Billion BILLION BIPAC-7500GL User Manual Download Page 75

Page: 75 / 126

Billion BIPAC-7500G / 7500GL 802.11g ADSL VPN Firewall Router with 3DES Accelerator

Chapter 4:Configuration

VPN (Virtual Private Networks)

Your router support three main types of VPN (Virtual Private Network),

PPTP

IPSec

and

L2TP

and these are the two major section choices from the menu on the left.

PPTP

There are two types of PPTP VPN supported,

Remote Access

and

LAN-to-LAN

(please

refer below for more information.). Click

Create

to configure a new VPN connection.

Summary of Contents for BILLION BIPAC-7500GL

Page 1: ...BIPAC 7500G 7500GL 802 11g ADSL VPN Firewall Router with 3DES Accelerator User s Manual Version Release 1 54c...

Page 2: ......

Page 3: ...E CONTENTS 5 THE FRONT LEDS 6 THE REAR PORTS 7 CABLING 8 C CH HA AP PT TE ER R 3 3 B BA AS SI IC C I IN NS ST TA AL LL LA AT TI IO ON N 9 9 CONNECTING YOUR ROUTER 9 CONFIGURING PCS IN WINDOWS 10 For W...

Page 4: ...k 36 ISP 36 DNS 46 ADSL 47 System 48 Time Zone 48 Remote Access 49 Firmware Upgrade 50 Backup Restore 51 Restart Router 52 User Management 53 Firewall and Access Control 54 General Settings 56 Packet...

Page 5: ...T TR RO OU UB BL LE ES SH HO OO OT TI IN NG G 1 11 18 8 ROBLEMS STARTING UP THE ROUTER A AP PP PE EN ND DI IX X A A P PR RO OD DU UC CT T S SU UP PP PO OR RT T A AN ND D C CO ON NT TA AC CT T I IN NF...

Page 6: ......

Page 7: ...their needs and budgets It is compliant with Multi Mode standard ANSI T1 413 Issue 2 G dmt G 992 1 G lite G992 2 The Annex A and B are supported in different H W platforms Wireless Ethernet 802 11g W...

Page 8: ...ystem DNS relay Provides an easy way to map the domain name a friendly name for users such as www yahoo com and IP address When a local machine sets its DNS server with this router s IP address every...

Page 9: ...anage the local IP network Static and RIP1 2 Routing Supports an easy static routing table or RIP1 2 routing protocol to support routing capability Simple Network Management Protocol SNMP It is an eas...

Page 10: ...oduction Billion BIPAC 7500G 7500GL 802 11g Wireless ADSL Router Application Diagram BIPAC 7500G 7500GL Wireless ADSL VPN Firewall Router Figure 1 1 Application Diagram of BIPAC 7500G 7500GL 802 11g W...

Page 11: ...n or repair the case yourself If the BIPAC 7500G 7500GL is too hot turn off the power immediately and have it repaired at a qualified service center Warning Attention Place the BIPAC 7500G 7500GL on a...

Page 12: ...Orange for 10Mbps Blinking when data is transmitted received 5 LAN port 3 Lit when connected to an Ethernet device Green for 100Mbps Orange for 10Mbps Blinking when data is transmitted received 6 LAN...

Page 13: ...ort 9 pin serial port 3 LAN 1X 4X RJ 45 connector Connect a UTP Ethernet cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RES...

Page 14: ...u are using the proper cables Ensure that all other devices connected to the same telephone line as your Billion router e g telephones fax machines analogue modems have a line filter connected between...

Page 15: ...The best and easiest way is to configure the PC to get an IP address automatically from the router using DHCP If you encounter any problems accessing the router s web interface it may also be advisab...

Page 16: ...ck Local Area Connection See Figure 3 1 3 In the LAN Area Connection Status window click Properties See Figure 3 2 4 Select Internet Protocol TCP IP and click Properties See Figure 3 3 5 Select the Ob...

Page 17: ...LAN Connection See Figure 3 5 3 In the LAN Area Connection Status window click Properties See Figure 3 6 4 Select Internet Protocol TCP IP and click Properties See Figure 3 7 5 Select the Obtain an I...

