manualshive.com logo in svg

Billion BiPAC 8500, Руководство пользователя

Поделиться
Скачать
Billion BiPAC 8500 Скачать руководство пользователя страница 102

Intrusion Detection

The router Intrusion Detection System (IDS) is used to detect hacker’s attack and intrusion 

attempts from the Internet. If the IDS function of the firewall is enabled, inbound packets are 

filtered and blocked depending on whether they are detected as possible hacker attacks, intrusion 

attempts or other connections that the router determines to be suspicious.  

Blacklist:

 If the router detects a possible attack, the source IP or destination IP address will be 

added to the Blacklist. Any further attempts using this IP address will be blocked for the time 

period specified as 

Block Duration

. Default setting for this function is false (disabled). Some 

attack types are denied immediately without using the Blacklist function, such as Land attack and 

Echo/CharGen scan.

Intrusion Detection:

 Check Enable if you wish to detect intruders accessing your computer 

without permission.

Block Duration:

 

• 

Victim Protection Block Duration:

 This is the duration for blocking Smurf attacks. Default 

value is 600 seconds.

• 

Scan Attack Block Duration:

 This is the duration for blocking hosts that attempt a possible 

Scan attack. Scan attack types include X’mas scan, IMAP SYN/FIN scan and similar attempts. 

Default value is 86400 seconds.

• 

DOS Attack Block Duration:

 This is the duration for blocking hosts that attempt a possible 

Denial of Service (DoS) attack. Possible DoS attacks this attempts to block include Ascend Kill 

and WinNuke. Default value is 1800 seconds.

Maximum TCP Open Handshaking Count: 

This is a threshold value to decide whether a SYN 

Flood attempt is occurring or not. Default value is 100 TCP SYN per seconds.

Maximum Ping Count: 

This is a threshold value to decide whether an ICMP Echo Storm is 

occurring or not. Default value is 15 ICMP Echo Requests (PING) per second.

Maximum ICMP Count: 

This is a threshold to decide whether an ICMP flood is occurring or not. 

Default value is 100 ICMP packets per seconds except ICMP Echo Requests (PING).

For SYN Flood, ICMP Echo Storm and ICMP flood, IDS will just warn the user in the Event Log. It 

cannot protect against such attacks.

Click Apply to confirm the settings.

98

Содержание BiPAC 8500

Страница 1: ...BiPAC 8500 8520 SHDSL VPN Firewall Bridge Router BiPAC 8501 8501 R2 8521 SHDSL bis VPN Firewall Bridge Router User Manual Last Revised on September 2010 Firmware Version 5 75...

Страница 2: ...BiPAC 8501 9 Front Panel LED 9 Rear Ports 10 BiPAC 8501 R2 11 Front Panel LED 11 Rear Ports 12 BiPAC 8521 13 Front Panel LED 13 Rear Ports 14 Chapter 3 Basic Network Installation 15 Applications of th...

Страница 3: ...iPAC 8500 8501 8520 Only 39 L2TP Status BiPAC 8500 8501 8520 Only 40 Email Status 41 Event Log 42 Error Log 43 NAT Sessions 44 Diagnostic 45 UPnP Portmap 46 Quick Start 47 Configuration 49 LAN Local A...

Страница 4: ...Chapter 5 Troubleshooting 172 Appendix Product Support Contact 173...

Страница 5: ...Fast Ethernet Switch A 4 port 10 100Mbps fast Ethernet switch is built in with automatic switching between MDI and MDI X for 10Base T and 100Base TX ports An Ethernet straight or crossover cable can b...

Страница 6: ...ively you can simply change the priority of different types of upload data and let the router sort out the actual speeds of each data transmission Virtual Private Network VPN BiPAC 8500 8520 8501 Only...

Страница 7: ...es with on line help It also supports remote management capability for remote users to configure and manage this product Firmware Upgradeable Device can be upgraded to the latest firmware through the...

Страница 8: ...bis Firewall Bridge Router BiPAC 8501 8501 R2 8521 CD ROM containing the online manual RJ 11 SHDSL telephone Cable One Cable for BiPAC 8500 8501 8501 R2 Two Cables for BiPAC 8520 8521 Ethernet CAT 5 L...

