background image

Advanced Features 

VPN- Manual Policy Screen 

This screen is displayed when you click the 

Add Manual Policy

 button on the 

VPN Policies

 

screen, or when you edit an existing Manual Policy. It allows you to define or edit a "Manual" 
VPN policy.  

An "Manual" VPN policy requires that you enter all data on both VPN endpoints. There is no 
negotiation between the 2 VPN endpoints. 

 

Figure 45: VPN-Manual Policy Screen 

Data - VPN-Manual Policy Screen 

General 

Policy Name 

Enter a unique name to identify this policy. This name is not supplied 
to the remote VPN endpoint. It is used only to help you manage the 
policies. 

Remote VPN 
Endpoint 

Select the desired option (IP address or Domain Name) and enter the 
address of the remote VPN endpoint you wish to connect to.  

Note:

 The remote VPN endpoint must have this VPN Gateway's 

address entered as its "Remote VPN Endpoint". 

NETBIOS Enable 

Check this if you wish NETBIOS traffic to be forwarded over the 
VPN tunnel. The NETBIOS protocol is used by Microsoft 
Networking. 

63 

Содержание ALL130DSL

Страница 1: ...ADSL2 2 Broadband Router ALL130DSL ADSL Modem NAT Router VPN Gateway 4 Port Switching Hub User s Guide ...

Страница 2: ...ux Clients 31 Other Unix Systems 31 CHAPTER 5 OPERATION AND STATUS 32 Operation Router Mode 32 Status Screen 32 Connection Status PPPoE PPPoA 35 Connection Details Dynamic IP Address 36 Connection Details Fixed IP Address 37 CHAPTER 6 ADVANCED FEATURES 38 Overview 38 Internet 38 Dynamic DNS Domain Name Server 43 Firewall Rules 45 User defined Services 50 Options 52 Schedule 53 Virtual Servers 55 V...

Страница 3: ... 89 Internet Access 89 APPENDIX B ABOUT VPNS 91 Overview 91 Common VPN Situations 93 VPN Example 94 APPENDIX C SPECIFICATIONS 98 Multi Function ADSL2 2 Broadband Router 98 Regulatory Approvals 99 P N 956YCX0030 Copyright 2006 All Rights Reserved Document Version 1 0 All trademarks and trade names are the properties of their respective owners ii ...

Страница 4: ...s carefully designed to provide sophisticated functions while being easy to use Internet Access Features Shared Internet Access All users on the LAN or WLAN can access the Internet through the ADSL2 2 Broadband Router using only a single external IP Address The local invalid IP Addresses are hidden from external sources This process is called NAT Network Address Translation Built in ADSL Modem The...

Страница 5: ...es can be scheduled to operate only at certain times This provides great flexibility in controlling Internet bound traffic Logs Define what data is recorded in the Logs and optionally send log data to a Syslog Server Log data can also be E mailed to you VPN Pass through Support PCs with VPN Virtual Private Networking software using PPTP L2TP and IPSec are transparently supported no configuration i...

Страница 6: ... location and even the existence of each PC is hidden From the external viewpoint there is no network only a single device the ADSL2 2 Broadband Router Firewall All incoming data packets are monitored and all incoming server requests are filtered thus protecting your network from malicious attacks from external sources Protection against DoS attacks DoS Denial of Service attacks can flood your Int...

Страница 7: ... these items are damaged or missing please contact your dealer immediately The ADSL2 2 Broadband Router Unit 1 Cat 5 Ethernet LAN cable Yellow Color 1 RJ 11 ADSL cable Gray Color 1 RJ 11 to RJ45 cable Germany only Gray Color Power Adapter Quick Installation Guide CD ROM containing the on line manual 4 ...

Страница 8: ... is using 100BaseT and Blinking if data is being transferred via the corresponding LAN port 10BT This will be ON if the LAN connection is using 10BaseT and Blinking if data is being transferred via the corresponding LAN port If neither LED is on there is no active connection on the corresponding LAN port ADSL On ADSL connection established Off No ADSL connection currently exists Flashing ADSL is s...

Страница 9: ...ction as an Uplink port when required Just connect any port to a normal port on the other hub using a standard LAN cable Reset Button Reset to Defaults This button will reset the ADSL2 2 Broadband Router to the factory default settings To do this press and hold the Reset Button for five 5 seconds until the Status LED is lit then release the Reset Button and wait the ADSL2 2 Broadband Router to res...

