manualshive.com logo in svg

MicroNet SP880B, User Manual

Share
Download
MicroNet SP880B User Manual Download Page 48

 48

address) as your remote side security gateway.

 

Security Level 

 

Encryption Method

 – It specifies the encryption mechanism 

to use. Data encryption makes the data unreadable if 

intercepted. There are three encryption method available; 

DES/3DES and AES. The default is null.   

 

Authentication 

– It specifies the packets authentication 

mechanism to use. Packets authentication confirms that data 

comes from the source you think it comes from. There are 

three authentications available. MD5, SHA1 and SHA2.

 

Key 

Management 

 

Key Type

 – There are two key types (manual key and auto 

key) available for the key exchange management.   

 

Manual Key

 – If manual key is selected, no key negotiation 

is needed. Encryption Key- This field specifies a key to 

encrypt and decrypt IP traffic. Authentication Key – This field 

specifies a key use to authentication IP traffic. 

Inbound/outbound SPI (Security Parameter Index) – is 

carried on the ESP header. Each tunnel must have a unique 

inbound and outbound SPI, and no two tunnels share the 

same SPI. Notice that Inbound SPI must match the other 

router’s outbound SPI. 

 

AutoKey (IKE)

 – There are two types of operation modes 

can be used. 

1. 

Main mode

 accomplishes a phase one IKE exchange 

establishing a secure channel. 

2. 

Aggressive Mode 

is another way of accomplishing a 

phase one exchange. It is faster and simpler than main 

mode, but does not provide identity protection for the 

negotiating nodes. 

 

Perfect Forward Secrecy

 (PFS) – If PFS is enabled, IKE 

phase 2 negotiation will generate a new key material for IP 

traffic encryption & authentication. Preshared Key – This 

field is to authenticate the remote IKE peer.   

 

Key Lifetime

- This is specified the lifetime of the IKE 

generated Key. If the time expires or data is passed over this 

volume, a new key will be renegotiated. By default, 0 is for no 

Summary of Contents for SP880B

Page 1: ...User s Manual Broadband VPN Router Model No SP880B http www micronet info...

Page 2: ...19 4 2 Advanced PPPoE 20 4 3 Advanced PPTP 22 5 ADVANCED CONFIGURATION 24 5 1 Host IP Setup 24 5 2 Routing 26 5 3 Virtual Servers 28 5 4 Special Applications 30 5 5 Dynamic DNS 31 5 6 Multi DMZ 33 5...

Page 3: ...ANT 53 9 1 Administration Setup 53 9 2 Email Alert 54 9 3 SNMP 55 9 4 Syslog 56 9 5 Upgrade Firmware 57 10 SYSTEM INFORMATION 59 10 1 System Status 59 10 2 WAN Status 61 11 SPECIFICATIONS 64 APPENDIX...

Page 4: ...d through your network while keeping all malicious Internet attackers out Its QoS function will prioritize traffic allowing specified packets to pass through This feature is especially important if yo...

Page 5: ...te transmission z Support multi DMZ Virtual Server and Special Application functions for Internet Service hosting z Support IPsec and PPTP VPN Pass Through z Support DDNS for dynamic IP environment z...

Page 6: ...finition LED Status Operation Steady Green Power is on Power Off Power is off Steady Green Firmware unloaded or Hardware error Off Normal operation System Blinking Transmitting or receiving data Stead...

Page 7: ...0BaseT and 100BaseT connections can be used simultaneously Note Every port can automatically operate as an Uplink port if required Just use a normal LAN cable to connect to a normal port on another hu...

Page 8: ...connection to the Internet 1 Set your LAN PC clients to Obtain an IP Address automatically so that it can obtain an IP address from DHCP server If you have already configured your PC to obtain an IP a...

Page 9: ...lete the installation f After installing TCP IP go back to the Network dialog box Select TCP IP from the list of Network Components and then click the Properties button g Check each of the tabs and ve...

Page 10: ...and click the Properties button d In the Internet Protocol TCP IP Properties window select Obtain an IP address automatically and Obtain DNS server address automatically as shown on the following scre...

Page 11: ...k Components You should see Internet Protocol TCP IP on your list Select it and click the Properties button e In the Internet Protocol TCP IP Properties window select Obtain an IP address automaticall...

Page 12: ...tocol You may need your Windows CD to complete the installation e After installing TCP IP go back to the Network window Select TCP IP from the list of Network Protocols and then click the Properties b...

Page 13: ...ult most UNIX installations use a fixed IP Address If you wish to continue using a fixed IP Address make the following changes to your configuration 1 Set your Default Gateway to the IP Address of the...

Page 14: ...reasons it is recommended that you change the password as soon as possible 5 The home page will show up after login in process as shown below 6 In the Basic Configure field select Primary Setup from t...

