manualshive.com logo in svg

MicroNet SP3366, User Manual

Share
Download
MicroNet SP3366 User Manual Download Page 57

 

Encryption 

Select the encryption method from the pull-down menu. There 
are several options, DES, 3DES and AES (128, 192 and 256). 
3DES and AES are more powerful but increase latency. 

¾

  DES: Stands for Data Encryption Standard, it uses 56 

bits as an encryption method. 

¾

  3DES: Stands for Triple Data Encryption Standard, it 

uses 168 (56*3) bits as an encryption method.  

¾

  AES: Users can use 128, 192 or 256 bits as encryption 

method. 

Diffie-Hellman Group 

It is a public-key cryptography protocol that allows two parties 
to establish a shared secret over an unsecured 
communication channel (i.e. over the Internet). There are 
three modes, MODP 768-bit, MODP 1024-bit and MODP 
1536-bit. MODP stands for Modular Exponentiation Groups. 

IPSec Proposal 

Select the IPSec security method. There are two methods of 
checking the authentication information, AH (authentication 
header) and ESP (Encapsulating Security Payload). Use ESP 
for greater security so that data will be encrypted and 
authenticated. Using AH data will be authenticated but not 
encrypted. 

Authentication 

Authentication establishes the integrity of the datagram and 
ensures it is not tampered with in transmit. There are three 
options: Message Digest 5 (MD5), Secure Hash Algorithm 
(SHA1) or NONE. SHA1 is more resistant to brute-force 
attacks than MD5, however it is slower. 

¾

  MD5: A one-

way hashing algorithm that produces a 128

bit hash. 

¾

    SHA1: A one-

way hashing algorithm that produces a 160

bit hash.  

Encryption 

Select the encryption method from the pull-down menu. There 
are several options, DES, 3DES, AES (128, 192 and 256) and 
NULL. NULL means it is a tunnel only with no encryption. 
3DES and AES are more powerful but increase latency. 

¾

  DES: Stands for Data Encryption Standard, it uses 56 

bits as an encryption method. 

¾

  3DES: Stands for Triple Data Encryption Standard, it 

uses 168 (56*3) bits as an encryption method.  

¾

  AES: Stands for Advanced Encryption Standards, user 

can use 128, 192 or 256 bits as encryption method. 

Perfect Forward 
Secrecy 

Choose whether to enable PFS using Diffie-Hellman public-
key cryptography to change encryption keys during the 
second phase of VPN negotiation. This function will provide 
better security, but extends the VPN negotiation time. Diffie-
Hellman is a public-key cryptography protocol that allows two 
parties to establish a shared secret over an unsecured 
communication channel (i.e. over the Internet). There are 
three modes, MODP 768-bit, MODP 1024-bit and MODP 
1536-bit. MODP stands for Modular Exponentiation Groups. 

Pre-shared Key 

This is for the Internet Key Exchange (IKE) protocol, a string 
from 4 to 128 characters. Both sides should use the same 
key. IKE is used to establish a shared security policy and 
authenticated keys for services (such as IPSec) that require a 
key. Before any IPSec traffic can be passed, each router must 
be able to verify the identity of its peer. This can be done by 
manually entering the pre-shared key into both sides (router 
or hosts). 

 

54

Summary of Contents for SP3366

Page 1: ...User s Manual ADSL2 VPN Modem Router Model No SP3366 World Wide Web www micronet com tw www micronet info...

Page 2: ...ecting to Web Based Management 8 3 2 1 IP Address Configuration 8 3 2 2 Starting Web Based Management UI 11 Chapter 4 Web Based Management UI 14 4 1 Quick Start 14 4 2 Status 16 4 2 1 ADSL Status 16 4...

Page 3: ...rewall Access Control 38 4 3 5 QOS Quality of Service 45 4 3 6 VPN 49 4 3 7 Virtual Server Port Forwarding 60 4 3 8 DMZ Host 61 4 3 9 One to One NAT 62 4 3 10 Time Schedule 64 4 3 11 Advanced 65 4 4 L...

Page 4: ...evice may not cause harmful interference 2 This device must accept any interference received Include interference that may cause undesired operation CE This equipment is in compliance with the require...

Page 5: ...switch 1 1 Package Contents Prior to the installation of the device please verify the following items are in the package y SP3366 ADSL2 Modem Router y Quick Installation Guide y Product CD y RJ 45 RJ...