Страница 10: ...e on the network to install the ADSL2 2 Broadband Router 2 Connect LAN Cables Use standard LAN cables to connect PCs to the Switching Hub ports on the ADSL2 2 Broadband Router Both 10BaseT and 100BaseT connections can be used simultaneously If required connect any port to a normal port on another Hub using a standard LAN cable Any LAN port on the ADSL2 2 Broadband Router will automatically functio...

Страница 11: ...LEDs The Power LED should be ON The Status LED should flash then turn Off If it stays on or blinking after 60 seconds there is a hardware error For each LAN PC connection one of the LAN LEDs should be ON provided the PC is also ON The ADSL LED should be ON if ADSL line is connected The Internet LED may be OFF After configuration it should come ON For more information refer to Front mounted LEDs in...

Страница 12: ...you wish to use Use the table below to locate detailed instructions for the required functions To Do this Refer to Configure PCs on your LAN Chapter 4 PC Configuration Check ADSL2 2 Broadband Router operation and Status Chapter 5 Operation and Status Use any of the following Advanced features Internet DMZ Special Applications URL Filter Dynamic DNS Firewall Rules Firewall Services Schedule Virtual...

Страница 13: ...and Router or on the same LAN segment The ADSL2 2 Broadband Router must be installed and powered ON If the ADSL2 2 Broadband Router s default IP Address 192 168 0 1 is already used by another device the other device must be turned OFF until the ADSL2 2 Broadband Router is allocated a new IP Address during configuration Using your Web Browser To establish a connection from your PC to the ADSL2 2 Br...

Страница 14: ... to 192 168 0 254 to be compatible with the ADSL2 2 Broadband Router s default IP Address of 192 168 0 1 Also the Network Mask must be set to 255 255 255 0 See Chapter 4 PC Configuration for details on checking your PC s TCP IP settings Ensure that your PC and the ADSL2 2 Broadband Router are on the same network segment If you don t have a router this must be the case Setup Wizard The first time y...

Страница 15: ... for your connection method You need the data supplied by your ISP Your ISP s data will also have the DSL Multiplexing Method LLC or VC The common connection types are explained in the following table Connection Type Details ISP Data required Dynamic IP Address Your IP Address is allocated automatically when you connect to you ISP Often none Some ISP s may require you to use a particular Hostname ...

Страница 16: ...an Internet connection can be established 7 If the connection test fails Check all connections and the front panel LEDs Check that you have entered all data correctly Configuring VC2 VC3 and VC4 The ADSL2 2 Broadband Router supports multiple VCs Virtual Circuits on the ADSL connection VC1 must be used for general purpose Internet access The other VCs VC2 VC3 and VC4 are available for special purpo...

Страница 17: ...ATM Service Select the multiplexing value provided by your ISP IP Address Enter the IP address of the device on your LAN which will receive the data on this VC For Video on Demand this would be the IP address of your SetTop Box For VoIP this would be the IP address of your VoIP TA Note that this IP address does not have to be in the same IP address range as other devices on your local LAN 4 When f...

Страница 18: ...enu on the top and left contains links to the most commonly used screen Navigation Data Input Use the menu bar on the left of the screen and the Back button on your Browser for navigation Changing to another screen without clicking Save does NOT save any changes you may have made You must Save before changing screens or your data will be ignored On each screen clicking the Help button will display...

Страница 19: ...k for the LAN segment to which the ADSL2 2 Broadband Router is attached the same value as the PCs on that LAN segment DHCP Server If Enabled the ADSL2 2 Broadband Router will allocate IP Addresses to PCs DHCP clients on your LAN when they start up The default and recommended value is Enabled If you are already using a DHCP Server this setting must be Disabled and the existing DHCP server must be r...

Страница 20: ...and Router s DHCP Server This is the default setting The DHCP Server settings are on the LAN screen On this screen you can Enable or Disable the ADSL2 2 Broadband Router s DHCP Server function Set the range of IP Addresses allocated to PCs by the DHCP Server function You can assign Fixed IP Addresses to some devices while using DHCP provided that the Fixed IP Addresses are NOT within the range use...

Страница 21: ...n Old Password Enter the existing password in this field New password Enter the new password here Verify password Re enter the new password here You will be prompted for the password when you connect as shown below Figure 12 Password Dialog The User Name is always admin Enter the password for the ADSL2 2 Broadband Router as set on the Password screen above 18 ...

Страница 22: ... to all LAN users Modem Only the ADSL Modem component is operational All Router features are disabled This device is transparent it does not perform any operations or make any changes to the network traffic passing through it All traffic received on LAN interface will be sent over the ADSL connection Notes Generally you should NOT use modem mode Only select this mode if you are sure this is what y...

Страница 23: ...on each PC TCP IP Settings Overview If using the default ADSL2 2 Broadband Router settings and the default Windows TCP IP settings no changes need to be made By default the ADSL2 2 Broadband Router will act as a DHCP Server automatically providing a suitable IP Address and related information to each PC when the PC boots For all non Server versions of Windows the default TCP IP setting is to act a...

Страница 24: ...5 IP Address Win 95 Ensure your TCP IP settings are correct as follows Using DHCP To use DHCP select the radio button Obtain an IP Address automatically This is the default Windows setting Using this is recommended By default the ADSL2 2 Broadband Router will act as a DHCP Server Restart your PC to ensure it obtains an IP Address from the ADSL2 2 Broadband Router Using Specify an IP Address If you...

Страница 25: ...ur LAN administrator can advise you of the IP Address they assigned to the ADSL2 2 Broadband Router Figure 16 Gateway Tab Win 95 98 On the DNS Configuration tab ensure Enable DNS is selected If the DNS Server Search Order list is empty enter the DNS address provided by your ISP in the fields beside the Add button then click Add Figure 17 DNS Tab Win 95 98 22 ...

Страница 26: ... TCP IP Settings Windows NT4 0 1 Select Control Panel Network and on the Protocols tab select the TCP IP protocol as shown below Figure 18 Windows NT4 0 TCP IP 2 Click the Properties button to see a screen like the one below 23 ...

Страница 27: ...art your PC to ensure it obtains an IP Address from the ADSL2 2 Broadband Router Specify an IP Address If your PC is already configured check with your network administrator before making the following changes 1 The Default Gateway must be set to the IP address of the ADSL2 2 Broadband Router To set this Click the Advanced button on the screen above On the following screen click the Add button in ...

Страница 28: ...ateway 2 The DNS should be set to the address provided by your ISP as follows Click the DNS tab On the DNS screen shown below click the Add button under DNS Service Search Order and enter the DNS provided by your ISP Figure 21 Windows NT4 0 DNS 25 ...

Страница 29: ...ion 2 Right click the Local Area Connection icon and select Properties You should see a screen like the following Figure 22 Network Configuration Win 2000 3 Select the TCP IP protocol for your network card 4 Click on the Properties button You should then see a screen like the following Figure 23 TCP IP Properties Win 2000 26 ...

Страница 30: ...om the ADSL2 2 Broadband Router Using a fixed IP Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes Enter the ADSL2 2 Broadband Router s IP address in the Default gateway field and click OK Your LAN administrator can advise you of the IP Address they assigned to the ADSL2 2 Broadband Router If the DNS Serv...

Страница 31: ...twork Connection 2 Right click the Local Area Connection and choose Properties You should see a screen like the following Figure 24 Network Configuration Windows XP 3 Select the TCP IP protocol for your network card 4 Click on the Properties button You should then see a screen like the following 28 ...

Страница 32: ...Address from the ADSL2 2 Broadband Router Using a fixed IP Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes In the Default gateway field enter the ADSL2 2 Broadband Router s IP address and click OK Your LAN administrator can advise you of the IP Address they assigned to the ADSL2 2 Broadband Router If th...

Страница 33: ...Internet Connections 2 Select Set up or change your Internet Connection 3 Select the Connection tab and click the Setup button 4 Cancel the pop up Location Information screen 5 Click Next on the New Connection Wizard screen 6 Select Connect to the Internet and click Next 7 Select Set up my connection manually and click Next 8 Check Connect using a broadband connection that is always on and click N...

Страница 34: ...changes Fixed IP Address By default most Unix installations use a fixed IP Address If you wish to continue using a fixed IP Address make the following changes to your configuration Set your Default Gateway to the IP Address of the ADSL2 2 Broadband Router Ensure your DNS Name server settings are correct To act as a DHCP Client recommended The procedure below may vary according to your version of L...

Страница 35: ...hapter 8 Modem Mode Operation Router Mode Once both the ADSL2 2 Broadband Router and the PCs are configured operation is automatic However there are some situations where additional Internet configuration may be required Refer to Chapter 6 Advanced Features for further details Status Screen Use the Status link on the main menu to view this screen Figure 26 Status Screen 32 ...

Страница 36: ...rmally arises when an idle connection is automatically terminated Failed The connection was terminated abnormally This could be caused by Modem failure or the loss of the connection to the ISP s server If there is an error you can click the Connection Details button to find out more information Internet IP Address This IP Address is allocated by the ISP Internet Service Provider If using a dynamic...