Page 18: ...Select TCP IP NE2000 Compatible or the name of any Network Interface Card NIC in your PC See Figure 3 9 3 Click Properties 4 Select the IP Address tab In this page click the Obtain an IP address auto...

Page 19: ...indows NT4 0 1 Go to Start Settings Control Panel In the Control Panel double click Network and choose the Protocols tab 2 Select TCP IP Protocol and click Properties See Figure 3 12 3 Select the Obta...

Page 20: ...e default username and password are admin and admin respectively Attention Attention If you ever forget the password to log in you may press the RESET button to restore the factory default settings LA...

Page 21: ...in Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually PPPoA VPI VCI VC based LLC based multiplexing Username Password and Domain Name System DN...

Page 22: ...n your web browser enter the IP address of your router which by default is 192 168 1 254 and click Go a user name and password window prompt will appear The default username and password are admin and...

Page 23: ...ncluding Status ARP Table Wireless Association Routing Table DHCP Table PPTP Status IPSec Status L2TP Status Email Status Event Log Error Log NAT Sessions and UPnP Portmap Quick Start Configuration LA...

Page 24: ...work interface of your PCs to use with the router s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature IP Address A list of IP addresses...

Page 25: ...7500GL 802 11g ADSL VPN Firewall Router with 3DES Accelerator Chapter 4 Configuration Wireless Association IP Address It is IP address of wireless client that joins this network MAC The MAC address of...

Page 26: ...ork Netmask The destination netmask address Gateway Interface The IP address of the gateway or existing interface that this route will use Cost The number of hops counted as the cost of the route RIP...

Page 27: ...tion Leased Table IP Address The IP address that assigned to client Client UID hw addr The MAC address of client Client Host Name The Host Name Computer Name of client Expiry The current lease time of...

Page 28: ...d to the particular PPTP connection in your VPN configuration Type The type of connection dial in dial out Enable Whether the connection is currently enabled Active Whether the connection is currently...

Page 29: ...you assigned to the particular VPN entry Active Whether the VPN Connection is currently Active Connection State Whether the VPN is Connected or Disconnected Statistics Statistics for this VPN Connect...

Page 30: ...d to the particular L2TP connection in your VPN configuration Type The type of connection dial in dial out Enable Whether the connection is currently enabled Active Whether the connection is currently...

Page 31: ...such as when the router s ADSL connection is disconnected as well as Firewall events when you have enabled Intrusion or Blocking Logging in the Configuration Firewall section of the terface Please see...

Page 32: ...s This section lists all current NAT sessions between interface of types external WAN and internal LAN UPnP Portmap The section lists all port mapping established using UPnP Universal Plug and Play Pl...

Page 33: ...y details you will need for the Quick Start wizard to get you online are your login often in the form of username ispname your password and the encapsulation type Your ISP will be able to supply all t...

Page 34: ...n types offered by your ISP If the scan is successful you will then be presented with a list of supported options Select the desired option from the list and click Apply to return to the Quick Start i...

Page 35: ...ons LAN Local Area Network There are four items within the LAN section Ethernet Wireless Wireless Security Port Setting and DHCP Server Ethernet The router supports two Ethernet IP addresses in the LA...

Page 36: ...our wireless clients must have the same ESSID as the device ESSID Broadcast Disable Any client that using the any setting cannot discover the Access Point AP in question Enable Any client that using t...

Page 37: ...s disabled WPA Pre Shared Key WPA Algorithms TKIP Temporal Key Integrity Protocol utilizes a stronger encryption method and incorporates Message Integrity Code MIC to provide protection against hacker...

Page 38: ...a pre defined algorithm in WEP64 or WEP128 You can input the same string in both the AP and Client card settings to generate the same WEP keys Please note that you do not have to enter Key 0 3 as bel...

Page 39: ...different types to solve compatibility issues The default is Auto which users should keep unless there are specific problems with PCs not being able to access your LAN IPv4 TOS priority Control Advanc...

Page 40: ...y for each PCs to the IP address of the router by default this is 192 168 1 254 To configure the router s DHCP Server check DHCP Server and click Next You can then configure parameters of the DHCP Ser...

Page 41: ...ration If you check DHCP Relay Agent and click Next then you will have to enter the IP address of the DHCP server which will assign an IP address back to the DHCP client in the LAN Use this function o...

Page 42: ...net There are two items within the WAN section ISP DNS and ADSL ISP The factory default is PPPoE If your ISP uses this access protocol click Edit to input other parameters as below If your ISP does no...

Page 43: ...isabled Encapsulation method Select the encapsulation format the default is LlcBridged Select the one provided by your ISP DHCP client Enable or disable the DHCP client specify if the Router can get a...

Page 44: ...isabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply usernam...

Page 45: ...PPPoE LLC Header Selects encapsulation mode true for using LLC or false for using VC Mux Create Route This setting specifies whether a route is added to the system after IPCP Internet Protocol Control...

Page 46: ...a remote PPP peer Once IPCP has discovered the DNS server IP address it automatically gives the address to the local DNS client so that a connection can be established Give DNSto DHCP Server Similar t...

Page 47: ...psulation method Select the encapsulation format this is provided by your ISP Ether Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allows all types of e...

Page 48: ...can access the Internet directly the NAT function can be disabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive This will usually be i...

Page 49: ...e IP address is obtained during IPCP Internet setting enables disables whether the primary secondary DNS server address is requested from a remote PPP peer using IPCP r a remote PPP peer Once IPCP has...

Page 50: ...NBNS Discover Secondary NBNS This setting enables disables P The default setting for this command is disabled ive Subnet Mask To DHCP Server Enable to change your DHCP Server settings by using the gi...

Page 51: ...ess the Internet directly the NAT function can be disabled DHCP client Enable or disable the DHCP client specifying if the router can obtain an IP address from the Internet Service Provider ISP automa...

Page 52: ...ame As an IP Address is hard to remember the DNS converts the friendly name into its equivalent IP Address You can obtain a Domain Name System DNS IP address automatically if your ISP has provided it...

Page 53: ...aking it active true again for taking effect with setting of Connect Mode Coding Gain Configure the ADSL coding gain from 0 dB to 7dB or automatic Tx Attenuation Setting ADSL transmission gain the val...

Page 54: ...he Apply button After a successful connection to the Internet the router will retrieve the correct local time from the SNTP server you have specified If you prefer to specify an SNTP server other than...

Page 55: ...tside your LAN select a time period the router will permit remote access for and click Enable You may change other configuration options for the web administration interface using Device Management op...

Page 56: ...ware it runs Over time this software may be improved and modified and your Billion router allows you to upgrade the software it runs to take advantage of these changes Clicking on Browse will allow yo...

Page 57: ...s before making any significant changes to your router s configuration Press Backup to select where on your local PC to save the settings file You may also change the name of the file when saving if y...

Page 58: ...configuration If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings...

Page 59: ...terface Once you have clicked on Edit you are shown the following options You can change the user s password whether their account is active and Valid as well as add a comment to each user account The...

Page 60: ...masks LAN users IP addresses which are invisible to outside users on the Internet making it much more difficult for a hacker to target a machine on your network This natural firewall is on when NAT f...

Page 61: ...ation MAC Filter rules To prevent unauthorized computers accessing the Internet URL Filter To block PCs on your local network from unwanted websites You can find six items under the Firewall section G...

Page 62: ...m Low security level the pre defined port filter rules for High Medium and Low security are displayed in Port Filters of Packet Filter Select either High Medium or Low security level to enable the Fir...

Page 63: ...Billion BIPAC 7500G 7500GL 802 11g ADSL VPN Firewall Router with 3DES Accelerator Chapter 4 Configuration Packet Filter 57...

Page 64: ...DNS 53 TCP 6 53 53 NO YES NO YES YES YES FTP 21 TCP 6 21 21 NO NO NO YES NO YES Telnet 23 TCP 6 23 23 NO NO NO YES NO YES SMTP 25 TCP 6 25 25 NO YES NO YES NO YES POP3 110 TCP 6 110 110 NO YES NO YES...

Page 65: ...e is inbound and the other is outbound The rules can be set to prevent unauthorized users hosts or network to access the Internet from LAN outbound and or access LAN from the Internet inbound Host IP...

Page 66: ...no matter whether the firewall is set to a high medium or low security level To setup a web server located on the local network when the firewall is enabled you have to configure the Port Filters set...

Page 67: ...will then be presented with the pre defined port filter rules screen in this case for the low security level shown below Click Delete 3 Click Delete to delete the existing HTTP rule 4 Click Add TCP Fi...

Page 68: ...ur Virtual Server port forwarding settings so that incoming HTTP requests on port 80 will be forwarded to the PC running your web server To enable the HTTP service in Virtual Server settings input the...

Page 69: ...ction is false disabled Some attack types are denied immediately without using the Blacklist function such as Land attack and Echo CharGen scan Block Duration DoS Attack Block Duration This is the dur...

Page 70: ...rt 135 137 139 Flag URG Src IP DoS Yes Yes Smurf ICMP type 8 Des IP is broadcast Dst IP Victim Protection Yes Yes Land attack SrcIP DstIP Yes Yes Echo CharGen Scan UDP Echo Port and CharGen Port Yes Y...

Page 71: ...ept traffic from specified machines or else to block specific machines from accessing your LAN There are no pre defined MAC address filter rules you can add the filter rules to meet your requirements...

Page 72: ...lways check the URL filter rules i e at all hours of the day Block from Specify the time period to check the URL filter rules e g during work hours Keywords Filtering Allows blocking by specific keywo...

Page 73: ...match either of the above two items it is sent to the remote web server 4 Please be note that the domain only should be specified not the full URL For example to block traffic to www sex com enter se...

Page 74: ...with 3DES Accelerator Chapter 4 Configuration Firewall Log Firewall Log display log information of any unexpected action with your firewall settings Check the Enable box to activate the logs Log infor...

Page 75: ...works Your router support three main types of VPN Virtual Private Network PPTP IPSec and L2TP and these are the two major section choices from the menu on the left PPTP There are two types of PPTP VPN...

Page 76: ...er server enter your own password PPP Authentication Type Default is Auto if you want the router to determine the authentication type to use or else manually specify CHAP Challenge Handshake Authentic...

Page 77: ...s mode The key will be changed every 256 packets when you select Stateful mode If you select Stateless mode the key will be changed in each packet Idle Time Auto disconnect the VPN connection when the...

Page 78: ...your Host If you are a Dial In user server enter your own username Password If you are a Dial Out user client enter the password provided by the your Host If you are a Dial In user server enter your o...

Page 79: ...on 128 bit keys provide stronger encryption than 40 bit keys Mode You may select Stateful or Stateless mode The key will be changed every 256 packets when you select Stateful mode If you select Statel...

Page 80: ...Billion BIPAC 7500G 7500GL 802 11g ADSL VPN Firewall Router with 3DES Accelerator Chapter 4 Configuration IPSec Click Create to configure a new IPSec VPN connection 74...

Page 81: ...om 192 168 1 1 i e 192 168 1 1 through to 192 168 1 254 IP Range The IP address range of the local network For example IP 192 168 1 1 end IP 192 168 1 10 Remote Secure Gateway Address or hostname The...

Page 82: ...Stands for Advanced Encryption Standards it uses 128 bits as an encryption method Perfect Forward Secrecy Choose whether to enable PFS using Diffie Hellman public key cryptography to change encryption...

Page 83: ...SA will stay active before new encryption and authentication key will be exchanged There are two kinds of SAs IKE and IPSec IKE negotiates and establishes SA on behalf of IPSec an IKE SA is used by IK...

Page 84: ...DSL VPN Firewall Router with 3DES Accelerator Chapter 4 Configuration L2TP There are two types of L2TP VPN supported Remote Access and LAN to LAN please refer below for more information Click Create t...

Page 85: ...ername Password If you are a Dial Out user client enter the password provided by your Host If you are a Dial In user server enter your own password PPP Authentication Type Default is Auto if you want...

Page 86: ...ses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards it uses 128 bits as an encryption method Perfect Forward Secrecy Choose whether to enable PFS using Diffie Hellma...

Page 87: ...based on the Peer Network IP setting Username If you are a Dial Out user client enter the username provided by your Host If you are a Dial In user server enter your own username Password If you are a...

Page 88: ...andard it uses 56 bits as an encryption method 3DES Stands for Triple Data Encryption Standard it uses 168 56 3 bits as an encryption method AES Stands for Advanced Encryption Standards it uses 128 bi...

Page 89: ...ation Example Configuring a Remote Access PPTP VPN Dial in Connection A remote worker establishes a PPTP VPN connection with the head office using Microsoft s VPN Adapter included with Windows 2000 ME...

Page 90: ...2 Private IP Address Assigned to Dialing User 192 168 1 200 An assigned IP address for the remote worker Username username 3 Password 123456 Input username password to authenticate remote worker Auth...

Page 91: ...Chapter 4 Configuration Example Configuring a Remote Access PPTP VPN Dial out Connection A company s office establishes a PPTP VPN connection with a file server located at a separate location The rout...

Page 92: ...out Check Dial out 2 Server IP Address or Hostname 69 121 1 33 An Dialed server IP Username username 3 Password 123456 A given username password Auth Type Chap Auto Data Encryption Auto Key Length Aut...

Page 93: ...uring a LAN to LAN PPTP VPN Connection The branch office establishes a PPTP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office a...

Page 94: ...ned to Dialing User 192 168 1 200 IP address assigned to branch office network Peer Network IP 192 168 0 0 Branch office network 3 Netmask 255 255 255 0 Username username 4 Password 123456 Input usern...

Page 95: ...ection Dial out Check Dial out 2 Server IP Address or Hostname 69 121 1 33 IP address of the head office router in WAN side Peer Network IP 192 168 1 0 3 Netmask 255 255 255 0 Head office network User...

Page 96: ...8 1 0 24 Local Router IP 69 1 121 30 69 1 121 3 Remote Network ID 192 168 1 0 24 192 168 0 0 24 Remote Router IP 69 1 121 3 69 1 121 30 IKE Pre shared Key 12345678 12345678 VPN Connection Type Tunnel...

Page 97: ...net radio button IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head office network 3 Secure Gateway Address or Hostname 69 121 1 30 IP address of the head office router in WAN side Subnet Check Subne...

Page 98: ...connection Subnet Check Subnet radio button IP Address 192 168 0 0 2 Netmask 255 255 255 0 Branch office network 3 Secure Gateway Address or Hostname 69 121 1 3 IP address of the head office router i...

Page 99: ...Billion BIPAC 7500G 7500GL 802 11g ADSL VPN Firewall Router with 3DES Accelerator Chapter 4 Configuration Example Configuring a IPSec Host to LAN VPN Connection 93...

Page 100: ...Subnet Check Subnet radio button IP Address 192 168 1 0 2 Netmask 255 255 255 0 Head office network 3 Secure Gateway Address or Hostname 69 121 1 30 IP address of the head office router in WAN side S...

Page 101: ...tion Example Configuring a Remote Access L2TP VPN Dial in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft s VPN Adapter included with Windows XP 2000...

Page 102: ...rivate IP Address Assigned to Dialing User 192 168 1 200 An assigned IP address for the remote worker Username username 3 Password 123456 Input username password to authenticate remote worker 4 Auth T...

Page 103: ...Chapter 4 Configuration Example Configuring a Remote Access L2TP VPN Dial out Connection A company s office establishes a L2TP VPN connection with a file server located at a separate location The rout...

Page 104: ...69 121 1 33 An Dialed server IP Username username 3 Password 123456 A given username password 4 Auth Type Chap Auto Keep as default value in most of the cases 5 Idle Timeout 0 The connection will be...

Page 105: ...ith 3DES Accelerator Chapter 4 Configuration Example Configuring your Router to Dial in to the Server Currently Microsoft Windows operation system does not support L2TP incoming service Additional sof...

Page 106: ...establishes a L2TP VPN tunnel with head office to connect two private networks over the Internet The routers are installed in the head office and branch office accordingly Attention Both office LAN ne...

Page 107: ...to Dialing User 192 168 1 200 IP address assigned to branch office network Peer Network IP 192 168 0 0 Branch office network 3 Netmask 255 255 255 0 Username username 4 Password 123456 Input username...

Page 108: ...l out Check Dial out 2 Server IP Address or Hostname 69 121 1 33 IP address of the head office router in WAN side Peer Network IP 192 168 1 0 3 Netmask 255 255 255 0 Head office network Username usern...

Page 109: ...ontrol your network traffic for each application from LAN Ethernet and or Wireless to WAN Internet It facilitates you to control the different quality and speed of through put for each application whe...

Page 110: ...elect it to activate the function Application A name that identifies an existing rule Priority High or Low the priority for existing rule All of traffic will be set to normal priority until you change...

Page 111: ...plication A name that identifies an existing rule Protocol The name of supported protocol Source Port The source port of packets to be monitored Destination Port The destination port of packets to be...

Page 112: ...IP address will be used by and point to your router which then needs to deliver all traffic to the private IP addresses used by your PCs Please see the WAN configuration section of this manual for mo...

Page 113: ...eds to allow outside users to access internal servers e g a web server FTP server Email server or game server the router can act as a virtual server You can set up a local server with a specific port...

Page 114: ...er entries Using port forwarding does have security implications as outside users will be able to connect to PCs on your network For this reason you are advised to use specific Virtual Server entries...

Page 115: ...t staff There are four items within the Advanced section Static Route Dynamic DNS Checking Email and Device Management Static Routing Click on Routing Table and then choose Create Route add a routing...

Page 116: ...register and establish an account with the Dynamic DNS provider using their website for example http www dyndns org There are more than 5 DDNS services supported Disable Check to disable the Dynamic...

Page 117: ...enable the routers Emailing checking function The following fields will be activated and required Account Name Enter the name login of the POP3 account you wish to check Normally it is the text in yo...

Page 118: ...ernative if for example they are running a web server on a PC within their LAN Management IP Address You may specify an IP address allowed to logon and access the router s web server Setting the IP ad...

Page 119: ...ting is 2800 It is highly recommended for users to use this port value If this value conflicts with other ports already being used you may wish to change the port SNMP Access Control Software on a PC...

Page 120: ...accepted as the SNMPv2 standard SNMPv3 is a strong authentication mechanism authorization with fine granularity for remote monitoring Traps supported Cold Start Authentication Failure The following MI...

Page 121: ...nfiguration pppLink group pppLqr group From RFC 1472 PPP Security MIB PPP Security Group From RFC 1473 PPP IP MIB PPP IP Group From RFC 1474 PPP Bridge MIB PPP Bridge Group From RFC1573 IfMIB ifMIBObj...

Page 122: ...apter 4 Configuration Save Configuration to Flash After changing the router s configuration settings you must save all of the configuration parameters to FLASH to avoid them being lost after turning o...

Page 123: ...d to only one PC accessing the configuration web pages at a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If the...

Page 124: ...ical support You have forgotten your router login and or password Try the default login and password refer to Chapter 3 If this fails you can restore your router to its factory settings by holding the...

Page 125: ...ensure that all line filters are correctly installed and the right way around Missing line filters or line filters installed the wrong way around can cause problems with your ADSL connection includin...

Page 126: ...m with the Troubleshooting chapter please contact the dealer where you purchased this product Contact Billion AUSTRALIA http www billion com au 2004 Billion Electric Co Ltd PC Range P L All Rights Res...

Search results

Summary of Contents for BILLION BIPAC-7500GL

Reviews:

Related manuals for BILLION BIPAC-7500GL

Brands by name

Popular brands

Billion BILLION BIPAC-7500GL, User Manual

Search results

Summary of Contents for BILLION BIPAC-7500GL

Reviews:

Related manuals for BILLION BIPAC-7500GL

Brands by name

Popular brands