Страница 9: ...AN Port 1X 4X RJ 45 connector Lit green when one of the LAN ports is connected to an Ethernet device of 100Mbps Blinking when data is transmitted received Lit orange when one of the LAN ports is conne...

Страница 10: ...le Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RESET Press this button for 1 3 seconds at least to reset device to restore the...

Страница 11: ...rt 1X 4X RJ 45 connector Lit green when one of the LAN ports is connected to an Ethernet device of 100Mbps Blinking when data is transmitted received Lit orange when one of the LAN ports is connected...

Страница 12: ...ble Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RESET Press this button for 1 3 seconds at least to reset device to restore th...

Страница 13: ...X 4X RJ 45 connector Lit green when one of the LAN ports is connected to an Ethernet device of 100Mbps Blinking when data is transmitted received Lit orange when one of the LAN ports is connected to a...

Страница 14: ...cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RESET Press this button for 1 3 seconds at least to reset device to restore...

Страница 15: ...1X 4X RJ 45 connector Lit green when one of the LAN ports is connected to an Ethernet device of 100Mbps Blinking when data is transmitted received Lit orange when one of the LAN ports is connected to...

Страница 16: ...cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RESET Press this button for 1 3 seconds at least to reset device to restore...

Страница 17: ...4X RJ 45 connector Lit green when one of the LAN ports is connected to an Ethernet device of 100Mbps Blinking when data is transmitted received Lit orange when one of the LAN ports is connected to an...

Страница 18: ...cable Cat 5 or Cat 5e to one of the four LAN ports when connecting to a PC or an office home network of 10Mbps or 100Mbps 4 RESET Press this button for 1 3 seconds at least to reset device to restore...

Страница 19: ...talled properly prior to connecting the router device You ought to configure your PCs to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router...

Страница 20: ...ications of the device 1 Connect the Router to a LAN Local Area Network and the SHDSL LINE 2 Power on the device 3 Make sure the PWR and SYS LEDs are lit steadily and that the relevant LAN LED are lit...

Страница 21: ...ick on Control Pan el 1 Then click on Network and Inter net 1 1 When the Network and Sharing Center window pops up select and click on Change adapter settings on the left window panel 1 1 Select the L...

Страница 22: ...1 In the TCP IPv4 properties window select the Obtain an IP address au tomatically and Obtain DNS Server address automatically radio but tons Then click OK to exit the set ting 1 Click OK again in the...

Страница 23: ...hen click on Network and Sharing Center at the top bar 1 1 When the Network and Sharing Center window pops up select and click on Manage network connec tions on the left window column 1 1 Select the L...

Страница 24: ...1 In the TCP IPv4 properties window select the Obtain an IP address au tomatically and Obtain DNS Server address automatically radio but tons Then click OK to exit the set ting 1 Click OK again in the...

Страница 25: ...onnections 1 Double click Local Area Connection 1 In the Local Area Connection Status win dow click Properties 1 Select Internet Protocol TCP IP and click Properties 1 Select the Obtain an IP address...

Страница 26: ...up Connections 1 Double click Local Area Connection 1 In the Local Area Connection Status win dow click Properties 1 Select Internet Protocol TCP IP and click Properties 1 Select the Obtain an IP addr...

Страница 27: ...ork and choose the Configuration tab 1 Select TCP IP NE2000 Compatible or the name of your Network Interface Card NIC in your PC 1 Select the Obtain an IP address auto matically radio button 1 Then se...

Страница 28: ...to Start Settings Control Panel In the Control Panel double click on Net work and choose the Protocols tab 1 Select TCP IP Protocol and click Proper ties 1 Select the Obtain an IP address from a DHCP...

Страница 29: ...P server is enabled Start IP Address 192 168 1 100 IP pool counts 100 LAN and WAN Port Addresses The parameters of LAN and WAN ports are pre set in the factory The default values are shown in the tale...

Страница 30: ...g Username Password Service Name and Domain Name System DNS IP address it can be automatically assigned by your ISP when you connect or be set manually In addition an additional WAN address can be ass...

Страница 31: ...tion of this method will be discussed in detail in the following section Configuring with your Web Browser Open your web browser enter the IP address of your router which by default is 192 168 1 254 a...

Страница 32: ...tatus ARP Table Routing Table DHCP Table PPTP Status BiPAC 8500 8520 Only IPSec Status BiPAC 8500 8520 Only L2TP Status BiPAC 8500 8520 Only Email Status Event Log Error Log NAT Sessions Diagnostic UP...

