Efficient Corporation ===================== September 20, 2000 Thank you for downloading this software upgrade. You have these files: 1. This file (readme.txt) 2. Router kernel file (2200-12.371) 3. Release Notes in .pdf format (2200-12.pdf) 4. Sample filter #1 (sample1.txt) 5. Sample filter #2 (sample2.txt) ******************* WARNING *********************** Make sure that you download the correct kernel for your router. Upgrading the incorrect kernel will result in a corrupted router! If you are not sure which kernel to use contact technical support. ******************* WARNING *********************** =========================================================== FIRMWARE UPGRADE INSTRUCTIONS =========================================================== The following instructions will guide you through the process of upgrading the kernel (also called 'firmware' or 'software') on your router. WARNING: Following this procedure will replace your existing kernel that is maintained in non-volatile memory on your router. It is strongly recommended that you create a backup copy of your router kernel before proceeding with the upgrade. NOTES: The backup and upgrade procedures should be carried locally (from the LAN). If you need to perform the upgrade procedure remotely (from the WAN) then you must be sure that the entire file is copied to the router before rebooting. Check that the file size of the image on the router matches the file size of the image that was sent. Your configuration will NOT be changed as a result of this upgrade. ------- back up your original kernel ---------- -- Start the Quick Start program and connect to the router. -- Select the TOOLS menu and then select BACKUP / UPGRADE. -- Select "Firmware" and click on the BACKUP button. -- Click on OKAY to save the backup copy in the default location. ------- Upgrade to the new kernel ---------- -- Start the Quick Start program and connect to the router -- Select the TOOLS menu and then select BACKUP / UPGRADE. -- Select "Firmware" and click on the UPGRADE button. -- Browse to the kernel file that you downloaded with these instructions, select it, and click on OK. ------- You are done -------- -- After the router finishes rebooting, reconnect with the Quick Start program. Check the version number presented in the top-right corner of the screen. ------- Contacting Technical Support ------- -- If you have any difficulty performing this upgrade, please contact Efficient Technical Support at: 1 888 286-9375 support@efficient.com =========================================================== LOADING A SAMPLE FILTER =========================================================== To load a script (sample filter) onto a Flowpoint router, follow this procedure. 1. Save the sample filter file to the location of your Flowpoint management software. (I.e. C:\DSL) 2. Open the Flowpoint Quick Start program and connect to the router. 3. Click on "TOOLS", "UPGRADE/BACKUP", select "SCRIPT", then click "EXECUTE". 4. Select the sample file to be loaded and click "OK". 5. The script will be loaded after you verify the file to use. 6. The router will prompt you to reboot, click "OK". Note: You may view any errors that occurred while the script was executed, by telneting to the router and entering the command "system history", after completing the instructions above. The history command will display the contents of the routers dynamic log allowing you to view any error messages that occurred while the script was being executed. This is a critical step as your firewall will not act properly if it was not entered completely. Note: The Firewall script below is a starting point that will likely restrict more internet traffic than you want to restrict. Prior to loading this script review it in detail to determine its suitability to your requirements. =========================================================== TESTING YOUR FIREWALL CONFIGURATION =========================================================== To TEST your firewall configuration follow these steps: 1. Telnet to your router (i.e. MSDOS prompt => telnet 192.168.254.254) 2. Log in and type "system log start". This will cause all of the system log messages to be sent to your telnet screen. 3. Type the command: rem ipf watch on internet Now, every dropped packet will show up on the log screen. 4. Use your network as you would normally use it. If you notice that some applications are not working as they used to, then check the Telnet log to see what packets are being dropped. 5. When you identify what packets need to be allowed through, you need to add another filter rule allowing this packet to pass. For information on adding filter rules please refer to the IP filtering tutorial at: http://support.efficient.com/Firewall_VPN/Firewall.htm =========================================================== MAKING YOUR CONFIGURATION PERMANENT =========================================================== When you add a filter rule to the firewall configuration it becomes active immediately. That rule does not become permanent until you issue the 'save' command. The sample filter files that are provided with this download do not contain the 'save' command. So, when the file is loaded on the router as a script the commands will take effect immediately. However, they have not been made permanent until you issue the 'save' command. If you like the firewall configuration that you have loaded then you need to save this configuration. To do this, Telnet to the router, log in, and issue the 'save' command. If you want to undo all of the configuration that you have done, Telnet to the router, log in, and issue the 'reboot' command. If you can no longer telnet to the router due to an erroneous filter command, you need to cycle power on the router.