|
|
Zlatko Michailov
24-Feb-2005
1558 downloads
This article is about the DSL modem that Tele2 used to sell in France with a DSL subscription in late 2003. Like any other DSL modem offered by an ISP in France, this one has two versions: USB and Ethernet. Although there is a good chance the two versions are identical in terms of features and configuration, this article is solely based on the Ethernet model.
It is hard to name a single entity that produces this router modem because all the agents in the supply chain have somehow affected the final product or at least its price.
Tele2 sells the modem to its DSL subscribers for half of its retail price. The modem comes configured to connect to Tele2. No routing features are advertised. The big advantage is the price – no other ISP sells Ethernet DSL modems (not mentioning routers) for 35 euros.
BeWAN Systems is the official vendor of the modem in France. BeWAN’s logo is printed on the box. BeWAN supplies the modem documentation - it doesn’t advertise any routing features either.
What BeWAN has done is translating into French a few configuration pages on the modem that allow setting up the few parameters that may vary from one ISP to another, and to check the status of the PPP connection. To accomplish that, BeWAN has overwritten the original configuration pages that allowed more sophisticated configuration (and were in English).
Aztech could be titled as the true manufacturer of this router modem. Its name and model identification, DSL305E, are printed on the bottom of the box. Aztech has documentation- and firmware downloads for this modem, and it advertises all the configurable features. There’s a little glitch – the screen shots in Aztech’s documentation are slightly different from what is actually on the modem.
What Aztech has done is building the router, and developing an administration web interface. Unfortunately, its root pages have been overwritten by BeWAN and now it is quite difficult to discover it in the first place.
Conexant has built the chip around which DSL305E is designed. Just like computers are built around a CPU, routers are built around a special chip. Conexant has provided that chip, Rushmore, in this case. Conexant also provides an administration interface through telnet. It’s missing only one feature that’s otherwise available through Aztech’s web interface – port forwarding. The good news about the telnet interface is it’s intact – BeWAN has not messed with it.
This link explains it best: http://www.aztech.com.sg/DSL-305E.htm
There is one user account to connect to DSL305E through any interface - admin. Its password is initially blank. Although access to any of the interfaces is disabled from the WAN port, it is a good practice to set up a hard-to-guess password for the admin account.
Initially DSL305E has a LAN IP address of 192.168.1.1.
The telnet interface, Conexant Access Runner, is not very attractive but one can configure almost everything through it (except port forwarding). To connect to DSL305E through telnet, execute the following command from a command prompt (same for all Windows and Linux):
telnet 192.168.1.1
Then enter the admin password if asked for it.
There is an FTP server running on DSL305E. The most important files are:
It is a good idea to download and keep copies of those files. You can restore the factory defaults but you’d loose your own changes. Remember: restoring the factory defaults means copying factory.reg over config.reg – do not modify factory.reg! To connect to the FTP server, execute the following command from a command prompt (again, same for all Windows and Linux):
ftp 192.168.1.1
Use the admin account to login.
The HTTP interface is the only one documented by BeWAN. It’s not very useful but since it exists, you may check it out. To access it, use a web browser that supports HTTP authentication and navigate to:
http://192.168.1.1
Use the admin account when the authentication dialog pops up.
The remainder of the original Aztech web interface may be accessed at:
http://192.168.1.1/doc/toc.htm
That is the TOC frame page. Links will be opened in a new browser window. The links at the top of the TOC, unfortunately, refer to BeWAN pages.
Configuration changes are not applied immediately. Instead, the memory must be “flashed” and the router rebooted. Thus one doesn’t know the effect of his/her changes until it’s too late. If by some reason DSL305E becomes unavailable, press in the tiny hole on the back to restore the factory defaults. If the router modem is available but you still want to start over, you may restore the factory defaults through either telnet or HTTP.
The following assumptions
about configuration sessions are made throughout this section:
This is the most likely configuration change that may make the router modem inaccessible – due to mistyping or forgetting the password. If it is done first, and the factory defaults must be reset, no custom settings are lost.
[telnet]
2. Password Setup
1. Change Administrative Password
[HTTP]
Admin Password: xxxxxxxx
Retype
Password: xxxxxxxx
DSL305E comes configured to connect to Tele2 straight out of the box. If you want to use it with a different ISP (Internet Service Provider), VPI and VCI may need to be configured:
[telnet]
A. WAN Configuration
1. VPI/VCI Configuration
2. Set VPI/VCI
[HTTP]
VPI: xx
VCI: xx
The following link is an
excellent reference that covers the biggest ISPs in Europe: http://www.eagle-usb.org/imprimer.php3?id_article=23
DSL305E is shipped with PPPoE dialing software for Windows and Mac OS. Such dialing software is also available for Linux. However, when a connection is initiated from a PC, that PC is the only one that may use the network connection, even if there is a hub between the PC and the modem. Besides, the dialing software must be explicitly executed to make a connection – that feels too much like dial-up.
