This document contains late breaking news of the latest features added to the VICOM Internet Gateway which do not appear in the VICOM Internet Gateway manual. At the end of the document, the version history of the product is also listed.
For the latest news about updaters, shows that Vicom Technology are attending, new versions of our software, new products, press news and lots more, take a regular look at our news page at:
http://www.vicomtech.com/newsflash.html
Contents:
• Registering your VICOM Internet Gateway
• OT TCP/IP Control Panel
• CyberNOT™ Internet Filter List
• Running TCP/IP server applications on the Gateway machine
• Previous Users of the VICOM Internet Gateway
• Setting the MRU Value on the PPP Port
• Setting up a Dial in PPP Port(s)
• IRC Protocol Block
• DHCP Client Machines and Duplicate Address Error
• Vicom Technology's Technical Support Area on the Web
• Saving Information About the Set-up of Your VICOM Internet Gateway (Contacting Technical Support)
• Version History
Registering your VICOM Internet Gateway
To receive news of updates, offers and for free technical support, please register the product on-line at the following web page:
http://www.vicomtech.com/register.html
OT TCP/IP Control Panel
If TCP/IP is used on the Gateway machine (needed if TCP/IP applications are run on that machine), TCP/IP should be set to "Load Only When Needed". This option can be found by opening the TCP/IP control panel, selecting "Advanced" user mode, and then selecting the "Options" button.
CyberNOT™ Internet Filter List
Users evaluating the VICOM Internet Gateway software can also try out the CyberNOT™ functionality in the Gateway by downloading a demonstration version of the CyberNOT™ list.
To obtain the demonstration CyberNOT™ list, you need an username and password:
Username: c.cyber.demo
Password: cybernot
Please read the VICOM Internet Gateway User Guide for details of setting up the CyberNOT™ facilities on your Gateway, using the username and password as stated above to download the CyberNOT™ list.
Running TCP/IP server applications on the Gateway machine
If any TCP/IP server applications are run on the Gateway machine the mirror port should be set as follows:
• If the Internet Proxy port has a static address then this port should be mirrored. Users accessing the server from inside the network access it at this address, as do users on the Internet.
• If the Internet Proxy port has a dynamic address then the Internal (normally Ethernet) port should be mirrored. Users inside the network access the server at the Internal port's address. Users on the Internet access the server at the address of the Internet Proxy port. Users from the Internet would of course need to know the address the Internet Proxy port had obtained.
To mirror a port, select the port required in the status window and select "Mirror This Port" from the "Ports" menu.
Please note that the Internet Gateway must be loaded and turned ON, before any server applications are loaded.
Users running a mail server on the Gateway machine need to tell their email clients where the mail server is based, i.e. the IP address of the mail server. This IP address will depend on which port you are mirroring (as per the instructions given above). With the Gateway switched on, the Gateway's mirror port will display its IP address. This is the IP address the email client software needs to access the mail server.
Previous Users of the VICOM Internet Gateway
The "DHCP Clients" file and the "VICOM TCP/IP Preferences" file can now be located in the "VICOM Settings" folder within the System's "Preferences" folder. The default is for the VICOM Internet Gateway to use the files that are placed in the "VICOM Settings" folder.
We recommend that previous users of the VICOM Internet Gateway move their existing "DHCP Clients" and "VICOM TCP/IP Preferences" files into the "VICOM Settings" folder.
Setting the MRU Value on the PPP Port
The MTU (Maxmium Transmit Unit) value for a PPP port is fixed at 576 bytes. The Internet Gateway will only send out packets of 576 bytes in size.
The Default MRU (Maxmium Receive Unit) value is now 1500 bytes, this means that the Gateway will receive packets upto 1500 bytes in size. This option was previously labelled the MTU value. (Maxmium Transfer Unit for both directions).
To change the default MRU value, edit the PPP port that you use to connect to your ISP and select the "Connect Info" button. Check the "Specify MRU" checkbox and enter a MRU of 576.
NOTE: This change has been made to allow greater compatability with connections that have hardware limitations.
Setting up a Dial in PPP Port(s)
The Gateway provides Dial in password security. Security works through MacOS Users & Groups, VICOM PPP Users or Radius Servers. Out of the three methods of setting up dial-in security, VICOM PPP Users is the easiest.
If you are using the MacOS Users & Groups, the Gateway needs a group called "VIP Gateway Group" which contains the users who will be allowed to dial into the Gateway. If this group is not in your Users & Groups control panel, you will need to create it.
Please read the "Setting Up Remote Access Services" chapter in the VICOM Internet Gateway User Guide for more details about setting up dial-in PPP ports and a step by step guide on setting them up.
IRC Protocol Block
An option in the Global Host Access Rights section allows an administrator to restrict access to selected services based on their Internet Protocol port number. One such service is IRC or Internet Relay Chat which uses port number 194.
Version 4.5.1 and above of the Gateway now blocks more port numbers when the "Block All IRC" option is selected. The ports numbers now blocked are port 194 and ports 6661 to 7000.
