Step 1. Cable 678 to serial port.

Connect a serial cable to the 678 modem and use a terminal program such as Hyperterminal to connect to the 678. When this is completed, you should be able to hit enter a couple of times and get a Password: prompt back.

Step 2. Clear Existing 678 configuration.

At the Password Prompt hit enter. (Unless a password has been previously set, in which case enter the password and hit enter).

At the next prompt type the following command and press enter:

en

At the password prompt hit enter. (Unless a password has been previously set, in which case enter the password and hit enter).

At the next prompt type the following commands, pressing enter after each one:

set nvram erase
write
reboot

The 678 should now restart and should be set exactly as it was shipped to you from the factory.

Step 3. Configure 678

At the password prompt hit enter. (Any previously set password should be erased)

At the next prompt type the following command and press enter:

en

At the password prompt hit enter. (Any previously set password should be erased)

Type the following commands, pressing enter after each one. (Note: you should substitute the login name and passord which was assigned to you by mic where <loginname> and <password> appears in the command list below:

set ppp wan0-0 ipcp 0.0.0.0
set ppp wan0-0 dns 0.0.0.0
set ppp wan0-0 authentication enable
set ppp wan0-0 login <loginname>
set ppp wan0-0 password <password>
set ppp restart enabled
set nat enabled
set interface eth0 address 192.168.1.1
set dhcp server enabled
set dhcp server pool 0 ip 192.168.1.10 size 8 netmask 255.255.255.0
set dhcp server pool 0 dns 206.127.64.130
set dhcp server pool 0 gateway 192.168.1.1
set dhcp server pool 0 enabled
(the phone line needs to be unplugged from the 678 for the next four commands)
set int wan0-0 close
set int wan0-0 vpi 0
set int wan0-0 vci 32
set int wan0-0 open
write
reboot

At this point, your 678 should be configured and ready to go.

To configure workstations, make sure that each has TCP/IP listed as a protocol for the Ethernet card in each workstation, that TCP/IP is configured to obtain an address automatically, that DNS is listed as disabled, and that there are no gateways listed. When this is set this way, each machine should determine it's IP address automatically and no further configuration should be needed.

Running Services (Advanced users only).

As configured above, the 678 does not permit any inbound connections. As a result, special configurations are required if you are planning on running servers on your DSL connection. Below are configuration lines which can be added to the configuration in order to enable those specific services.

Before performing any of the configuration below, you need to be aware that by permitting any inbound connections you are taking a substantial risk of being intruded into. This is especially true if you enable connections to insecure services - such as a POP3 server with insecure passwords.

In order to use these services, you will need to request a static IP from Montana Internet Corporation so that your 678 is on a consistent IP address. You will also need to ensure that your 678 is in PPP mode in order to ensure that the Static IP is properly assigned to the 675. If you need to change from Bridging to PPP, contact Montana Internet. You must also be running a later version of CBOS. If the commands below are rejected, contact Montana Internet for upgrade information.

All of the following commands can either be added to the config above write after the "set dhcp" lines, or you can enter them separately at a later date, making sure to follow any you add with the following commands:

write
reboot

Please note that in all of the following examples, it is assumed that the server running the example is on 192.168.1.2. If it is on another IP address, simply change 192.168.1.2 to the appropriate address. With DHCP configured as above, you can put servers on 192.168.1.2 through 192.168.1.9, inclusive, along with addresses above 192.168.1.110.

Also, you need to replace the string "206.127.x.x" with the static IP which was assigned to you.

Mail

The following command pushes SMTP mail through to an inside mail server on 192.168.1.2. Note that this is NOT necessary unless you are running your own mail server.

set nat entry add 192.168.1.2 25 206.127.x.x 25 tcp

The following allows users on the internet to retrieve POP3 mail from your mail server. Do not enable this unless you are certain that your POP3 server is secure and all passwords for users have been set in a secure manner.

set nat entry add 192.168.1.2 110 206.127.x.x 110 tcp

Web Server

The following allows you to run a web server on your DSL connection inside the firewall. Again, this is not recommended unless you are 100% sure the Web server is set up securely.

The first line is for "normal" http: traffic, and the second line is for SSL (https) traffic. Feel free to only use the one you need.

set nat entry add 192.168.1.2 80 206.127.x.x 80 tcp
set nat entry add 192.168.1.2 443 206.127.x.x 443 tcp

pcAnywhere

Both of the following lines are necessary to enable you to access a pcAnywhere server inside the firewall from the internet. This is particularly dangerous as if someone breaks into pcAnywhere they then have access to everything the machine running the pcAnywhere server potentially has access to.

set nat entry add 192.168.1.2 5631 206.127.x.x 5631 tcp
set nat entry add 192.168.1.2 5632 206.127.x.x 5632 udp

Note that the second entry ends with udp instead of tcp.