Page 6: ...ogs 1 3 Specifications Standards z ANSI T1 413 Issue 2 z G dmt ITU G 992 1 z G lite ITU G 992 2 z G hs ITU G994 1 z G dmt bis ITU G 992 3 z G dmt bis plus ITU G 992 5 Interface z WAN Port 1 x Port 10...

Page 7: ...cket Filter z URL Filter z IM P2P Blocking Status Log z Event Log z Error Log z Packet Filter z Firewall Log Management z Web based Interface z SNMP z Telnet Power 12V DC 1A Humidity 20 95 Non Condens...

Page 8: ...een LAN port is connected and operating at 100Mbps Amber LAN port is connected and operating at 10Mbps LAN 1 4 Flashing Data is being sent or received Mail Flashing Received emails in the inbox Line G...

Page 9: ...g to power source On Off For powering device on and off Reset Press and hold this button for more than 6 seconds to reset settings back to factory default LAN 1 4 Local Area Network LAN ports for 1 to...

Page 10: ...e cable RJ 11 to an outlet or splitter Step 2 Connect the LAN port to an active PC switch or hub using an Ethernet cable RJ 45 Step 3 Connect the 12V DC power adapter to a power outlet Step 4 Connect...

Page 11: ...The Control Panel window will appear 2 Double click on Network icon The Network window will appear 3 Check the list of Network Components If TCP IP is not installed click the Add button to install it...

Page 12: ...nd select Settings then click Control Panel The Control Panel window will appear 2 Double click Network and Dial up Connections icon In the Network and Dial up Connection window double click on Local...

Page 13: ...ows XP 1 Click the Start button and select Settings then click Network Connections The Network connections window will appear 2 Double click Local Area Connection icon The Local Area Connection window...

Page 14: ...s the only DHCP server available on the LAN network IP Address 192 168 1 254 Subnet Mask 255 255 255 0 Username admin Password admin 3 2 2 Starting Web Based Management UI 1 After the computer has obt...

Page 15: ...ss OK button Once the login details are entered correctly users can see the web management interface of this modem router 3 For all changes to the setting on the Web UI please click on Save Config to...

Page 16: ...13...

Page 17: ...ck Start on the menu to the left the following screen will appear Step 1 ADSL Status If below message are shown the ADSL line is not ready Please wait for few minutes to allow the line to synchronize...

Page 18: ...nd click Apply to continue Parameter Description Profile Port Select the connection mode Encapsulation Select the encapsulation mode Default PPPoE VPI VCI Enter the VPI and VCI information provided by...

Page 19: ...y ISP Leave this at 0 0 0 0 to automatically obtain an IP address from ISP Step 6 Auto Scan The device will save configuration to Flash and initiate Internet access 4 2 Status 4 2 1 ADSL Status This s...

Page 20: ...dress of the network interface of PCs for router s Firewall MAC Address Filter function See the Firewall section of this manual for more information on this feature Parameter Description IP Address A...

Page 21: ...gned IP addresses information Expired The expired IP addresses information Permanent The fixed host mapping information 4 2 4 Routing Table Parameter Description Valid It indicates a successful routin...

Page 22: ...s all current NAT sessions between interface of types external WAN and internal LAN 4 2 6 UPnP Portmap The section lists all port mapping established using UPnP Universal Plug and Play See Advanced se...

Page 23: ...ase see the Advanced section of this manual for details on this function 4 2 8 Event Log This page displays the router s Event Log entries Major events are logged to this window For example when the r...

Page 24: ...o entries are logged to this window 4 2 10 Diagnostic The tool is for testing LAN PCs connections to WAN Internet If PING ww google com is shown as FAIL and the rest of the tests are PASS users ought...

Page 25: ...agement interface is the VLAN that has access right to the Web UI for configuration NAT NAPT can only be applied to management interface only Ethernet Parameter Description IP Address The default IP o...

Page 26: ...etwork address translation when sending out to Internet if NAT is enabled External There is no NAT on this IP interface and connected to the Internet directly Mostly it will be used when providing mul...

Page 27: ...insert the MAC Address in the space provided or click Candidates Max 16 Clients Candidates Automatically detects devices connected to the router through the Ethernet Port Setting This section allows...

