ELTEX ESR-200 - 4 Router Factory Default Model

To Next Page

To Previous Page

ESR series routers 13

4. ROUTER FACTORY DEFAULT MODEL

Initially, factory configuration, that consist of the minimum necessary basic settings, is loaded to the

device. Factory configuration allows you to use the router as a gateway with SNAT function without the

need to apply extra settings. Factory configuration includes settings that allow getting network access to

the device to make a extended configuration.

Factory configuration description

For network connection configuration describes 2 buffer zones with «trusted» name for local

network and «untrusted» name for public network (WAN).

All interfaces are separated between two buffer zones (safety area):

«Untrusted» area is destined for connection to Wide Area Networking (WAN). DHCP-protocol ports

for getting of the dynamic IP-address from provider is opened in this area. All incoming connections

from this area to the router are forbidden. The buffer zone includes the next interfaces:

ESR-100/ESR-200: GigabitEthernet1/0/1;

ESR-1000/ESR-1200: GigabitEthernet1/0/1, TengigabitEthernet1/0/1, TengigabitEthernet1/0/2.

Area interfaces are integrated into one L2 segment by Bridge 2 network bridge.

«Trusted» area is destined for connection to Local Area Networking (LAN). Telnet and SSH protocol

ports are opened in the area for remote access, ICMP-protocol port is opened for checking router

availability and DHCP-protocol port to get IP-addresses by users from router. Outgoing connections

from the area to outside area are permitted. The safety area includes the next interfaces:

ESR-100: GigabitEthernet1/0/2-4;

ESR-200: GigabitEthernet1/0/2-8;

ESR-1000: GigabitEthernet1/0/2-24;

ESR-1200: GigabitEthernet1/0/2-16, TengigabitEthernet1/0/3-8.

The area interfaces are integrated into one L2 segment by Bridge1 network bridge.

DHCP-client for getting of dynamic IP-address from provider is turned on at the Bridge 2 interface.

Static IP-address 192.168.1.1/24. is configured at the Bridge 1. Created IP-interface is a gateway for Local

Area Network users. 192.168.1.2-192.168.1.254 DHCP address pool with 255.255.255.0. mask is adjusted

for Local Area Network users.

Source NAT Service is turned on at the router to get access by LAN users.

Settings of the safety area policy:

Table 4.1 - Settings of the safety area policy

Area of the

transmitted traffic

Area of the

received traffic

Traffic type

Action

trusted

untrusted

TCP, UDP, ICMP

enabled

trusted

TCP, UDP, ICMP

enabled

trusted

self

TCP/23(Telnet), TCP/22(SSH), ICMP,

UDP/67(DHCP Server), UDP/123(NTP)

enabled

untrusted

self

UDP/68(DHCP Client)

enabled

User account with name ‘admin’ and password ‘password’ is created in the router

configuration to provide configuring capability during the first router connection. It is

strongly recommended to change administrator password in the case of the beginning router

configuring.

192.168.1.1/24 -static IP-address at the Bridge 1 interface is assigned in the case of the first

connection in the configuration for network access to the router control.

ELTEX ESR-200 - 4 Router Factory Default Model

Table of Contents

Other manuals for ELTEX ESR-200

Related product manuals