Страница 37: ...sub window and view a detailed description of the current connection Attached Devices This will open a sub window showing all LAN devices currently on the network VPN Status View details of each current VPN Tunnel is a sub window You also have the option of viewing the VPN Log For further details about VPN see the VPN section in Chapter 6 Advanced Features Refresh Screen Update the data displayed ...

Страница 38: ...es not exist the Connect button can be used to establish a connection If the connection currently exists the Disconnect button can be used to break the connection Negotiation This will show the Negotiation status of the connection Authentication This will show the Authentication status of the connection IP Address The IP Address of this device as seen by Internet users This address is allocated by...

Страница 39: ...te Gateway or Router associated with the IP Address above DNS Server The IP address of the Domain Name Server which is currently used DHCP Server The IP address of your ISP s DHCP Server Lease Obtained Lease Expires This indicates when the current IP address was obtained and how long before this IP address allocation the DCHP lease expires Buttons Release If an IP Address has been allocated to the...

Страница 40: ...etails Fixed Dynamic IP Address Data Fixed IP address Screen Internet IP Address The IP Address of this device as seen by Internet users This address is allocated by your ISP Internet Service Provider Subnet Mask The Network Mask associated with the IP Address above Default Gateway The IP Address of the remote Gateway or Router associated with the IP Address above DNS Server The IP Address of the ...

Страница 41: ...nced Features Overview The following advanced features are provided Internet DMZ Special Applications URL filter Dynamic DNS Firewall Rules Firewall Services Schedule Virtual Servers VPN Internet This screen provides access to the DMZ Special Applications and URL Filter features Figure 30 Internet Screen 38 ...

Страница 42: ...ired Special Applications If you use Internet applications which use non standard connections or port numbers you may find that they do not function correctly because they are blocked by the Router s firewall In this case you can define the application as a Special Application The Special Applications screen can be reached by clicking the Special Applications button on the Internet screen You can ...

Страница 43: ... server for data you receive If the application uses a single port number enter it in both the Start and Finish fields Finish Enter the end of the range of port numbers used by the application server for data you receive Outgoing Ports Type Select the protocol TCP or UDP used when you send data to the remote system or service Start Enter the beginning of the range of port numbers used by the appli...

Страница 44: ...s feature The URL filter will check each Web site access If the address or part of the address is included in the block site list access will be denied On the Advanced Internet screen select the desired setting Disable disable this feature Block Always allow blocking all of the time independent of the Schedule page Block By Schedule block according to the settings on the Schedule page Click the Co...

Страница 45: ... Add Filter String To add to the current list type the word or domain name you want to block into the field provided then click the Add button Filter strings should be as specific as possible Otherwise you may block access to many more sites than intended Trusted PC Allow this PC Enable this to allow one computer to have unrestricted access to the Internet For this PC the URL filter will be ignore...

Страница 46: ...een and enable the DDNS feature 4 The ADSL2 2 Broadband Router will then automatically ensure that your current IP Address is recorded at the DDNS service provider s Domain Name Server 5 From the Internet users will be able to connect to your Virtual Servers or DMZ PC using your Domain name as shown on this screen Dynamic DNS Screen Select Advanced on the main menu then Dynamic DNS to see a screen...

Страница 47: ... address Password Enter your current password for the DDNS Service TZO com calls this a key DDNS Status This message is returned by the DDNS Server Normally this message should be Update successful If the message indicates some problem you need to connect to the DDNS Service provider and correct this problem 44 ...

Страница 48: ...wn below Figure 34 Firewall Screen Data Firewall Rules Incoming Rules For the default rule this will display Default For rules which you create this will display a radio button which allows you to select the rule Enable Indicates whether or not the rule is currently enabled For rules you have added this column will contain a checkbox allowing you to easily enable or disable the rule Click Save aft...

Страница 49: ...e rule Enable Indicates whether or not the rule is currently enabled For rules you have added this column will contain a checkbox allowing you to easily enable or disable the rule Click Save after making any changes Service Name The Service covered by this rule Action The action performed on connections which are covered by this rule LAN Users The LAN PC or PCs covered by this rule WAN Servers The...

Страница 50: ...CK always BLOCK by schedule otherwise Allow Note Any inbound traffic which is not allowed by rules you create will be blocked by the Default rule BLOCK rules are only useful if the traffic is already covered by an ALLOW rule That is you wish to block a sub set of traffic which is currently allowed by another rule To define the Schedule used in these selections use the Schedule screen Send to LAN S...