Страница 33: ...Status 8500 29...

Страница 34: ...8520 30...

Страница 35: ...8501 31...

Страница 36: ...8501 R2 32...

Страница 37: ...8521 33...

Страница 38: ...version number of firmware on the flash MAC Address The LAN MAC address Home URL Displays the manufacturer s website LAN IP Address Displays the IP address for the LAN Subnet Mask Displays the subnet...

Страница 39: ...AC Address Filter function See the Firewall section of this manual for more information on this feature IP Address Shows a list of IP addresses of devices on your LAN Local Area Network MAC Address Sh...

Страница 40: ...MAC Address Shows the MAC Media Access Control addresses of each device on your LAN Gateway Interface Displays the IP address of the gateway or existing interface that this route uses Cost Displays t...

Страница 41: ...Host Name The Host Name of the internal dhcp client Expiry The current lease time of client Expired Table IP Address The current corresponding DHCP assigned dynamic IP address of the device MAC Addres...

Страница 42: ...our VPN configuration Type The type of connection dial in dial out Enable Whether the connection is currently enabled Active Whether the connection is currently activate Tunnel Connected Whether the V...

Страница 43: ...entry Active Whether the VPN Connection is currently Active Connection State Whether the VPN is Connected or Disconnected Statistics Statistics for this VPN Connection Local Subnet The local IP Addres...

Страница 44: ...our VPN configuration Type The type of connection dial in dial out Enable Whether the connection is currently enabled Active Whether the connection is currently activate Tunnel Connected Whether the V...

Страница 45: ...Email Status This screen shows the details and status for the Email Account you have configured Please refer to the Advanced section of this manual for the detail information 41...

Страница 46: ...e displays the router Event Log entries which have been recorded when you have enabled Intrusion Detection or Block WAN PING on the Firewall screen Please see the Firewall section of this manual for m...

Страница 47: ...43 Error Log Displays any error encountered by the router e g invalid names given to entries accumulated up to the present time You can trace its historical information with this function...

Страница 48: ...NAT Sessions This section lists all current NAT sessions between interface of types external WAN and internal LAN 44...

Страница 49: ...s the connection of computer s which is connected to LAN ports and the WAN Internet connection as well If PING www google com is shown FAIL and the rest is PASS you ought to check if your PC s DNS set...

Страница 50: ...d the router s UPnP configuration options Name The Host Name of the internal UPnP client Protocol The connection protocol of the UPnP client External Port The external port for this connection Redirec...

Страница 51: ...in name often in the form of username ispname password and the encapsulation type In addition you can provide a specific DNS or check the Enable box to get the DNS automatically from your ISP Your ISP...

Страница 52: ...nted with a list of supported options Select the desired option from the list and click Apply to return to the Quick Start screen to continue configuring your ISP connection Please note that the conte...

Страница 53: ...n will expand to display the sub items that will allow you to further configure your router LAN WAN System Firewall QoS Virtual Server Time Schedule and Advanced The function of each configuration sub...

Страница 54: ...rnet P1 Port 1 Ethernet1 P2 P3 and P4 Port 2 3 4 Uncheck P2 P3 P4 from Ethernet VLAN port first Note You should setup each VLAN group with caution Each Bridge Interface is arranged in this order Bridg...

Страница 55: ...sually only have one subnet in their LAN The default IP address for the router is 192 168 1 254 IP Address The default IP address of this router Netmask The default subnet mask of this router RIP RIP...

Страница 56: ...th multiple public IP addresses by ISP In this case you allow to use the public IP address in the local network with gateway IP address point to the IP address for this interface DMZ Specify the netwo...

Страница 57: ...xx xx xx Semicolon must be included Candidates Click the link to automatically detect devices connected to the router through the Ethernet Active PC in LAN displays a list of IP Address MAC Address o...

Страница 58: ...s priority If the packet is high priority it will flow first and will not be constrained by the Rate Limit Therefore when this feature is enabled the router s Ethernet switch will check the 2nd octet...

Страница 59: ...re than one subnet on the network Disabling DHCP Server Click the Disable radio button and then click Next to display the confirmation screen Click Apply to disable the DHCP server and relay agent Con...

Страница 60: ...u can edit or delete the MAC Address by clicking Edit or Delete next to the item you want to modify remove Configuring the DHCP Relay Agent Choose DHCP Relay Agent if you want to place DHCP servers an...

Страница 61: ...rovide more service via different WAN connection In this case you can create more connections by clicking Create to go to the configuration page to setup the type of sevice from the list and then pres...

Страница 62: ...thod Select the encapsulation format the default is LLC Bridged Select the one provided by your ISP IP Assignment Obtain an IP address automatically via DHCP client Specify if the Router can get an IP...

Страница 63: ...ss Spoofing This option is required by Service Providers You must fill in the MAC address that is specified by your Service Provider if this is required Default is disabled Click Apply to confirm the...

Страница 64: ...affic or only VLAN tagged Filter Type Specify the type of ethernet filtering performed by the named bridge interface All Allow all types of ethernet packets through the port Ip Allow only IP ARP types...

Страница 65: ...128 alphanumeric characters case sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 a...

Страница 66: ...ine the destination port and packet type TCP UDP without being checked by the timer It allows you to set which outgoing traffic will not trigger and reset the idle timer RIP RIP v1 RIP v2 and RIP v2 M...

Страница 67: ...f the Router can get an IP address from the ISP Internet Service Provider automatically Use the following IP Address Specify the IP address manually the IP should be given by you our ISP RIP RIP v1 RI...

Страница 68: ...se sensitive This will usually be in the format of username ispname instead of simply username Password Enter the password provided by your ISP You can input up to 128 alphanumeric characters case sen...

Страница 69: ...predetermined period of time Detail You can define the destination port and packet type TCP UDP without being checked by the timer It allows you to set which outgoing traffic will not trigger and res...

Страница 70: ...lowing method PPPoE Routed mode 1483 Bridge Mode With pure PPPoE connection the router can get one WAN address to the router With the PPPoE and PPPoE pass through concurrently it allows user to have a...

Страница 71: ...TCP MSS Clamp This option helps to auto detect the optimal MTU size Default is enabled Click Apply to confirm the settings 67...

Страница 72: ...tion To access Multiple Session with PPPoE Pass through Connection press Change Multiple Session with PPPoE pass through TCP MSS Clamp This option helps to auto detect the optimal MTU size Default is...

Страница 73: ...te Mode The mode selections are Adaptive and Fixed Selecting the Adaptive mode the best connection rate will be automatically negotiated with the CO ISP Selecting the Fixed mode the connection rate wi...

Страница 74: ...Line State Displays current SHDSL line status Bit Rate Displays SHDSL line synch speed rate SNR Margin Displays Line Attenuation Displays Click Apply to confirm the settings 70...

Страница 75: ...It is the DSL operating mode standard Select Annex A or Annex B to support up to 2 3Mpbs SHDSL function Note Make sure that the Annex type is the same for the BiPAC 8520 and the remote router Consult...

Страница 76: ...status Line State Displays current SHDSL line status Bit Rate Displays SHDSL line synch speed rate SNR Margin Displays SNR value when line is synchronized It indicates the signal quality the higher th...

Страница 77: ...3 Enhanced 4 wired Connection Conexant enhanced 4 wired mode and compliant with Conexant Legacy codes Standard 4 wired Connection The 4 wired handshaking procedure that is compliant with ITU T standar...

Страница 78: ...74 Sustain2W 4 wired Connection This mode is used to auto detect whether the device uses 2 wired connection or 4 wired connection...

Страница 79: ...s ATM framing Bit Rate Mode The mode selections are Adaptive and Fixed Selecting the Adaptive mode the best connection rate will be automatically negotiated with the CO ISP Selecting the Fixed mode th...

Страница 80: ...NR value when line is synchronized It indicates the signal quality the higher the ratio the higher signal quality it has Line Attenuation Displays signal attenuation The longer loop dostance the large...

Страница 81: ...Fixed Selecting the Adaptive mode the best connection rate will be automatically negotiated with the CO ISP Selecting the Fixed mode the connection rate will be fixed to the specific fixed bit rate se...

Страница 82: ...higher the ratio the higher signal quality it has Line Attenuation Displays signal attenuation The longer loop dostance the larger line attenuation value is Click Apply to confirm the settings 78...

Страница 83: ...Mpbs SHDSL function Note Make sure that the Annex type is the same for the BiPAC 8521 and the remote router Consult with your ISP to set the same annex for the other device Framer Type Packet Framing...

Страница 84: ...ine synch speed rate SNR Margin Displays SNR value when line is synchronized It indicates the signal quality the higher the ratio the higher signal quality it has Line Attenuation Displays signal atte...

Страница 85: ...nhanced 4 wired Connection Conexant enhanced 4 wired mode and compliant with Conexant Legacy codes Standard 4 wired Connection The 4 wired handshaking procedure that is compliant with ITU T standard 8...

Страница 86: ...EFMBond 4 wired Connection 82...

Страница 87: ...fy an SNTP server other than those in the drop down list simply enter its IP address in their appropriate blanks provided as shown above Your ISP may also provide an SNTP server for you to use Dayligh...

Страница 88: ...ct a time period the router will permit remote access and click Enable You may change other configuration options for the web administration interface using Device Management options in the Advanced s...

Страница 89: ...firmware as the software that runs in your router Thus by upgrading the newly improved version of the firmware allows you the advantage to use newly integrated features New Firmware Image Click on Br...

Страница 90: ...ion Press Backup to select where on your local PC you want to store your setting file You may also change the name of the file if you wish to keep multiple backups Restore Configuration Press Browse t...

Страница 91: ...le after a firmware upgrade or if you have saved an incorrect configuration select Factory Default Settings to reset to factory default settings Click Restart with option Current Settings to reboot yo...

Страница 92: ...er accounts or add new users to allow access to the device configuration interface Screen1 Edit Account Information You can change the informations of any account whether the account is active or vali...

Страница 93: ...User name Comment optional Pass word Confirm Password 2 When it is done click the Create button Delete a user account 1 Check the Delete beside the account you want to delete 2 Then click the Delete b...

Страница 94: ...for a hacker to target a machine on your network This natural firewall is on when the NAT function is enabled Firewall Security and Policy General Settings Inbound direction of Packet Filter rules pr...

Страница 95: ...ort filter rules for High Medium and Low security are displayed in Port Filters of the Packet Filter Select either High Medium or Low security level to enable Firewall The only difference between thes...

Страница 96: ...ce requests Port number to from the Internet This function is only available when Firewall is enabled and one of these four security levels is chosen All blocked High Medium and Low The predefined por...

Страница 97: ...O YES YES YES DNS 53 TCP 6 53 53 NO YES NO YES YES YES FTP 21 TCP 6 21 21 NO NO NO YES NO YES Telnet 23 TCP 6 23 23 NO NO NO YES NO YES SMTP 25 TCP 6 25 25 NO YES NO YES NO YES POP3 110 TCP 6 110 110...

Страница 98: ...nge you wish to allow block the trafficn direction set IP address and Subnet Mask to 0 0 0 0 to inactivate the Address Filter rule Note To block access to from a single IP address enter that IP addres...

Страница 99: ...he rule Time Schedule It is a self defined time period You may specify a time schedule for your prioritization policy For setup and detail refer to Time Schedule section Protocol Number Insert the por...

Страница 100: ...s not allowed which means remote access through HTTP to your router is not allowed Note Inbound indicates accessing from Internet to LAN and Outbound is from LAN to the Internet Configuring Packet Fil...

Страница 101: ...t 80 80 This is Port defined for HTTP Inbound Outbound Allow 5 Click Apply to save the settings The new port filter rule for HTTP will be added to the Port Filter Rules table 6 Configure your Virtual...

Страница 102: ...ion for blocking Smurf attacks Default value is 600 seconds Scan Attack Block Duration This is the duration for blocking hosts that attempt a possible Scan attack Scan attack types include X mas scan...

Страница 103: ...7 Src IP Scan Yes Yes CharGen Scan UDP Dst Port CharGen 19 Src IP Scan Yes Yes X mas Tree Scan TCP Flag X mas Src IP Scan Yes Yes IMAP SYN FIN Scan TCP Flag SYN FIN DstPort IMAP 143 SrcPort 0 or 65535...

Страница 104: ...Src IP Source IP Src Port Source Port Dst Port Destination Port Dst IP Destination IP 100...

Страница 105: ...that you can choose from to check the URL filter rules Keywords Filtering Allow blocking against specific keywords within a particular URL rather than having to specify a complete URL e g to block any...

Страница 106: ...shall be specified For example to block traffic to www google com au enter www google or www google com In this example the URL request for www abc com will be sent to the remote web server because it...

Страница 107: ...o damage your system via the standard HTTP protocol Block surfing by IP address Preventing someone who uses the IP address as URL for skipping Domains Filtering function Activate only and if Domain Fi...

Страница 108: ...ing is not triggered No action will be performed Always On Action is enabled TimeSlot1 TimeSlot16 This is the self defined time period You may specify the time period to trigger the blocking i e durin...

Страница 109: ...ormation of all unexpected action taken by your firewall settings This feature is disabled by default To activate the logs check the Enable box then click the Apply button Log information can be seen...

Страница 110: ...account information will be shown Enable Disable This function activates or inactivates the PPTP connection To interrupt the tunnel check the Disable radio button and click the Apply button to inacti...

Страница 111: ...authentication type you want clients to use when acting as a server When using PAP the password is sent unencrypted CHAP encrypts the password before sending This presents challenges at different peri...

Страница 112: ...mote Access PPTP VPN Dial out Connection An office of a company establishes a PPTP VPN connection with a file server located at a different location The router is installed at the office connecting to...

Страница 113: ...r IP 69 121 1 33 on the Server IP Address or Hostname field Username Password Specify the username username password 123456 Auth Type Data Encryption Key Length Mode Keep as default value in most of t...

Страница 114: ...nge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using when acting as a client or the authentication type you want clients to use when...

Страница 115: ...AN to LAN VPN Connection The branch office establishes a PPTP VPN tunnel with the head office to connect two private networks over the Internet The routers are installed in the head office and the bra...

Страница 116: ...Peer Network IP and Netmask Enter the IP address 192 168 0 0 subnet mask 255 255 255 0 of branch office network Username Password Specify the username username password 123456 to authenticate branch o...

Страница 117: ...ss 69 121 1 33 of the head office router in WAN side Peer Network IP and Netmask Enter the IP address 192 168 1 0 subnet mask 255 255 255 0 of head office network Username Password Specify the usernam...

Страница 118: ...activate the connection Name This is the user defined name of the connection Local Subnet Displays IP address and subnet of the local network Remote Subnet Displays IP address and subnet of the remote...

Страница 119: ...lect the IPSec security method There are two methods of checking the authentication information AH authentication header and ESP Encapsulating Security Payload Use ESP for greater security so that dat...

Страница 120: ...o parties to establish a shared secret over an unsecured communication channel i e over the Internet There are three modes MODP 768 bit MODP 1024 bit and MODP 1536 bit MODP stands for Modular Exponent...

Страница 121: ...age Digest and SHA 1 Secure Hash Algorithm algorithms SHA1 is more resistant to brute force attacks than MD5 however it is slower SHA1 is more resistant to brute force attacks than MD5 however it is s...

Страница 122: ...es Note A short SA time increases security by forcing two parties to update the keys However every time the VPN tunnel re negotiates access through the tunnel will be temporarily disconnected PING to...

Страница 123: ...ffice establishes a PPTP VPN tunnel with the head office to connect two private networks over the Internet The routers are installed in the head office and the branch office respectively Branch Office...

Страница 124: ...dress 69 121 1 30 of the head office router in WAN side Remote Network Check the Subnet radio button and enter the IP address 192 168 0 0 and subnet mask 255 255 255 0 of branch office network Proposa...

Страница 125: ...IP address 69 121 1 3 of the head office router in WAN side Remote Network Check the Subnet radio button and enter the IP address 192 168 1 0 and subnet mask 255 255 255 0 of head office network Propo...

Страница 126: ...Example Configuring a IPSec Host to LAN VPN Connection 122...

Страница 127: ...he IP address 69 121 1 30 of the head office router in WAN side Remote Network Check the Single Address radio button and enter the Remote worker s IP address 69 121 1 30 Proposal Check the ESP radio b...

Страница 128: ...heck the Disable radio button and click the Apply button to inactivate the connection Name This is the user defined name of the connection Type Refers to your router which operates as a client or a se...

Страница 129: ...e type of authentication to use You can also manually specify CHAP Challenge Handshake Authentication Protocol or PAP Password Authentication Protocol if you know which type the server is using when a...

Страница 130: ...phy protocol that allows two parties to establish a shared secret over an unsecured communication channel i e over the Internet There are three modes MODP 768 bit MODP 1024 bit and MODP 1536 bit MODP...

Страница 131: ...cess Dial in Connection A remote worker establishes a L2TP VPN connection with the head office using Microsoft VPN Adapter included with Windows XP 2000 ME etc The router is installed in the head offi...

Страница 132: ...Private IP Address Assigned to Dialing User field Username Password Enter the username username password 123456 to authenticate remote worker Auth Type Keep as default value in most of the cases Idle...

Страница 133: ...Remote Access L2TP VPN Dial out Connection A company s office establishes a L2TP VPN connection with a file server located at a different location The router is installed in the office connecting to a...

Страница 134: ...he connection will be disconnected when there is no traffic in a predefined period of time 0 means always on IPSec Enabled for enhancing your L2TP VPN security and then set the Authentication Encrypti...

Страница 135: ...t enter the username password provided by your Host If you are a Dial In user server enter your own username password Authentication Type Default is Auto allows the router to determine which authentic...

Страница 136: ...hy protocol that allows two parties to establish a shared secret over an unsecured communication channel i e over the Internet There are three modes MODP 768 bit MODP 1024 bit and MODP 1536 bit MODP s...

Страница 137: ...LAN to LAN VPN Connection The branch office establishes a L2TP VPN tunnel with the head office to connect two private networks over the Internet The routers are installed in the head office and branch...

Страница 138: ...er field Peer Network IP Enter the IP address 192 168 0 0 and subnet mask 255 255 255 0 of branch office network Username Password Enter the username username password 123456 to authenticate remote wo...

Страница 139: ...ffice router in WAN side Peer Network IP Enter the IP address 192 168 1 0 and subnet mask 255 255 255 0 of head office network Username Password Enter the username username password 123456 to authenti...

Страница 140: ...et and or Wireless to WAN Internet It facilitates you the features to control the quality and speed of throughput for each application when the system is running with full upstream load You can find t...

Страница 141: ...need to specify the IP addresses or Application ports in this page For other protocols at least one value shall be given any No protocol type is specified tcp udp icmp gre For PPTP VPN Connections So...

Страница 142: ...assify the traffic of the application to be executed according to the DSCP value See DSCP Mapping Table Note Make sure that the router s in the network backbone are capable to execute and check the DS...

Страница 143: ...identifies the new QoS application rule Time Schedule Scheduling your prioritization policy Protocol Select the supported protocol from the drop down list Source Destination Port The packet source de...

Страница 144: ...that identifies the new QoS application rule Time Schedule Scheduling your prioritization policy Protocol Select the supported protocol from the drop down list Source Destination Port The packet sourc...

Страница 145: ...your Network Connection Diagram Information and Settings Upstream 928 kbps Downstream 8 Mbps VoIP User 192 168 1 1 Normal Users 192 168 1 2 192 168 1 5 Restricted User 192 168 1 100 141 Restricted PC...

Страница 146: ...ull Restricted Application Some companies will setup a FTP server for customers to download files or home users to share their files via FTP The settings help to limit upstream utilization of the FTP...

Страница 147: ...a 16 bit number used to identify which application program usually a server incoming connections should be delivered to Some ports have numbers that are pre assigned to them by the IANA the Internet...

Страница 148: ...dio button to select the rule Application Protocol and External Redirect Ports will be filled after the selection Protocol It is the supported protocol for the virtual server In addition to specifying...

Страница 149: ...IP Address 192 168 1 254 Edit Click to change virtual server application parameters Delete Click to remove virtual server application entry 145...

Страница 150: ...MZ host Note The local computer exposing to the Internet may face various security risks Disabled As set in default setting it disables the DMZ function Enabled Select to activate your DMZ function In...

Страница 151: ...f the public WAN IP address given by your ISP If your ISP has pro vided this information you may insert it here Otherwise use IP Range method IP Range The IP address range of your public WAN IP addres...

Страница 152: ...her information please see IANA s website at http www iana org assignments port numbers For help on determining which private port numbers are used by common applications on this list please see the F...

Страница 153: ...the current time from an SNTP server from the Internet Refer to Time Zone for details You router time should correspond with your local time If the time is not set correctly your Time Schedule will no...

Страница 154: ...er define description to identify the time profile Day Default is set from Monday through Friday You may specify the days for the schedule to be applied Start Time Default is set at 8 00 AM You may sp...

Страница 155: ...ty to control the routing of the all the traffic across your network With each routing rule created you can specifically assign the destination where the traffic will be routed to Destination Enter th...

Страница 156: ...Check to disable the Dynamic DNS function Enable Check to enable the Dynamic DNS function The following fields will be activated and required Dynamic DNS Server Select the DDNS service you have establ...

Страница 157: ...name login of the POP3 account you wish the system to check Normally it is the name of your email address before the symbol If you have trouble with it please contact your ISP Password Enter the acco...

Страница 158: ...router s security options and device monitoring features Device Host Name Host Name Assign it a name The Host Name cannot be used with one word only There are two words should be connected with a at l...

Страница 159: ...th user s Operating System and its relevant applications must support UPnP in addition to the router Windows XP and Windows Me have a native built in support for UPnP when the component is installed W...

Страница 160: ...NMPv3 is a strong authentication mechanism authorizing with fine granularity for remote monitoring Traps supported Cold Start Authentication Failure The following MIBs are supported From RFC 1213 MIB...

Страница 161: ...ifMIBObjects Group From RFC1695 atmMIB atmMIBObjects From RFC 1907 SNMPv2 only snmpSetSerialNo OID 157...

Страница 162: ...ep 1 Click Start and Control Panel Double click Add Remove Programs Step 2 Click on the Windows Setup tab and select Communication in the Components selection box Click Details Step 3 In the Communica...

Страница 163: ...Step 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Step 4 When the Windows Optional Networking Components Wizard window appears select N...

Страница 164: ...nd Control Panel Double click Network Connections An icon displays under Internet Gateway Step 2 Right click the icon and select Properties Step 3 In the Internet Connection Properties window click Se...

Страница 165: ...or click Add to manually add port mappings Step 5 Select Show icon in notification area when connected option and click OK An icon displays in the system tray Step 6 Double click on the icon to displ...

Страница 166: ...steps below to access web configuration Step 1 Click Start and then Control Panel Step 2 Double click Network Connections Step 3 Select My Network Places under Other Places Step 4 An icon describing e...

Страница 167: ...ly to confirm the changes Example When IGMP snooping is enabled the feature will analyze all incoming IGMP packets between the hosts that are connected to the switch and the multicast routers in the n...

Страница 168: ...LAN Bridge This section allows you to create a VLAN group and specify the members of the VLAN group Edit Edit your member ports in selected VLAN group Create VLAN Click to create another VLAN group 16...

Страница 169: ...Services EPG EAS etc 0 37 Video 0 38 Video 0 39 Spare Step 1 Setup Member Ports Go to Configuration LAN Bridge Interface You can setup member ports for each VLAN group under Bridge Interface section...

Страница 170: ...ault WAN interface which provides service for data internet access If your ISP uses this access protocol click Edit to input other parameters if needed If your ISP does not use PPPoE you can change th...

Страница 171: ...save changes From the example only VPI and VCI sections need to be filled in and leave the rest of the section as it is Repeat the same procedure by clicking Create select RFC1483 Bridged fill in the...

Страница 172: ...ge Interface created in Step1 you will see the relationship in these two screenshots Step 4 Enable IGMP Snooping Go to Configuration Advanced IGMP IGMP Snooping must be enabled in order to allow video...

Страница 173: ...ng the router s configuration settings you must save all of the configuration parameters to FLASH to avoid losing them after turning off or resetting your router Click Save Config and click Apply to w...

Страница 174: ...r and restore your last saved configuration If you wish to restart the router using the factory default settings for example after a firmware upgrade or if you have saved an incorrect configuration se...

Страница 175: ...ore when a PC has logged into the system interface the other users cannot access the system interface until the current user has logged out of the system If the previous user forgets to logout the sec...

Страница 176: ...et button for more than 6 seconds Problems with WAN interface Problem Suggested Action Initialization of SHDSL connection linesync fail Make sure that telephone cable is properly connected between the...

Страница 177: ...or you come across other technical issues that are not listed in the Troubleshooting section please contact the dealer from where you purchased your product Contact Billion MAC OS is a registered Tra...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды