Configuring the Alcatel Speedtouch Pro for PPP Brendan Lewis ============================================== 28/11/2000 Last revised: 05/12/2000 First make sure you either have a crossover UTP cable connecting the Pro to a hub, or a straight through UTP connecting the Pro to your ethernet card. Also make sure the ADSL line is connected to the Pro properly, and that you get a constant green light on the 'Line Synch' LED. Set your IP address to something in the range of 10.0.0.0/24 - anything except .138 as this is the default IP for the router. For this example we'll use 10.0.0.30. Then make sure everything is working by pinging the router (ping 10.0.0.138). Open up your browser and browse to http://10.0.0.138 You should see the Speedtouch Pro page come up. The first thing we should do is upgrade the firmware: * Click 'Upgrade' * Click 'Remove Passive' and wait for it to finish * Click the 'Browse...' button and locate the firmware file on your system * Click 'Upload' and wait for it to finish You should see the active software version being the old firmware version, and the passive software version being the one you just uploaded. If you received an error preventing you from uploading the new firmware, try power cycling the Pro and give it another go. Now we have to switch over: * Click 'Switch Over' and wait for it to reboot. Now you should see the active software version being the new version, and the passive software version being the old version. Now that the new firmware is installed (134 being the latest as of this writing) the router can do port forwarding. Under the 'Initial Setup' menu, you can set the IP address and subnetmask of the router, but we don't need to do this since we receive the IP details over PPP. Its a good idea to set the password for the router: * Click 'System Setup' and type in the password you wish to use for the router * Click 'Apply' To keep things tidy and simple, its a good idea to delete all the default PPP, CIP, PPTP, Bridge and Phonebook entries. * Click 'PPP' then click 'Delete' on any entries you see there * Click 'CIP' then click 'Delete' on any entries you see there * Click 'PPTP' then click 'Delete' on any entries you see there * Click 'Bridge' then click 'Delete' on any entries you see there * Click 'Phonebook' then click 'Delete' on any entries you see there * Click 'Apply' If you want to use the Pro on a different network than 10.0.0.0/24, you have to configure the Pro to use an IP address on the subnet you wish to use: * Click 'Initial Setup' and enter an IP address with a subnet mask (eg 192.168.0.1, 255.255.255.0). * Click 'Apply' The router will take care of the resulting routing table. Next we should configure the DHCP server. * Click 'DHCP' * Select either 'No DHCP' or 'DHCP Server' If you want to specifically configure the DHCP services of the Pro, you must set it up (the defaults will work fine otherwise): * Click 'Advanced' and change the properties as needed * Click 'Apply' Its a good idea to use the DNS services of the Pro to speed up name resolves. * Click 'DNS' By default it should be enabled, but you can make sure the 'Server Active' tag is selected. Specify the domain name if there is one, and set up any hostnames you want for the network. * Click 'Apply' Now we just have to set up the PPP dialup. * Click 'Phonebook' Under 'Name' type the name you want to call the PPP connection, leave VPI as 8 and set VCI to 35. Set 'Type' to 'ppp'. * Click 'Add' * Click 'Apply' Now we have to configure the PPP connection. * Click 'PPP' You should see your PPP connection which you just added listed there. If not, click on the pulldown menu under 'Name'. * Select your PPP connection * Select either vc-mux or llc/nlpid (works with either) * Click 'Add' * Click 'Config' on the entry you just added * Enter the username and password for the user's Pacific Internet account. * Select 'Address translation (NAT-PAT)' * Enter the appropriate primary and secondary DNS entries: Sydney Primary: 61.8.0.113 Sydney Secondary: 210.23.129.34 Melbourne Primary: 210.23.129.34 Melbourne Secondary: 61.8.0.113 The router can be configured to be always on (reconnects immediately after it disconnects), dial-in (only dials in when you manually tell it to), or dial-on-demand (connects when it receives a network packet destined outside the local network). Since our ADSL plans are intended for permanent use, always-on is the best option. * Select 'always-on' * Select 'PAP' The rest can be left as default. * Click 'Apply' * Select 'On' under status to connect * Click 'Apply' The router should be ready to go now. Check that you're connected ok: * Click 'Dial-in' You should see your connection listed there, and the state will indicate if it is up or there is a problem. Wrong passwords, wrong authentication settings and problems with the account itself could be a possible reason here. Once everything looks ok: * Click 'Save All' Port Forwarding --------------- When a customer has a server on their internal network behind the Pro which accepts connections from the outside internet (eg. mail server, web server), these will be denied by the router. To overcome this, we need to forward the port on the external IP to a port on an internal IP. Eg, an SMTP server is running on a machine with an internal IP of 10.0.0.30. We would need to forward port 25 of the external IP address (given over PPP) to port 25 of 10.0.0.30. Telnet to the Pro or attach a console cable to the back of it. Type: => nat [nat]=> create protocol = tcp inside_addr = 10.0.0.30 [inside_port] = 25 outside_addr = 0.0.0.0 [outside_port] = 25 [nat]=>save This will set up a port forward as per the above example. This will display a list of forwarding rules: [nat]=>list Disabling The Firewall ---------------------- To resolve any slow connection issues, we have found its helpful to disable the firewall. Telnet to the Pro or attach a console cable to the back of it. Type: =>ip [ip]=>config firewalling off [ip]=>save