Page 15: ...ration refer to Chapter 3 2 Advanced Port Setup Multiple PPPoE sessions PPTP connection method Figure Primary Setup Settings Primary Setup Connection Connection Type Check the data supplied by your IS...

Page 16: ...t 1 DNS address If using Dynamic IP or PPPoE DNS information is optional Optional Host name This is required by some ISPs If your ISP has provided a Host Name enter it here Otherwise you can use the d...

Page 17: ...AN Subnet Mask The default value 255 255 255 0 is standard for small class C networks For other networks use the Subnet Mask for the LAN segment to which the Router is attached the same value as the P...

Page 18: ...CP clients supported View DHCP List This table shows the IP addresses which have been allocated by the DHCP Server For each address which has been allocated the following related information is shown...

Page 19: ...ptions Interface WAN Ports To select the WAN port for option settings MTU The largest amount of data that can be transferred across a given physical network Ethernet limits transfers to 1500 octets of...

Page 20: ...ot Alive Indicator This is used for the ICMP or HTTP Method to determine if your Internet connection is active or not You can enter either the IP address or host name Transparent Bridge Option Bridge...

Page 21: ...assword assigned by your ISP y Verify Password Re enter the PPPoE password assigned by your ISP Options y Specified Fix IP Address If you have a fixed IP address enter it here Otherwise this field sho...

Page 22: ...default value Connection Status This displays the current connection status for each session 4 3 Advanced PPTP This screen is only useful if using the PPTP connection method Figure Advanced PPTP Sett...

Page 23: ...auto dialup for a PPTP connection If you decide not to use auto dialup or auto disconnect then you have to connect disconnect manually Disconnect After Idle To decide the timeout for disconnecting whe...

Page 24: ...You wish to use the Access Filter feature This requires that each PC be identified by using the Host IP Setup screen You wish to have different URL Filter settings for different PCs This requires tha...

Page 25: ...or a particular PC on your LAN This allows the PC to use DHCP Windows calls this obtain an IP address automatically while having an IP address which never changes Reserved IP Enter the IP address you...

Page 26: ...entries in the Routing table with an Index of zero 0 these are System entries You cannot modify or delete these entries Settings Routing Dynamic Routing RIP v2 RIP is a dynamic routing protocol which...

Page 27: ...e local LAN must be forwarded to the Router so that they can be forwarded to the Internet This is done by configuring other Routers to use the Router as the Default Route or Default Gateway as illustr...

Page 28: ...s 192 168 2 80 Interface LAN Metric 3 5 3 Virtual Servers This feature allows you to make Servers on your LAN accessible to Internet users Normally Internet users would not be able to access a server...

Page 29: ...0 45 34 ftp 205 20 45 34 To Internet users all virtual Servers on your LAN have the same IP Address This IP Address is allocated by your ISP This address should be static rather than dynamic to make i...

Page 30: ...ge of port numbers for users in public to access the virtual server If only one port number is used fill the same number in both starting and ending fields Allowed Remote IP The range of IP addresses...

Page 31: ...hich are currently defined Using a Special Application on your PC Once the Special Applications screen is configured correctly you can use the application on your PC normally Remember that only one 1...

Page 32: ...ic DNS service provider 5 From the Internet users will now be able to connect to your Virtual Servers or DMZ PC using your Domain name Figure Dynamic DNS Settings Dynamic DNS Dynamic DNS Service Use t...

Page 33: ...re allows each WAN port IP address to be associated with one 1 computer on your LAN All outgoing traffic from that PC will be associated with that WAN port IP address Any traffic sent to that IP addre...

Page 34: ...tgoing Incoming Both Multi DMZ List The List shows details of all DMZ that are currently defined 5 7 UPnP With UPNP Universal Plug Play function it can easily setup and configure an entire network ena...

Page 35: ...or Static Router Most features including Load Balance will be unavailable If some packets have port numbers which cannot be translated for special applications you must input value in port range for D...

Page 36: ...ified protocol packets i e 1 1 NAT Enable To activate or deactivate current entry Local LAN IP The IP address of the host in LAN that wants to use the specific WAN IP as its source IP WAN IP The IP ad...

Page 37: ...pback When you have some servers on LAN and their domain names have already registered on public DNS To avoid DNS loopback problem please enter the following fields y Domain Name Enter the domain name...

Page 38: ...P The IP address that the packet s source IP will be checked against y Destination IP IP Address The specific IP range that the packet s destination IP will be checked against There are two forms of D...

Page 39: ...ect new sessions that exceeds the maximum sampling time 6 1 URL Filter This feature allows you to block or allow access to specific Web sites You can block allow Internet access by URL IP address or K...

Page 40: ...e target is found in the packets Access Item This text field is to enable disable the URL Filter function and input URL keyword phrase Internet Access List List of current input items 6 2 Access Filte...

Page 41: ...activities initialized from the LAN Selected Packet Types To prohibit the selected types of ICMP packets from the LAN to be passed through the device Packet Types The types of ICMP packets that could...

Page 42: ...sec Maximum of New Sessions for Host If the number of new sessions for the host exceeds the Maximum in the Sampling Time any new session of the host will be dropped Default 100 sess sec maximum 999 s...

Page 43: ...Exception Rules Enable To activate or deactivate this rule Interface The port that the packets enter the device on Protocol The protocol of the packets to be accepted Foreign Port Range The source por...

Page 44: ...cific technical support for every other product Planning the VPN When planning your VPN you must make sure of the following items first 1 If the remote end was a network the two endpoint network must...

Page 45: ...urity associations and their attributes In particular it was assigned UDP port 500 by the IANA Phase 1 DH Group Use DH Group 1 768 bits DH Group 2 1024 bits Group 5 1536 bits to generate IPSec SA keys...

Page 46: ...support VPN pass through when you connect the SP880B to the router and want to make a VPN connection this function will allow the VPN packets to pass through the router and make a VPN connection with...

Page 47: ...ection protocol By default the protocol type is Any Local Security Network These entries identify the private network on this VPN router the hosts of which can use the LAN to LAN connection You can ch...

Page 48: ...key use to authentication IP traffic Inbound outbound SPI Security Parameter Index is carried on the ESP header Each tunnel must have a unique inbound and outbound SPI and no two tunnels share the sa...

Page 49: ...49 limit Tunnel List List all VPN tunnel that you have configured so you can modify update and delete each VPN record...

Page 50: ...the device first Queuing Method The methods for managing your queue Priority Queuing is one of the first queuing variations to be widely implemented This is based on the concept that certain types of...

Page 51: ...licy Policy Priority Policy Name The name of a policy which is used to classify the received packets based on the following types for your memory Source Destination Address Port Specify a packet based...

Page 52: ...52 responding queue Otherwise it is assigned the lowest priority to pass through...

Page 53: ...ails on the configuration and use of each of these features The password screen allows you to assign a password to the Router and enable disable the remote access mechanism Figure Admin Password Enter...

Page 54: ...which will send the warning email y Email SMTP Server Address It is an email server address the warning email will be sent to y Email Recipient Address It is an email address of system administrator...

Page 55: ...tication ex abc Password The password of an e mail sender address for authentication ex 12345 Sender Address The email address of the sender Recipient Address The email address of the receiver ex admi...

Page 56: ...t to these addresses 9 4 Syslog This feature can send real time system information on the web page or to the specified PC y Syslog Configuration Syslog Configuration allows you to choose whether to se...

Page 57: ...bug being the lowest priority The lower the level the greater the messages generated with Debug sending all generated messages Log Priority Modules This feature displays and controls the current log p...

Page 58: ...cause it may cause system to crash TFTP Download This setting should be used only if your router is unusable and you wish to restore it by downloading new firmware Follow this procedure 1 Power on the...

Page 59: ...oE or PPTP Force Renew button Only available if using a dynamic IP address DHCP Clicking this button will perform a DHCP Renew transaction with the ISP s DHCP server This will extend the period for wh...

Page 60: ...irtual Server Status of the Virtual Server feature either Enabled or Disabled Special Applications Status of the Special Applications feature either Enabled or Disabled Multi DMZ Status of the DMZ fea...

Page 61: ...current connection is invalid and you will have to re connect to the Router using its default IP address 192 168 1 1 10 2 WAN Status Use the WAN Status link on the main menu to view this screen Figur...

Page 62: ...pload speeds on each WAN port Check NAT Detail will display the NAT Status screen described below Interface Statistics This section displays cumulative statistics Use the Restart Counter button to res...

Page 63: ...Prosperity This displays the MSS Maximum Segment Size and Maximum Windows size for TCP packets NAT Traffic This section displays statistics for both outgoing LAN to Internet and Incoming Internet to L...

Page 64: ...UPnP DHCP server DDNS Transparent bridge mode MTU change for WAN MAC address clone Firewall DoS SPI Ping to Death Port scan ICMP filter URL filter and Access Control VPN IPSec VPN up to 20 tunnels IPS...

Page 65: ...range 192 168 1 2 to 192 168 1 254 and thus compatible with the Router s default IP Address of 192 168 1 1 Also the Network Mask should be set to 255 255 255 0 to match the Router In Windows you can c...

Page 66: ...ing through it so it is not transparent Use the Special Applications feature to allow the use of Internet applications which do not function correctly If this does solve the problem you can use the DM...

Reviews:

No comments

Brands by name

Popular brands

Load more brands