Page 28: ...t Bits 6 7 of this octet are reserved and bit 0 5 are used to specify the priority of the packet This feature uses bits 0 5 to classify the packet s priority If the packet is high priority it will flo...

Page 29: ...ch assigned IP address the period of time the IP address assigned will be valid DNS IP address and the gateway IP address These details are sent to the DHCP client i e your PC when it requests an IP a...

Page 30: ...VPI VCI Enter the information provided by your ISP ATM Class The Quality of Service for ATM layer Username Enter the username provided by the ISP Users can input up to 128 alphanumeric characters case...

Page 31: ...predetermined period of time Detail Users can define the destination port and packet type TCP UDP without checking by timer It allows user to set which outgoing traffic will not trigger and reset the...

Page 32: ...format of username ispname instead of simply username Password Enter the password provided by the ISP Users can input up to 128 alphanumeric characters case sensitive Service Name This item is for id...

Page 33: ...type TCP UDP without checking by timer It allows user to set which outgoing traffic will not trigger and reset the idle timer MTU Maximum Transmission Unit The size of the largest datagram excluding...

Page 34: ...0 0 Auto WAN IP address Leave this at 0 0 0 0 to obtain automatically an IP address from your ISP Netmask Type the subnet mask assigned by ISP if given Gateway Enter the IP address of the default gate...

Page 35: ...nit The size of the largest datagram excluding media specific headers that IP will attempt to send through the interface IP 0 0 0 0 Auto WAN IP address Leave this at 0 0 0 0 to obtain automatically an...

Page 36: ...ffic goes through this connection all traffic or only VLAN tagged Filter Type Specify the type of Ethernet filtering performed by the named bridge interface All Allows all types of Ethernet packets th...

Page 37: ...t DSLAM and location Activate Line Aborting false the ADSL line and making it active true again for taking effect with setting of Connect Mode Coding Gain It reduces router s transmit power which will...

Page 38: ...it before it re synchronizes the router s time with SNTP server In order to avoid unnecessarily increase of the load on SNTP server users should keep the poll interval as high as possible Remote Acces...

Page 39: ...s current settings to a file on the PC or to restore a previously saved backup This is useful if users wish to experiment with different settings knowing that a backup is handy in the case of any mist...

Page 40: ...users wish to restart the router using the factory default settings select Factory Default Settings to reset to factory default settings User Management In order to prevent unauthorized access to the...

Page 41: ...ill use private IP addresses that cannot be directly accessed from the Internet Select either High Medium or Low security level to enable the Firewall The only difference between these three security...

Page 42: ...les for High Medium and Low security are displayed in Port Filters of Packet Filter Block WAN Request Stand alone function and not relate to whether security enable or disable Mostly it is for prevent...

Page 43: ...t Mask of the IP address range to allow block the traffic to or form Set IP address and Subnet Mask to 0 0 0 0 to inactivate the Address Filter rule Source Port This Port or Port Ranges defines the po...

Page 44: ...will be blocked for the time period specified as the Block Duration Some attack types are denied immediately without using the Blacklist function such as Land attack and Echo CharGen scan Default Fal...

Page 45: ...cho Requests PING per second Max ICMP Count This is a threshold to decide whether an ICMP flood is occurring or not Default 100 ICMP packets per seconds except ICMP Echo Requests PING For SYN Flood IC...

Page 46: ...It is self defined time period Users may specify the time period to check the URL filter rules i e during working hours For setup and detail refer to Time Schedule section Keywords Filtering Allows b...

Page 47: ...own as Peer to peer is group of computer users who share file to specific groups of people across the Internet Both Instant Message and Peer to peer applications make communication faster and easier b...

Page 48: ...edule section BitTorrent eDonkey Check the box to block either or both Bit Torrent and eDonkey Make sure users enable the Peer to Peer Blocking first Firewall Log Firewall Log display log information...

Page 49: ...n Default High Protocol The name of supported protocol Source IP Address Range The source IP address or range of packets to be monitored Destination IP address Range The destination IP address or rang...

Page 50: ...IP Throttling LAN to WAN IP Throttling allows user to limit the speed of IP traffic The value entered will limit the speed of the application that user set to the specified value which is multiple of...

Page 51: ...of packets to be monitored Destination Port s The destination port of packets to be monitored Inbound IP Throttling WAN to LAN IP Throttling allows user to limit the speed of IP traffic The value ent...

Page 52: ...he two PCs or networks The SP3366 VPN Modem Router uses industry standard VPN protocol However due to variations in how manufactures interpret these standards many VPN products are not interoperable P...

Page 53: ...ser server enter your own username Password If you are a Dial Out user client enter the password provided by your Host If you are a Dial In user server enter your own password Authentication Type User...

Page 54: ...n Type Remote Access or LAN to LAN Type Check Dial Out if users want the router to operate as a client connecting to a remote VPN server e g office server check Dial In to operates as a VPN server Whe...

Page 55: ...s select Stateless mode the key will be changed in each packet Active as default route Commonly used by the Dial out connection which all packets will route through the VPN tunnel to the Internet ther...

Page 56: ...me The IP address or hostname of the remote VPN device that is connected and establishes a VPN tunnel Remote Network Set the IP address subnet or address range of the remote network IKE Internet key E...

Page 57: ...sh SHA1 A one way hashing algorithm that produces a 160 bit hash Encryption Select the encryption method from the pull down menu There are several options DES 3DES AES 128 192 and 256 and NULL NULL me...

Page 58: ...be disconnected after the time you set in this function PING This mode will detect the remote IPSec peer has lost or not by pinging specify IP address DPD Dead peer detection DPD is a keeping alive m...

Page 59: ...eckbox if users want the protocol of tunnel to be activated and vice versa Name This is a given name of the connection Connection Type It informs the user of L2TP tunnel connection condition Type This...

Page 60: ...dshake Authentication Protocol or PAP Password Authentication Protocol When using PAP the password is sent unencrypted whilst CHAP encrypts the password before sending and also allows for challenges a...

Page 61: ...LAN to LAN 58...

Page 62: ...tication type to use or else manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol When using PAP the password is sent unencrypted whilst CHAP encry...

Page 63: ...sing NAT Network Address Translation then usually needs to configure the router to forward these incoming connection attempts using specific ports to the PC on the network running the application User...

Page 64: ...irtual Server Entry For setup and detail refer to Time Schedule section External Port The Port number on the Remote WAN side used when accessing the virtual server Redirect Port The Port number used b...

Page 65: ...k Users may assign a PC with IP address and MAC from this list 4 3 9 One to One NAT One to One NAT maps a specific private local IP address to a global public IP address If users have multiple public...

Page 66: ...ts will be automatically entered after the selection Protocol It is the supported protocol for the virtual server In addition to specifying the port number to be used users will also need to specify t...

Page 67: ...onday through Sunday to restrict or allow the usage of the Internet by users or applications This Time Schedule correlates closely with router s time since router does not have a real time clock on bo...

Page 68: ...s who do not understand the features should not attempt to reconfigure their router unless advised to do so by support staff Static Route Parameter Description Destination This is the destination subn...

Page 69: ...h the Dynamic DNS provider for example http www dyndns org Parameter Description Dynamic DNS Server Select the DDNS service user have established an account with Domain Name Username and Password Ente...

Page 70: ...ount s password POP3 Mail Server Enter the POP mail server name User s Internet Service Provider ISP or network administrator will be able to supply the information Period Enter the value in minutes b...

Page 71: ...mber for router s embedded web server for web based configuration The default value is the standard HTTP port 80 Management IP Address Users may specify an IP address allowed to logon and access the r...

Page 72: ...ntered in the configuration file Once the string name is matched user with this IP address will be able to view the data Write Community Specify a name to be identified as the Write Community and an I...

Page 73: ...ot1dBase group dot1dTp group dot1dStp group if configured as spanning tree From RFC 1471 PPP LCP MIB pppLink group pppLqr group not applicable From RFC 1472 PPP Security MIB PPP Security Group From RF...

Page 74: ...ent hosts from multicast group Parameter Description IGMP Forwarding Accepting multicast packet Default Enable IGMP Snooping Allowing switched Ethernet to check and make correct forwarding decisions D...

Page 75: ...icted to only one PC accessing the configuration web pages at a time Once a PC has logged into the web interface other PCs cannot get access until the current PC has logged out of the web interface If...

Reviews:

No comments

Brands by name

Popular brands

Load more brands