Страница 51: ...not Match Log traffic only it matches this rule The action is determined by this rule Not Match Log traffic which is considered by this rule but does not match The action is NOT determined by this rule Outgoing Rules Outbound Services This screen is displayed when the Add or Edit button for Outgoing Rules is clicked Figure 36 Outbound Services Screen Data Outbound Rules Screen Outbound Services Se...

Страница 52: ...t the PC or Server on your LAN which will be covered by this rule WAN Users These settings determine which packets are covered by the rule based on their source WAN IP address Select the desired option Any All IP addresses are covered by this rule Address range If this option is selected you must enter the Start and Finish fields Single address Enter the required address in the Single Start fields...

Страница 53: ...ices Screen Data User defined Services Services Existing Services This lists any Services you have defined If you have not defined any Services this list will be empty Once you define some services they will be listed here and also shown in the Service list used to create Firewall rules User defined services are at the end of the list after the pre defined services Add Use this to open a sub scree...

Страница 54: ...Data Add Edit Service Services Name If editing this shows the current name of the Service If adding a new service this will be blank and you should enter a suitable name Type Select the protocol used by the Service Start Port Enter the beginning of the port range used by the Service Finish Port Enter the end of the port range used by the Service 51 ...

Страница 55: ...ed Disabling this option provides a slight increase in security MTU Size Enter a value between 1 and 1500 Note MTU Maximum Transmission Unit size should only be changed if advised to do so by Technical Support UPnP UPnP UPnP Universal Plug and Play allows automatic discovery and configuration of equipment attached to your LAN UPnP is by supported Windows ME XP or later If Enabled this device will ...

Страница 56: ... 2 can be left blank if not required Start Time Enter the start using a 24 hr clock Finish Time Enter the finish time using a 24 hr clock Local Time Time Zone In order to display your local time correctly you must select your Time Zone from the list Adjust for Daylight Savings Time If your region uses Daylight Savings Time you must manually check Adjust for Daylight Savings Time at the beginning o...

Страница 57: ...ver as the primary NTP server check the checkbox Use this NTP Server and enter the Server s IP address in the fields provided If this setting is not enabled the default NTP Servers are used Current Time This displays the current time on the ADSL2 2 Broadband Router at the time the page is loaded 54 ...

Страница 58: ...r LAN have the same IP Address This IP Address is allocated by your ISP This address should be static rather than dynamic to make it easier for Internet users to connect to your Servers However you can use the DDNS Dynamic DNS feature to allow users to connect to your Virtual Servers using a URL instead of an IP Address Virtual Servers Screen The Virtual Servers feature allows Internet Users to ac...

Страница 59: ...erver software For each entry the PC must be running the appropriate Server software If the desired Server type is not listed you can define your own Servers using the Firewall Rules Connecting to the Virtual Servers Once configured anyone on the Internet can connect to your Virtual Servers They must use the Internet IP Address the IP Address allocated to you by your ISP e g http 203 70 212 52 ftp...

Страница 60: ...u will have to create one policy for each site you wish to connect to The remote VPN Gateway or client needs to have matching configuration Traffic covered by an enabled policy will automatically be sent via a VPN tunnel If the VPN tunnel does not exist it will be created The VPN tunnel is created according to the parameters in the SA Security Association The remote VPN Endpoint must have a matchi...

Страница 61: ...he address of the remote VPN endpoint Type The Type is Auto or Manual as explained above Local LAN IP address or subnet on your local LAN Traffic must be from or to these addresses to be covered by this policy Remote LAN IP address or subnet on the remote LAN Traffic must be to or from these addresses to be covered by this policy ESP ESP Encapsulating Security Payload encryption protocol used for ...

Страница 62: ...olicy Screen This screen is displayed when you click the Add Auto Policy button on the VPN Policies screen or when you edit an existing Auto Policy It allows you to define or edit an Auto VPN policy An Auto VPN policy uses the IKE Internet Key Protocol to exchange and negotiate parameters for the IPsec SA Security Association Because of this negotiation it is not necessary for all settings on this...

Страница 63: ...d as follows Single address Enter an IP address in the IP address field Typically this setting is used when you wish to make a single Server on your LAN available to remote users Subnet address Enter an IP address in the IP address field and the desired network mask in the Subnet Mask field The remote VPN endpoint must have these IP addresses entered as its Remote addresses Remote LAN Remote LAN T...

Страница 64: ...sired option to match the Local Identity Type setting on the remote VPN endpoint IP Address The Internet IP address of the remote VPN endpoint Fully Qualified Domain Name the Domain name of the remote VPN endpoint Fully Qualified User Name the name E mail address or other ID of the remote VPN endpoint Remote Identity Data Enter the data for the selection above If IP Address is selected no input is...

Страница 65: ...ls Also even if one key is broken subsequent keys are no easier to break Each key has no relationship to the previous key This setting applies to both IKE and IPSec SAs When configuring the remote endpoint to match this setting you may have to specify the Key Group used For this device the Key Group is the same as the DH Group setting in the IKE section 62 ...

Страница 66: ...Screen Data VPN Manual Policy Screen General Policy Name Enter a unique name to identify this policy This name is not supplied to the remote VPN endpoint It is used only to help you manage the policies Remote VPN Endpoint Select the desired option IP address or Domain Name and enter the address of the remote VPN endpoint you wish to connect to Note The remote VPN endpoint must have this VPN Gatewa...

Страница 67: ...n the IP address field This must be an address on the remote LAN Typically this setting is used when you wish to access a server on the remote LAN Subnet address Enter an IP address in the IP address field and the desired network mask in the Subnet Mask field The remote VPN endpoint must have these IP addresses entered as its Local addresses ESP Configuration SPI Enter the required SPIs Each polic...

Страница 68: ... identify the incoming connection For Auto policies the SPI is automatically generated For Manual policies the SPI must be entered when the policy is configured SPI Out This is a unique index number to identify the outgoing connection For Auto policies the SPI is automatically generated For Manual policies the SPI must be entered when the policy is configured Action This column will contain a butt...

Страница 69: ...u select the DMZ PC or a Virtual Server This database is maintained automatically but you can add and delete entries for PCs which use a Fixed Static IP Address Config File Backup or restore the configuration file for the ADSL2 2 Broadband Router This file contains all the configuration data Logging Email View or clear all logs set E Mailing of log files and alerts Diagnostics Perform a Ping or DN...

Страница 70: ...tabase screen is shown below Figure 47 PC Database PCs which are DHCP Clients are automatically added to the database and updated as required By default non Server versions of Windows act as DHCP Clients this setting is called Obtain an IP Address automatically The ADSL2 2 Broadband Router uses the Hardware Address to identify each PC not the name or IP address The Hardware Address can only change...

Страница 71: ...ed or not powered On you will not be able to add it Buttons Add This will add the new PC to the list The PC will be sent a ping to determine its hardware address If the PC is not available not connected or not powered On you will not be able to add it Delete Delete the selected PC from the list This should be done in 2 situations The PC has been removed from your LAN The entry is incorrect Refresh...

Страница 72: ...ches the PC s hostname IP Address Select the appropriate option Automatic The PC is set to be a DHCP client Windows Obtain an IP address automatically The ADSL2 2 Broadband Router will allocate an IP address to this PC when requested to do so The IP address could change but normally won t DCHP Client Reserved IP Address Select this if the PC is set to be a DCHP client and you wish to guarantee tha...

Страница 73: ...PC Because of this the MAC address can NOT be left blank Buttons Add as New Entry Add a new PC to the list using the data in the Properties box If Automatic discovery for MAC address is selected the PC will be sent a ping to determine its hardware address This will fail unless the PC is connected to the LAN and powered on Update Selected PC Update modify the selected PC using the data in the Prope...

Страница 74: ...n below Figure 49 Config File Screen Data Config File Screen Backup Config Use this to download a copy of the current configuration and store the file on your PC Click Backup to start the download Restore Config This allows you to restore a previously saved configuration file back to the ADSL2 2 Broadband Router Click Browse to select the configuration file then click Restore to upload the configu...

Страница 75: ...adband Router log data can also be E mailed to your PC Use the E mail screen to configure this feature Figure 50 Logging Screen Data Logging Screen Logs Current Time The current time on the ADSL2 2 Broadband Router is displayed Log Data Current log data is displayed in this panel Buttons There are three 3 buttons Refresh Update the log data Clear Log Clear the log and restart it This makes new mes...

Страница 76: ... connections TO this Router rather than through this Router to the Internet Router operation If checked other Router operations not covered by the selections above will be logged Known DoS attacks and Port Scans If checked Denial of Service attacks as well as port scans will be logged Syslog Disable Data is not sent to a Syslog Server Broadcast on LAN The Syslog data is broadcast rather than sent ...

Страница 77: ...s address Outgoing SMTP Mail Server Enter the address or IP address of the SMTP Simple Mail Transport Protocol Server you use for outgoing E mail My SMTP Mail Server requires authentication To stop spanners many SMTP mail servers require you to log in to send mail In this case enable this checkbox and enter the login information User name and Password in the fields below User Name If you have enab...