As a router, DSL305E can automatically connect to the ISP without any additional PPPoE software running on any PC. A hub may be used to let multiple machines share the same Internet connection. That’s a real home-, or even small-business-, network.
One thing to watch for is the authentication protocol. There are two main protocols – PAP (Password Authentication Protocol) and CHAP (Challenge/Hash Authentication Protocol). The former requires the client the send the real password and thus creates an opportunity for crackers to obtain users’ passwords. The latter is more secure - the server challenges the client with a random number. The client responds with a hash that is a result of that number and the password. Thus the real password is never transmitted and the hashes that are transmitted are only valid for the current authentication attempt. Tele2 uses CHAP.
[telnet]
2. Password Setup
2.
Change PPP User Name and Password
4. Network Setup
A.
WAN Configuration
8.
Authentication Configuration
1.
CHAP
[HTTP]
This feature is not available through HTTP.
Initially the router’s LAN IP address is 192.168.1.1. You may eventually change it to 10.0.0.1, which is easier to remember and to type but since the whole LAN depends on the router’s LAN IP address, it may trail some consequences. Therefore it is recommended to keep that address as it is. In case it is really needed to change that LAN IP address, here is the way:
[telnet]
4. Network Setup
2.
LAN IP Address Configuration
[HTTP]
Initially the DHCP server on DSL305E is disabled. To enable it
[telnet]
4. Network Setup
4.
LAN DHCP Server Configuration
2.
Enable DHCP Server
[HTTP]
DHCP:
DHCP Server
You must also configure the range of DHCP addresses. By default it uses a “system” pool, which, according to the documentation (for those who believe it, after everything said so far), ranges from 192.168.1.2 through 192.168.1.14. You may configure a “user” range anywhere between 2 and 255 as long as it doesn’t include more than 250 addresses.
[telnet]
4. Network Setup
5.
DHCP Address Pool Configuration
2. User Defined
4. Network Setup
6.
DHCP Server Pool Configuration
[HTTP]
This feature is not available through HTTP.
When DSL305E connects to the ISP, it obtains the current DNS server addresses. In addition to that it allows you to hardcode other, user-specified, DNS servers. The router modem can function in one of four DNS modes based on whether each of the two options is enabled/disabled:
Unless there is a very good reason to avoid one of the two sources, both should be enabled.
[telnet]
4. Network Setup
A.
WAN Configuration
2.
DNS Configuration
2.
Enable/Disable Auto Discovery
2.
Enable
4. Network Setup
A.
WAN Configuration
2.
DNS Configuration
3.
Enable/Disable User Configured DNS
2.
Enable
4. Network Setup
A.
WAN Configuration
2.
DNS Configuration
4.
Set User Configured DNS
[HTTP]
Auto
Discovery: checked
User
Configuration: checked
DNS
Server: xxx.xxx.xxx.xxx, Add
DNS Proxy is a separate service regardless of the mechanism of obtaining the DNS server addresses. When DNS Proxy is disabled, the DNS server information is passed to the DHCP clients along with the dynamic IP address. Any time after that a PC needs to resolve a name, it calls directly the DHCP server. A problem exists for PCs with static IP addresses. How can they resolve names? One option is to get the current DNS servers from the ISP and to hardcode them on each PC. Unfortunately, those DNS servers may become invalid at any time without any notice, and the procedure of obtaining and hardcoding new DNS servers on each PC should be repeated. That could be tedious. That’s where the DNS Proxy service of DSL305E comes handy. When it is enabled, the DHCP clients get the router’s LAN IP address as a DNS server. Then every time they need to resolve a name, they send a request to the router. The router forwards that request to one of the DNS servers on its list.
[telnet]
4. Network Setup
A.
WAN Configuration
2.
DNS Configuration
1.
Enable/Disable DNS Proxy
2.
Enable
[HTTP]
DNS
Proxy: Enabled
One very good reason for using the router features of DSL305E versus dialing through the PPPoE software is protecting the PC from outside intrusions. As it was already mentioned, when a PC makes a PPPoE connection it obtains a real IP address and communicates directly with the Internet without any intervention from the modem. That allows crackers from all over the world to explore security holes on your PC. On the other hand, when the router features are enabled, the PC is completely invisible to the outside world, and the router’s firewall brings in only responses to requests initiated from LAN PCs. If an outside cracker tries to initiate a connection, the packet is dropped by the firewall and never gets to the PC inside the LAN.
There is one little glitch with firewalls and instant messengers. Some instant messengers may need to initiate peer-to-peer connections sometimes, and those packets may be dropped. Normal text messaging works fine with Yahoo and ICQ. Configuring a firewall for a specific instant messenger is out of the scope of this article. Some useful information may be found in section Port Forwarding.
NAT (Network Address Translation) is the most popular firewall mechanism. That’s what DSL305E uses. Essentially the mechanics are: the router has one or more WAN (real Internet) IP addresses and many LAN (fake, internal) IP addresses. When a PC initiates a request from the LAN, the router maps the PC’s LAN IP address to an available WAN address, and then it forwards the request using the WAN address. The mapping may be destroyed after the response is received or a timeout has elapsed.
There are three variations of NAT:
When Static NAT is used, each LAN IP address is permanently mapped to a WAN IP address. That way you need as many WAN IP addresses as there are PCs in the LAN. That doesn’t work well when your ISP gives you only one WAN IP address.
Dynamic NAT maps a large number of LAN IP addresses to a small pool of WAN IP addresses by making the mappings temporary – only for the duration of the request or a certain timeout. That option may even work with a single WAN IP address, although PCs would line up and wait for it. This option doesn’t work (at least not on DSL305E) when a port in the firewall must to be opened to host a public server.
NAPT is a modern variation of NAT. It doesn’t map bare IP addresses but maps pairs of IP address and port. The power comes from the fact that a client may initiate a connection from any port. That way the router mangles both the IP address and the port – it has over 65,000 port numbers to use for different mappings to a single WAN IP address. This is the recommended option.
[telnet]
4. Network Setup
7.
NAT(P)T Configuration
1.
Enable/Disable NAT
2.
Enable
4. Network Setup
7.
NAT(P)T Configuration
2.
Choose NAT Mode
2.
NAPT
[HTTP]
NAT:
Enable
Mode:
NAPT
Both configuration interfaces of DSL305E, telnet and HTTP, show “Dynamic NAPT” as an option but that is an error. First, there is no such a term as Dynamic NAPT. Second, the behavior of that option is as of Dynamic NAT. Therefore “Dynamic NAPT” should be read “Dynamic NAT”.
Once the firewall is enabled, no connection from the WAN to a LAN PC may be made. What if we want to make a specific service (port) on a specific PC available to the public, e.g. hosting a web- or an FTP site? In that case we need to instruct the firewall to forward connection requests at the specified port to the LAN IP address of the machine where our service is running. That’s called Port Forwarding.
A port forwarding rule may have the following parameters:
It is not required that the WAN port and the LAN port are the same.
Some applications like games and instant messengers may need a whole range of publicly available ports. Therefore DSL305E supports Port Range Forwarding. Instead of a single WAN port, you specify Public port - Start and Public port - End. In case only one port must be opened, the begin- and end ports are the same.
[telnet]
This feature is not available through telnet.
[HTTP]
DMZ (Demilitarized Zone) is a single PC in the LAN that is not protected by the firewall. It sounds scary but it has its benefits. For instance, if by some reason too many services from within the LAN must be exposed to the outside world, creating port forwarding rules may be tedious. Or, if an instant messenger uses a wide spectrum of dynamic ports (like NetMeeting), port forwarding may not even work. Or, simply to log all crack attempts. When a PC is designated as the DMZ, the firewall will forward all IP packets from the Internet that otherwise would be dropped.
[telnet]
This feature is not available through telnet.
[HTTP]
DMZ:
Enabled
DMZ
Host IP: xxx.xxx.xxx.xxx
Initially all configuration interfaces, HTTP, FTP, and telnet, are available only from the LAN. It is possible to enable them for the Internet as well, so that the router could be configured remotely. That’s not a good idea since there has been an issue reported about the Conexant chip that it may accept an unauthenticated connection. Anyway,
[telnet]
This feature is not available through telnet.
[HTTP]
HTTP
Access
FTP
Server
Command
Line Interface
One place not to look for support at is Tele2. Their customer service is absolutely terrible. (That doesn’t mean other French companies do any better.)
BeWAN may be able to help but there is a good chance they won’t want to. After all they market and price this router as a simple modem. They’ve never claimed the router features exist in DSL305E.
An online help request at Aztech’s web site did not trigger any response either.
The best and only source for help is this web site. Feel free to email questions and any other useful information here.
For original documentation and firmware, Aztech is still the only agent in the supply chain who has something available:
Feature page:
http://www.aztech.com.sg/DSL-305E.htm
Download page:
http://www.aztech.com.sg/singapore.htm
FTP site:
My ultimate goal as an owner of such a router modem is to rebuild an original Aztech DSL305E as it was before BeWAN’s intervention. If you find the original configuration HTZ files, please email them (or links to them) to me. Thanks.
Copyright
© 2005, Zlatko Michailov