This option allows you to select a LeoTCP configuration to connect to
your ISP, if you have LeoTCP installed.
Using: This will display the interface that you are using for this port.
¥
¥
¥
¥
Modem control panel: Allows you to open the Modem control panel to edit your
Modem setup.
No Tool Selected: This will be displayed when you need to select a
CommsToolbox Tool. Once selected this button will then display the name of
the selected CommsToolbox.
Built In: This is what will be displayed if you select the Built in Ethernet
device, or the correct card slot if you select an ethernet card from one of the
slots.
AppleTalk¨: This will be displayed if you select MacIP.
Modem control panel
This button allows you to open the Modem control panel. If you have a CCL modem script
that was supplied with your modem you will be able to select it here.
Once you have selected the proper modem script for you modem close the Modem control
panel and continue to configure your port settings.
43
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
No Tool Selected
This option is used to select and configure the Comms Toolbox tool for either Dial out or
Dial in port. If a tool is already selected, the name of the button will be set to the name of
the tool.
When this button is clicked the standard Comms Toolbox ÒConnection SettingsÓ window is
displayed. This example shows the settings for the Apple Modem Tool. The window will
be different for other Comms Toolbox tools.
Hardware handshaking (also known as full flow control) is essential for speeds above 9,600
bps. The Apple Modem Tool should be set to ÒDTR & CTSÓ handshake, as shown in the
example above.
IP Address
Static: when this box is checked you will be able to enter an IP address and Subnet mask for
this port.
The Local network Port must always have a static IP Address. SoftRouter Plus default IP
address is 192.168.1.254, this is used during Auto Setup. You should only change this if your
SoftRouter Plus system is connected to an existing local TCP/IP network with a different
address range.
The NAT port may have a fixed or dynamic address depending on your Internet Service
Provider.
To use a static address, check the ÒStaticÓ box and enter the address in the text field in
Òxxx.xxx.xxx.xxxÓ format.
To use a dynamic address, leave the box unchecked. SoftRouter Plus will disable the text
field and put Ò1.1.1.1Ó and Ò255.255.255.255Ó in it to indicate that the port has not yet
acquired its dynamic address.
Subnet Mask: Allows you to set the subnet mask for the entered IP address, the default
subnet mask will be 255.255.255.0.
Network Properties
Network Address Translation: With this option selected all traffic through this port with
be translated to look as if it comes from just the one IP address. This option enables the
SoftRouter Plus firewall automatically. Only one port should have this option turned on
and this should be the port that connects to the Internet.
44
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Can Serve DHCP: This will enable any computer that can connect to this computer over an
Ethernet network to be provided with it own address information. DHCP needs to be
enabled in the Preferences as well for this to happen.
!!!
Never use this option if you have a single Ethernet card and a cable modem or an xDSL
modem. You risk becoming the DHCP server for your neighbourhood and then passing
the subsequent traffic through your SoftRouter Plus.
Port Probe: You can set the SoftRouter Plus to check Ethernet and Token Ring ports
regularly. If one fails this check, the SoftRouter Plus will stop the port. You should then
investigate for a problem before resetting the port to restart it.
DHCP Client ID: This box allows you to enter a DHCP Client ID. If your SoftRouter Plus is
being Served DHCP by a DHCP Server that requires an ID name, you can enter that name in
this box.
45
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Login Options
Login Options allows you to set up the details required to log in to your Internet Account at
your Service Provider. This Tab is only available if you have selected PPP, SLIP or Modem
as the method in the General tab.
Login Using: Use this pop-up menu to select the method required for logging into your
Service Provider or remote network. Most Service Providers support PAP or CHAP login
methods. A few require scripted or more complex login sequences. The relevant fields will be
activated according to your menu selection.
Tel. No: This field appears if you have selected Modem as the connection method in the
General tab. Enter the telephone number for your ISP here.
Depending on what you have selected in the Login Using menu you will be able to use one all
or none of the following options.
User Name: Enter your PAP/CHAP login account name here.
Password: Enter your PAP/CHAP login password here.
Provider: This pop-up menu presets the prompts sent by several Internet access providers
and gateways including the SoftRouter Plus. If one of these matches your Service ProviderÕs
script, you may select it to fill in the prompts and then type in the responses, such as your
username and password.
Login Script: The login script fields define a sequence of host prompts to wait for and
responses to send for each prompt.
prompt
prompt
prompt
46
Login:
Password:
Protocol:
respond with account user name
respond with account password
respond with protocol type, such as PPP or SLIP
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Most scripted hosts will prompt for a username and password, but some providers may
require other prompts, delays or responses before a TCP/IP connection is established. In the
above example there are three prompts shown with corresponding responses.
To create a script, type each prompt and response on a separate line in the table. The popup menu to the left of each line allows you to define whether the text is a prompt to wait
for, a response to send or send hidden or a delay in seconds before the next script action. The
check-box at the right of each send or send hidden, line indicates whether a Return (CR)
character is to be sent after the response.
The table defaults each line function to the reverse of the previous one and adds a (CR) to
each response line. Therefore most scripts can be entered simply by typing each text entry
and moving down the table using the TAB key.
Scripting Options
In some situations it may be necessary to use both a script and PAP, for example, if you need
to use an X.25 PAD to reach the Service Provider, but the Service Provider then requires
PAP for login. In such cases, you should select ÒScript and PPP PAP/CHAPÓ in the pop-up
menu, define the script entries in the Login Script fields and also enter your PAP/CHAP
username and password.
When using a login script to log into a service provider, you may need to send several
Carriage Return (CR) characters to "wake up" the provider. Some providers may not
respond to a carriage return (CR) and may require a carriage return line feed character sent
to them (CRLF). A Delay between sending each character is also another possible
requirement. To accommodate this, the SoftRouter Plus allows three special character
sequences in a "Send" string of a login script.
\r sends a CR (carriage return)
\n sends a CR LF (carriage return followed by line feed)
\d causes a one second delay
For example, to send three CRs with a one second delay between them, one would use:
\r\d\r\d\r
47
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Connect Options
Connect Options allows you to configure many options with regards to your Dial up
connection. This Tab is only available if you have selected PPP, SLIP or Modem as the
method in the General tab.
Connection Type: This pop-up menu tells the SoftRouter Plus how the port should handle
the modem, ISDN TA or ISDN card.
Dial Only:
Answer Only:
Answer and Dial:
Dial out to an ISP or other PPP Server as required.
The port will only be used to accept incoming calls,
i.e. act as a PPP Server.
Dial out as required and allow incoming calls.
When set to Answer and Dial, if the port is currently being used for dial out, it will not be
able to accept incoming calls until the current dial out session has been cleared.
Dial Out
Allow Auto Connect: The SoftRouter Plus will automatically try to connect whenever a
packet needs to be sent through this port. This means that client computers can generate a
connection to the Internet if the SoftRouter Plus application is switched on, but not
connected. If it is not set, the only way to establish a connection is manually by selecting the
port and choosing ÒConnectÓ from the ÒPortsÓ menu. This option is on by default.
Automatically Re-Dial on Link Failures: If the connection is dropped for a reason outside of
the control of SoftRouter Plus, such as your ISP dropping the connection or a line failure,
SoftRouter Plus will attempt to re-establish the connection. This is useful if you wish to
maintain a permanent connection.
Login Retries: This is the number of times that SoftRouter Plus will attempt to establish a
connection when logging onto the ISP.
Login Time-out: This determines if the SoftRouter Plus will disconnect if there is no
response from the provider for the specified time.
Dial In
Dial In Security: This defines the protocol used to authenticate dial-in users. The options
will be based upon the PPP Server settings within the Preferences.
48
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Options for Vicomsoft PPP Users or MacOS Users & Groups
¥
¥
¥
Users (PAP / CHAP): Uses PAP (Password Authentication Protocol) or CHAP
(Challenge Handshake Authentication Protocol) to obtain the clientÕs user ID and
password. Clients should set their PPP software to use PAP or CHAP.
Users (Minimal Prompts): The SoftRouter Plus sends Òlogin:Ó and Òpassword:Ó prompts
and validates the responses.
Users (Full Prompts): This displays the login banner before sending the Òlogin:Ó and
Òpassword:Ó prompts. The banner provides a welcome message, including the SoftRouter
Plus Name if this is set in the General Preferences and the SoftRouter Plus's version
number.
Options for Radius
¥
Radius Authentication (PAP / CHAP): This requires that you have a Radius server in
place at the address specified in the PPP Server settings within the Preferences. The
SoftRouter Plus will then ask the Radius server to authenticate usernames and
passwords.
For a full description of the PPP dial in server and authentication facilities of the
SoftRouter Plus, see Chapter 10.
Connection Monitoring
Keep Alive Tickle: Some Internet Service Providers automatically close the connection if it
is idle for a specified time. Set this option to prevent this. The SoftRouter Plus will then
send a ÒdummyÓ packet every 30 seconds to prevent the remote end from timing out when
there is no real traffic. Enabling this function will not affect performance. If the SoftRouter
Plus disconnects, this option will not cause a redial.
PPP Echo Request Interval: can be set to send periodic PPP signalling packets to check the
link. If a reply to an Echo packet is not received 10 times, the connection has been lost and
the SoftRouter Plus will disconnect the port and wait for another connection attempt.
Setting this value to low could cause the port to disconnect under heavy traffic.
Disconnection
Limit Connection Time To: This specifies the maximum time the port can remain connected.
The SoftRouter Plus will close the connection after this time expires, even if there is traffic
through the port. The port will then re-connect as normal, when a connection is requested.
Disconnect After Inactivity Period Of: If no traffic is received through the port within the
specified time, the connection will be dropped.
Disconnect If Instigator Inactive For: If no traffic is received by the machine that initiated
the connection, the connection will be dropped, even if there is traffic through the port from
another machine.
Specify MRU: The default Maximum Receive Unit (MRU) for the PPP Port is set to 1500
bytes. This can be changed and then negotiated with the Service ProviderÕs equipment
during connection. The MTU (Maximum Transmit Unit) value for a PPP port is fixed at 576
bytes. The SoftRouter Plus will only send out packets of 576 bytes in size.
With some rare combinations of hardware and software you may experience problems
connecting or receiving data from your Internet Service Provider. To fix this problem we
suggest that you set your MRU value to 1000 or 576.
49
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Framing: can be set to force a synchronous or asynchronous PPP connection to the Internet or it
can be set to automatically detect the type of connection of the Service Provider and use the
appropriate mode. This is only applicable for ISDN or leased line adapters.
50
Vicomsoft
SoftRouter Plus
Chapter 4.
Customizing the SoftRouter Plus
Advanced Edit Port Settings Options
When Advanced User Mode is enabled in the Preferences, the Create / Edit Port Settings
window has two additional tabs.
Access Rights
Access Rights are set using the ÒAccess RightsÓ Tab in the ÒEdit PortÓ window for an
individual port. They determine which local hosts (computers) can use this port and which
remote hosts can be accessed through this port. The SoftRouter Plus imposes no restrictions
by default.
To set up Host Access rights, click on the ÒHost Access RightsÓ tab. The following window
will be displayed:
Each of the list boxes is activated by setting the check box above it. The lists can contain IP
addresses only (It is not possible to enter computer names) of corresponding computers. By
selecting one of the two radio buttons above the list, you can choose whether the restriction
applies to listed computers or computers not listed.
!!!
Before entering an address, you must ensure that the required list is enabled using the
appropriate check box.
The ÒAuto-ConnectÓ list contains the IP addresses of computers on local networks that can or
cannot cause this port to automatically connect. This is only valid for ports that need to
establish a connection, such as PPP or SLIP and then only if the ÒAllow Auto ConnectÓ
option is set (in ÒConnect OptionsÓ).
The ÒLocal AccessÓ list contains the IP addresses of computers on local networks that can or
cannot use this port. Computers not listed here are not allowed to use this port.
Alternatively, if you select the ÒClients not listedÓ radio buttons, only computers that are
not in the list will be able to use the port (and access the Internet through it).
The ÒRemote AccessÓ list contains the IP addresses of remote computers that can be accessed
through this port. No other computers can be accessed through this port. This list can also
be used to specify hosts that cannot be accessed, by selecting the ÒHosts not listedÓ radio
button. This can be used to augment the Host Access Rights detailed above, by providing
control over access to known absolute numeric addresses.
51
Chapter 4.
Customizing the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Note: Keep in mind if you are using DHCP to assign IP addresses to clients, the clients
computers may not always have the same IP address and may not be restricted by your Host
Access Rights entries. To avoid this problem, you can manually assign clients IP addresses,
see Appendix A or you can assign IP addresses via the DHCP Clients file, see Chapter 8,
the DHCP Server for more details.
PPP Options
PPP Options: This Tab displays settings for detailed PPP and PAP or CHAP protocol
options and is only available for Dial up ports.
It is very unlikely that you will find it necessary to make any changes in the LCP or IPCP
configurations, as these are negotiated during call establishment and we would recommend
that users leave these options at their default settings.
The Retry and Time-out settings can be adjusted to achieve successful connections under
adverse conditions.
52
5
Operating the SoftRouter
Plus
About this Chapter
This Chapter describes the facilities for monitoring and controlling the SoftRouter Plus.
These include the menu bar icon, the menus, controls and status displays presented in the
window. As well as the Domain name server and Gateway Names file.
The SoftRouter Plus also supports AppleScript, for certain items. For a full AppleScript
dictionary see Appendix B, AppleScript Commands.
About User Modes
The SoftRouter Plus can be operated in one of two User Modes:
Basic User Mode provides the menus and controls you need to configure the SoftRouter Plus
for dial-up Internet access and to support local and dial-in users.
Advanced User Mode provides additional set-up facilities for routing, access, firewall
control and DHCP management. These features are accessed through additional items in
the Network pull-down menu and through extra controls in the Edit Port Settings window.
To set the user mode, select the General Tab in Preferences, then select either Basic or
Advanced as required.
53
Chapter 5.
Operating the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Starting and Stopping the SoftRouter Plus
The SoftRouter Plus is started and stopped by any of the following methods.
¥
Click on the On/Off Switch in the Status Window.
¥
¥
¥
Select Start SoftRouter /Stop SoftRouter from the ÒNetworkÓ menu.
Keyboard Shortcut (Control & G).
Select Start SoftRouter/Stop SoftRouter from the SoftRouter menu bar icon.
The SoftRouter Plus's Preferences can be set so that when the application is launched, it
turns itself on. The SoftRouter Plus can be launched when the computer is switched on by
copying an alias into the Startup Items folder of the System folder. To make sure that the
SoftRouter Plus is the first application to launch, insert a space before the name of the
alias.
All ports are reset when the SoftRouter Plus is started. Directly Attached ports such as
Ethernet connections will be automatically connected. Dial-up ports will connect at the
appropriate time, according to their settings. These ports can also be connected manually.
All ports are disconnected when the SoftRouter Plus is stopped. This may take some time
depending on the connection methods in use. For example, a modem might take up to a
minute to hang up the line.
54
Vicomsoft
SoftRouter Plus
Chapter 5.
Operating the SoftRouter Plus
The SoftRouter Plus Menus
The SoftRouter Plus's facilities are accessed through its menus. The menus are listed below
as they will be seen in Advanced mode and in the order that they are displayed. Items that
are not displayed in basic mode are indicated with a bullet (¥) marker.
As with all applications, not all menus items will be available all of the time.
!!!
File
Save Config As...
Hide SoftRouter Plus Status
View Users...
¥ View Routing Tables...
PING Host...
User Account Setup...
Generate Log File...
Lock User Interface
Quit
Edit
Preferences
Network
Purchase
Auto Setup
Stop SoftRouter Plus
Zero All Counters
¥ Routing Tables...
¥ Inbound Mapping...
¥ Internet Filters...
¥ DHCP Setup...
¥ Multihosting Setup...
Ports
New Port...
Edit Port...
Delete Port
Stop Port
Reset Port
Start Tracing Port
¥ Trace TCP/IP Packets...
Make Default Port
¥ Change this Macs TCP/IP Address
Connect
Help
Vicomsoft Online Help...
The additional menu items are described in detail in this User Guide as listed below:
¥
¥
¥
¥
¥
DHCP Setup
Inbound Mapping
Routing Tables
Internet Filters
Multihosting
see
see
see
see
see
Chapter
Chapter
Chapter
Chapter
Chapter
9
11
12
13
14
55
Chapter 5.
Operating the SoftRouter Plus
Vicomsoft
SoftRouter Plus
The SoftRouter Plus Status Window
The SoftRouter Plus Status window shows the current activity of the SoftRouter Plus and
the status of all the ports. The window looks like this:
Items in the status window have the following functions:
Turns the SoftRouter Plus on or off.
Displays packet throughput.
This display shows the current rate of throughput
through all the SoftRouter Plus ports.
Port , Address, Status: The type, IP address and status of each SoftRouter Plus port.
Internet Users:
The number of current users and the licensed limit.
SoftRouter Messages: The current operating state of the SoftRouter Plus
including the IP Address of the machine causing a connection.
On/Off Switch:
Throughput:
Packets per second:
The SoftRouter Plus Status window can be resized by click dragging the bottom right of the
status window.
56
Vicomsoft
SoftRouter Plus
Chapter 5.
Operating the SoftRouter Plus
The Port List Display
If the Port List is not visible within the Status window, click and drag down on the bottom
right of the window to show it.
A typical Port List display is shown below;
Port
If there is a problem with a port, an exclamation mark is displayed next to its icon under
the Port Type heading. A green dot is displayed next to the icon of the default port.
The Port name is either a default name corresponding to its connection method or a name you
have entered in the Edit Port Settings window, please see Chapter 4 for more details.
Address
The IP address of each port is displayed. If the port is set for dynamic addressing and it is
not connected, the word ÒDynamicÓ is displayed. When a connection has been successfully
established the assigned IP address will be displayed.
Status
The port message indicates connection status, such as ÒConnectedÓ or ÒNot connectedÓ. If the
port has been disabled for any reason, an error message is displayed here. If the port is
connected and port counts or throughput are enabled that information is shown.
The information in the Status column can be altered in the General tab of the ÒPreferencesÓ.
57
Chapter 5.
Operating the SoftRouter Plus
Port status displays an icon showing the current status of the port:
Dial Up port:
Indicates that the port is ready to dial out or receive a
call. If this is a dial-out port and auto-connect is set,
the port will attempt to make the connection
whenever a packet is routed through this port. If the
port is set to dial-in, then the port will answer on
incoming calls.
Indicates that a remote user is dialling into this port
and that the SoftRouter Plus is answering the call.
Indicates that the dial-up port has connected
successfully and is able to transmit and receive
packets. It may be disconnected by selecting ÒStop
PortÓ, ÒReset PortÓ or by stopping the SoftRouter Plus.
Open Link port:
Indicates that the port is not connected. If auto-connect
is set, then the port will attempt to make the
connection whenever a packet is routed through this
port. The port may also become connected if the
hardware or driver software is set up to connect
automatically.
Indicates that the port is connected and able to send
and receive packets. The port will be disconnected if
ÒStop PortÓ or ÒReset PortÓ is selected or if the
SoftRouter Plus is switched off. The port may also be
disconnected if the hardware or OS software detects
an error.
Directly Attached port:
Indicates that the port is active. Directly attached
ports are always connected unless they are disabled or
the SoftRouter Plus is switched off.
Disabled or Stopped port:
Indicates that the port has been disabled or stopped.
If an exclamation mark is shown to the right of the
port icon, the port has been disabled by the SoftRouter
Plus and will need to be reset before it will become
active again. If there is no exclamation mark, the port
has been stopped by the user. The port message will
indicate why the port was disabled or stopped.
58
Vicomsoft
SoftRouter Plus
Vicomsoft
SoftRouter Plus
Chapter 5.
Operating the SoftRouter Plus
Managing Ports
All port management functions are accessed by selecting a port in the SoftRouter Plus Status
window and choosing the appropriate command from the ÒPortsÓ menu.
New Port: Creates a new port and opens the Create New Port Settings window.
Edit Port: Opens the Edit Port Settings window for the selected port. You can also double
click the port in the Status window to edit that port.
Delete Port: Deletes the selected port.
Stop Port: The SoftRouter Plus disconnects the selected port and no further traffic will be
routed through this port until it is started.
Start Port: Starts a stopped port, but does not attempt to open a connection for Dial-out
ports.
Reset Port: Clears the ÒdisabledÓ status on the port and then starts the port.
Start Tracing: Opens the trace window for the selected port. This window shows all traffic
through the port and is used to diagnose network problems. The trace window should
not be left open during normal operation because it will slow down the SoftRouter Plus
considerably.
Trace TCP/IP Packets: Opens the trace window to show all traffic between the SoftRouter
Plus and Open Transport, e.g. for TCP/IP applications running on the same machine.
Change this MacÕs TCP/IP Address: Attaches Open Transport to the selected ports IP
address.
Make Default Port: Makes the selected port the default port. Chapter 9, IPÊAddressing and
Routing, gives more details of the way the SoftRouter Plus makes its routing decisions.
Connect: Attempts to open the connection for the selected port. Changes to ÒDisconnectÓ
when the port is connected.
59
Chapter 5.
Operating the SoftRouter Plus
Vicomsoft
SoftRouter Plus
Managing Local Users
Select ÒView UsersÓ in the ÒFileÓ menu to display a list of current users.
The list shows the following items;
User Name: Either as defined within the DHCP Client File (see Chapter 6) or as set
within the Network Identification setting on the client system.
IP Address: The IP address of the client computer.
Port In Use: The name of the port that a Network Address Translation user is currently
using.
Service: Displays the services in use by that user, i.e. Network Address Translation,
DHCP, Bootp or WebCache. See Chapter 9, for more details.
Port Time Left: The time remaining before the userÕs NAT session times out. This value
remains at or near the time-out period set in the NAT user time out while the user is active.
It counts down to zero if the users connections remain inactive or if all connections are closed.
DHCP Time Left: The lease time remaining for the DHCP served address.
Hardware Address: This is the unique hardware address of the client's network interface
adapter card.
The options available in the ÒView UsersÓ window are;
Display: Allows you to hide or show a column displayed in the Users View by selecting the
view you wish to hide or show.
Disconnect: To disconnect a user, highlight the user entry in the table and select the
ÒDisconnectÓ button. The user will be disconnected from that port until their next attempt to
re-connect.
60
Vicomsoft
SoftRouter Plus
Chapter 5.
Operating the SoftRouter Plus
Managing Remote Users
Selecting ÒUser Account Setup...Ó from the ÒFileÓ menu of the SoftRouter Plus, the following
window will be displayed.
Here you can enter usernames and passwords for remote users to dial in and connect to the
SoftRouter Plus. The SoftRouter Plus will also use Mac OS User & Groups and RADIUS
Servers for authentication.
Vicomsoft Users supports CHAP (Challenge Handshake Authentication Protocol) and PAP
(Password Authentication Protocol) for dial in authentication. MacOS Users & Groups will
allow you to select minimal/full prompts or Users and Groups (PAP). The RADIUS server
specification supports CHAP.
The list shows each userÕs name, password and if they are active. Users that are not active
will not be able to dial in and connect to the SoftRouter Plus or connect remotely.
To set up a user account select ÒNewÓ and enter the user's details. For more details on remote
users dialling into the SoftRouter Plus, please see Chapter 10, Setting up Remote Access
Services.
Remote Management Options
If the Remote Administration option has been purchased the following options will also be
displayed in this window. With these options you can configure users to View or Manage
the SoftRouter Plus via the Vicomsoft Administrator Console.
Can See: This specifies if the user can connect and display the SoftRouter Plus Status
window via the Vicomsoft Administrator Console .
Can Manage: This specifies if the user can connect and edit the SoftRouter Plus setup via
the Vicomsoft Administrator Console.
The Vicomsoft Administrator Console is fully described in Chapter 15, The Vicomsoft
Administrator Console.
61
6
Vicomsoft WebCache Server
The Vicomsoft WebCache Server module is installed with default settings that enable it to
operate immediately on startup.
It provides an "Off-line" operational mode that allows web pages to be cached for later
viewing while disconnected from the Internet. This can be used in educational situations for
example, where a teacher can focus student attention on specific pre-selected web content.
The WebCache Server module provides a catalog of cached items that can be viewed and
browsed by any client. This facility is particularly useful in Off-line mode, when only the
cached pages can be accessed. It can also be configured using password-protected web
browser access. The unique Web Header feature allows system administrators to include
announcements in all pages served to client browsers.
The WebCache Server has been carefully optimized to deliver high throughput with
minimum transit delay. Incoming data from a remote Internet web server is pipelined to
multiple requesting clients and to disk concurrently, while it is being received, to minimize
the delay for access to new pages. When a new request is received that requires data from a
remote web server the WebCache forwards the request. As the data is received from the
remote server it is pipelined to the requesting client in real time with minimal delay.
New client requests for data that is already being received are served at LAN speeds from
the disk cache until they catch up with the incoming data stream from the remote server.
They then receive the remaining data in real time as it arrives.
This Chapter describes how to set up and operate the features and facilities of the
Vicomsoft WebCache Server.
If you have set up the Router to use the WebCache Server then client web requests will be
passed to the WebCache and it will start to store the pages and objects that they access.
62
Vicomsoft
SoftRouter Plus
Chapter 6.
Vicomsoft WebCache Server
Vicomsoft WebCache Server Transparent Access
The SoftRouter Plus is configured by default to route all web page requests to the caching
server. You can switch this option on or off as follows:
¥
¥
Select ÒPreferencesÓ from the ÒEditÓ menu.
Select the Caching tab.
¥
Click the check box called ÒAccess the WEB through a CacheÓ to enable or
disable Transparent Caching.
Ensure that the web cache server Port number in this screen is set to the TCP port
number on which the caching server is operating. The default port number for
the Vicomsoft WebCache Server is 8080. Other caching servers typically use
port number 8080 or 8000.
Enter the address for the caching server's host machine. If the WebCache
Server module is on the same machine as the SoftRouter Plus then the server
address can be left blank.
Close the Preferences window by selecting OK.
If you enable Transparent web caching then ensure that the WebCache Server
module is running. The module is launched automatically when the SoftRouter
Plus starts up in its default settings.
¥
¥
¥
¥
In order to use the Transparent caching mode, all client web server requests must pass to the
Internet via the SoftRouter Plus. This can be done most easily by setting up the clients to use
the SoftRouter Plus's DHCP Server function. For manually-configured clients, set their
default router to be the IP address of the SoftRouter PlusÕs local network port.
IMPORTANT NOTE:
If you wish to run a browser on the same machine as the caching server and use it to access
the cache, this browser must be set up in Proxy mode. This browser cannot use the
Transparent access mode as the SoftRouter Plus would not be able to distinguish between its
web requests and outgoing requests from the caching server on the same machine.
To do this, open the Browser settings and select the Proxy options. Enter the local host
address 127.0.0.1 and port 8080 for HTTP proxy access only.
63
Chapter 6.
Vicomsoft WebCache Server
Vicomsoft
SoftRouter Plus
WebCache Status Window
The WebCache Server Status window can be opened on by using the ÒFileÓ menu item ÒShow
StatusÓ and closed using the File/Close menu item.
The Status window displays the Server activity levels as bar graphs of locally served and
remotely served traffic levels. Markers on the bar graphs show recent peak values and the
Ratio bar indicates the proportion of locally and remotely served data.
The radio buttons allow you to toggle between current throughputs and averages over the
previous hour. Click the "Reset History" button to clear the recorded throughputs that are
used to display the averages.
Offline Mode
The server can be switched to Offline operation using the Preferences dialog item ÒOffline
modeÓ. In this mode the Server will not attempt to request new or out-of-date pages from
the Internet and will only serve pages that are already cached.
In the Off-line mode it is important for clients to be able to find out which pages are
cached, as these are the only ones they can view in a browser. The WebCache Server
provides a "Catalog of cached pages" facility to make this possible. The Catalog is
available to clients at any time, whether or not the WebCache Server is off-line.
To open the User menu, enter the URL http://vicomsoft.local/ at a browser that is using the
WebCache Server.
64
Vicomsoft
SoftRouter Plus
Chapter 6.
Vicomsoft WebCache Server
Display catalog of cached pages
Click the User menu item "Display catalog of cached pages" to show a list of web sites that
are stored in the Server. Note that it may take several seconds to display catalog lists if
the server is running on slow hardware and has a lot of cached data.
You can click on any host name to see the items currently cached from that server and view
any page by clicking its name.
Pages and other items are sorted alphabetically, under separate subheadings according to
their types. The main Home and Index HTML pages are at the top of the list and movies,
sounds and images are listed with distinctive icons.
Items that are out of date have faded icons and will be refreshed if they are viewed when
the cache is online. If an item has been Protected by the Administrator from update or
deletion, then a padlock is shown on its icon.
65
Chapter 6.
Vicomsoft WebCache Server
Vicomsoft
SoftRouter Plus
Display local server list
Click the User menu item "Display local server list" to show a list of server machines that
are currently running on your local network. For this list to be created you must make sure
that the Port scan feature is active in the SoftRouter Plus preferences.
You can click on any of the displayed servers listed to be taken directly to that server. You
can use the ÒServiceScan.inpÓ file to dynamically allocated and fixed addresses. This file
is found in the ÒVICOM SettingsÓ folder in your System/Preferences folder. The exclusion
list will look like this;
;This file provides configuration information for the
;Vicomsoft Local Server Locator.
;
;The Server Locator scans the dynamically allocated and fixed addresses
;known to the DHCP Server, looking for servers running on the ports listed in this file.
;
;After each scan it waits for the "Minimum time between scans" before rechecking.
;For each address it waits for the "Time to wait for reply".
;
;Comment lines, like this one, have a semi-colon as the first character.
;
;Time to wait for reply in secs
2
;
;Minimum time between scans in secs
10
;
;The comma-delimited list below specifies the TCP Port numbers to scan.
;For each TCP Port number the file can define a URL Type or Method (e.g http),
;and a text description. These fields determine the way the Local Server List is
;displayed in a browser. If the Method field is defined then an active link is
;displayed in the browser, allowing the user to click to connect to that service.
;If the service cannot be reached via a web browser then the Type/Method field
;should be left blank.
;The text description is displayed alongside all servers that are active on the Port number.
;
;These servers are to be scanned:
;
;Port, Type/Method, Description
;
21, ftp, Ftp server
80, http, Web server
548, ,AppleShare IP Server
;
;Examples of other server descriptions:
66
Vicomsoft
SoftRouter Plus
Chapter 6.
Vicomsoft WebCache Server
;
;139, , NetBios
;8080, , Web cache
67
7
WebCache Server Administration
About this Chapter
You can administer the WebCache Server locally by selecting ÒPreferencesÓ from the ÒEditÓ
menu. You can also view or modify the preferences remotely, using any web browser. These
two methods are described in the next two Sections.
Local Administration
The Preferences menu option opens a multi-tab dialog with OK and Cancel buttons. Click
Cancel at any time to close the dialog and discard all settings make in any tab. Click OK at
any time to enter all the changes made in any tab.
The next sections describe the settings in each tab of the dialog.
General
Server Configuration
This Server Name: this is the name used by this Server when it sends requests to remote web
servers. It defaults to the machine's name.
Server Port: The port number the WebCache Server listens to. The default is 8080. If you
change it you must also change the Port number configured in the SoftRouter Plus's Cache
setup for transparent operation.
Cache operating mode
Cache off/passthrough: check this box to disable the caching function. All client requests
are then forwarded directly to the remote web server and no pages are cached by the server.
Off-line mode: check this box to take the WebCache Server off-line from the Internet. In
this mode the Server will continue to serve web objects that it has cached, but will return an
error page if it does not have a cached copy of a requested object.
69
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Enable logging: Check this box to switch on activity logging. In this mode a text log is
generated in Extended Common Log Format (CLF) that lists all served web items. The log
file replaces the Referrer field in the Extended CLF structure with text that records
whether each item was served from cache or directly from the remote web site.
The log file can be processed by any utility that recognizes CLF to produce activity reports.
One popular log analyser utility is called "Analog". The WebCache installer includes a
sample configuration file that you can use with Analog. Analog is available at
http://www.statslab.cam.ac.uk/~sret1/analog/.
For ease of use, the "WebCache - analog.cfg" file should be copied into the Analog 3 folder.
To use it, drag and drop the "WebCache - analog.cfg" file onto the Analog 3 application.
The config file looks for and processes files that end with "CacheLog.txt" that are located
in the Analog 3 folder. The output web page is saved into the same folder as the
"WebCache - analog.cfg" file (i.e. the Analog 3 folder) and is called
"webcache.stats.html".
Miscellaneous
Minimum size of items to be displayed in catalog: the catalog of cached items can be viewed
in any browser. It displays a list of all HTML pages that have been stored and also lists
movies, sounds and image files. Users will normally not wish to see all of the small
embedded image files in the list, so you can restrict multimedia files listed by setting a
minimum size here. The default is 100 KBytes.
Ask for confirmation before quitting: a warning message is displayed if Quit is manually
selected, to reduce the risk of inadvertently shutting down the Caching Server module. If
you prefer, you can suppress the warning by unchecking this checkbox.
70
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
Proxy
Use this screen only if you want to set up the WebCache Server to work via an upstream
Proxy Server, for example a corporate firewall or a web caching server operated by your
Internet Service Provider.
Access the Internet through a proxy server
Click in the checkbox and enter the following details that are required for access to the
upstream server:
¥
¥
¥
Proxy Server address
Proxy port (typically 8000 or 8080)
Proxy authentication (if required)
71
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Cache Control
Cache refresh frequency: for each request it receives, the caching server must decide
whether to serve a cached copy of the requested object or to seek a fresh copy. This decision
is based on information in the request, information received from the original web server
and the time since the object was last refreshed. If the WebCache Server checks for a fresh
copy very frequently then it must wait more often for Internet delays before responding to
requests. If it checks very infrequently then there is a risk that it will serve an out-of-date
copy of the information.
You can use the slider to select one of eight decision profiles to choose the optimum refresh
frequency for your users. The eight profiles are preset, but the Advanced tab allows you to
customize them to meet your specific needs.
Cache folder location: cached web objects are stored on disk in a folder called "WebPages".
This box shows the current path to the location of the WebPages folder. Click on the
"Change" button to select a different location.
Cache size: use this slider to limit the amount of disk space used by the WebCache Server
for cached objects. The slider is calibrated as a percentage of the total disk capacity and as
you move it shows both the actual number of MBytes selected and the percentage.
Max size of file to cache (KB): adjust this limit to avoid filling a limited cache capacity
with large downloaded files. If you have a large disk then you can safely increase this
limit if users wish to cache large objects.
Days to keep cached files: A housekeeping task executes periodically in the background to
clear out old files. You can set this limit to ensure that old files are removed from the cache
during this cleanup.
Cleanup cache now: use this button to trigger the housekeeping task immediately if you
have just reduced the "Days to keep cached files" setting and want to release cache space
immediately.
72
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
Security
Set an Administrator name and password in this tab to control remote web access to the
WebCache Server settings. The checkbox cannot be set to enable remote administration until
a User Name and Password have been entered.
Advanced
This tab allows you to view and/or customize the WebCache Server's eight refresh
frequency decision profiles. These profiles tune the frequency with which the WebCache
Server checks the freshness of its cached data by asking the remote web server. More
frequent checks result in delays while the remote server responds. Less frequent checks
increase the risk of serving out-of-date or inappropriate versions of requested information.
To view the default settings supplied by Vicomsoft, select the setting you wish to modify
using the slider. A table of these settings is listed below for reference.
To modify a setting, select it and change its profile items. You can use the "Restore defaults
for this setting" button to revert any setting to the values as delivered.
Profile options you can tune are:
Honor client's cache directives: the client's browser may send a no-cache directive in its
request. Some browsers always do this. If you set this checkbox then the Server will obey
this directive and will not cache any pages requested by these browsers. This will reduce
the effectiveness of the cache.
73
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Honor server's cache directives: web servers may send a no-cache directive for pages that
are known to change very frequently or to contain dynamic or user-specific information. It is
normally preferable to obey this directive to avoid serving stale or personal information to
the client. However you may want to override the remote server if you know that you want
to be able to use the served information off-line.
Cache pages with cookies, Cache cgi-bin pages: you can choose to cache pages that are
requested with cookies or whose URL includes a cgi-bin reference. A cookie or a cgi request
may include personal profile information that determines the responses of the web server,
so if you enable this option you risk caching user-specific or stale data. Again, this may be
your intention for off-line browsing or in situations where you are prepared to take these
risks to improve caching performance.
Default expiry time: the HTTP specifications allow servers to specify the expiry time for a
web object so that caches can determine when they should seek a fresh copy. However, this
option is seldom sent by servers, so the cache administrator must decide how frequently to
check for new information. This setting determines the default expiry time for such objects.
After this time the Server will check with the remote web server to see if the object has
changed before sending its cached copy to the client.
Overrun server's expiry time by: if the remote web server has specified an expiry time then
the cache can be set to overrun this deadline before re-checking with the remote server.
This can be useful in situations where the remote server sets a very short expiry time, for
example as a way to ensure that each user refresh delivers a different version of the page.
Default refresh frequency profiles: the following table summarizes the initial default
values for the eight profiles.
Refresh rate
Honor client's
cache directives
Honor server's
cache directives
Cache pages with
cookies
Cache cgi-bin
pages
Default expiry
time
Overrun server
expiry time by
74
Low
1
No
2
No
3
No
4
No
5
No
Default
6
No
7
No
High
8
Yes
No
No
No
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
No
No
No
No
Yes
No
No
No
No
No
No
No
12 hr
8 hr
4 hr
2 hr
1 hr
1 hr
30 min.
15 min.
4 hr
1 hr
1 hr
30 min.
30 min.
0
0
0
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
WebHeader
This tab enables a unique WebHeaders feature that sends a frame with each web page
served by the web cache. The frame can contain any HTML data configured by the
administrator, either from a local file or from a web server. This feature can be used to
display organisational notices such as conferences or meeting schedules or it can be used to
display a list of links.
If the main WebHeader checkbox is enabled you can enter a URL for the web page to be
displayed in the frame. You can also set the height of the display and if it should be
scrollable. If the URL is left blank or the WebCache is off-line, WebHeader will look for a
local file in the local HTML directory called ÒWebHeadersÓ.
The WebHeader frame is displayed in browsers that support Java script and frames. You
can use the Òexclusions.txtÓ file to list web sites that you do not wish the WebHeader to be
displayed upon. This file is found in the ÒVICOM SettingsÓ folder in your
System/Preferences folder. The exclusion list will look like this;
; List web sites in this file which should not be displayed with a WebHeader.
;
; For example:
;
; Example 1 shows that any web page on the www.vicomsample.com web site
; will not show a WebHeader.
; www.vicomsample.com
;
; Example 2 shows that any web page on any machine with vicomexample
; in the domain name part of the URL will not show a WebHeader
; vicomexample
;
; Example 3 shows that the test.html web page on the www.vicomtest.com
; web site will not show a WebHeader
; www.vicomtest.com/test.html
;
www.ibm.com
setiathome.ssl.berkeley.edu
With an exclusion list with these two entries the WebHeader will not be displayed on the
www.vicomsoft.com web site main page. With the hotmail.com entry, the WebHeader
will not be displayed on any Hotmail web site page.
75
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Remote Administration of the WebCache
The remote administration option provides similar controls to those in the local interface,
using a web browser to access the WebCache. Some of the administration features are only
available if your browser has JavaScript capability. This has been tested with Netscape
Communicator and Microsoft Internet Explorer version 3 and later on Mac OS and Windows
systems.
To connect to the Server from any browser, open the URL http://vicomsoft.local/admin.
Note that this host name is the same as that used for clients to reach the Catalog of cached
pages, but the "admin" directory is protected by the password defined in the Preferences.
Enter the Administrator access name and password to display the web administration main
menu page:
The main menu provides Administration access to the catalog of cached pages and to
Configuration pages where you can change the WebCache settings.
Administering cached web sites
Click "Display catalog of cached pages" to see a list of web servers for which the cache
contains stored pages. This catalog is similar to that seen by clients, but includes a
"Toolkit" icon beside each item. Note that it may take several seconds to display catalog
lists if the server is running on slow hardware and has a lot of cached data.
Click the "Toolkit" icon beside a server to open a "Host Folder Operations" window for the
server.
76
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
You can use the menu in this window to select operations to Protect, Unprotect or Erase all
currently-cached items for the selected server. When you have selected an operation in the
menu, click "Apply". Some browsers will close the operations window at this point. On
others you should click "Close" .
Protect site contents: this option prevents the WebCache Server from deleting or refreshing
any of the currently cached items for this Server. It can be used to preserve large cached
files beyond their normal expiry times. If new pages are later cached then these will not be
protected unless this operation is repeated.
Unprotect site contents: this option removes the protection for all of the currently cached
items for this Server. They can then be deleted or refreshed by the Server in the normal
way.
Erase site: this option deletes all currently cached items for the selected site immediately.
When you refresh the Catalog this web server will not be listed until new copies of its
pages are cached.
Administering individual items: if you click on the name of a server you will see a list of
the individual items stored for that site.
Each has a "Toolkit" icon that opens a Properties window for the item.
77
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
This window displays the file name, size and date information for the item and its
Protected status. You can use the controls to change its Protected state or Erase it from the
cache, then click "Apply Changes".
Protected: this checkbox shows if the cached item has been Protected from update or
deletion. Click the checkbox to change the item's Protection state.
Erase this item: select this menu option to delete the currently cached copy of this item.
When you refresh the Catalog it will not be listed until a new copy has been cached.
78
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
Remote WebCache Configuration
Click WebCache configuration to open the main configuration page:
These settings are described in detail in the ÒLocal AdministrationÓ section. When you
have made changes, send them to the Server using the button "Activate New Settings".
The Advanced WebCache Configuration screen allows you to customize the refresh
frequency settings. It displays a table showing the current settings for the eight profiles and
provides editing controls that you can use to select any profile and modify its settings. If you
make any changes, click "Activate New Settings" to send the changes to the WebCache
Server.
The bar at the bottom of each page or the browser's "Back" button, will get you back to the
main menu.
79
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Click the User menu item "Display local server list" to show a list of server machines that
are currently running on your local network. For this list to be created you must make sure
that the Port scan feature is active in the SoftRouter Plus preferences.
This displays the same list that would be displayed when you select the menu item
"Display local server list" from the User Menu.
80
Vicomsoft
SoftRouter Plus
Chapter 7.
WebCache Server Administration
Remote WebHeader Configuration
The WebHeader feature sends a frame with each web page served by the WebCache
Server. The frame can contain any HTML data configured by the administrator, either from
a local file or from a web server.
With the remote WebHeader configuration you can select from a list of different
WebHeader templates or you can create your own with the WebHeader editor.
With the WebHeader Editor, we provide a few basic Templates that will allow you to
create a WebHeader to suite your own needs and display the information that you wish it
to display.
Select the WebHeader template that you wish to use to create a WebHeader, then select
the ÒCreate New WebHeader using this templateÓ. You may also select one of the
WebHeaders that you may have created previously and select ÒModifyÓ.
81
Chapter 7.
WebCache Server Administration
Vicomsoft
SoftRouter Plus
Create or Modify a WebHeader
When you select ÒCreate New WebHeader using this templateÓ or ÒModifyÓ from the
WebHeader Editor page, this page will be displayed.
If you are Modifying a previous WebHeader that WebHeaders information will be display
along with the WebHeader itself at the top of the web page.
Depending on the WebHeader that you are making you will be asked to enter the
Information you wish to display. You will also be asked to enter a name to assign to this
WebHeader.
82
8
The DNS Server and Cache
The Domain Name Server
Whenever a client wants to reach a remote server across the Internet, the name of the target
server must be looked up by the client machine and converted into a numeric IP address. This
applies for all services - web, email, FTP etc.
If the machine has not recently connected to the required server and remembered its IP
address it will ask a Domain Name Server (DNS) to do the lookup for it. This must happen
before the client machine can send any request to server and can cause significant connection
delays when the Internet is busy.
The Vicomsoft routing products include integral Domain Name Caching and Serving options
to provide improvements in performance and flexibility. This Chapter describes these
features and provides configuration instructions for them.
Domain Name Caching
When DNS Caching is enabled the Router monitors and caches the results of client requests
to remote name servers. If it can resolve a client request using cached information then it
does so, giving a faster response. All other requests are routed to the remote DNS address
defined by the client.
To use this mode, client machines are supplied with the addresses of remote DNS servers in
the usual way. DHCP clients will receive the addresses configured in the Network
Preferences tab of the Router and manually configured clients should have DNS addresses
entered in their control panels.
Domain Name Serving
When DNS Serving is enabled the Router's address can be set as the DNS address for its
clients. It then serves all their DNS requests itself.
When a client asks the server to resolve a name the DNS returns the address immediately
if it knows it. Otherwise it forwards the request to the upstream servers, making recursive
requests if necessary, returns the results to the client and caches resolved addresses for
reuse.
To use this mode the client is set up with the Router address as its DNS address, so all
client name server requests are sent directly to the Router's DNS function. If the Router is
set up in this mode then it serves its own address to DHCP clients whenever they ask for
their IP and DNS address information.
83
Chapter 8.
The DNS Server and Cache
Vicomsoft
SoftRouter Plus
Local Name Resolution
The Vicomsoft DNS also provides local name resolving features which operate when DNS
Caching or Serving are enabled.
The DNS can be given or will learn, the names of servers on the local network and will
resolve these to the correct IP addresses. Local server names and addresses can be entered
manually or they can be learned as a result of address assignments by the integral DHCP
Server.
Fixed Address Resolution
If you assign fixed names to IP addresses using the DHCP Names File then the integral
DNS will resolve these names for local network users. For example, you may have a DHCP
Names file entry:
-
192.168.1.25
TheWebServer
Users on the local network who are set up to use the Router for DNS can then enter the URL
"http://TheWebServer.local/" in their browsers and they will connect to a web server at IP
address 192.168.1.25.
For more advanced DNS configurations you can create a Gateway Names file as a text file.
This file should be created in standard UNIX Hosts file format, a sample file is installed
in the ÒVICOM SettingsÓ folder in your System/Preferences folder. The file will look like
this;
; This file can be used to configure the Name Server within the Vicomsoft Routers.
;
; This section lists the authoritative name servers for a particular domain
; In this example, the machine called "nt.vicomsample.com" is the authoritative
; name server for the domain "vicomsample.com"
vicomsample.com.
NS
nt.vicomsample.com.
; This section defines which domain name (machine) is on which IP address.
; We also have to define a Time To Live (TTL) value in seconds.
; In this example, we have setup a domain name of "nt.vicomsample.com"
; which is on an IP address of 192.168.1.100
nt.vicomsample.com. 86400 IN A
192.168.1.100
; We can also identify the computer and the operating system
; associated with the above line.
HINFO
'NT_166'
'Windows NT4'
nt2.vicomsample.com. 86400 I N
HINFO
'None' 'MSDOS'
test.vicomsample.com. 86400
HINFO
'Macintosh'
A
192.168.1.200
IN
A
'MACOS'
192.168.2.100
; This section defines which IP address is related to which domain
; name (machine), i.e. this is the opposite to the "A" records listed above.
84
Vicomsoft
SoftRouter Plus
Chapter 8.
The DNS Server and Cache
192.168.1.100 86400 IN PTR
192.168.1.200 86400 IN PTR
nt.vicomsample.com.
nt2.vicomsample.com.
; CNAME stands for Canonical Name, which is like an alias to an "IN A" entry
; In the example below, "www.vicomsample.com" is an alias to
; "nt.vicomsample.com".
www.vicomsample.com.
vicomsample.com.
ftp.vicomsample.com.
mail.vicomsample.com.
proxy.vicomsample.com.
CNAME
nt.vicomsample.com.
CNAME
nt.vicomsample.com.
CNAME
nt.vicomsample.com.
CNAME
nt.vicomsample.com.
CNAME
nt.vicomsample.com.
www.my-nt.vicomsample.com.
CNAME
nt.vicomsample.com.
my-nt.vicomsample.com.
CNAME
nt.vicomsample.com.
www.nt.vicomsample.com.
CNAME
nt.vicomsample.com.
my.vicomsample.com.
CNAME
nt.vicomsample.com.
machine1.vicomsample.com.
CNAME
test.vicomsample.com.
; This section defines MX ( Mail eXchange ) entries used by Mail Servers.
; In this example, all mail for the domain "vicomsample.com" will be sent to
; mail.vicomsample.com.
vicomsample.com.
86400
IN
MX
10
mail.vicomsample.com.
; NOTE: It is VERY improtant that you add a period "." to
; the end of each domain name.
The DNS does not support Zone or wild card queries, so it will not currently operate in a
primary/secondary DNS configuration.
DHCP Address Resolution
Users whose IP addresses are assigned via DHCP may not always receive the same IP
address, unless the DHCP Clients file has been configured to reserve a fixed address for
them. So personal servers are difficult to access on these machines. The Vicomsoft DNS
solves this problem by linking the name server with the DHCP server.
Most DHCP clients can specify a Host Name when requesting a DHCP address or the Host
Name may be defined in the DHCP Names File. So, if you are using the Router as both
DHCP Server and Domain Name Server then it can track the assignment of IP addresses to
client machines and resolve a client machine's Host Name to its currently-assigned DHCP
address.
For example:
08:00:54:b0:fd:36
08:12:07:be:5f:72
03:11:0c:3e:ea:9c
0.0.0.0
192.168.1.120
0.0.0.0
dynamicMac
WebServer
MyServer
A machine is configured with a Host Name of "MyServer" and has acquired its IP address
from the DHCP Server. If it is running a personal web server, this can be reached by other
LAN clients using the URL "http://MyServer.local/" without needing to know its current
IP address.
85
9
The DHCP Server
About this Chapter
The Vicomsoft SoftRouter Plus incorporates a DHCP server to simplify the setup and
maintenance of its attached TCP/IP networks.
This chapter covers the benefits of DHCP and explains how to setup your network to use it.
For users needing more detail, it also explains how the DHCP server operates.
Note: To customize the DHCP Server and access the ÒDHCP SetupÓ choice from the
ÒNetworkÓ menu, you must be in Advanced User Mode. For basic/default DHCP server
functionality, Basic User Mode is sufficient.
What is a DHCP Server?
DHCP stands for Dynamic Host Configuration Protocol. Using DHCP, client computers do
not require individual, manual configuration. Instead, they obtain their IP addresses from
the SoftRouter Plus each time they start up. This reduces the work required to setup client
computers and reduces the likelihood of user errors.
The SoftRouter PlusÕs built-in DHCP server provides this configuration service for Open
Transport, Windows and Unix clients. It also allows the older BOOTP protocol to be used
by, for example, MacTCP clients.
Configuring DHCP
Setting up the DHCP server
1. Select ÒPreferencesÉÓ from the ÒEditÓ menu item in the Internet Gateway application.
2. Select the ÒNetworkÓ tab at the top of the window and check the ÒEnable DHCP
ServingÓ box.
3. Select OK.
4. Edit the LAN or Network port, on which you wish to serve DHCP and make sure the Can
Serve DHCP box is checked. This can be found under the General tab.
5. The DHCP server is now ready to accept requests from Client computers for IP addresses
and will serve an Automatic range of IP addresses based on each Network Port address.
6. If you wish to change the address ranges or other default settings, then see the section
below on Configuring the Server.
Setting up the DHCP clients
The SoftRouter Plus QuickStart Guide gives full details on configuring client computers to
use the DHCP Server.
A note about MacIP clients
Clients connected to a MacIP port can also obtain their IP addresses from the SoftRouter
Plus acting as an address server. However, this is done within the MacIP protocol (also
known as ÒKIPÓ) and so these MacIP address assignments are not governed by the DHCP
methods and settings.
87
Chapter 9.
The DHCP Server
Vicomsoft
SoftRouter Plus
Customizing the DHCP Server
When it starts, the DHCP Server operates in its default mode. You can change its settings
using the ÒDHCP SetupÓ item in the ÒNetworkÓ menu to adjust the maximum number of
addresses the server will assign, the ranges of addresses it can distribute and the lease time
for DHCP assignments. You must be in Advanced User Mode to access this function.
The server can assign up to 100 simultaneous client addresses in its default configuration.
This limit can be adjusted up to a maximum of 1023 in the Maximum clients box.
DHCP clients are issued with addresses on a limited lease and they can renew at any time
during this period. The default DHCP lease time of 60 minutes can be modified in the Lease
Time box. BOOTP clients are assigned addresses indefinitely.
Each Ethernet port has a separate ÒEnable DHCPÓ Check-box which can be accessed in its
Edit Port Settings window, for more information please see Chapter 4, Customizing the
SoftRouter Plus. It is therefore possible to define which of the directly-connected LANs the
DHCP Server will accept DHCP requests from. This is especially important if you are using
a cable modem with a dynamic IP address on one Ethernet device and your LAN is
networked together via a separate Ethernet card.
When a client needs to start up TCP/IP operations, it broadcasts a request for address
information. The DHCP Server assigns an IP address and sends it to the client together
with the subnet mask, a Router address and the domain name server address information.
This information is acknowledged by the client and used to set up its configuration.
When the DHCP lease time reaches half way for a client, the client will ask the DHCP
server if it can re-new or still use the IP address. If the so the DHCP lease time will be
reset.
The DHCP Server calculates a default dynamic address range for each configured
SoftRouter Plus Ethernet port. The default number of IP addresses to assign is 100, the
default DHCP time out is 60 minutes. The default behaviour is as follows:
The server assigns addresses in each PortÕs subnet range starting at host address zero. It
assigns increasing host numbers up to a maximum of one less than its own port address. So, by
selecting a suitable port address, i.e. 192.168.1.254, you can serve 253 addresses.
88
Vicomsoft
SoftRouter Plus
Chapter 9.
The DHCP
For most network systems it will be unnecessary to modify the defaults, but if necessary, the
dynamic address ranges can be edited and augmented by the user. Turn of automatic ranges
and then select the ÒNew RangeÓ you can then enter your own range. The ÒDelete RangeÓ
button will delete a selected range. Served address ranges need not be constrained to the
directly connected networks if suitable BOOTP relay agents exist in the routing system.
89
Chapter 9.
The DHCP Server
Vicomsoft
SoftRouter Plus
DHCP Clients File
A text file called ÒDHCP ClientsÓ is put in the ÒVICOM SettingsÓ folder (in the
System/Preferences folder) by the Installer. You can use SimpleText or other text editors to
edit this file to define fixed address assignments for specific client computers. This is useful
in the case you have any servers that must have the same address at all times. You can also
use it to assign a user or machine name to each client, making it easier to monitor which
clients are active and to trouble-shoot client problems.
The file format is:
<Media Access Control (ÒMACÓ) Address> <TAB> <IP Address> <TAB> <Name>
For example:
08:00:54:b0:fd:36
08:12:07:be:5f:72
03:11:0c:3e:ea:9c
0.0.0.0
192.168.1.120
192.168.1.121
My_dynamic_Mac
Web_Server_fixed
Fixed_admin_PC
The MAC address is the physical address of the Ethernet or Token Ring adapter in the
client machine. (it has no direct relationship to ÒMacintoshÓ). An Ethernet address is
represented as xx:xx:xx:xx:xx:xx, where each ÒxÓ is a hexadecimal character. For example
you can find the MAC address of a Macintosh computer running Open Transport on Ethernet
by opening the AppleTalk or TCP/IP Control Panel and selecting ÒGet InfoÓ in the ÒFileÓ
menu. In MacTCP, hold down the Option Key while clicking the Ethernet icon to display
the MAC address.
If the IP address is entered as Ò0.0.0.0Ó then the DHCP Server will assign an address
automatically. If any other valid address is entered then this will be reserved for that
client only and always assigned to it when an IP address is requested.
The Name field can be up to 16 characters, containing no spaces or tabs.
It is preferable that if you are going to assign static IP addresses by manually configuring a
client or by using the DHCP Clients file, make sure to use IP addresses outside the range set
in the DHCP Setup window.
90
Vicomsoft
SoftRouter Plus
Chapter 9.
The DHCP
View DHCP Clients
During SoftRouter Plus operation, the DHCP ServerÕs current list of assigned addresses and
active clients can be displayed by selecting ÒView UsersÓ in the ÒFileÓ menu.
A client machine can override any name given to it in the DHCP Clients file by sending its
name to the DHCP Server when requesting an IP address. Client machines with Mac OS 8.5
or above may enter a DHCP Client ID, this name will appear in place of the hardware
address.
Restarting the SoftRouter Plus
If you restart the SoftRouter Plus, at any time, the DHCP Server will remember the
currently assigned IP addresses. Client machines requesting an IP address after a restart of
the Server will therefore be given an address that is not already in use by another client
computer.
91
10
Setting Up Remote Access
Services
About this Chapter
The SoftRouter Plus can be set up to permit remote computers to dial in using a modem or
ISDN. In this mode, it acts as a PPP Server or Remote Access Server. This capability can be
used on a SoftRouter Plus that is also providing other SoftRouter Plus services.
The PPP Server function can be used to support individual remote users wishing to dial into
your TCP/IP network via PPP client software or it can be used create a wide area
intranetwork.
If a remote Gateway dials into the PPP Server, the two networks can be linked together as a
Wide Area Intranet. The SoftRouter then route traffic to allow users at each site to access
TCP/IP facilities at the other site. A high speed link such as ISDN is recommended for
inter-connecting a Wide Area Intranet.
This chapter describes how to configure the SoftRouter Plus for use as a PPP Server and
provides examples of remote client configurations for typical desktop computers.
93
Chapter 10.
Setting Up Remote Access Services
Vicomsoft
SoftRouter Plus
PPP Serving
The SoftRouter Plus includes a PPP Server, which allows for multiple dial-in connections.
Each PPP dial-in port can be set up with a static IP address or you can use dynamic address
assignment.
If you only wish to create one dial in port, for users to connect to, it is suggested that you give
it a static address, this is a the easiest way and allows you full control over the dial in
user.
The following example shows an SoftRouter Plus providing remote access services for up to
two simultaneous remote users. More dial-in ports could be provided by installing a multiport serial interface card. When connected, remote users are able to access the same TCP/IP
facilities on the LAN and other Intranet connections as the locally-connected users.
Network A
192.168.1.0
Dial Up
Connections
Remote Users
192.168.1.254
Vicomsoft
SoftRouter Plus
To set up the SoftRouter Plus for remote access using PPP Serving, as illustrated above, you
will need the following port configurations on your SoftRouter Plus computer:
¥
¥
¥
Ethernet port with an IP address on Network A (e.g., 192.168.1.254).
In the Preferences/PPP Server a PPP Base Server address of 192.168.1.200 is entered.
Two PPP Dial upÑAnswer Only ports, both set up for Dynamic addressing.
For a remote client to dial in to the SoftRouter Plus it will need to have a Dial Up
Networking configuration setup with the correct phone number and connection details. Once
the connection is made, the remote client will be assigned an IP address according to the
SoftRouter Plus configuration.
A Note About Dynamic PPP Address Assignment
When a remote client connects to a PPP dial-in port that is set for dynamic addressing, the
SoftRouter Plus will assign it the next available address above a base IP address. This base
address can be defined manually, in the Preferences/PPP Server. If the base address is not
defined, the SoftRouter Plus defaults to use the address of the first Ethernet network in the
Port list. For example, if the Ethernet port has an address of 192.168.1.100, the first dial-in
PPP port will be assigned an IP address of 192.168.1.101 upon connection by a client. The next
one is assigned 192.168.1.102 and so on.
If your Ethernet IP address is 192.168.1.254 you must enter a PPP Base Server address
because there is no next available IP address.
If you define a PPP Base server address of 192.168.2.100 the first dial in port and connection
will receive the IP address 192.168.2.100, the second port and connection will get the
address 192.168.2.101. Upon disconnection the IP address becomes free for the next caller.
94
Vicomsoft
SoftRouter Plus
Chapter 10.
Setting Up Remote Access Services
If you assign a dial in port a static IP address, such as 192.168.1.100, the dial in client will
be assigned 192.168.1.101. In this case we suggest you use a different network per port, so the
first dial in would be 192.168.1.100 the second, 192.168.2.100, etc..
Note: Since the DHCP Server function in the SoftRouter Plus also assigns IP addresses
ensure that you select a PPP Server Base address that is outside of any DHCP Server range
you define. DHCP and PPP are two different protocols and therefore they do not interact.
95
Chapter 10.
Setting Up Remote Access Services
Vicomsoft
SoftRouter Plus
Dial-In Client Access
Once connected, remote access clients can access all of the same network facilities as local
clients. These include:
¥
¥
Local TCP/IP network servers.
The Internet, via an Internet port on the SoftRouter Plus itself or via another SoftRouter
Plus.
Dial-In Client Security
The SoftRouter Plus provides dial-in password security. Security works through Mac OS
Users & Groups, Vicomsoft PPP Users or Radius Servers. Each remote client will then need
an account defined by a username and a password.
The remote userÕs name and password are sent to the SoftRouter Plus by the client and
authenticated during each connection attempt. The SoftRouter Plus can be configured to
require Password Authentication Protocol (PAP) or a Unix-style login to obtain this
information. If PAP is selected, the SoftRouter Plus will attempt to use the secure CHAP
protocol first and then will fall back to PAP if CHAP is not available.
To use PAP, dial-in clients should enter their username and password into the
ÒAuthenticationÓ field of their PPP dialler. To use a Unix login, the user or the PPP dialler
responds to username and password prompts, the prompts are:
Login:
Password:
To select the method you wish to use the Authentication settings in the ÒEditÓ menu,
ÒPreferencesÓ, in the PPP Server tab. Depending on what you have set here, the following
options will be available for you to use, as described in Chapter 5.
MacOS Users & Groups
Vicomsoft PPP Users
Radius Server
Login Script
X
X
PAP
X
X
X
CHAP
X
X
Vicomsoft PPP Users
To set up a user account in Vicomsoft Users, select ÒUser Account Setup...Ó in the ÒFileÓ menu
of the SoftRouter Plus and select New User. Enter the user's name, password and ensure that
you make the user Active.
Mac OS Users & Groups
To set up a new remote user in Mac OS Users & Groups:
1.
2.
3.
4.
5.
6.
Open the Users & Groups control panel.
Select ÒNew UserÓ from the ÒFileÓ menu.
Type in the account username.
Double-click on the user icon.
Type in the account password.
Drag the user icon to the ÒVIP Gateway GroupÓ group icon.
To add an existing user to the SoftRouter PlusÕs Group:
96
Vicomsoft
SoftRouter Plus
Chapter 10.
Setting Up Remote Access Services
1. Open the Users & Groups control panel.
2. Drag the user icon to the ÒVIP Gateway GroupÓ group icon.
NOTE: If the SoftRouter Plus is running on the same computer as an AppleShare Server,
make sure that you enter the administration password in the Preferences/PPP Server tab.
Refer to Chapter 4, Customizing the SoftRouter Plus, for additional information. You will
not be able edit users via the Users & Groups control panel, you must use the Administration
program supplied with your AppleShare server.
Radius Server
Enter the Radius server secret into the Preferences/PPP Server tab and the IP address of the
Radius server computer. Then set up user accounts on the Radius server according to the
instructions for that software.
97
Chapter 10.
Setting Up Remote Access Services
Vicomsoft
SoftRouter Plus
Setting up Dial-In Ports
In order to use the SoftRouter Plus as a PPP Server, you need to create one or more new ports
to answer incoming calls.
A single dial-in port can be provided using one of the serial interfaces on the SoftRouter
Plus computer. If all the built-in serial interfaces are in use or more dial-in ports are
required to support simultaneous remote clients, you can add more by plugging in a multiport serial card.
To configure each dial-in port, select ÒNew PortÓ from the ÒPortsÓ menu and configure it as
follows:
Under the General Tab
Port Name: You may want to give the Port a name such as ÒRemote Access PortÓ, which then
appears in the Port list in the SoftRouter Plus Status window.
Method: This pop-up menu shows a list of all installed interfaces. Select PPP or SLIP.
Address: You can set the SoftRouter Plus to serve either static or dynamic addresses for
remote dial-in access.
For static addressing check the Static Address box and enter an IP number on the 192.168.x.x
network, such as 192.168.30.100. Ensure that no other port has an IP address on the same
network. We recommend the network range of 192.168.x.x for private networks. Please see
Chapter 11, IP Addressing and Routing, for more information on network addresses.
For dynamic addressing, leave the Static Address box unchecked. If you choose this
addressing option, you may want to set the PPP Base Server setting in the Preferences.
Under the Connect Options Tab
Type: Choose an Answer option:
¥
¥
ÒDial up - Answer onlyÓ sets the port to accept incoming calls.
ÒDial up - Answer and DialÓ also enables the port to initiate outgoing calls.
Dial In Security: There are four options possible for checking incoming caller identity:
¥
¥
¥
¥
Users and Groups (PAP/CHAP): Uses Password Authentication Protocol (PAP) or
CHAP to authenticate the clientÕs username and password. This is the fastest
authentication method.
Users and Groups (Minimal Prompts): Uses a login script; prompts are Òlogin:Ó and
Òpassword:Ó.
Users and Groups (Full Prompts): Displays a login banner with the SoftRouter Plus
name and version before prompting for ÒloginÓ and ÒpasswordÓ.
Radius Authentication Server: Uses a Radius Server to authenticate the User name and
password.
The options displayed will depend on the authentication type you have selected in the PPP
Server tab of the Preferences, described in the Dial-In Client Security section.
Limit Connection Time To: This specifies the maximum time the port can remain connected.
The SoftRouter Plus will close the connection after this time expires, even if there is traffic
through the port.
98
Vicomsoft
SoftRouter Plus
Chapter 10.
Setting Up Remote Access Services
Setting Up Remote Access Clients
The client remote access service is set up with a combination of a TCP/IP stack and a PPP
dialler. The following examples include details on how to set up clients for common
configurations: OT/PPP and Windows 95/98 Dial-Up Networking
Open Transport PPP
The Open Transport PPP configuration consists of setting up the Modem, TCP/IP, and the
PPP control panels.
Setting up TCP/IP
1.
2.
3.
Open the TCP/IP control panel.
Select ÒPPPÓ in the Connect via pop-up menu.
Select ÒUsing PPP ServerÓ in the configuration pop-up menu.
Once the Modem PPP and TCP/IP control panels are set up, open the PPP control panel and
click on the ÒConnectÓ button.
Setting up Modem
1.
2.
3.
Open up the Modem control panel.
Select the appropriate serial port and modem settings.
Close the Modem control panel.
Setting up PPP
1.
2.
3.
4.
Open the PPP control panel.
Enter the phone number of the SoftRouter PlusÕs dial-up line.
If the SoftRouter Plus security is set to PAP, enter your username and password in the
connection settings.
If the SoftRouter PlusÕs Security is set to Login Script, click the ÒoptionÓ button and
highlight the ÒProtocolÓ tab. Enable the check-box ÒUse terminal windowÓ then click
Ok.
99
Chapter 10.
Setting Up Remote Access Services
100
Vicomsoft
SoftRouter Plus
Vicomsoft
SoftRouter Plus
Chapter 10.
Setting Up Remote Access Services
Windows 95/98 Dial-Up Networking
The Windows 95/98 operating system has built-in dial-up networking that allows you to
establish a PPP connection. The configuration consists of setting up a Dial-Up Networking
connection and the Network control panel.
Dial-Up Networking
1.
2.
3.
4.
From the Windows desktop click on My Computer | Dial-Up Networking | Make New
Connection.
Change My Connection to ÒVIG Dial-UpÓ and select the appropriate driver for your
modem.
Click ÒNextÓ and enter the correct phone number for the Vicomsoft SoftRouter PlusÕs
dial-up line.
Click ÒNextÓ and click ÒFinishÓ.
Network
1.
2.
3.
4.
5.
6.
7.
Open the Network control panel and click ÒAddÓ.
Click ÒAdapterÓ.
Click ÒAddÓ, select ÒMicrosoftÓ in the left window and ÒDial-Up AdapterÓ in the right
window.
Click ÒOKÓ.
Click ÒAddÓ, select ÒMicrosoftÓ in the left window and ÒTCP/IPÓ in the right window.
Click ÒOKÓ.
Close the Network control panel.
Dialling Out
1.
2.
Double-click on the ÒVIG Dial-UpÓ DUN icon.
If your SoftRouter Plus has the ÒUsers & Groups (PAP)Óoption set, enter your username
and password.
Once the Dial Up Network and Network protocols are setup, double-click on your Dial Up
Network connection and click on ÒConnectÓ.
101
11
Inbound Mapping and
Firewall Protection
The SoftRouter Plus as a Firewall
A firewall is a router which blocks all or some IP traffic from reaching an IP network. This
is particularly important when connecting to the Internet, as without this security, anybody
on the Internet could make use of resources on your local network.
If the SoftRouter Plus is connected to the Internet using a port with Network Address
Translation (NAT) enabled, then it automatically provides effective firewall protection
against unwanted incoming traffic from the Internet. Applications running on the SoftRouter
Plus computer itself will always be accessible on a connected NAT port. Other ports,
without NAT, can communicate freely.
Inbound Mapping
Inbound mapping can be used to enable specific access for users on the Internet to selected
servers on your local network through the firewall if required.
The Inbound Mapping facility is used to permit servers on your local network to be accessed
from outside the firewall at specific TCP or UDP port numbers. Use this to make internal IP
servers (e.g., web or email servers) accessible to clients connected to the Internet and to
permit those UDP-based applications that require ports to be mapped to operate through
the firewall.
Inbound Mapping can be set up using the ÒInbound MappingÉÓ item in the ÒNetworkÓ menu
and is only available in Advanced User Mode.
To enable inbound traffic to reach a specific local server, create an entry by clicking ÒNew
HostÓ and enter the local IP address of the computer to be reached. Then click on the port
field to enter the port number range supported by this server. Typically this may be a mail,
FTP or web server and you will enter the well-known port number for the service. The popup menu provides a convenient way to enter the common port numbers.
You can enter a range of port numbers by selecting the starting port number in the From Port
field section and then entering the ending port number in the To Port field. A range is from
one port number to another, i.e. and entry of 1000 in the From Port and 1024 in the To Port
section maps 24 ports to the host IP address that is entered. It does not a map a request for
one port number to another port number.
103
Chapter 11.
Inbound Mapping and Firewall Protection
Vicomsoft
SoftRouter Plus
In the two examples shown a machine on the local network has been assigned the IP address
192.168.1.150 and is running both an FTP Server and a Web Server. Both these Services will
be accessible from the Internet using the IP address of the SoftRouter Plus's NAT Port.We
also have an entry for a user who wishes to play an Internet game from a computer on IP
address 192.168.1.160. This game requires a range of ports to be mapped, thus we have the
entry 192.168.1.160 and port 2000 to port 2050, meaning that any incoming traffic with port
numbers 2000, 2001, 2002, 2003, etc... to 2050 will be re-directed to 192.168.1.160.
Users on the Internet wanting to get to the FTP or web server on the internal network would
use the 193.119.100.129 address and all requests for ports 20, 21 and port 80 will be inbound
mapped through to the correct server at 192.168.1.150.
A user on the internal network, 192.168.1.120, who wants to get to the same web server
would use the 192.168.1.150 IP address because he is on the same logical network.
For other port numbers that are used please refer to the manufacture of the software
package you wish to use, or check Internic for a list of known ports.
Use the ÒDuplicate HostÓ button to duplicate an existing service and ÒDelete HostÓ to
remove unwanted entries.
Note: Each TCP or UDP port number can only be mapped to a single host address on your
internal network. For this reason, where possible, choose the TCP option rather than UDP
for client-side services.
104
12
IP Addressing and Routing
About this Chapter
This chapter provides some background on how TCP/IP packets are addressed and routed on
the Internet and describes the way the SoftRouter Plus makes its routing decisions. It goes on
to explain how to configure and monitor the routing information used by the SoftRouter Plus.
TCP/IP Addressing
Each computer connected to a TCP/IP network has a unique address. The convention is to
show the address as four numbers separated with a full stop, for example Ò192.168.1.100Ó.
This address is know as an IP address. Each number in the sequence must be between 0 and
255.
The address represents a 32 bit binary number split into four 8 bit octets.
It consists of two parts: the network number (n) and the host number (h). The network
number is defined by the first part of the address, 192.168.1 in this example. The host
number is the second part, 100 in this example, please see Network Mask below.
The first number in the sequence defines the class of the network number, which determines
how the address is divided into its two parts:
First number range
0
1-126
127
128-191
192-223
224-255
Network class
not allowed
Class A
not allowed
Class B
Class C
not allowed
Network portion
n.h.h.h
n.n.h.h
n.n.n.h
(n) = network number
(h) = host number
The network number identifies the logical network that the host is connected to. Since the
SoftRouter Plus is connected to several networks, each port must have an IP address with a
unique network number.
A connection to a network may have a Static or Dynamic IP address. A static address is predefined and set before the computer is connected to the network. A dynamic address is
acquired during the connection process with the help of a special addressing protocol and
may be different each time it connects.
Network Mask
The network mask tells a router how to divide an IP address into its two parts: the network
number and the host number. The network mask for any network can be deduced from the
Class of the addresses assigned on the network:
Network class
A
B
C
Network mask
255.0.0.0
255.255.0.0
255.255.255.0
105
Chapter 12.
IP Addressing and Routing
Vicomsoft
SoftRouter Plus
The network mask is a 32 bit binary number with a ONE at each bit in the Network part of
the address and a ZERO at each Node address bit.
Subnetting
WeÕve explained that an IP address consists of two parts, the host number and the network
number. This notion has been extended by the concept of subnets, which are introduced in
order to allow organizations to further subdivide their IP networks without computers
outside their network (e.g. on the Internet) being aware of it.
Subnetting simply splits a single large address range up into a number of smaller ranges. For
example, a Class C network address defines a single network with up to 256 host addresses.
By subnetting, this can be structured as, for example, 8 subnets, each with 32 host addresses.
Subnetting divides the host number field into two subfields: a subnet number and a true host
number on that subnet. The interconnected LANs within an organization will be given the
same network number but a different subnet number. This division will not be visible to
routers outside that network.
The division between the subnet part or the host address and the actual host part is
specified in local router configurations using a subnet mask.
TCP/IP Ports
Since TCP/IP is a multi-session protocol, a computer running TCP/IP might have several
connections (sessions) opened at once. In order to distinguish between these sessions, each
session is assigned a TCP/IP port number when it opens.
In order to use a TCP/IP service a computer needs to know both the IP address of the host
providing the service and the port number the service is located on. Most TCP/IP services
use a pre-defined port number referred to as a well known port. For example, FTP uses ports
20&21, Telnet uses port 23, SMTP uses 25, web uses 80 and so on.
106
Vicomsoft
SoftRouter Plus
Chapter 12.
IP Addressing and Routing
Subnet Mask
A subnet mask, taken together with the Network mask, divides an IP address into three
parts:
¥
¥
¥
The network number, defined by binary ONEs in both masks
The subnet number, defined by binary ONEs in the subnet mask and binary ZEROs in the
Network mask
The host number defined by binary ZEROs in both masks.
In the example above, a Class C network was divided up into 8 subnets, each with 32 host
addresses. The Network and Subnet masks for this case would be:
Network mask:
255.255.255.0
Subnet mask:
255.255.255.224
A simple rule for calculating the subnet mask for a Class C network is to make the last
number in the mask 256 minus the number of addresses per subnet, in this case 256 - 32 = 224.
256 /(divided by) X (the number of networks required)
= Y The number of machines you can have per Network.
then,
256-Y = The subnet mask.
256/8=32 machines per network.
256-32=224, this gives you the subnet mask 255.255.255.224
Every machine on your subnetted network must have the same subnet mask to work.
On simple networks with no subnetting the subnet mask is the same as the network mask. On
subnetted networks, local hosts and routers use the extra subnet masked bits to make local
routing decisions about which cable a host is on. The public Internet is unaware of these
subnet divisions and simply routes packets to the ÒboundaryÓ router or routers for the
network, based on its Network address only.
The SoftRouter Plus defaults the subnet mask to be the same as the Network mask, based on
the address class of a port.
TCP/IP Routing
Computers communicate over a network using a network protocol. The SoftRouter Plus works
only with the IP network protocol. This is the network protocol used on the Internet network
and supports a range of session layer protocols, including TCP and UDP. These, in turn,
support the application layer protocols such as HTTP for World Wide Web services, SMTP
and POP3 for electronic mail, FTP for file transfer and so on.
Data is transmitted over a network in a series of network packets. A packet contains the IP
address of the computer that sent the packet (source address) and the address of the
computer that is to receive the packet (destination address).
107
Chapter 12.
IP Addressing and Routing
Vicomsoft
SoftRouter Plus
The need often arises to connect several computer networks. The Internet is itself a series of
joined networks. A router connecting an office LAN to the Internet will have at least two
networks: the local network, such as Ethernet and the Internet network. The purpose of the
router (also known as a gateway) is to transfer packets between these networks.
Two computers on the same IP network communicate with each other directly and do not
involve a router. When they need to communicate with a computer on a different network,
they must pass the packets to an appropriate router or gateway.
Computers and routers maintain routing tables to help choose the next router for some
destination subnets or groups of subnets. To avoid having to remember the appropriate
gateway for every possible network number, most computers and routers have a default
gateway. This is the address of a router to which all packets destined for unknown
networks are sent.
Suppose we have a network like this:
Port 1 193.119.100.129
Vicomsoft
SoftRouter Plus
Internet
Port 2 192.168.1.254
Port 3 192.168.2.254
Computer B
192.168.1.2
Computer C
17.254.3.61
Computer A
192.168.1.1
Computer E
192.168.2.2
Computer D
192.168.2.1
Computers A and B are on a Class C network with no subnetting and a network (and subnet)
number of 192.168.1. They have host numbers of 1 and 2. They are accessing the Internet
through an Internet provider with an address of 193.119.100.129 (Class C network, subnet
number 193.119.100, host number 129). We also assume that computers A and B have their
default gatewayÊ set to 192.168.1.100.
Computer A talks to computer B directly since they are on the same subnet (192.168.1).
Computer A cannot talk directly to the service providerÕs host, because they are on a
different subnets. In this case it will send the packet to the SoftRouter Plus, which receives
it on port 1. The SoftRouter Plus will see that the packetÕs destination subnet number is the
same as for portÊ2 (193.119.100) and will forward the packet to that port.
Responses from the service providerÕs host are received on port 2. If they are addressed to
computer A or B, the router will notice that the packetÕs destination subnet number is the
same as for portÊ1 (192.168.1) and forward the packet to that port.
Default Port or Default Gateway
Most destination addresses on the Internet will not have the same subnet number as any port
on the local router, so a router has to be able to forward packets to other routers if it cannot
deliver them itself. The Default gateway provides this function if the router is
permanently connected to networks with fixed addresses.
108
Vicomsoft
SoftRouter Plus
Chapter 12.
IP Addressing and Routing
An example of this is illustrated on the previous page. When computer A wants to talk to
Internet host at 17.254.3.61, it finds that the destination has a different network number
and is therefore on a different network and sends the packet to the SoftRouter Plus. The
SoftRouter Plus looks for a port with the same network number (17) and fails to find one, so
it should send the packet to its Default Port or gateway/router.
However, in the case of the SoftRouter Plus, it may be disconnected from the Internet when
it receives a packet for delivery and it may not know the router address it will connect to
when it dials up the Internet Service.
To solve this, the SoftRouter Plus automatically makes the first NAT port the default port.
All packets with unknown destination network numbers are forwarded to this port.
Returning to the example above, network 17 is an unknown network as none of the ports have
this network number. The packet for host 17.254.3.61 will therefore be sent through port 2 as
it is the default port.
About Routing Tables
A routing table tells a router which path to use to reach a network not attached to it
directly. These tables may be necessary when more than one router is used and a router is
connected to more than one network. In this case a default port or default gateway may not
provide an effective or efficient solution. Here is an example:
202.1.1.110
Head
Office
Network:
202.1.1.0
202.1.1.1
Head Office
Internet Gateway
213.1.1.1
Network:
213.1.1.0
214.1.1.1
Network:
214.1.1.0
213.1.1.2
214.1.1.2
Branch Office 1
Internet Gateway
205.1.1.1
Branch Office 2
Internet Gateway
206.1.1.1
205.1.1.20
206.1.1.50
Branch
Office 1
Network:
205.1.1.0
Branch
Office 2
Network:
206.1.1.0
This example uses the standard notation of showing the host number as 0 to denote the
entire network. For example, Ò202.1.1.0Ó represents the class C network with
network/subnet number Ò202.1.1Ó, while Ò202.1.1.222Ó would be a host on that network.
109
Chapter 12.
IP Addressing and Routing
Vicomsoft
SoftRouter Plus
In order for a host on the 202.1.1.0 network to reach a host on the 205.1.1.0 network, the
packet must be routed through the head office SoftRouter Plus and through the branch
office 1 SoftRouter Plus. The 202.1.1.0 host would have its default gateway set to the head
office SoftRouter Plus, so it would send the packet to it. The head office SoftRouter Plus
does not have the 205.1.1.0 subnet attached to it, so it needs to know that 205.1.1.0 network
is reached via the branch office 1 SoftRouter Plus on its 213.1.1.0 network. This could be
achieved using default routing, but since we have a similar problem for the 206.1.1.0
network, we need to tell the head office SoftRouter Plus which specific route to use for each
network.
In this example each of the SoftRouter Plus could have a routing table with two entries:
SoftRouter Plus
Head Office
Head Office
Branch Office
Branch Office
Branch Office
Branch Office
1
1
2
2
Destination
Network
205.1.1.0
206.1.1.0
202.1.1.0
206.1.1.0
202.1.1.0
205.1.1.0
Route
213.1.1.2
214.1.1.2
213.1.1.1
213.1.1.1
214.1.1.1
214.1.1.1
In practice, since both branch office SoftRouter Plus use only one route, it is possible to mark
the 213.1.1.0 and 214.1.1.0 as default ports and the SoftRouter Plus would then not need a
routing table. However, since the head office gateway has two different routes, it must
have a routing table. Such a table can be created automatically or manually in the
SoftRouter Plus. The rest of this chapter describe these options.
110
Vicomsoft
SoftRouter Plus
Chapter 12.
IP Addressing and Routing
The SoftRouter Plus Routing Process
The SoftRouter Plus routes all packets by carrying out the following steps in order. The
SoftRouter Plus executes the next step only if a route has not already been found.
·
·
·
·
·
The SoftRouter Plus compares the network number of the packet with the network
number of each of its ports. The ports are searched in order from top to bottom as they
appear in the port list in the SoftRouter Plus Status window. If a port with the same
network number is found the packet is forwarded through that port.
The SoftRouter Plus searches the routing table for the network the packet is destined
for. If the network is found the packet is forwarded to the route/gateway specified in
the routing table. There can be multiple routing table entries for a network.
If a default port has been set, the SoftRouter Plus forwards the packet through that
port.
If a default gateway has been set, the SoftRouter Plus forwards the packet to that
gateway/router.
If all of the above steps fail, the packet is discarded.
Managing SoftRouter Plus Routing Information
Routing tables in the Vicomsoft SoftRouter Plus are only required if the SoftRouter Plus is
running on a network in which it is connected to at least one other IP router. They can be
built in two ways.
The simplest way to build routing tables is to set the SoftRouter Plus to use RIP (Routing
Information Protocol), in the SoftRouter Plus preferences, to build and maintain them
automatically. RIP is a standard protocol supported by most routers and used to exchange
information about the networks they are connected to.
Manual routing entries can also be set up. If there are manual entries, the SoftRouter Plus
will use these as well as or instead of, any entries discovered by the RIP process. This may
be necessary in a network where other routers do not use RIP or dial up links are used to
connect different Networks together by routers.
While the SoftRouter Plus is running, the current routing tables can be viewed by selecting
ÒView Routing TablesÉÓ in the File pull-down menu. The routes in use are listed, showing
the next router address for each network or subnet in the table and the Hop Count which is
known for that destination network. If the Hop Count is shown as 16 or more, the route has
been marked as unusable as a result of RIP communications.
111
Chapter 12.
IP Addressing and Routing
Vicomsoft
SoftRouter Plus
Routing Information Protocol (RIP)
The RIP protocol enables routing tables to be built and maintained automatically using
information received from other routing devices. The SoftRouter Plus can receive and use
RIP information and transmit it to other routers. RIP is needed only if you are operating a
SoftRouter Plus in a multi-router network.
To enable RIP, choose ÒPreferencesÓ from the Edit pull-down menu and select Network Tab.
If the ÒUse RIP protocolÓ check-box is checked it will start the RIP transmit and receive
processes. If there are other RIP compliant devices on the network, the SoftRouter Plus will
build a routing table automatically.
112
Vicomsoft
SoftRouter Plus
Chapter 12.
IP Addressing and Routing
Manual Routing Entries
Manual routing entries are useful for non permanent link, e.g. Dial up connections or WAN
(Wide Area Network) configurations. Routing entries can be configured by choosing
ÒRouting TablesÉÓ from the Network pull-down. The following window will appear:
Network: The address of the network that is reached via this route. On networks using a
subnet mask which is the same as the network mask the host number of the address should
always be 0. See previous subnet masks and network masks covered earlier in this chapter.
Via Gateway: The address of the router or gateway to which packets destined for this
entryÕs network will be forwarded. The address entered should be that of a router which is
on a network range the SoftRouter Plus has on one of its ports.
Hop Count: The number of routers/gateways the packet of data will travel through to get to
the destination network. This should not include the SoftRouter Plus itself.
113
13
Internet Filters
About this Chapter
This chapter explains how to use the Internet Filters functionality within the Vicomsoft
SoftRouter Plus.
Internet Filters within the Vicomsoft SoftRouter Plus allows the administrator to prevent
access to selected Internet sites. Access controls can be defined using any combination of User
Defined filters and Protocol Filters.
This is a centrally administered control mechanism. There is no requirement for any client
software agent and so the facility is platform independent. Client applications, including
web browsers, FTP and News readers, are denied access to these selected services by the
Vicomsoft SoftRouter Plus. The clients cannot bypass or override these controls.
Administering Internet Filters
This section describes the Internet Filters settings window, which is accessed by selecting
ÒInternet FiltersÓ from the ÒNetworkÓ menu. This will cause the Internet Filters window to
appear.
This section describes the Internet Filters settings window, which is accessed by selecting
ÒInternet FiltersÓ from the ÒNetworkÓ menu. This will cause the Internet Filters window to
appear.
The Internet Filters window has two views panels selected through the TABs at the upper
left of the window.
There are also four buttons at the bottom of the screen which will be visible, regardless of
which view is being displayed. The text in two of these buttons will change according to
the current status, hence there are six descriptions below.
Check Host: This will allow you to enter either the domain name or address of a host and
test it against the selected filters. A message will then be displayed showing whether
or not access to that host would be allowed.
Cancel: This will close the Internet Filters window, leaving all settings unchanged. If
changes have been made to any of the settings, the Cancel button will leaving settings
unchanged.
OK: This will close the Internet Filters window, implementing any changes that have been
made.
Apply: If changes have been made to any of the settings, they can be made by clicking this
button.
User Defined Filter
This section details how to create User Defined Filters. Use these filters or to create your
own custom filters based on any combination of host name ranges or IP address ranges.
The User Defined Filters can be enabled or disabled by clicking the User Defined Filter
Active check box.
115
Chapter 13.
Internet Filters
Vicomsoft
SoftRouter Plus
When User Defined Filters are disabled, the SoftRouter Plus permits all access attempts
except those specified by or the Protocol Blocks.
Two lists of host and domain name rules can be edited. On the left is a list for specific Host
Names to be Permitted or Prohibited. On the right you can enter host or domain names
containing one or more asterisk (*) characters to denote Wild Cards. A Wild Card entry
allows you to specify a range of host names that have any sequence of characters in place of
the asterisk.
Any entry, in either list, can be a numeric IP address or an alphanumeric string.
Each entry can be set to Permitted, Prohibited or Inactive by clicking its check box control.
This combination of facilities can be used to build powerful and complex filters.
In normal operation, the Vicomsoft SoftRouter Plus tests all new host name access attempts
against the defined rules in sequence and obeys the first one it finds that applies. The
specific Host Name list is scanned first. If there is no match in this list, the Wild Card
entries are checked in sequence from the top of the list. If no rule is found that explicitly
Permits or Prohibits an access attempt then the default rule applies.
In the example screen shown, Internet users are only permitted to reach the following hosts:
116
Vicomsoft
SoftRouter Plus
1
2
3
4
Chapter 13.
Internet Filters
no "www" server except www.apple.com
no site with ".guns" in the domain
any host in a .edu domain except ftp.badsite.edu
any host in a .com domain
Single new entries are made by clicking the Add button. This opens a new entry, where you
can type a string. The Enter button changes to Enter Text, click it or press the Enter or Return
key to put your new entry into the list. If you try to enter a wild card character in the
specific names list or a specific name in the Wild Card list, you will be asked if the entry
should be added to the appropriate list instead.
If you have a large number of rules to enter, click the Multi-Add button. After you complete
each entry, press return and a new one is opened for your next string. The "Enter" button
changes to Finish Entering. Click it to end the Multi-Add sequence.
The Remove button allows you to delete entries and the Edit button will allow you to
modify a selected entry.
As soon as you have modified the Internet Filters the OK button text changes to Save
Changes and the Cancel button text changes to Discard Changes.
The Wild Card list entries are scanned in sequence, so you must get them in the right order
to achieve the constraints you need. They can be selected and dragged individually or in
groups to change their order. Discontinuous selections will group together when dragged to a
new location in the list.
Use the mouse with the Shift key for continuous selections and with the Command key to
toggle separate entries into or out of the selection. Any change you make to one check box in
a multiple selection will be applied to all entries in the selection.
Help screens with brief explanations of filter rules can be displayed at any time by clicking
the ShowÊHelp button.
Once you have a set of rules that achieves the restrictions you require, click the Save
Changes button to save them into the Preferences file. You can export your filters to a file
using the Export button and import them using the Import button. In this way you can back
up your filters, maintain several alternative sets of filters or exchange sets with other
Vicomsoft SoftRouter Plus users.
Restricting Access by IP Address
Access to a site based upon its IP address can be restricted through the User Defined Filter
window. This can also be used to restrict access to complete networks, as well as individual
computers.
117
Chapter 13.
Internet Filters
Vicomsoft
SoftRouter Plus
Through the above example, access to all sites would be restricted with two exceptions.
1
2
The host at address 196.57.8.221 would be allowed.
Any computer with a network address starting with 157.149 would be allowed.
This can be useful when preventing access to all hosts except those on a company network or
for setting up an Extranet.
The two previous examples can be combined to form a comprehensive local barring list.
This example means that we have applied the following access rules to our site. If a rule is
satisfied, subsequent rules will be ignored.
1 All services on 196.57.8.221 are permitted.
2 All www sites are prohibited except for 196.57.8.221 and www.apple.com
3 All sites with GUNS in the name are prohibited except for 196.57.8.221
4 All .edu sites are permitted except for www services and ftp.badsite.edu.
5 All .com sites are permitted but not for www services except for 196.57.8.221 and
www.apple.com
6 All services on any host with an address starting with 157.149 are permitted except for
www services and sites with GUNS in the name.
7 All other services are prohibited.
118
Vicomsoft
SoftRouter Plus
Chapter 13.
Internet Filters
There are also four buttons at the bottom of the screen which will be visible, regardless of
which view is being displayed. The text in two of these buttons will change according to
the current status, hence there are six descriptions below.
Show Help: This will change the window display to show help information on the current
view.
Check Host: This will allow you to enter either the URL name or address of a host and test
it against the selected filters. A message will then be displayed showing whether or
not access to that host would be allowed.
Cancel: This will close the Internet Filters window, leaving all settings unchanged.
Discard changes: If changes have been made to any of the settings, the text within the
Cancel button will change to read ÒDiscard ChangesÓ. This will close the window as
with the Cancel button, leaving settings unchanged.
OK: This will close the Internet Filters window, implementing changes.
Save changes: If changes have been made to any of the settings, the text within the OK
button will change to read Save Changes'. The window will then close implementing
changes.
Barred Web Redirection IP Address
If a user attempts to access a barred site through their web browser, it will be redirected to
a specific page that can display a message indicating why the connection has been rejected.
The default web page is displayed as follows.
If preferred the barred web redirection IP address can be set to point to another web site by
specifying the new IP address in the edit box. For example, you can use an internal Personal
Web Server (PWS) with a static IP address.
If an address of 0.0.0.0 is specified, the user will receive a standard message from their web
browser indicating that the site cannot be found.
Protocol Filters
119
Chapter 13.
Internet Filters
Vicomsoft
SoftRouter Plus
The protocol blocks restrict access to selected services based upon their Internet Protocol port
number.
120
Vicomsoft
SoftRouter Plus
Chapter 13.
Internet Filters
The following list describes some protocols that are well known and can be barred, their
Internet description and the standard port numbers associated with each.
Protocol
News
File Transfer
Web
Terminal
Mail
Chat/phone
Description
nntp
ftp
http
telnet
smtp/pop3/uucp
irc
TCP/IP Port
119
20 & 21
80
23
25/110/117
194
Web Caching Servers
If your Internet Services Provider (ISP) has implemented a web caching server and the
client browser is configured to use the facility, the Internet Filters may not work in the way
that is expected. This is because caching servers do not work on a standard TCP/IP port and
this port number can vary between individual ISP's.
If you are connecting through a service that uses a web caching server, you have one of the
following options to ensure that your Internet Filters are effective.
1
2
Prevent access to the Web Caching Server by barring the address in the User Defined
host access rights section.
Rely upon your ISP to police the content of their own caching server.
If in doubt, conduct some testing from a number of computers in your Network and satisfy
yourself that your Internet Filters are performing as expected.
121
Vicomsoft
SoftRouter Plus
14
Chapter 14.
Multihosting
Multihosting
About this Chapter
The current Mac OS Open Transport implementations only permit a single IP address to be
used by applications running on a Macintosh. Users wishing to host multiple Web servers on
a single computer therefore require a means to map multiple destination addresses to a
single Web server address and to forward information about which actual server was
requested by the client.
This function is frequently referred to as ÒMulti-HomingÓ, as this term more specifically
refers to the ability of a single host to respond to multiple IP interfaces, Vicomsoft has
chosen to use ÒMultihostingÓ to describe this function.
The SoftRouter Plus provides a transparent method for doing this which is independent of
Web Server or Web Browser capabilities.
This chapter explains how the facility works and how to set it up.
How Does SoftRouter Plus Multihosting Work?
The two methods currently in use to provide Multihosting on Macintosh-based Web Servers
are:
¥
¥
Redirection: A front-end application sends back a redirect instruction to the browser,
telling it the real address to send its request to.
The Host: A field in a web page request can be used within a web server to direct
requests to specific directories within the server.
The first option results in web browser redirection, which some users of web hosting services
find unacceptable. The second requires that the web browser implements the Host field and
that the web server can detect and respond to it. The SoftRouter Plus redirects requests in
transit, so that the browser is not aware of the redirection. The server does not need to do
anything and no special capabilities are assumed in either browser or server.
The SoftRouter Plus Multihosting option maps selected destination addresses to one or more
different addresses on a different network or subnetwork. For web server addresses, it can
simultaneously insert a directory path name into the destination URL for an HTTP GET or
HEAD packet. You can also specify a default page file name to be inserted for each
translated IP address. The SoftRouter Plus also translates the Server address in packets
returning to the client to maintain the TCP/IP transaction integrity.
You can therefore use this facility to map IP addresses to real or virtual hosts in your
network.
123
Chapter 14.
Multihosting
Vicomsoft
SoftRouter Plus
Caution:
It is a requirement that all packets between the browsers and the web servers MUST pass
through the SoftRouter Plus in both directions in order for Multihosting to operate. There
can be no direct or alternative route that bypasses the SoftRouter Plus. This applies equally
to local access and Internet access, as the web serverÕs addresses and absolute URLs are only
valid if they pass through the SoftRouter Plus. It is therefore necessary to set web servers
up to route all their traffic through the SoftRouter Plus. Alternatively, the web server can
be co-located on the SoftRouter Plus machine, so that all traffic must transit the SoftRouter
Plus on its way to and from the Server.
Multihosting Setup
To set up a Multihosting web server that allows users on both the Internet and internal
network to be used you need at least two valid public Internet IP addresses which are DNSmapped to web server names in registered domains. One IP address is allocated to the
SoftRouter Plus, the other IP address(es) are used to access the different areas of the multihosting web server.
The SoftRouter Plus can be configured to redirect packets with these destination addresses
to one or more real server addresses and optionally to specify a directory path and/or home
page for each. To configure the Multihosting facility, you can use the built-in set-up
window or you can import the information as a text file.
To open the set-up window, select the Multihosting item in the Network pull-down menu
(ensure that you are in Advanced User Mode).
To create a new entry, click the New Address button. You can then edit the following fields
by using the tab button to switch between them:
Active: This allows you to select if the entry is active and being routed or not.
IP Address: This is the IP address at which the Server will be reached from the Internet.
You will normally set up your DNS so that a suitable host name will resolve to this
address.
Server Address: This is the actual, local IP address of the Server that will receive the
incoming packets sent to ÒIP AddressÓ.
Server Prefix: This is the directory path name that the web server needs to get to the actual
root directory for this virtual server. It can be left blank if this server has the same root
directory as the main web server. If you enter a Prefix, it should be in the format
/directory_path/. i.e., it must include the slash characters. See examples below.
Vicomsoft
SoftRouter Plus
Chapter 14.
Multihosting
Server Home File: You can enter the file name to be used as the default page for this server.
This allows a single root directory to contain home pages for multiple virtual sites. Your
web server may not need you to enter the exact web page to be shown if accessing a directory.
The check box to the left of each entry allows you to enable or disable this item. It defaults
to ÒEnabledÓ.
Click ÒEnterÓ or ÒNew AddressÓ to complete the entry. To modify an existing entry,
highlight it and change the fields. When you have finished setting up Multihosting, click
OK. Changes can be made at any time without stopping the SoftRouter Plus and they will
become effective as soon as they are entered.
The screen-shot on the previous page illustrates the following example configuration:
A Web Server at 194.196.57.33 supports two virtual web sites located in two different
folders, ÒfirstcoÓ and ÒsecondcoÓ, which are both located in a folder called ÒwebpagesÓ.
These web sites are reachable at public IP addresses: 194.196.57.34 and 194.196.57.35
respectively.
In this scenario the Web Server is running on the same computer as the SoftRouter Plus,
using the Internet NAT portÕs address. The NAT port is set to the actual IP address 194.196.57.33.
The Multihosting entries are:
IP Address
194.196.57.34
194.196.57.35
Server Address
194.196.57.33
194.196.57.33
Server Prefix
/webpages/firstco/
/webpages/secondco/
The ÒServer Home FileÓ field has been left blank as some web servers will present a
ÒdefaultÓ web page to requests made to directories.
The Multihosting information is stored in a text file in the Vicomsoft Settings Folder inside
the Preferences folder in your System folder. The file is called ÒMultihosting SetupÓ and it
can alternatively be created or edited using any text editor. The format required is as
follows:
The format of each entry is:
<enable> <multihosted address> - <server address> <server prefix> <home file>
<enable> is ÒYÓ to enable the entry or ÒNÓ to disable it
<multihosted address> is the address to multihost (e.g. 194.196.57.16)
Ò-Ó is required and is here for future expansion
<server address> is the address of the server that will serve this address
<server prefix> is the location of html files on the server for this address
<home file> is the name of the home file for the multihosted address
The last two fields are not mandatory and should be replaced by Ò-Ó if they are empty.
The fields should be separated by one or more spaces or TABs. A semicolon (Ò;Ó) can be
inserted at the start of a line to define the line as a comment.
125
Chapter 14.
Multihosting
Vicomsoft
SoftRouter Plus
; An example Multihosting Setup file
Y 194.196.57.35
194.196.57.33
Y 194.196.57.34
194.196.57.33
N 194.196.57.36
194.196.57.33
/webpages/secondco/
/webpages/firstco/
-
-
Multihosting on a different Server
In this scenario the web server is running on a different computer to the SoftRouter Plus, so
the SoftRouter Plus may have an NAT port set to the actual IP address - 194.196.57.33, but
will redirect requests for 194.196.57.34 and 35 to a web server at on the internal Ethernet
network at the address of 192.168.1.200.
The Multihosting entries are:
IP Address
194.196.57.34
194.196.57.35
Server Address
192.168.1.200
192.168.1.200
Server Prefix
/webpages/default0/
/webpages/default1/
The ÒServer Home FileÓ field has been left blank as some web servers will present a
ÒdefaultÓ web page to requests made to directories.
In this case the server at 192.168.1.200 will have its Routing setup so that all traffic returns
to the SoftRouter Plus computer. This completes the loop, as all redirected traffic must flow
through the SoftRouter Plus for Multihosting to work.
15
The Vicomsoft Administrator
Console
About this Chapter
This Chapter describes the Vicomsoft Administrator Console option that can be purchased
along with the SoftRouter Plus. If you have not purchased this option, then please
disregard this chapter.
Remote Management
The Vicomsoft SoftRouter Plus now includes an Administrator Console feature. This will
allow you to remotely change and adjust your SoftRouter Plus settings from any machine on
the Local Network or even from a location on the Internet.
This will be contained in a separate installer, so you can install the Administrator Console
on to any machine that you may wish to control the SoftRouter Plus from. Copies of the
Vicomsoft Administrator Console can be downloaded from the Vicomsoft web site at:
http://www.vicomsoft.com/
This installer will install a Vicomsoft Administrator Console folder, this folder will
contain a single file called the Vicomsoft Administrator Console.
When launched you will only be presented with a ÒFileÓ menu. When you select "ConnectÓ
you will be prompted to enter the IP address of the SoftRouter Plus and your user name and
password.
The username and password must be entered into the Vicomsoft users menu. You then have
two options that you can set for a user, you can allow the user to see the SoftRouter Plus by
selecting Can See. You can also allow the user to see and manage the SoftRouter Plus by
selecting both Can See and Can Manage.
When connected the Status screen for the Internet Gateway or SoftRouter Plus that yuo are
connected to will be displayed. This Status window shows a PC Admin console connecting to
an Internet Gateway running on a Macintosh.
127
Chapter 15.
The Vicomsoft Administrator Console
Vicomsoft
SoftRouter Plus
All the Preferences will work and be displayed as normal. Those commands that for the
Local display only will be displayed as local options. The only Local only Options are
Local Display and Local User mode.
Security for Remote Management
Set User Interface Password: Adding password protection prevents inadvertent or
unauthorized modification of the SoftRouter Plus configuration. When an Administration
password is set, any attempt to change the SoftRouter PlusÕs operational state will be
intercepted with a password challenge. Activity status can still be viewed even when a
password has been set.
Vicomsoft
SoftRouter Plus
Chapter 15.
The Vicomsoft Administrator Console
To remove the administration password, leave blank entries in the edit boxes.
UI Lock Timeout: This is the length of time the User Interface will stay unlocked, once this
time has passed you will need to enter the password before you can edit any of the settings.
The password control will not take effect until after the current management session has
been closed or Lock User Interface has been selected from the ÒFileÓ menu. The following
screen shot shows the locked interface display.
Enable Remote Management: Setting this check box allows you to connect from a remote
computer. If you leave the options below unchecked, then any valid user can connect the
SoftRouter Plus from an IP address.
Allow Remote Access from any directly connected client: Setting this option means that the
SoftRouter Plus can only be controlled by a directly connected client.
Allow Remote Access from the specified IP address ranges: This option allows you to set
specific IP address ranges for controlling the SoftRouter Plus remotely.
129
16
Troubleshooting
About this Chapter
TCP/IP networks are notoriously difficult to set up and operate. Vicomsoft seeks to reduce
the complexity of the process wherever possible. When the SoftRouter Plus does not work
as you think it should, ask some basic questions:
¥
¥
¥
¥
¥
If it never worked, are you sure you followed the installation steps in this
Guide?
Have you followed the Online Help from the Help menu?
Was it working before? Check what you did that stopped it.
Is your Internet Service operating?
If these steps do not solve the problem, read this chapter.
Help is also provided in the Vicomsoft SoftRouter Plus Read Me installed with the
Software. Vicomsoft also has a Support Area on our Web site, where we maintain tutorials,
technical notes, answers to Frequently Asked Questions and a Support Request form.
http://www.vicomsoft.com/support/
Testing the SoftRouter Plus
This section is also available in the Online help section provided with the SoftRouter Plus.
To view the online help, select Vicomsoft Help from the Help menu option and it will be
presented to you in your default browser. You will then be able to click on the links to take
you through the testing process.
Modem, ISDN Card and ISDN TA users should start from step 1.
xDSL, Router or Cable modem users should proceed to step 7.
Modem Users
1. Highlight the NAT Port and select Connect in the Ports pull-down menu. If you are using
a modem, you should hear the modem dial. After a while you should see "Connected"
alongside the NAT PPP port in the SoftRouter Plus's main status window. If so, proceed
to step 9.
2. Highlight the NAT PPP Port and select Reset Port in the Ports pull-down menu. The
modem, ISDN card or TA has failed to connect to the Internet correctly, therefore we
need to find out why. To do this, highlight the NAT PPP Port and select Trace Port in
the Ports menu. Then select Connect in the Ports menu, the trace window will show the
connection process.
3. If you see "Dialling out" and no more messages, the modem or ISDN device does not
appear to have dialled or the ISP has not answered the call. Check the modem or
ISDN TA is plugged in/connected correctly. Check the phone number you have entered.
If you are using an ISDN card or ISDN TA which does not use the Apple Modem Tool or
Modem Control panel, check that the ISDN tool is configured correctly.
131
Chapter 16.
Troubleshooting
Vicomsoft
SoftRouter Plus
4. If you are using PAP to log into your ISP and you see "login name or password failed"
appear in the trace window, please re-enter your user name and password into the
SoftRouter Plus. Check with your ISP that the username and password you are using is
correct.
5. If you are using a login script and you see "Waiting for xxxxxx", it means that the login
script is set-up to wait for some text which is never received. Check the login script and
confirm with your ISP that it is correct.
6. If you see "Config_Req" constantly, it means that the SoftRouter Plus and the ISP cannot
get a good enough PPP connection. Read Chapter 7, Troubleshooting, in the SoftRouter
Plus User Guide.
xDSL , Router and Cable modem users
7. With a cable modem and a static IP address turn the SoftRouter Plus On to connect, then
move to step 9.
8. With an xDSL , Router or Cable modem and a dynamic IP address, when you turn the
SoftRouter Plus on, your port should turn from Dynamic to an IP address. If not check
your port setup and try again. If you still do not get assigned an IP address, read
Chapter 7, Troubleshooting, in the SoftRouter Plus User Guide.
All Users
9. Once you are connected, select "Ping Host" from the File menu. The default address of
195.224.200.2 is the IP address of an Internet server based at Vicomsoft. Press the start
button. The SoftRouter Plus will send 5 "pings" to the remote host. If all is OK, the
remote host will send back 5 pings in return which the SoftRouter Plus will receive. If
you get the message "Received after x seconds", proceed to step 12.
10. If Ping Host fails, it means the SoftRouter Plus can not see the Vicomsoft Internet server.
Enter the IP address of your ISP's Domain Name Server into the Ping Host box and press
the start button again. If that works, a problem on the Internet maybe preventing you
from reaching Vicomsoft's Internet server, proceed to step 12.
11. xDSL , Router and Cable modem users with a staticly assigned IP address should try to
ping the IP address of the default Gateway they have been told to use and have
entered into the Default Gateway option within the SoftRouter Plus's preferences. If
you are an xDSL , Router or Cable modem user with a dynamic IP address, go to the
Default Gateway option and you should see an IP address in that box. Can you ping that
address correctly? If the default Gateway IP address cannot be pinged check with your
ISP what address you should enter into that box. Read Chapter 7, Troubleshooting, in
the SoftRouter Plus User Guide.
12. Launch a web browser on the SoftRouter Plus machine and enter a web server address
(e.g. www.vicomsoft.com). If you receive a web page, proceed to step 14. If not, try
entering an IP address in place of a web address, (i.e. 195.224.200.2). Do you get
Vicomsoft's web page? If so check your Name Server Address entry in the
Preferences/Network tab, it may be wrong.
13. Open Transport is not communicating to the SoftRouter Plus correctly. Check that you see
icon in the status window ports list. If not read Chapter 7,
a port with a
Troubleshooting, in the SoftRouter Plus User Guide.
14. You can access the Internet from the SoftRouter Plus machine. You now have to set-up
the client machines.
Vicomsoft
SoftRouter Plus
Chapter 16.
Troubleshooting
133
Chapter 16.
Troubleshooting
Vicomsoft
SoftRouter Plus
Modem Problems
When using the Modem control panel, it is important to choose the right CCL modem script.
If your modem script does not appear in the list, you may have to use the Apple Modem Tool
and enter a custom INIT string for your modem.
For speeds of 9,600 bps and above it is essential to have a hardware flow control cable and
for ÒDTR & CTSÓ flow control to be enabled.
When using the Apple Modem Tool, if your modem does not appear in the list select ÒHayes
CompatibleÓ instead. Specific initialization strings may also be required for certain
combinations of modems and Service Provider equipment.
If a modem appears to be ÒhungÓ try resetting the port. If problems still occur, refer to the
manual that came with the modem or contact Vicom Technical Support for assistance.
AppleTalk(MacIP) Problems
LocalTalk interferes with high-speed serial connections. It may be necessary to get a
separate serial card to drive a modem; see ÒPerformance ConsiderationsÓ below for more
details.
Login Problems
If the modem connects but the SoftRouter Plus cannot log in, check that the login sequence is
correct. Tracing a port can be very helpful in tracking down login problems.
Tracing Ports
The Trace window is used to monitor the traffic through a port. This is particularly useful
when trying to solve login problems, as you can see the login sequence. If a login fails, the
Trace window will indicate the reason such as time-out, waiting for prompt or wrong
username and password, etc.
Only use the Trace window for diagnostic purposes as it will slow the SoftRouter Plus down
substantially during normal operation.
To open a trace window for a port, select the port and choose ÒStart Tracing PortÓ from the
ÒPortsÓ menu. The Trace window looks like this:
Vicomsoft
SoftRouter Plus
Chapter 16.
Troubleshooting
The title of the window shows the name of the port. The list displays packets going
through the port and any messages generated by the SoftRouter Plus. The Login Monitor is
shown for the dial up port and displays the data exchanged during the connection phase.
Note: If you find that you keep getting LCP_Config_REQ, repeated in the Trace window,
you should try changing your Framing and/or your MTU value, see Chapter 6, Customizing
the SoftRouter Plus.
Problems with Internet or Local Hosts
If you can connect to the Internet Service Provider but are not able to reach Internet servers,
check that you are using the correct Domain Name Server address in the name server
Address field in the Preferences of the SoftRouter Plus.
If your client computers cause the SoftRouter Plus to dial out and connect to your ISP and
seem to get a response but no web page, check and make sure that your Internet connection
port is setup to be an NAT port, i.e. make sure that NAT is selected in the General Tab,
Network Properties of your dial out port.
If your client computers cannot communicate through the SoftRouter Plus, check the client
setup.
You can use ÒPing HostÓ in the ÒFileÓ menu of the SoftRouter Plus to investigate these
problems further.
Pinging Hosts
The SoftRouter Plus includes a useful diagnostic tool called ÒPINGÓ. This allows you to send
an echo request (ping) packet to an IP address and check to see if it responds.
With the SoftRouter Plus running and connected to the Internet, use ÒPing HostÓ in the
ÒFileÓ menu to open the Ping window.
The SoftRouter Plus defaults to the address of a Vicomsoft Internet Server you can use to
verify that you can access Internet services. Click ÒStartÓ. As each ping is sent, the
SoftRouter Plus will display ÒSent, waiting for replyÓ. If the SoftRouter Plus can reach
Vicomsoft the message will change to ÒReceived after x.xxx secondsÓ. If not, the message
will change to ÒTimed OutÓ after about 15 seconds.
If this works, use Ping to check that the SoftRouter Plus can reach a Domain Name Server
or a web site. Enter the IP address of the Domain Name Server for your Service Provider or
a web site name in the ÒHost nameÓ field and click ÒStartÓ. You can also use Ping to check
that Client computers can be reached.
135
Chapter 16.
Troubleshooting
Vicomsoft
SoftRouter Plus
Note: A Macintosh Client will usually only echo a Ping if a TCP/IP application such as a
Web Browser has been launched on it.
The correct
Port
Because Open Transport must always have an IP address, the SoftRouter Plus attaches
itself to one of the GatewayÕs port addresses for this purpose. The SoftRouter Plus computer
then assumes the IP address of that port. The SoftRouter Plus automatically configures your
TCP/IP control panel when launched.
The SoftRouter Plus marks the port with
in the Status window ports list. You can change
the attached, when in advanced mode, port by highlighting the port whose address you
wish to use and selecting ÒMacÕs Current TCP/IP AddressÓ from the ÒPortsÓ menu. Note that
you may have to quit and restart any currently running TCP/IP applications while doing
this.
SoftRouter Plus must be loaded and turned on before any Server application is loaded,
because it must get its IP address from the SoftRouter Plus.
TCP/IP on the SoftRouter Plus machine must be set to load only when needed, otherwise
nothing will work as expected.
Performance Considerations
Serial ports on some earlier Macintosh models do not work well with speeds above 9,600
bps. The processor on these models is not fast enough to handle the amount of incoming
traffic, so some data is lost.
An additional problem arises when LocalTalk is used. Since LocalTalk is driven by the
same chip as the serial port, it interferes with reception of incoming data. This is caused by
any LocalTalk activity, such as File Sharing, Printing or using E-mail. Serial speeds above
9,600 bps cannot be used on low performance systems if the SoftRouter Plus is configured for
LocalTalk. Please note that more recent Macintosh models do not usually suffer from these
limitations.
Serial port speed limitations can be solved by using a separate serial card such as a
ÒHurdlerÓ from Creative Solutions Inc. or ÒSmart SerialÓ, for PCI machines, from Keyspan
Inc.
Any other processor-intensive or network-intensive task, such as file sharing or a mail
server, will slow down the SoftRouter Plus. In extreme cases this may cause the client
computers to time out and lose connections.
A
Manual Client Configuration
About this Appendix
Client computers must be set up so that they can use the SoftRouter Plus when they need to
connect to the Internet. All client computers need to have three items of information to be
able to use the Internet. These are:
1. A unique IP address for the client computer.
2. An IP address of a Domain Name Server (usually your Internet ProviderÕs DNS).
3. The IP address of a default router or gateway.
The above information can either be set up automatically, using the DHCP Server or
manually for each client.
The SoftRouter Plus QuickStart Guide described how to do this assuming you are using the
DHCP Server function. This is the recommended method wherever possible, as it removes
the need to set each computer up manually with all the correct host and router address
information. It ensures that client addresses are unique and it recovers them automatically
when computers are removed from the network.
However, there are many reasons why a computer might need a fixed IP address: for other
computers on the local area network to access it via its IP address, for administrators to
utilize the logging function and/or the Host Access Rights from within the SoftRouter Plus
or if youÕre running an Internet server such as a web or email server on your local area
network.
This Appendix describes Mac, Windows and Unix system configuration. Please use this
information in conjunction with the documentation provided with your client equipment and
its TCP/IP software.
137
Appendix A.
Manual Client Configuration
Vicomsoft
Internet Gateway
Setting up Macintosh Open Transport Clients
1.
Launch the TCP/IP control panel.
2. Configure your control panel as follows:
¥ Connect via ÒEthernetÓ for Ethernet cabling or ÒMacIPÓ for LocalTalk cabling.
¥ Configure ÒManuallyÓ.
¥ Enter the static IP address for this computer (it must be in the same network range as
your LAN port if you want the computer to remain behind the firewall - i.e.,
192.168.1.150 if the LAN port has an IP address of 192.168.1.254)
¥ Enter the appropriate Subnet mask (for the address above, the subnet mask would be
255.255.255.0; refer to the chapter on IP Addressing and Routing for more information on
subnet masks).
¥ In the Router Address field, enter the IP address of the LAN port, e.g. 192.168.1.254.
¥ Your DNS address, if you are using the SoftRouter PlusÕs DNS Server it will be
192.168.1.254. If you are not using the SoftRouters DNS Server, enter your ISPÕs DNS
addresses should be entered in the Name Server Address box.
No other data should be entered in the control panel.
Vicomsoft
Internet Gateway
Appendix A.
Manual Client Configuration
Setting up Macintosh MacTCP Clients
1.
Launch the MacTCP control panel
2.
In the first window, select LocalTalk, Ethernet or the appropriate cabling scheme for
your network.
Click More to open the second window.
3.
4.
5.
6.
7.
Obtain Address Manually.
In the Gateway Address box, enter the IP address of the LAN port on the Gateway (i.e.,
the IP address LAN port).
In the Domain Name Server Information field, enter a dot Ò.Ó in the Domain box and
enter your ISPÕs DNS address in the IP Address box and set it as the Default.
Click OK.
8.
Back in the first window, enter the static IP address for this Mac (it must be in the same
network range as your LAN port if you want to use the SoftRouter Plus - i.e.,
192.168.1.101 if the LAN port has an IP address of 192.168.1.254).
9. Close the control panel.
10. Restart the computer.
139
Appendix A.
Manual Client Configuration
Vicomsoft
Internet Gateway
Setting up Windows 95/98 Clients
1
Open the Network Control Panel. Double-click on ÒTCP/IPÓ in the network component
list. Click on IP Address tab:
2
3
Select ÒSpecify an IP address:Ó.
Enter your IP address. The address should be provided by your network administrator.
The network number of the address must be same as the network number of the
GatewayÕs Ethernet or Token Ring port.
The ÒSubnet mask:Ó field should be set to Ò255.0.0.0Ó for class A networks, Ò255.255.0.0Ó
for class B networks and to Ò255.255.255.0Ó for class C networks. Please see Chapter 9 on
Routing for further explanation of network classes.
Click on the Gateway tab:
4
5
6
Enter the GatewayÕs IP address. Click ÒAddÓ to insert the entry as the first item in the
Installed Gateways list.
Vicomsoft
Internet Gateway
Appendix A.
Manual Client Configuration
7
Click on the DNS tab:
8
Select ÒEnable DNSÓ. Add the Domain Name Server IP address to DNS Server Search
Order list. This address should be supplied by your Internet Service Provider.
Restart the computer. The SoftRouter Plus should now be accessible.
9
141
Appendix A.
Manual Client Configuration
Vicomsoft
Internet Gateway
Setting up Other Windows Clients
TCP/IP setup procedures vary according to the software installed. The following is a
typical example, based on Netmanage NEWT:
1
On a client NEWT computer select the ÒIP AddressÓ item from the ÒHardware...Ó
window in the ÒCustomÓ application. Enter your assigned IP address and click ÒOKÓ.
2
Select the ÒDefault gatewayÓ item from the ÒServicesÓ menu of the ÒCustomÓ
application. Enter the GatewayÕs IP address.
3
Select the ÒDomain Servers...Ó item from the ÒServicesÓ menu of the ÒCustomÓ
application. Enter the domain name server address as provided by your Internet Service
Provider.
4
Restart the computer. The SoftRouter Plus should now be accessible.
Vicomsoft
Internet Gateway
Appendix A.
Manual Client Configuration
Setting up Unix Clients
Because of the wide range of Unix versions and Command Line and Graphical user interface
shells in use, it is beyond the scope of this guide to provide detailed information on
configuration of these systems. If you are installing a new Unix system, refer to its
installation instructions to set up the addresses. Some general guidance is provided below
for adapting existing installations to use the SoftRouter Plus.
Typically, an existing Unix computer will already have an IP address. The most likely
change you will have to make when you install the SoftRouter Plus is to add a routing table
entry to define the SoftRouter Plus as its default router.
The following command (or an equivalent) will show the existing routing table:
netstat -nr
The first two columns in the routing table (Destination and Gateway) are the items that are
the most important. There should be an entry such as Ò0.0.0.0Ó in the Destination column
and it is necessary to edit this entry to set the SoftRouter PlusÕs address in the Gateway
field.
To add an item manually to the routing tables, your system will provide a command such as
ÒrouteÓ. The format of this command will be something like this:
route add 0.0.0.0 [SoftRouter Plus Address] [hop count]
Enter the appropriate command, using the SoftRouter PlusÕs internal IP Address and setting
the hop count to 1.
Once you have tested it successfully you should add this command to the systemÕs start-up
file. This file will probably be found in the Ò/etcÓ directory and the file name will start
with ÒrcÓ. Insert the tested route command to the start-up file to execute it every time the
Unix computer is started.
143
B
AppleScript Commands
About this Appendix
The Vicomsoft SoftRouter Plus now supports AppleScript, this allows the user full control
over the SoftRouter Plus.
The SoftRouter Plus supports Apple's Required set of AppleScript Commands:
open: Open the specified object(s)
open alias -- list of objects to open
print: Print the specified object(s)
print alias -- list of objects to print
quit: Quit application
quit
run: Sent to an application when it is double-clicked
run
145
Appendix B.
AppleScript Commands
Vicomsoft
Internet Gateway
AppleScript, SoftRouter Plus Commands
The SoftRouter Plus now supports the following AppleScript Commands;
GetPortIPAddress: Gets the IP address of the named or indexed port
GetPortIPAddress string -- Name or number of the port to get an IP address for
Result: string
GetMaxUsers: Returns the maximum number of users allowed to use the NAT port.
GetMaxUsers
Result: integer
DisconnectUser: Disconnect a user from an NAT port
DisconnectUser string -- Username or ip address to disconnect
fromport string -- The name or address of the port from which the user should be
disconnected
GetUserList: Returns a list of users and timeouts for a port
GetUserList string -- Name or number of the NAT port from which to get the user list
Result: list -- A list of usernames or IP addresses with associated timeouts
GetDHCPList: Returns a list of DHCP hardware addresses, usernames and timeouts
GetDHCPList
Result: list
GetNumUsers: Get the number of users currently using the NAT port
GetNumUsers
Result: integer
MakeDefaultPort: Makes the specified port the default
MakeDefaultPort string -- Name or number of the port to make the default
GetPortList: Returns the list of port names
GetPortList
Result: list
StopPort: Stops a port
StopPort string -- Name or number of the port to stop
StartPort: Starts a port
StartPort string -- Name or number of the port to start
ResetPort: Resets a port
ResetPort string -- Name or number of port to reset
OpenConnection: Opens connection on a port
OpenConnection string -- Name or number of port to dial
StartRouting: Starts routing
StartRouting
StopRouting: Stops routing
StopRouting
GetPortStatus: Gets the current status message for a port
GetPortStatus string -- Name or number of port to get status
Result: string
Vicomsoft
Internet Gateway
Appendix B.
AppleScript Commands
IsPortConnected: Determines if a port is connected to a remote host
IsPortConnected string -- Name or number of port to check
Result: integer
1 = Connected
0= Not connected
IsPortConnecting: Checks if a port is currently connecting
IsPortConnecting string -- Name or number of port to check
Result: integer
1 = Connecting
0 = Not connecting
147
C
Legal and
CommercialÊMatters
Legal Matters
License
The purchase price of the software includes a personal non-exclusive license for the
person/company purchasing the license to use or install the program and associated files for
their own purposes, on ONE Macintosh computer at one time.
The license does NOT include the right to make any copies of the program and files for any
purpose other than backup or to have the program installed on more than one Macintosh at
one time. No copies of all or portions of manuals are to be made. Any copies of software or
installation on more than one hard disk or copies of manuals (or portions thereof) shall
constitute a breach of copyright and shall be dealt with to the fullest extent of the
applicable law.
The word ÒbackupÓ means a copy for the licenseeÕs own personal security in the event of
failure of the disks provided by Vicomsoft Technology Limited. The licensee undertakes not
to transmit any copy of his backup to any third party, whether for sale or otherwise. Any
such unauthorized transfer shall constitute a breach of license and copyright.
Should the licensee desire to transfer his license to use the software to a third party, he
shall firstly obtain the consent in writing of Vicomsoft Limited which consent shall not be
unreasonably withheld. Licensees requiring copies of Vicomsoft software to run on multiple
CPUs should contact Vicomsoft to obtain details of quantity discounts and site licenses.
Warranty
Should the supplied disks fail, for reasons of defect in material within 12 months of
purchase and registration, Vicomsoft will replace such failed disk for the Registered
Owner free of charge.
Notwithstanding the above, Vicomsoft shall not replace or be obliged to replace any disk if
it has failed as a result of misuse.
Disclaimer Fitness For Particular Purpose
Vicomsoft makes no representations or warranties of any kind whatsoever with respect to
the software or the contents thereof, other than that herein set out and specifically
disclaims warranty for fitness for any particular purpose. Vicomsoft shall not be liable for
errors contained in the software or herein or for incidental or consequential damages in
connection with the furnishing, performance or use of the software or the manuals.
Changes to Software or Documentation
Vicomsoft reserves the right to revise the software and/or the User Guide and to make
changes in the content thereof, without the obligation to notify any person of such changes.
Trademarks Acknowledged
149
Appendix C.
Legal and CommercialÊMatters
Vicomsoft
Internet Gateway
All trademarks, Service Marks and the like owned or used by third parties and mentioned
in this guide are hereby acknowledged.
Commercial Matters
Technical Support
Vicomsoft shall provide technical support via Email or by telephone, only to bonaÊfide
licensees of Vicomsoft software who have completed, signed and returned their Warranty
Registration forms.
Upgrades
From time to time Vicomsoft issues upgrades to the Vicomsoft software. These upgrades
shall only be available at special discount prices to bona fide licensees of Vicomsoft who
have completed, signed and returned their Warranty Registration forms.
Feedback
Vicomsoft have been creating communications products since 1985. Many people have
provided input which has contributed to the many improvements and enhancements.
Input from users, corporate support departments, VARs and dealers regarding future
improvements and enhancements, is actively encouraged and gratefully accepted.
D
Vicomsoft SoftRouter Plus
Worksheet
Vicomsoft SoftRouter Plus Worksheet
We suggest that you fill out the following pages with all the correct information, regarding
your Internet connection and configuration of SoftRouter Plus. If you have any problems, you
will then have all required information to hand when reconfiguring the SoftRouter Plus or
talking to Vicomsoft Technical Support.
You should also, do a Save Config As, from the ÒFileÓ menu, this will save your
configuration as a text file and make a copy of your Vicomsoft TCP/IP Preferences, found in
the System/Preferences Folder, in the VICOM Settings folder.
Vicomsoft's Technical Support Area on the Web
Vicomsoft's Technical Support team have an area on the Vicomsoft web site. This area is
constantly updated to address common questions and problems our users experience. The site
contains:
¥
¥
¥
¥
¥
Frequently Asked Questions (FAQs)
Tutorials
Vicomsoft Software Updaters
Application Notes and Version Histories
Contacting Technical Support
The main page for the Technical Support area can be found at:
http://www.vicomsoft.com/support/
151
Notes:
CLII - VICOM Internet GatewayWorksheet
Vicomsoft
Internet Gateway
Appendix D.
Vicomsoft Internet Gateway Worksheet
Owner Details
Name:
_________________________________
Organization: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Vicomsoft SoftRouter Plus
Version:___________
Users: _ _ _ _ _ _ _ _ _ _ _ _
Serial Number:______________________________
Internet Service Provider:
_______________________
Contact number:
_______________________
Connection Method:
ISDN
IP Address type:
Modem
Hardware Router
Cable Modem
xDSL
Other ___________
Dynamic
Static IP address:
_______________
Subnet Mask:
_______________
Domain Name Server (DNS) Address:
_______________
Vicomsoft Internet GatewayWorksheet - CLIII
Notes:
CLIV - VICOM Internet GatewayWorksheet
Vicomsoft
Internet Gateway
Appendix D.
Vicomsoft Internet Gateway Worksheet
Gateway machine:
Classic Networking (MacTCP)
Open Transport
Client Machines:
Classic Networking (MacTCP)
Open Transport
Network is:
Ethernet
LocalTalk
Token Ring
Cable Modem / Hardware Router Users
If you had a static IP address
Default gateway/Router:
__________________
Modem / ISDN Users
Name of modem /ISDN device:____________________________
Telephone Number:
Login via:
Username:
____________________________
PAP
_______________
CHAP
Password:
_______________
Script:
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Vicomsoft Internet GatewayWorksheet - CLV
Appendix D.
Vicomsoft Internet Gateway Worksheet
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
Wait for
Send
Delay
_____________________________
CLVI - Vicomsoft Internet GatewayWorksheet
Vicomsoft
Internet Gateway
Notes:
157 - VICOM Internet GatewayWorksheet
:
Index
A
Ê
AccessÊControl
Access Internet through proxy server
AccessÊRights
Access the Web Through a Cache
Activity
Meter
Scale
Sounds
Trace
AddressÊClasses
AddressÊList
Administering Cached web sites
Administering individual items
Administration Cached web sites
Administering individual items
Erase site
Erase this item
Protect site contents
Protected
Unprotect site contents
Advanced
Edit Port Settings
User Modes
AdvancedÊUserÊMode
Advanced, Preferences
Cache cgi-bin pages
Cache pages with cookies
Default expiry time
Honor clientÕs cache directives
Honor serverÕs cache directives
Overrun serverÕs expiry time
Allow Auto Connect
AppleÊModemÊTool
Apple Script
Commands
SoftRouter Plus Commands
AppleTalkÊProblems
Authentication
Auto Setup
Automatic
Cancel
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
AutomaticÊlaunch
AutomaticÊstart
Automatically Re-Dial
Packet Scale
Port Count
Throughput
Trace Scale
Ê 115
Ê 71
Ê 51
Ê 41
Ê
Ê 56
Ê 56
Ê 35
Ê 56
Ê 105
Ê 142
Ê 76
Ê 77
Ê
Ê 77
Ê 77
Ê 78
Ê 77
Ê 78
Ê 77
Ê
Ê 51
Ê 53
Ê 35
Ê 73
Ê 73
Ê 73
Ê 73
Ê 73
Ê 73
Ê 73
Ê 48
Ê 13, 16, 44
Ê
Ê 145
Ê 146
Ê 134
Ê 52
Ê
Ê 17
Ê 17
Ê 17
Ê 17
Ê 17
Ê 18
Ê 18
Ê 18
Ê 54
Ê 54
Ê 48
Ê 34
Ê 34
Ê 34
Ê 34
Index
B
Ê
BackupÊcopies,Ênon-transferable
Basic User Mode
BOOTP
BreachÊofÊcopyright
C
Ê 149
Ê 35, 53
Ê 87
Ê 149
Ê
Cache cgi-bin pages
Cache Control, Preferences
Cache folder location
Cache refresh frequency
Cache size
Cleanup Cache now
Days to keep cached files
Max. size of file to cache
Cache folder location
Cache Off/passthrough
Cache pages with cookies
Cache refresh frequency
Cache size
Can Manage
Can See
Can Serve DHCP
Catalog of Contents
CHAP
Class
Cleanup Cache now
Clients
Configuration
Ethernet
LocalTalk
MacTCP
NetmanageÊNEWT
OpenÊTransport
OtherÊWindows
ServerÊAddressing
WindowsÊ95/98
CommsÊToolbox
Configuration
Clients
Ports
ConfiguringÊPorts
Connect Options
Allow Auto Connect
Automatically Re-Dial
Disconnect After Inactivity
Disconnect If Instigator Inactive
Framing
Keep Alive Tickle
Limit Connection Time
Login Retries
Specify MRU
Time-out
Connect To...
Connection Monitoring
ConnectionÊSettings
Connection Type
Ê 73
Ê 72
Ê 72
Ê 72
Ê 72
Ê 72
Ê 72
Ê 72
Ê 72
Ê 69
Ê 73
Ê 72
Ê 72
Ê 61
Ê 61
Ê 45
Ê 65
Ê 46, 48, 52
Ê 105
Ê 72
Ê
Ê 18, 137
Ê 139
Ê 139
Ê 139
Ê 142
Ê 138
Ê 142
Ê 18
Ê 140
Ê 44
Ê
Ê 18
Ê 42
Ê 42
Ê
Ê 48
Ê 48
Ê 49
Ê 49
Ê 49
Ê 49
Ê 49
Ê 48
Ê 49
Ê 48
Ê 127
Ê 49
Ê 44
Ê
Index
AnswerÊandÊDial
AnswerÊOnly
DialÊOnly
ControlÊPanel
MacTCP
Network
TCP/IP
Copying
forÊbackupÊpurposes
ofÊmanuals,ÊnotÊpermitted
ofÊsoftware,ÊlimitedÊlicense
Create a WebHeader
Custom,ÊNEWT
CustomizingÊtheÊSoftRouter Plus
Modify a WebHeader
D
Ê 48
Ê 48
Ê 48
Ê
Ê 139
Ê 140
Ê 138
Ê
Ê 149
Ê 149
Ê 149
Ê 82
Ê 142
Ê 33
Ê 82
Ê
Default Domain Name
Default expiry time
Default gateway
DefaultÊPort
Default refresh fequency profiles
Delay
DHCP
Clients
ClientsÊFile
Server
Settings
DHCP Address Resolution
DHCP Client ID
Dial In
DialÊInÊSecurity
OpenÊPort
UsersÊandÊGroups
Dial Out
Dial-in
ClientÊaccess
ClientÊsecurity
ClientÊset-up
Clients
Ports
Disable Port Scanning
Disconnect After Inactivity
Disconnect If Instigator Inactive
DisconnectÊUser
Disconnection
Display and Log
Display local server list
DNS
Router IP
DNS Server Offline
Domain Name Server
DHCP Address Resolution
Domain Name Caching
Domain Name Serving
Enable DNS Caching
Enable DNS Serving
Ê 36
Ê 73
Ê 36, 107, 111, 142
Ê 111
Ê 73
Ê 46
Ê 87, 142
Ê 87
Ê 90
Ê 87, 138, 140
Ê 87, 88
Ê 85
Ê 45
Ê 48
Ê
Ê 48
Ê 48
Ê 48
Ê
Ê 96
Ê 96
Ê 99
Ê 93
Ê 98
Ê 37
Ê 49
Ê 49
Ê 60
Ê 49
Ê 34
Ê 66
Ê 138, 139, 142
Ê 15
Ê 37
Ê 83, 84
Ê 85
Ê 83
Ê 83
Ê 36
Ê 37
Index
Fixed Address Resolution
Local Name Resolution
Offline DNS Mode
DynamicÊAddress
Dynamic PPP Address Assignment
E
Ê 84
Ê 84
Ê 37
Ê 42, 44
Ê 94
Ê
EditÊPortÊSettings
Allow Auto Connect
Automatically Re-Dial
Connection Type
DialÊInÊSecurity
Disconnect After Inactivity
Disconnect If Instigator Inactive
Framing
Keep Alive Tickle
Limit Connection Time
Login Options
Login Retries
Method
Modem control panel
No ToolÊSelected
PortÊName
Specify MRU
StaticÊAddress
Time-out
EnableÊDHCP
Enable DHCPÊServing
Enable DNS Caching
Enable DNS Serving
Enable logging
Enable Remote Management
Erase site
Erase this item
Ethernet
ExtensionsÊfolder
F
Ê 42
Ê 48
Ê 48
Ê 48
Ê 48
Ê 49
Ê 49
Ê 49
Ê 49
Ê 49
Ê 46
Ê 48
Ê 42, 44
Ê 43
Ê 44
Ê 42
Ê 49
Ê 42, 44
Ê 48
Ê 87
Ê 37
Ê 36
Ê 37
Ê 69
Ê 129
Ê 77
Ê 78
Ê 42, 44, 138, 140
Ê 16
Ê
Feedback
FileÊmenu
PingÊHostÉ
Firewall
Fixed Address Resolution
FlowÊControl
Framing
FreePPP
FullÊPrompts
G
Ê 150
Ê
Ê 135
Ê 103
Ê 84
Ê 44
Ê 49
Ê 15
Ê 48
Ê
-Gateway-ÊExtension
GatewayÊNamesÊFile
General, Preferences
Cache Off/passthrough
Enable logging
Off-line Mode
Server Name
Server Port
Ê 16, 29
Ê 60
Ê 69
Ê 69
Ê 69
Ê 69
Ê 69
Ê 69
Index
SoftRouter Plus
Troubleshooting
SoftRouter Users
Remote Users
H
Ê
Handshake
Honor clientÕs cache directives
Honor serverÕs cache directives
Hops
Internet Filters
I
Ê 44
Ê 73
Ê 73
Ê 113
Ê 115
Ê
InboundÊMapping
Installation
Open Transport
Instigator
Internet Filters
Web Caching Servers
InternetÊServiceÊProvider
Account
Configuration
DomainÊNameÊServer
IPÊAddress
TelephoneÊnumber
IPÊAddress
IPCPÊSettings
ISDN
J
K
Ê 103
Ê 16
Ê 16
Ê 51
Ê 115
Ê 121
Ê
Ê 15
Ê 15
Ê 15
Ê 15
Ê 15
Ê 105, 138, 139, 140
Ê 52
Ê 13
Ê
Ê
Keep Alive Tickle
KIP
L
Ê
Ê 131
Ê 61
Ê 61
Ê 49
Ê 87
Ê
LaunchÊState
LCPÊSettings
LicensedÊUsers Timeout
Limit
Auto-Connect
LocalÊAccess
RemoteÊAccess
Limit Connection Time
Local Administration
Local Name Resolution
LocalTalk
Problems
Logging
Login Options
Delay
Login Script
LoginÊUsing
Password
Prompt
ProviderÊmenu
Response
Ê 34
Ê 52
Ê 36
Ê
Ê 51
Ê 51
Ê 51
Ê 49
Ê 69
Ê 84
Ê 136, 138
Ê 134
Ê 39
Ê 46
Ê 46
Ê 46
Ê 46
Ê 46
Ê 46
Ê 46
Ê 46
Index
Scripting Options
Tel. No.
User Name
LoginÊProblems
Login Retries
Login Script
LoginÊScript
Logon
Script,ÊScripted
M
Ê 15
Ê
Mac Port
ClientÊApplications
ServerÊApplications
MacÊPort
MacIP
Addresses
Clients
Problems
MacPPP
MacTCP
MailÊServer
Management Facilities
Administration Access
Managing Ports
Max. size of file to cache
menu
Edit
File
SoftRouter Plus
Method
MinimalÊPrompts
Modem
Problems
Modem control panel
ModemÊSettings
Multi-Homing
Access Chart
Multi-PortÊserialÊcards
Multihosting
Vicomsoft Administrator Console
N
Ê 47
Ê 46
Ê 46
Ê 134
Ê 48
Ê 46
Ê 96
Ê
Ê 29
Ê 30
Ê 29
Ê 42, 44
Ê 87
Ê 87
Ê 134
Ê 15
Ê 139
Ê 103
Ê
Ê 76
Ê 59
Ê 72
Ê 55
Ê 55
Ê 55
Ê 55
Ê 42, 44
Ê 48
Ê
Ê 134
Ê 43
Ê 43, 44
Ê 31, 37
Ê 31
Ê 98
Ê 123
Ê 127
Ê
Name
Name Caching
NameÊServers
NAT
Network Address Translation
Time-out
Network
NetworkÊControlÊPanel
WindowsÊ95/98
NetworkÊmask
Network Preferences
DNS Server Offline
Enable DHCPÊServing
Enable DNS Caching
Ê 40
Ê 83
Ê 87
Ê
Ê 44
Ê 60
Ê 113
Ê
Ê 140
Ê 105, 107
Ê
Ê 37
Ê 37
Ê 36
Index
Enable DNS Serving
NewÊLog
NEWT
No ToolÊSelected
Notices
changesÊtoÊsoftwareÊorÊmanuals
commercialÊmatters
technicalÊsupport
trademarksÊacknowledged
upgrades
warranty
O
Ê
Off-line mode
Offline DNS Mode
Offline Mode
On/OffÊSwitch
OnlineComms Store
OpenÊTransport
OpenÊTransportÊPPP
OperatingÊtheÊSoftRouter Plus
Options for Radius
Overrun serverÕs expiry time
P
Ê 37
Ê 39
Ê 142
Ê 44
Ê
Ê 149
Ê 150
Ê 150
Ê 149
Ê 150
Ê 149
Ê 69
Ê 37
Ê 64
Ê 54, 56
Ê 20
Ê 29, 99, 101
Ê 99
Ê 53
Ê 49
Ê 73
Ê
PAP
PAPÊTimeout
Password
PasswordÊAuthenticationÊProtocol
PingÊHost
Port
Address
Configuration
Dial-in
List
Name
number
PortÊAddress
PortÊName
Port Probe
Ports menu
StartÊTracingÊPort
PPP
Settings
PPPÊServer
Preferences
Advanced
Cache Control
General
General
Logging
Network
PPP Server
Proxy
Security
Security
WebHeader
Ê 46, 48, 52, 96
Ê 52
Ê 15, 46
Ê 46
Ê 135
Ê
Ê 42
Ê 42, 98
Ê 98
Ê 56, 57
Ê 42
Ê 106
Ê 44
Ê 42
Ê 45
Ê
Ê 134
Ê
Ê 52
Ê 93, 94
Ê 33, 69
Ê 69, 73
Ê 69, 72
Ê 69
Ê 33
Ê 33
Ê 33
Ê 33
Ê 69, 71
Ê 69, 73
Ê 33
Ê 75
Index
Preferences,ÊCaching
Ê
Access the Web Through a Cache
Ê 41
Preferences,ÊGeneral
Ê 34, 35
Active At Application Launch
Ê 34
ActivityÊSounds
Ê 35
AskÊforÊconfirmation
Ê 34
Inactive At Application Launch
Ê 34
RingÊonÊIncomingÊCalls
Ê 35
Set Mac Port
Ê 34
Show User Interface When Router Application Launches
Preferences,ÊLogging
Ê 39
Daily Logging
Ê 39
Enable Logging
Ê 39
StartÊAÊNewÊLog
Ê 39
Preferences,ÊNetwork
Ê 36
Default Domain Name
Ê 36
Default gateway
Ê 36
Disable Port Scanning
Ê 37
DNSÊAddress
Ê 36
Multi-Homing
Ê 37
Route Local Packets Only
Ê 37
UseÊRIPÊProtocol
Ê 37
WINS Address
Ê 36
Preferences,ÊPPP Server
Ê 40
AppleShare Admin Password
Ê 40
Authentication
Ê 40
BaseÊServerÊAddress
Ê 40
Name
Ê 40
RadiusÊsecret
Ê 40
RadiusÊserverÊaddress
Ê 40
Preferences,ÊSecurity
Ê 38, 128
Administration Lock Timeout
Ê 38
Administration Password
Ê 38
Enable Remote Management
Ê 129
Set User Interface Password
Ê 128
UI Lock Timeout
Ê 129
Problems
Ê 131
Prompt
Ê 15, 46
Properties,ÊWindowsÊ95/98
Ê 140
Protect site contents
Ê 77
Protected
Ê 78
Protocol
Ê
CHAP
Ê 15
MacIP
Ê 42, 44
PAP
Ê 15, 52
PPP
Ê 15, 42, 44
SLIP
Ê 15, 42, 44
Protocol Filters
Ê 119
ProviderÊmenu
Ê 46
Proxy Address
Ê 71
Proxy Authentication
Ê 71
Proxy Port
Ê 71
Proxy, Preferences
Ê 71
Access Internet through proxy server
Ê 71
Proxy Address
Ê 71
Proxy Authentication
Ê 71
Proxy Port
Ê 71
Pull-downÊmenus
Ê 55
Ê 34
Index
Purchase
Q
Ê
QuantityÊdiscounts
R
Ê 149
Ê
Radius Server
Redirection
RemoteÊAccessÊServer
Remote Administration
Remote Management
Connect To...
Remote Users
Can Manage
Can See
Remote WebCache Configuration
Advanced WebCache Configuration
Create a WebHeader
Display Local Server List
Modify a WebHeader
WebCache Configuration
WebHeader Configuration
WebHeader Editor
Response
Restricting IP Addresses
Retries
RIP
Route Local Packets Only
Routing
RoutingÊInformationÊProtocol
RoutingÊprocess
RoutingÊtable
hopÊcount
manual
network
viaÊgateway
S
Ê 20
Ê 96
Ê 119
Ê 93
Ê 76
Ê
Ê 127
Ê
Ê 61
Ê 61
Ê 79, 81
Ê 79
Ê 82
Ê 79
Ê 82
Ê 79
Ê 81
Ê 81
Ê 15, 46
Ê 117
Ê 52
Ê 112
Ê 37
Ê 105
Ê 112
Ê 111
Ê 109
Ê 113
Ê 113
Ê 113
Ê 113
Ê
Auto Setup, Step 1
How will you connect
Auto Setup, Step 2
Using Ethernet
Using PPP
Auto Setup, Step 3
Building a LAN Port
Auto Setup, Step 4
Entering a DNS Address
Auto Setup, Step 5
Enabling DHCP
Auto Setup, Step 6
Completed - Test
Script
Scripting Options
Security, Preferences
Password
User name
SerialÊInterfaceÊCards
Ê
Ê 17
Ê
Ê 17
Ê 17
Ê
Ê 17
Ê
Ê 18
Ê
Ê 18
Ê
Ê 18
Ê 15
Ê 47
Ê 73
Ê 73, 75
Ê 73
Ê 136
Index
SerialÊPortÊLimitations
Server Name
Server Operation
Server Port
Server URL
Servers
Set Administration Lock Timeout
Set Administration Password
Set User Interface Password
SiteÊLicenses
SoftRouter Plus
Dynamic PPP Addresses
LAN Integration
Multihosting
MultiNoding/IP Aliasing
Port Capabilities
Port Configuration
PPP Serving
RoutingÊInformation
Scenarios
WAN Integration
SoftRouter PlusÊmenu
EditÊPort
SourceÊaddress
Specify MRU
StartÊTracingÊPort
Start/Stop
StartupÊItems,ÊSystemÊFolder
StaticÊAddress
Status Window
StatusÊWindow
CondensedÊView
StandardÊView
Subnet
mask
number
Subnet Mask
Subnetting
Support
onlyÊtoÊregisteredÊusers
SystemÊRequirements
DiskÊspace
Hardware
MacOSÊversion
Memory
Modem,ÊISDN
Network
S
Ê
SoftRouter Plus
Network to Internet
T
Ê 136
Ê 69
Ê 62
Ê 69
Ê 76
Ê 103
Ê 38
Ê 38
Ê 128
Ê 149
Ê
Ê 26
Ê 24
Ê 28
Ê 27
Ê 21
Ê 22
Ê 26
Ê 111
Ê 21, 23
Ê 25
Ê
Ê 42
Ê 107
Ê 49
Ê 134
Ê 54
Ê 54
Ê 42, 44
Ê 64
Ê 56
Ê 56, 57
Ê 56, 57
Ê 106
Ê 107
Ê 107
Ê 44
Ê 106
Ê 131, 150
Ê 150
Ê 13
Ê 13
Ê 13
Ê 13
Ê 13
Ê 13
Ê 13
Ê
Ê 24
Ê
TCP/IP
port
Tel. No.
Throughput Monitor
Ê 138
Ê 106
Ê 46
Ê 56
Index
Time-out
TracingÊPorts
Transparent Access
Troubleshooting
AppleTalkÊProblems
InternetÊHosts
LCP_Config_REQ
LoginÊProblems
MacIPÊProblems
ModemÊProblems
PerformanceÊConsiderations
PING Host
Test
Test Cable modem
Test ISDN
TracingÊPorts
U
Ê
UI Lock Timeout
UnixÊScript
Unprotect site contents
Upgrades
onlyÊtoÊregisteredÊusers
UseÊRIPÊProtocol
UserÊID
User Name
UserÊName
UserÊTimeout
UsersÊandÊGroups
V
Ê 129
Ê 46
Ê 77
Ê 150
Ê 150
Ê 37
Ê 15
Ê 46
Ê 15
Ê 36
Ê 96
Ê
VICOM Settings
exclusions.txt
Gateway Names File
ServiceScan.inp
Vicomsoft
SoftRouter Plus
WebCache Server
ViewÊDHCPÊClients
ViewÊUsers
W
Ê 48, 60
Ê 134
Ê 41, 63
Ê 131
Ê 134
Ê 135
Ê 135
Ê 134
Ê 134
Ê 134
Ê 136
Ê 135
Ê 131
Ê 131
Ê 131
Ê 134
Ê
Ê 75
Ê 84
Ê 66
Ê
Ê 9, 11
Ê 9, 11
Ê 91
Ê 60
Ê
WebÊServer
WebCache Server
Administration
Administration Cached web sites
Catalog of Contents
Display local server list
Domain Name Server
Local Administration
Remote Administration
Server Operation
Status Window
Transparent Access
WebHeader, Preferences
User name
Well-knownÊPorts
Ê 103
Ê 41, 62, 63, 65, 66, 69
Ê 69
Ê 76
Ê 65
Ê 66
Ê 83
Ê 69
Ê 76
Ê 62
Ê 64
Ê 41, 63
Ê 75
Ê 75
Ê 103, 106
Index
Wide-AreaÊNetwork
WindowsÊ3.x
WindowsÊ95/98
WindowsÊ95/98ÊDial-up
WINS Address
X
Y
Z
Ê
Ê
Ê
Ê 93, 98
Ê 140
Ê 140
Ê 101
Ê 36