Страница 78: ...esired option for sending the log by E mail Never default This feature is disabled Logs are not sent When log is full The time is not fixed The log will be sent when the log is full which will depend on the volume of traffic Hourly Daily Weekly The log is sent on the interval specified If Daily is selected the log is sent at the time specified Select the time of day you wish the E mail to be sent ...

Страница 79: ...t case wait a few seconds and try again Ping Button After entering the IP address click this button to start the Ping procedure The results will be displayed in the Ping Results pane DNS Lookup Internet name Enter the Domain name or URL for which you want a DNS Domain Name Server lookup Note that if the address in on the Internet and no connection currently exists you could get a Timeout error In ...

Страница 80: ...t Number Enter a port number between 1 and 65535 The default for HTTP Web connections is port 80 but using port 80 will prevent the use of a Web Virtual Server on your LAN So using a different port number is recommended The default value is 8080 The port number must be specified in your Browser when you connect See the following section for details Access Permission Allow Remote Access Select the ...

Страница 81: ...HTTP followed by the Internet IP Address of the ADSL2 2 Broadband Router If the port number is not 80 the port number is also required After the IP Address enter followed by the port number e g HTTP 123 123 123 123 8080 This example assumes the WAN IP Address is 123 123 123 123 and the port number is 8080 3 You will then be prompted for the login name and password for this device 78 ...

Страница 82: ...roadband Router and ensure the following Windows 2000 settings are correct Open Routing and Remote Access In the console tree select Routing and Remote Access server name IP Routing RIP In the Details pane right click the interface you want to configure for RIP version 2 and then click Properties On the General tab set Outgoing packet protocol to RIP version 2 broadcast and Incoming packet protoco...

Страница 83: ...st is ignored and has no effect Edit Update the current Static Routing Table entry using the data shown in the table area on screen Delete Delete the current Static Routing Table entry Save Save the RIP setting This has no effect on the Static Routing Table Configuring Other Routers on your LAN It is essential that all IP packets for devices not on the local LAN be passed to the ADSL2 2 Broadband ...

Страница 84: ...tion of the Gateway IP Address For a router with a direct connection to the ADSL2 2 Broadband Router s local Router the Gateway IP Address is the address of the ADSL2 2 Broadband Router s local router For routers which must forward packets to another router before reaching the ADSL2 2 Broadband Router s local router the Gateway IP Address is the address of the intermediate router Static Routing Ex...

Страница 85: ...y IP Address 192 168 0 100 Metric 3 For Router A s Default Route Destination IP Address 0 0 0 0 Network Mask 0 0 0 0 Gateway IP Address 192 168 0 1 ADSL2 2 Broadband Router s IP Address For Router B s Default Route Destination IP Address 0 0 0 0 Network Mask 0 0 0 0 Gateway IP Address 192 168 1 80 ADSL2 2 Broadband Router s local router 82 ...

Страница 86: ...wing Figure 56 Router Upgrade Screen To perform the Firmware Upgrade 1 Click the Browse button and navigate to the location of the upgrade file 2 Select the upgrade file Its name will appear in the Upgrade File field 3 Click the Upload button to commence the firmware upgrade The ADSL2 2 Broadband Router is unavailable during the upgrade process and must restart when the upgrade is completed Any co...

Страница 87: ...de the IP address does not change but the DHCP server is disabled However your PC will usually retain the IP address provided by the DHCP Server so the connection will be automatically re established You then need to ensure that the IP address of this modem is suitable for your LAN This Modem AP must be a valid device on your LAN to allow management connections You must assign a fixed IP address w...

Страница 88: ...ble The screens available are LAN set IP address mask and gateway This is the same as in Router mode except that the DHCP server is not available while in Modem mode Password this screen is the same as in Router mode Mode change back to Router mode if desired Status displays current settings and status See the following section for details Upgrade Firmware this screen is the same as in Router mode...

Страница 89: ...related information to all LAN users Modem Only the ADSL Modem component is operational All Router features are disabled This device is transparent it does not perform any operations or make any changes to the network traffic passing through it This mode is also called Bridge Mode After changing the mode this device will restart which will take a few seconds The menu will also change depending on ...

Страница 90: ... displays the speed for the Up Stream upload ADSL Connection VC 1 Status VC 2 Status VC 3 Status VC 4 Status For each VC Virtual Circuit the current status is displayed This will be either Enabled or Disabled ADSL Details Click this button to open a sub window and view the details of each VC Virtual Circuit LAN IP Address The IP Address of the ADSL2 2 Broadband Router Network Mask The Network Mask...

Страница 91: ...or users with an Home type connection Firmware Version The version of the current firmware installed Buttons ADSL Details View the details of each VC Virtual Circuit Attached Devices Clicking this will generate a list of all devices currently using the Access Point Refresh Screen Update the data displayed on screen 88 ...

Страница 92: ...ddress ensure that it is using an IP Address within the range 192 168 0 2 to 192 168 0 254 and thus compatible with the ADSL2 2 Broadband Router s default IP Address of 192 168 0 1 Also the Network Mask should be set to 255 255 255 0 to match the ADSL2 2 Broadband Router In Windows you can check these settings by using Control Panel Network to check the Properties for the TCP IP protocol Internet ...

Страница 93: ...outer processes the data passing through it so it is not transparent For incoming connections you must use the Virtual Server or Firewall Rules to specify the PC which will receive the incoming traffic You can also use the DMZ function This should work with almost every application but It is a security risk since the firewall is disabled Only one 1 PC can use this feature 90 ...

Страница 94: ...tion There are two security modes possible with IPSec Transport Mode the payload data part of the packet is encapsulated through encryption but the IP header remains in the clear unchanged The ADSL2 2 Broadband Router does NOT support Transport Mode Tunnel Mode everything is encapsulated including the original IP header and a new IP header is generated Only the new header in the clear i e not prot...

Страница 95: ...ary to have multiple Policies for the same remote site However you should only Enable one 1 policy at a time VPN Configuration The general rule is that each endpoint must have matching Policies as follows VPN Endpoint address Each VPN endpoint must be configured to initiate or accept connections to the remote VPN client or Gateway Usually this requires having a fixed Internet IP address However it...

Страница 96: ...it is not acting as a VPN endpoint Client PC to VPN Gateway Figure 61 Client PC to VPN Server In this situation the PC must run appropriate VPN client software in order to connect via the Internet to the ADSL2 2 Broadband Router or other VPN Gateway Once connected the client PC has the same access to LAN resources as PCs on the local LAN unless restricted by the network administrator IPsec is not ...

Страница 97: ... VPN tunnel will be established and what systems on the remote LAN can be accessed once the VPN connection is established It is possible to have simultaneous VPN connections to many remote sites VPN Example In this example 2 LANs are connected via VPN Each end has a ADSL2 2 Broadband Router Figure 63 Connecting 2 ADSL2 2 Broadband Routers Note The LANs MUST use different IP address ranges Both end...

Страница 98: ...Appendix B About VPNs Configuration Settings Gateway A Gateway A should be configured as shown below Figure 64 Gateway A Configuration 95 ...

Страница 99: ...ngs Setting LAN A Gateway LAN B Gateway Notes Policy Name Example Example Name does not affect operation Select a meaningful name Remote VPN Endpoint Fixed IP Address 205 17 11 43 Fixed IP Address 202 11 13 211 Other endpoint s WAN Internet IP address NetBIOS Enable Enable Disable if not required Local LAN 192 168 0 0 192 168 1 0 Local Address subnet 96 ...

Страница 100: ...ddress IP address is the most common ID method Remote Identity WAN IP address WAN IP address IP address is the most common ID method SA Parameters Encryption 3DES 3DES Must match Authentication MD5 MD5 Must match Pre shared Key xxxxxxxxx xxxxxxxxxx Must match use any string SA Life time 28800 28800 Does not have to match Shorter period will be used PFS Disabled Disabled Must match Note Some VPN Ga...

Страница 101: ...Router ADSL Interface T1 413 G DMT G lite multi mode Dimensions 175mm W 114mm D 30mm H Operating Temperature 0 C to 40 C Storage Temperature 10 C to 70 C Network Protocol TCP IP Network Interface 4 10 100BaseT RJ45 LAN connection 1 RJ11 for ADSL line LEDs 12 Power Adapter 12VDC 1A External 98 ...

Страница 102: ...adio TV technician for help To assure continued compliance any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate this equipment Example use only shielded interface cables when connecting to computer or peripheral devices FCC Radiation Exposure Statement This equipment complies with FCC RF radiation exposure limits set...

Страница 103: ... conformity to the above directive is indicated by the CE sign on the device The ALLNET ALL130DSL ADSL2 2 Broadband Router conforms to the European Directives 89 336 EEC 92 31 EEC 93 68 EEC This equipment meets the following conformance standards EN 55022 1998 A1 2000 Class B EN 55024 1998 EN 61000 3 2 1995 A1 A2 1998 A14 2000 EN 61000 3 3 1995 A1 1998 This equipment is intended to be operated in ...

Отзывы: