Copyright © 2001 - 2009 BIOSS
All rights reserved.
ADSLDon't let the Cable Guy put you off.
Introduction
SoHo, Small Office or Home Office, systems revive. They get a boost with the available and, more importantly, affordable broadband services. This page offers a digest of my field experience and a selection of support sites.
Enter a keyword to lookup on this page (IE supported only)
Topics
A Touch of Class
My personal ADSL experience is mostly based using the SpeedTouch modems.On this page you will find information about the multi-user, PPPOE and VPN features of the Alcatel/Thomson gear.
Before you proceed, keep in mind these basic rules:
1 never change the configuration settings if your modem is working well,
2 before making any changes, make sure you have a backup of the original settings,
3 after making any configuration changes, check if your connection is still safe and no security holes exist to your LAN.
Upgrades of the following SpeedTouch models: SpeedTouch Home, SpeedTouch 510, SpeedTouch 510v4 have been succesfully implemented in SoHo environments.
Various configuration modes are possible to configure the SpeedTouch in bridged or NAPT (Network Address & Port Translation) mode.
Note that for France you should configure the PPP connection with VPI 8 / VCI 35 !
SpeedTouch Home
Firmware: GV8BAA3.253
 SpeedTouch Pro
Firmware: GV8BAA3.253
SpeedTouch 510v3
Firmware: GV8BAA3.741
|
 once you get hold of the EXPERT password, you can switch on the 'PRO' mode; this is done by updating the Remote Inventory PROMthe 'PRO' mode allows access to the Routing and the DHCP settingsthe Firmware versions offer, besides bug fixes, additional features and different user interfaces (which are accessed with your browser at http://10.0.0.138)some Firmware versions are ISP or country specific, in particular PPPoE or PPPoA supportconfiguration files (user.ini) can be uploaded from or stored on your local disk for backupread more about the upgrade instructions heresee how the Firmware: GV8BAA3.741
GUI
looks like |
SpeedTouch 510
Firmware: LLT6AA4.230
SpeedTouch 510v4
Firmware: LLT6AA4.230
|
the same rules apply for the ST510, you first need the EXPERT passwordthe basic ST510 comes with a graphical interface and a configuration (setup) programmethe more advanced Firmware offers easy access to pre-defined configurations with DHCP, NAPT (Network Address Port Translation) and DNS features (e.g. Routed PPPoE - DHCP - NAPT).Phone Book settings may differ by country and/or ISP: SkyNet (Belgium): VPI 8 / VCI 35 - Wanadoo (France): VPI 8 / VCI 35
see how the Firmware: LLT6AA4.230
GUI
looks like |
SpeedTouch Links
 |
SpeedTouch 510 Firewall GuideNubz AlcaTool is a configuration utility for Alcatel SpeedTouch Home and Pro series ADSL modemsBruring.com is a Tweaking Zone with lots of FirmwaresForpage.com is a French Tweaking Zone also with lots of Frimwares and good adviceThe ST510 Firewall Configurator utility download.An Expert password calculator can be found on-line.Finally, check also my VPN Client test overview. |
your LAN: a cunning planDo you want to connect more than one device on the Internet, then first install a Local Area Network (LAN).
The basics for an ethernet LAN are well explained by Threemacs.com.
Here are my basic rules for installing a LAN:
Unless you opt for a wireless LAN, first, work out your cabling plan.Make it flexible for future expansion (you may need more connections than you think).Select good quality twisted pair cable (Category 5), which can serve other wiring needs (you may use it for phone or ISDN connections). Twisted pair cable is preferred to coax. Although a coax may not need active components, it remains vulnerable and limited in length.Follow the recommended wiring schemes and pin lay-outs (ethernet uses pin 1236). Never extend the recommended maximum distances (include patch calbes and cables between wall outlets and workstations). See also RJ-45 Cable lay-out.Use good quality tools and connectors.Protect your equipment: cable conducts and surge protectors for your active components are no luxury.Label your cables: it will save you time to diagnose faults.Keep some spares available (cable and connectors) for repairs.Use good quality hubs and cards, preferably with diagnostic LEDs to check for link signals and collisions.
RJ-45 Cable lay-out
The RJ-45 cable is used for the Ethernet Twisted Pair wiring.
Notice the difference between the RJ-45 here and the RJ-11 below, which is smaller.
RJ-11 Cable lay-outThe RJ-11 cable is used for your telephone connection. Very often, only two wires are used to connect you phone line. Notice the difference between the RJ-11 here and the RJ-45 above, which is bigger.
aDSL: the need for speed
Wired or not, if you live in the fortunate countries, you can enjoy the Internet experience with speed and ease. The cable guy will sell you a permanent connection, which needs specific wiring (see picture below). 