For more details about Protocol Blocks, please refer to the "Global Host Access Rights with CyberNOT™" chapter of the VICOM Internet Gateway User Guide.
DHCP Client Machines and Duplicate Address Error
If you are using the Gateway as a DHCP Server, i.e. assigning IP address to client machines on your network by the Gateway, you may see an error message on a client machine stating that there is another machine on the network with the same IP address.
This will occur when a Gateway is restarted, the DHCP Server function will start assigning IP addresses from the first IP address shown in the DHCP Setup window. Client machines requesting an IP address after a restart could therefore be given an address that is already in use by another client computer, because it received its address before the Gateway was restarted. This will result in an alert on one or both client computers.
To overcome this problem when you need to restart your Gateway, either:
a) Restart all client machines using DHCP when you restart the Gateway.
b) Restart the client machines which report a duplicate IP address error.
c) Always assign the same IP address to the same client machine by using the DHCP Clients file.
Details about this problem and information on how to set-up a DHCP Clients file are covered in "The DHCP Server" chapter of the VICOM Internet Gateway User Guide.
Vicom Technology's Technical Support Area on the Web
Vicom Technology's Technical Support team have an area on the Vicom web site which contains:
• Frequently Asked Questions (FAQs)
• Tutorials
• Vicom Software Updaters
• Application Notes and Version Histories
• Contacting Technical Support
This area is constantly updated to address common questions and problems our users experience.
The main page for the Support area can be found at:
http://www.vicomtech.com/support/
A web page called "Communications Products" contains a list of TCP/IP applications that can be used with the VICOM Internet Gateway and that Vicom Technology's Technical Support team think users will find useful. The web page can be found in the Support area of the web site at:
Saving Information About the Set-up of Your VICOM Internet Gateway
When contacting Vicom Technical Support for help with the VICOM Internet Gateway, you can now help us to help you by sending a text document containing the set-up of your VICOM Internet Gateway.
If you need help from Vicom Technical Support, we recommend the following:
1) Select "Save Config As..." from the "File" pull-down menu of the VICOM Internet Gateway and save the file (this file is automatically saved as a text file).
2a) Fill out the "Contacting Technical Support" form along with the contents of the configuration text file on the following web page: http://www.vicomtech.com/support/support.form.html OR
2b) Email the file along with a description of your problem to the email addresses given below OR
2c) Print the file (by using any text editor) and fax the file along with a description of the problem to:
North America: Fax: +1 650-691-9838
Email: support_1@vicomtech.com
Europe/International: Fax: +44 1202 310241
Email: support_2@vicomtech.com
Sending this file to Vicom's Technical Support Team helps us provide a speedier and more accurate response.
Version History
Version 4.5.2
1. Further adjustments made for performance optimization.
2. "Telephone Return" or "Telco Return" (TR) services are now supported. Response packets for proxy port outgoing connections can now arrive on any Gateway port, and will be correctly handled by the address translation port.
3. The MRU on PPP ports is defaulted to receive 1500 bytes. The outgoing MTU size is now limited to 576 bytes for all but HDLC.
4. Several changes have been made to Global Host Access Rights and CyberNOT filtering, these changes include: Stopped the "CyberNOT Filtered" option from being displayed in the Global Host Access Rights window when CyberNOT was not loaded. If host names were specified in the Global Host Access Rights' User Defined Filters they would not always work.
5. The DHCP lease time edit box is now large enough to accept five digits, and Automatic DHCP ranges now serves the correct number of addresses. Previous versions use to serve one extra address.
6. The Internet Gateway group name for MacOS Users and Groups has been corrected, it is now back to being "VIP Gateway Group".
7. If MacOS Users & Groups is the selected dial-in security method, the security menu in the Port Edit dialogs will no longer incorrectly read "Users & Groups (CHAP/PAP)" Instead the entry will read 'Users & Groups (PAP)' as CHAP is not supported when this security method is selected.
8. If an Ethernet Proxy port is stopped, the users associated with that port are now disconnected and the user count decremented accordingly. Previously these users would remain.
9. When importing a large Global Host Access Rights file, the Gateway could have locked up.
10. When processing large binary log file the Internet Gateway could have crashed when creating the text log file.
11. If a log is generated whilst a dial-in user is still connected, the total online time for that user could be reported as a large figure.
12. Gateway could occasionally display remote hosts as users.
Version 4.5.1
1. Search engine category added to the CyberNOT filter to allow or prohibit search engine access.
2. The IRC protocol block has been extended to cover more IRC ports, therefore the IRC protocol block now blocks port 194 and ports 6661 to 7000.
3. Two AppleScript commands have been added. One command allows the packet count information for a port to be obtained. The other command allows a text log to be generated and starts a new binary log.
4. Packets are now routed as soon as they arrive instead of waiting for the next timer call. This should improve throughput for people using Ethernet to Ethernet (e.g. Cable Modem users) and people running TCP/IP server applications of the Gateway machine (e.g. AppleShare IP users).
5. A new version of the CyberUpdater (version 1.2.5) has been released with this version of the Gateway which makes it easier to change the username, password and preferred download center. A button called "Edit CyberUpdater Settings…" button has also been added to the Global Host Access Rights window allowing the Gateway to directly edit the settings within the new CyberUpdater program.
6. Inbound mapping port ranges can now be in the range 0 to 65,535.
7. The "Save Config..." option saves a text file which now includes additional details of the Gateway's set-up. These new details include: Current Open Transport TCP/IP settings, the setting of the framing option, CyberNOT filtering, CyberNOT categories and protocol blocks.
8. Several changes have been made to the Gateway activity logs. These changes include: Newsgroup names to which access had been barred will always now appear in the log. Times are now correct for all time entries. Port names are now given in all reports, where available. When generating a log file, it was possible that entries in the binary log file could have been omitted in previous versions.
9. The log file now summaries dial-ins by username rather than IP address. If a dial-in port is set not to use user authentication, dial-in users using that port will be grouped together under the username of "Unknown User".
10.The "Start New Log Every Day" option now generates logs at 12:00 midnight rather than exactly 24 hours after the last log was created.
11. The "Edit Port" windows now have a "Revert" button. This button resets the settings back to the state they were in when the window was originally opened, but leaving the window open.
12. A problem was fixed where the Gateway external API would only look for disabled ports rather than looking for the first enabled port. This fixes a problem that some users experienced when using Communigate and the Gateway together on the same machine.
13. Mirror port stopping suddenly has been fixed. This was caused by a problem sending packets to Open Transport when Open Transport would not accept the whole packet. Unfortunately the Gateway would never try to send the remainder of the packet and therefore no other packets would reach Open Transport and the mirror port would then "lock-up"...
14. Trace route applications that worked through earlier versions than 4.5 of the Gateway, will now work correctly again.
15. Some users experienced problems when using the Global Host Access Rights list to allow access to web sites that were listed in the CyberNOT List. Users browsing such a web site would be barred from one of these sites which they had previously visited earlier in their online session.
16. If administration mode has been selected, and an administration password has been specified the administration password will now only have to be entered once if the Global Host Access Rights window is opened.
17. Setting Full or Minimal prompts for a Dial-in port now works correctly. Previously the Gateway would go straight into PPP handshaking without sending any prompts to the dial-in client.
18. A memory leak when using the Port Trace facility has been fixed.
19. Delay entries can now be entered in login scripts without the entries rearranging themselves when the script is saved.
20. When editing ports in Advanced mode, in certain circumstances, changing the IP address class will no longer incorrectly set the subnet mask.
21. Two problems which caused "ghost" users to appear on the Gateway have been fixed.
22. If the "Tool Setup" button is pressed in either the Basic or Advanced Port Edit windows and the details are changed, cancelling the Port Edit window will now also revert the Tool Setup changes.
23. The "Domain Name" entry in the preferences window will not allow the user to enter a "." This has been done because the domain name is used to configure Open Transport's TCP/IP control panel which does not like to have the domain name as a "."
24. Automatic ranges for DHCP Server are now always created and maintained correctly. Previously, automatic ranges were only created correctly when the "OK" button was pressed in the "DHCP Setup" window. DHCP ranges are now automatically maintained when DHCP-enabled ports are created or ports are changed from non-DHCP-enabled to DHCP-enabled.
25. Changes have been made for the 4-Sight ISDN Tool and some ISPs. These changes include the ability to leave the framing set to Automatic.
26. The security menu in the port edit windows now reflects the authentication method chosen in the preferences.
27. A problem was fixed where the Gateway Names Cache file could have become corrupted on some systems, resulting in a hang or crash occurring at a later time.
28. Any port which is mirrored and is the default port now displays it's icon with both the red arrow and green dot in the port status window.
Version 4.5.0
1. Now includes support for Microsystems CyberNOT list, thereby allowing administrators not only to provide Internet access, but also to provide control over such access.
2. The Gateway also allows you to block all users from using certain TCP/IP services using the Protocol Block feature (e.g. you can allow all users to access email services, but not allow them to use FTP or the web).
2. AppleScript is now supported by the Gateway.
3. A new multi-hosting option has been added to the Gateway, allowing multiple virtual web sites to be located on one machine.
4. Up to 5 Domain Name Server (DNS) addresses can be entered into the Gateway. All the DNS addresses entered are sent via DHCP to client machines. The DNS addresses are also placed into the TCP/IP control panel under the "VICOM" configuration when the Gateway is restarted.
5. A new version of the Apple Modem Tool (version 1.5.6) is shipped with the Gateway. This new version of the Apple Modem Tool improves the speed of connections and disconnections.
6. Performance increase when running the Gateway software on higher performance machines.
Previous Versions
For the history of previous versions of the VICOM Internet Gateway, please see the complete VICOM Internet Gateway Version History document on our web site at: