Watson SHDSL Router
Operating Manual
Watson-SHDSL-Router-Manual.doc
Version 1.0-03
By default, Watson SHDSL router operates in NAPT routing mode. However, you can control your
network translation by defining static NAT/NAPT rules. Such rules map LAN computers to NAT IP
addresses.
The NAT/NAPT mechanism is useful for managing Internet usage in your LAN, or complying with
various application demands. For example, you can assign your primary LAN computer with a sin-
gle NAT IP address, in order to assure its permanent connection to the Internet. Another example is
when an application server with which you wish to connect, such as a security server, requires that
packets have a specific IP address - you can define a NAT rule for that address.
3.2.7 Advanced Filtering
Advanced filtering is designed to allow comprehensive control over the firewall's behavior. You can
define specific input and output rules, control the order of logically similar sets of rules and make a
distinction between rules that apply to WAN and LAN interfaces
3.2.8 Security Log
The Security Log displays a list of firewall-related events, including attempts to establish inbound
and outbound connections, attempts to authenticate through an administrative interface (Web-
based management or Telnet terminal), firewall configuration and system start-up..
3.3 VLAN
Watson SHDSL router supports VLAN functions according to IEEE 802.1q.
3.3.1 Switch VLAN modes
The switch supports two VLAN modes: 802.1q and transparent.
In 802.1q mode each of the eight Ethernet switch ports (Port1 .. Port8) and the switch trunk port
(Trunk), can be member of one or several VLANs. Each port can be member of maximum 14
VLANs. Each VLAN has a VLAN Identifier (VID) between 1 and 4094.
Upon reception of an Ethernet packet at a port its VID is checked against the VIDs of all VLANs this
port is a member of. Packets that do not carry one of these VIDs will be discarded.
For untagged packets the default VID for the port is used to determine VLAN membership.
Packets are only forwarded to ports that are a member of the VLAN of this packet.
Upon transmission the packet will be tagged with the VLAN tag originally received. If the packet
was untagged then the default tag of the receiving port is added to the packet. The port can also be
configured to send the packets untagged.
In VLAN transparent mode all Ethernet switch ports are member of all VLANs and untagged pack-
ets will not be tagged with a default VID. The packet forwarding is only based on MAC addresses.
3.3.2 Router VLAN
Watson SHDSL router allows you to create Virtual LAN (VLAN) interfaces in order to connect to ex-
ternal virtual networks.
It is also possible to create a dedicated VLAN management interface that can be used for managing
the Watson SHDSL router.
3-6 Revision: 2007-05-24
To Next Page
Loading...