Telephone companies make it easier with an ADSL connection on your telephone outlet.
Small Office and Home Office (SoHo) users will appreciate these offers.
Be aware though that you may not always have a 'transparent' software connection. While a cable modem can offer seamless DHCP (Dynamic Host Control Protocol) connections, the setup of an ADSL connection may require extra software on your PC for Point-to-Point over Ethernet (PPPoE) or ATM (PPPoA). More information about this software is published in the Authentication CHAPter.
aDSL: the connection
Here is how a Belgian ADSL connection looks like:
Use the ADSL-filter for each telephone connection !Insert the filter between the telephone socket and the telephone, the fax or the answering machine (see picture 2 and 3 below).
aDSL: LAN extension using the MicroLink dLAN Ethernet adapters
Here is a schema to extend your LAN over the in-house power circuit. In the example below, the LAN connection from the ADSL-modem is extended by using the Devolo MicroLink dLAN Ethernet adapters.
Network Tools and Speed Tests
 |
||
SpeedTests and Tools
|
Tech Depot's speed test
|
|
 |
 |
|
|
||
Belgacom Support
Sharing your Internet access
Your LAN is installed, you have an ADSL or Cable modem connection to the Internet and you would like to use it simultaneously on more than one computer. This is the moment that you start looking for a sharing device. Think about security, though. While your LAN lets you share local resources, the permanent Internet connection will expose it to the world. More information related to Internet security is published on the 'Web Goodies' , the 'ePOST' and the 'Anti-Virus' pages.
Many products are noticed on the LANdscape; both software (only) and hardware (only). Hardware solutions may be more expensive but can function independently: no extra computer, no Operating System hassle. Before you buy, verify if your ISP (Internet Service Provider) service can be supported. In particular, you need to know which authentication protocols are supported. Good extra features (like a print server function) may come with Hardware solutions, not necessarily at extra cost. Check the product reviews of Practically Networked. Below are a few recommeded (i.e. tested and installed) hardware solutions:
Netgear:
The Netgear DG834v2 (and DG834G) is a combined ADSL Modem, Router and Wireless Access Point.
The default adress of the Access Point is http://192.168.0.1 (factory setting).
Works fine with Windows XP and Vista Home Premium.
The Netgear WPN802v2 is a powerful Wireless Access Point based on RangeMax Technology, supporting Centrino®, 802.11b, 802.11g and SuperG (108 Mbit/s). Works well in combination with the Thomson SpeedTouch 510 and Philips ADSL modem/router PSTN Blue.
Works fine with Windows XP and Vista Home Premium.
The default adress of the Access Point is http://192.168.0.231 (factory setting).
Philips:
The Philips ADSL modem/router PSTN Blue is a multiservice router with a Wireless Access Point, offered by Belgacom.The default adress of the Access Point is http://192.168.1.1 (factory setting).
Works fine with Windows XP but has limited support for Vista Home Premium.
The Philips ADSL modem/router Belgacom b-box is a multiservice router with a Wireless Access Point, offered by Belgacom.This modem support the Voice-over-IP and Digital TV services.
Works fine with Windows XP and Vista Home Premium.
US Robotics:
The US Robotics Broadband router is good value for money and works fine with PC and MAC. The print server is only supported for Windows PCs over the TCP/IP protocol (no Netbios nor IPX/SPX support). The USR 8000-3 Internet Sharing device offers:
an Internet sharing of DSL connections (cable or ADSL) through Network Address Translation (NAT) with a dial-up backup,a Firewall, with optional DMZ,a DHCP Server for automatic IP Address alocation,a Print Server over IP for a parallel attached printer,a 10/100 Base-T switch for up to four LAN connections.Configuration management through a web interface. The default address of the USR 8000 Router is http://192.168.123.254 (factory setting)Important note: Windows users need to install the proprietary USR print driver.
The USR5461 802.11g Wireless MAXg Router is the new version with support of an USB printer.Alcatel
The Alcatel SpeedTouch Home can be upgraded and used as a shared device...
The Thomson SpeedTouch 510 is a multi-user ADSL gateway with a built in firewall. Various configuration modes are possible.Works fine with Windows XP and Vista Home Premium.
NetBios Security
Secure your files from the Internet and disable Netbios over IP in the TCP/IP protocol settings (Advanced options). Windows uses the NetBIOS protocol to share files and print services over your home LAN. By default, NetBIOS is routed over TCP/IP and as such creates a security vulnerability on your PC. Check your TCP/IP protocol bindings and disable file and printer sharing. In the advanced TCP/IP settings, under the WINS tab, disable NetBIOS over TCP/IP.
Install IPX/SPX. IPX/SPX is not installed by default. If you need to share files and printers, then install Novell's IPX/SPX powerfull protocols. In the Network Connection's Properties, choose Install and Protocol: NWLink IPX/SPX/NetBIOS.
Make sure the network bindings are adjusted. This you can modify with the Network Connections Advanced Menu Option 'Advanced Settings' in the 'Adapters and Bindings' tags. Under the Start menu, select 'Network Connections'. In the Network Connections window, select 'Advanced' from the top menu. In the pull-down menu, go to 'Advanced Settings'. The Advanced Settings show the 'Adapters and Bindings' with the enabled bindings for each Connection. Make sure only NWLink IPX/SPX/NetBIOS is enabled (see Dutch example below):
Read also the Step-by-step procedure for Network Bondage on the Shields Up! pages.
Refer also to the Windows File and Print services and the Folder Sharing options on the WinTWEAKS page.
Authentication: There's a good chap!
Each provider makes its own choices for authentication. Protocols may vary as new ones become available on the market. Encryption technologies and Intranet security standards challenge (read conflict with) the authentication protocols. While in the earlier days, some providers used clear text logon scripts (like CompuServe) for PPP (Point-to-Point Protocol) connections, today PAP (Password Authentication Protocol) and, better, CHAP (Challenge Handshake Authentication Protocol) is used. The smart ones will support all three types (for compatibility). Be aware chaps, that some providers may only support one protocol. That's were trouble starts: your (favorite Point-to-Point Protocol) software must be able to support the chosen (read forced) authentication protocol. Advanced software will include options to select either of the protocols or even negotiate with the server. However, limitations may occur and even worse, some vendors do not even mention which protocol selection they embeded. It gets even more complex when tunneling is used or needed for security. Many providers used the EnterNet client (and so did the 'TurboLine' provider Belgacom). Note that the MAC version did not offer a selection option between PAP or CHAP. Information about this MAC client setup is published on the iMac Bondi pages.
The Alcatel SpeedTouch Home works fine with the EnterNet MAC client. The RASPPPOE client is preferred for Windows 2000 (tested with the Belgacom TurboLine and SkyNet GO).The Thomson SpeedTouch 510 works fine with the native Windows XP PPPOE client and the EnterNet 300 client (tested with Wanadoo eXtense 512k).
Many other configuration modes are possible.
Check out the following articles and sites for documentation:
my windows LAN configuration (includes ADSL and Cable configurations)
PPPoE FAQs and Client software forums by Carrick Solutions.
VPN Clients
Many enterprises deploy Virtual Private Networks (VPN). To connect your PC to their gateway, you must use a VPN client software. The Alcatel Secure VPN client and the NetScreen Remote VPN client software work fine with the Alcatel Speed Touch Home and with the Thomson SpeedTouch 510 . Keep in mind that you need to load Security Policies that match your network provider's VPN gateways.The NetScreen Remote VPN client software works fine with the US Robotics Broadband router (USR8000). The Alcatel Secure VPN client software, however does not work with the US Robotics Broadband router (USR8000) but will work with the Netgear Broadband router (here's looking at you, Dave).
In the table below, you find the different combinations that have been tested successfully:
Single user environment
|
|
 |
 |
|
in Bridged mode
|
 EnterNet 300 PPPoE Windows Client OR
the native Windows XP Broadband PPPoE Client
|
|
 |
|
Multi-user environment in France
|
|
|
|
upgraded to Pro version
(see above)
|
in NAPT mode
Router configured for
PPPoE, DHCP and NAT.
(see above)
|
|
|
Multi-user environment in Belgium
|
||||
 |
|
|
|
|
|
in NAPT mode
|
Netgear DG834v2
adsl modem/router
 Wi-Fi in WPA-AES mode
|
Philips ADSL modem/router Belgacom b-box
 Wi-Fi in WPA-AES mode
|
Philips ADSL modem/router PSTN Blue
 Wi-Fi in WPA-TKIP mode
|
Broadband router (USR8000)
Router configured for
PPPoE, DHCP and NAT.
|
Netgear WPN802v2
 Wi-Fi in WPA2-AES mode
|
|||
| NetScreen Remote VPN client with Windows XP Professional
|
||||
Copyright © 2001 - 2009 BIOSS All rights reserved