manualshive.com logo in svg

Planet ADSL VPN/Firewall Router ADE-4200, User Manual

The Planet ADSL VPN/Firewall Router ADE-4200 is a high-performance networking device equipped with advanced security features. You can easily set it up with the help of the User Manual available for free download on our website. Get detailed instructions on usage and configuration from manualshive.com.

Share
Download
background image

Chapter 3 Configuration 

61 

temporarily disconnected. 

 

3.6.3.5.2.2 An Example of Configuring a LAN-to-LAN IPSec VPN Connection 

 
Background of the Example 

The branch office establishes an IPSec VPN tunnel with the head office to connect two 
private  networks  by  leveraging  the  Internet  infrastructure.  The  routers  are  installed  in 
the head office and branch office accordingly.

 

 
Application Diagram 

 

 

 

Network Configuration and Security Plan 

We want to setup a security channel between branch office and head office using LAN-
to-LAN tunnel-mode connection. ESP, with MD5 as the authentication protocol and AES 
as  the  encryption  protocol  is  decided  as  the  policy  of  security  plan.  Pre-shared  key  is 
defined as 8 characters, 12345678. 

 

 

Branch Office 

Head Office 

Local Network ID 

192.168.0.0/24 

192.168.1.0/24 

Local Router IP 

69.1.121.30 

69.1.121.3 

Remote Network ID 

192.168.1.0/24 

192.168.0.0/24 

Remote Router IP 

69.1.121.3 

69.1.121.30 

IKE Pre-shared Key 

12345678 

12345678 

VPN Connection Type 

Tunnel mode 

Tunnel mode 

Security Algorithm 

ESP:MD5 with AES 

ESP:MD5 with AES 

 
 

Summary of Contents for ADSL VPN/Firewall Router ADE-4200

Page 1: ...ADE 4200 ADW 4200 ADSL VPN Firewall Router User s Manual...

Page 2: ...ment This equipment generates and uses radio frequency energy and if not installed and used properly that is in strict accordance with the instructions provided with the equipment may cause interferen...

Page 3: ...BROWSER 17 3 6 1 STATUS 19 3 6 2 Quick Start 20 3 6 3 Configuration 20 3 6 3 1 LAN 20 3 6 3 1 1 Ethernet 20 3 6 3 1 2 Wireless 21 3 6 3 1 3 Port Setting 22 3 6 3 1 4 DHCP Server 24 3 6 3 2 WAN 24 3 6...

Page 4: ...IPSec VPN Connection 61 3 6 3 6 Virtual Server 63 3 6 3 6 1 An Example of Configuring a Web Server on the Local Network 65 3 6 3 6 2 An example of configuring the Web Server the Router to be accessib...

Page 5: ...om accessing to the Internet Furthermore PPTP and IPSec VPN are also supported Utilizing 56 bit DES and 168 bit 3DES encryption header authentication and Internet Key Exchange IKE access control their...

Page 6: ...es many application layer gateway ALG are supported such as web browser ICQ FTP Telnet E mail News Net2phone Ping NetMeeting and others Firewall Supports SOHO firewall with NAT technology Automaticall...

Page 7: ...client IP addresses and distribute them including IP address subnet mask as well as DNS IP address to local computers It provides an easy way to manage the local IP network Static and RIP1 2 Routing S...

Page 8: ...ing these connection capabilities mobile workers may attach to and access LAN resources from the public Internet while they are working at home or at branches abroad All corporate remote offices can d...

Page 9: ...E 4200 ADW 4200 with other equipment Do not open or repair the case yourself If the ADE 4200 ADW 4200 is too hot turn off the power immediately and have a qualified serviceman repair it Place the ADE...

Page 10: ...Orange for 10Mbps Blinking when data transmit received WLAN ADW 4200 only Lit green when the wireless connection is established Flashes when sending or receiving data MAIL Lit when there is email in...

Page 11: ...r the device is powered on press it to reset the device or restore to factory default settings The operation is as below 0 3 seconds reset the device 3 6 seconds no action 6 seconds or above restore t...

Page 12: ...easy way is to configure the PC to get an IP address from the ADE 4200 ADW 4200 Also make sure you have UNINSTALLED any kind of software firewall that can cause problems accessing the 192 168 1 254 I...

Page 13: ...ration 9 2 Select TCP IP NE2000 Compatible or the name of any Network Interface Card NIC in your PC 3 Click Properties 4 Select the IP Address tab In this page click the Obtain an IP address automatic...

Page 14: ...PLANET ADSL VPN Firewall Router 10 5 Then select the DNS Configuration tab 6 Select the Disable DNS radio button and click OK to finish the configuration...

Page 15: ...s NT4 0 1 Go to Start Settings Control Panel In the Control Panel double click on Network and choose the Protocols tab 2 Select TCP IP Protocol and click Properties 3 Select the Obtain an IP address f...

Page 16: ...er 12 3 3 3 For Windows 2000 1 Go to Start Settings Control Panel In the Control Panel double click on Network and Dial up Connections 2 Double click LAN Area Connection 3 In the LAN Area Connection S...

Page 17: ...guration 13 4 Select Internet Protocol TCP IP and click Properties 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons 6 Click OK to finish th...

Page 18: ...uter 14 3 3 4 For Windows XP 1 Go to Start Control Panel in Classic View In the Control Panel double click on Network Connections 2 Double click Local Area Connection 3 In the LAN Area Connection Stat...

Page 19: ...Chapter 3 Configuration 15 4 Select Internet Protocol TCP IP and click Properties 5 Select the Obtain an IP address automatically and the Obtain DNS server address automatically radio buttons...

Page 20: ...ssword admin 2 Device IP Network settings in LAN site IP Address 192 168 1 254 Subnet Mask 255 255 255 0 3 ISP setting in WAN site PPPoE 4 DHCP server DHCP server is enabled Start IP Address 192 168 1...

Page 21: ...owing table and keep it for reference PPPoE VPI VCI VC based LLC based multiplexing Username Password Service Name and Domain Name System DNS IP address it can be automatically assigned from ISP or be...

Page 22: ...nfiguration homepage the left navigation pane where bookmarks are provided links you directly to the desired setup page including n Status ARP Table PPTP Status IPSec Status Email Status Event Log Err...

Page 23: ...ves you a quick overview of the PPTP connection status IPSec Status it gives you a quick overview of the IPSec connection status Email Status it gives you a quick view to know if there is email in you...

Page 24: ...you may check the Status web page to check whether the router is connected to the ISP or not In most cases you can access the Internet immediately If not please refer to the sections below for more in...

Page 25: ...ere is only one subnet in LAN there is no need to configure a Secondary IP address The 192 168 1 254 is the default IP address for this ADSL router The Advanced Options will allow you to configure the...

Page 26: ...less stations from accessing data transmitted over the network the wireless broadband firewall gateway offers highly secure data encryption known as WEP If you require high security in transmission th...

Page 27: ...Control TOS Type of Services is the 2nd octet of IP packet The bits 6 7 of this octet are reserved and bit 0 5 are used to specify the priority of the packet The definition of these bits is listed bl...

Page 28: ...ddress leased time for each assigned IP address DNS IP address Gateway IP address Those messages are sent to the DHCP client when it requests an IP address from the DHCP server Click Apply to enable t...

Page 29: ...83 0 you can delete it by clicking Delete Then you may click Create to create a connection to your ISP to surf the Internet The following page is then shown Select one of the access methods among the...

Page 30: ...the NAT function can be disabled Encapsulation method Select the protocol format the default is LlcBridged Select the one provided by your ISP DHCP client Enable or disable the DHCP client specify if...

Page 31: ...can access the Internet directly the NAT function can be disabled Username Enter the username provided by your ISP You can input up to 128 alphanumeric characters case sensitive Password Enter the pas...

Page 32: ...escription Give a name for this connection VPI VCI Enter the information provided by your ISP NAT The NAT feature allows multiple users to access the Internet through a single IP account sharing the s...

Page 33: ...This item is for identification purpose If it is required your ISP will provide you the information Maximum input is 20 alphanumeric characters Use the following IP address If your ISP gives you a fix...

Page 34: ...E or PPPoA as your WAN ISP protocol the ISP will provide the DNS IP address automatically You may leave it as blank Or your ISP may provide you with an IP address of their DNS If this is the case you...

Page 35: ...fter you ready establish a connection to the Internet If you prefer to enter your own SNTP server please enter and use it as the first choice Resync Poll Interval in minutes is the periodical interval...

Page 36: ...it allows you to save your current settings into a file on your PC You can click the Backup to store the current settings on a file If you like to restore it back please input the location of this con...

Page 37: ...g user s database or to create other user accessing this device 3 6 3 4 Firewall This product also serves as an Internet firewall not only does it provide a natural firewall function Network Address T...

Page 38: ...ity and Policy General Settings outbound direction of Packet Filter rules to prevent unauthorized computers or applications accessing the Internet l MAC Filter rules to prevent unauthorized computers...

Page 39: ...between the WAN and LAN For example when you select High the Port Filters of the Packet Filter screen will be set automatically according to High security level settings Firewall Logging When both th...

Page 40: ...s 192 168 1 100 Then you have to configure the port filter add TCP filter 0 to 1000 and ALLOW in both direction Then click address filter add address filter enter host IP 192 168 1 100 subnet mask 255...

Page 41: ...wo kinds of address filters one is inbound the other is outbound The rules can be set to prevent unauthorized users hosts or network to access the Internet from LAN outbound and or access LAN from the...

Page 42: ...PLANET ADSL VPN Firewall Router 38 1 Click Packet Filter you will get the following figure 2 Click Port Filters the pre defined port filter rules screen of low security level is shown as below...

Page 43: ...Chapter 3 Configuration 39 3 Click Delete to delete the HTTP rule 4 Click Add TCP Filter...

Page 44: ...PLANET ADSL VPN Firewall Router 40 5 Input the port number and set the inbound outbound as Allow 6 The port filter rule of HTTP is shown as below...

Page 45: ...the Virtual Server to enable the HTTP service in the virtual server setting and input the WEB server s IP address If you try to setup a remote management of router permanently you may enter router s I...

Page 46: ...ongly recommend to set TRUE for Use Blacklist and Use Victim Protection when enable Intrusion Detection Use Blacklist select True to use blacklist If enabled external host addresses will be saved into...

Page 47: ...an Echo storm attack has occurred Maximum ICMP Count set the maximum number of ICMP packet per second Once the maximum number of ICMP packet per second is reached the router will consider that an ICMP...

Page 48: ...nction enables you to configure your router to block internal users MAC address from Internet access Enable Disable to enable or disable MAC Address Filter feature Allowed Blocked To allow or block th...

Page 49: ...l from the entire enterprise Enable Disable Check Enable Disable radio button to activate or deactivate the URL filter function Always Block Check this button if you wish not to access this website th...

Page 50: ...elect the Apply button to save the setting 3 5 3 4 5 1 Keyword Filtering The ADSL Router allows the administrator to block some WEB URLs containing certain keywords in this page For example if the key...

Page 51: ...packet is not matched with above two items the send it to outside world To add a domain name enter its host name such as www bad site com into the text field under Domain and select either Trusted Dom...

Page 52: ...cations provided in PPTP Remote Access and LAN to LAN please refer below for more information Click Create to select one of applications to continually setup 3 6 3 5 1 1 PPTP for Remote Access For the...

Page 53: ...t Stateful or Stateless mode The key will be changed in each 256 packets when you select Stateful mode If you select Stateless mode the key will not be changed in each packet Idle Time Auto disconnect...

Page 54: ...with 40 bits or 128 bits Default is Auto it is negotiated when establish a connection Mode You may select Stateful or Stateless mode The key will be changed in each 256 packets when you select Statef...

Page 55: ...er please make sure this IP is not used in the Office LAN Configuring PPTP VPN in Remote Side You can configure VPN client with commercial VPN client software package e g SSH or the Dial up Adaptor in...

Page 56: ...PLANET ADSL VPN Firewall Router 52 2 Follow the step and select Connect to a private network through the Internet 3 Enter the IP address of the ADSL Router located in the office...

Page 57: ...on 53 4 Follow the step the following screen appears The setup is completed 5 To make the connection click the Virtual Private Connection icon in Dial up Networking Group and input the username passwo...

Page 58: ...ring a Remote Access PPTP VPN Dial out Connection Background of the Example Corporate establishes a PPTP VPN connection with the file server located in the remote side The router is installed in the o...

Page 59: ...ation 55 Configuring PPTP VPN in the Office You can either input the IP address 69 1 121 33 in this case or hostname to reach the Server Refer also to PPTP VPN remote access dial in for the other para...

Page 60: ...th the head office to connect two private networks by leveraging the Internet infrastructure The routers are installed in the head office and branch office accordingly Application Diagram Configuring...

Page 61: ...head office If you have a domain name assigned to this IP address either you registered the DDNS please refer to the DDNS section or you have a static IP with a domain name you can also use the Hostna...

Page 62: ...r a public networking infrastructure The specification is as below w Encapsulation tunnel mode w Support IKE authentication method pre shared key w Security protocol ESP and AH w Authentication MD5 SH...

Page 63: ...e IPSec security method There are two methods to check the authentication information AH authentication header and ESP Encapsulating Security Payload Check ESP for a higher security data will be encry...

Page 64: ...to 128 characters Both sides should use the same key IKE is used to establish a shared security policy and authenticated keys for services such as IPSec that require key Before any IPSec traffic can b...

Page 65: ...Plan We want to setup a security channel between branch office and head office using LAN to LAN tunnel mode connection ESP with MD5 as the authentication protocol and AES as the encryption protocol is...

Page 66: ...uter Set Proposal as ESP MD5 AES PFS as None and pre shared key as as12345678 according the pre defined security plan Configuring IPSec VPN in the Branch Office The local subnet branch office is set a...

Page 67: ...nt of unique parameter values for Internet protocols Port numbers range from 0 to 65536 but only ports numbers 0 to 1024 are reserved for privileged services and designated as well known ports The reg...

Page 68: ...modem can act as a virtual server You can set up a local server with specific a port number that stands for the service e g Web 80 FTP 21 Telnet 23 SMTP 25 POP3 110 When an incoming access request to...

Page 69: ...ual servers in order to avoid conflicts The easy way is that the IP address assigned to each virtual server should not fall into the range of IP addresses that are to be issued by the DHCP server You...

Page 70: ...nge the port number of either application to make these two services available Please note the access method to the Web server and router is different in case 1 2 this is particularly related to port...

Page 71: ...Virtual Server 1 Set Web server IP address to a fixed IP 192 168 1 100 2 Set Remote Access as Enable User can access the router remotely through port 80 3 Since the port number 80 is used by the rout...

Page 72: ...Device Management 3 6 3 7 1 Routing Table Click on the Routing Table and then choose Create Router to get the below figure to add a routing table Destination Enter the destination subnet IP Netmask Su...

Page 73: ...rst browse the website to apply an account then configure the Dynamic DNS settings on this page Enable Disable Enable or disable the Dynamic DNS function Dynamic DNS Select the registered DDNS server...

Page 74: ...than 5 DDNS services supported by this router 3 Configure DDNS as the following 3 6 3 7 3 Checking Emails Click Checking Emails to get the below figure then check the Enable button to access the servi...

Page 75: ...es to check your email account periodically Automatically dial out for checking emails When the function is enabled your ADSL router will connect to your ISP automatically to check emails if your Inte...

Page 76: ...Specify a name in any string to be identified as the Read Community and an optional IP address This community string will be checked against the string entered in the configuration file Once the stri...

Page 77: ...n settings before logout Be aware that the router is restricted to only one local PC accessing the configuration Web pages Once a current PC has logged onto the Web pages other PCs cannot get access e...

Page 78: ...connection failed Ensure that the cable is connected properly from the ADSL port to the wall jack The ADSL LED on the front panel of the ADE 4200 ADW 4200 should be on Check that your VPI VCI type of...

Page 79: ...MDI MDI X Wireless None 1 x 802 11b wireless access point Ports WAN 1 RJ 1 10 100Base TX Auto Negotiation LED Indicators PWR SYS LAN 1 to 4 MAIL PPP ADSL WLAN ADW 4200 only Button 1 for reset factory...

Page 80: ...problem with the Troubleshooting Chapter please contact the dealer where you purchased this product For any other questions please contact PLANET directly at the following email address support plane...

Reviews:

No comments

Related manuals for ADSL VPN/Firewall Router ADE-4200

B&B Electronics Elinx EIRP305-T User Manual preview
Elinx EIRP305-T
Brand: B&B Electronics Pages: 19
Watchguard Firebox SOHO 6 Wireless Instructions Manual preview
Firebox SOHO 6 Wireless
Brand: Watchguard Pages: 8
Paradyne 7995-A2-374 Quick Installation Instructions preview
7995-A2-374
Brand: Paradyne Pages: 1
Axis AXIS P1354 Installation Manual preview
AXIS P1354
Brand: Axis Pages: 104
Lanner NCA-4035 User Manual preview
NCA-4035
Brand: Lanner Pages: 109
Alcatel Speed Touch 591s Technical User'S Manual preview
Speed Touch 591s
Brand: Alcatel Pages: 184
TVT Digital TD-3316B4-16P-A1 Quick Start Manual preview
TD-3316B4-16P-A1
Brand: TVT Digital Pages: 2
Xantech CC12 Installation Instructions preview
CC12
Brand: Xantech Pages: 4
Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010 Manual preview
E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010
Brand: Juniper Pages: 122
X-Micro IEEE 802.11b User Manual preview
IEEE 802.11b
Brand: X-Micro Pages: 49
Airlink101 AR325W Quick Installation Manual preview
AR325W
Brand: Airlink101 Pages: 13
Cabletron Systems SmartSwitch 8-slot User'S Reference Manual preview
SmartSwitch 8-slot
Brand: Cabletron Systems Pages: 150
Ace ADSL2+ Wireless MIMO Router User Manual preview
ADSL2+ Wireless MIMO Router
Brand: Ace Pages: 64
AOpen ISDN SOHO Router User Manual preview
ISDN SOHO Router
Brand: AOpen Pages: 89
B&B Electronics Elinx EIR508 Series Quick Start Manual preview
Elinx EIR508 Series
Brand: B&B Electronics Pages: 2
Symantec SV1800 Series Safety And Regulatory Compliance Manual preview
SV1800 Series
Brand: Symantec Pages: 100
Dahua NVR41-4KS2 Series User Manual preview
NVR41-4KS2 Series
Brand: Dahua Pages: 452
CNC-Step AceroDURO 100/S100 Operating Instructions Manual preview
AceroDURO 100/S100
Brand: CNC-Step Pages: 86

Brands by name

Popular brands

Load more brands