Comet Labs WRB54+ Скачать руководство пользователя страница 26

Страница: 26 / 126

This product’s NAT firewall filters out unrecognized packets to protect your Intranet, so all hosts

behind this product are invisible to the outside world. If you wish, you can make some of them

accessible by enabling the Virtual Server Mapping.

A virtual server is defined as a

Service Port

, and all requests to this port will be redirected to the

computer specified by the

Server IP

Virtual Server

can work with

Scheduling Rules

, and give

user more flexibility on Access control. For Detail, please refer to

Scheduling Rule

For example, if you have an FTP server (port 21) at 192.168.0.2, a Web server (port 80) at 192.168.0.2,

and a VPN server at 192.168.0.6, then you need to specify the following virtual server mapping table:

Service Port

Server IP

Enable

192.168.0.2

1723

192.168.0.6

Содержание WRB54+

Страница 1: ...1 User s Manual Wireless Internet Broadband Router Model Nr WRB54 English version...

Страница 2: ...und to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against radio interference in a commercial en...

Страница 3: ...ess Broadband Router 12 3 1 Start up and Log in 13 3 2 Status 14 3 3 Wizard 15 3 4 Basic Setting 16 3 5 Forwarding Rules 25 3 6 Security Settings 29 3 7 Advanced Settings 52 3 8 Toolbox 66 Appendix A...

Страница 4: ...Firewall All unwanted packets from outside intruders are blocked to protect your Intranet l DHCP server supported All of the networked computers can retrieve TCP IP settings automatically from this p...

Страница 5: ...to control access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP address of the source and destination l Domain Filter Supported let...

Страница 6: ...ted Because SNMP this function has many versions anyway the router supports V1 and V2c l Routing Table Supported Now the router supports static routing and two kinds of dynamic routing RIP1 and RIP2 l...

Страница 7: ...7 Packing List l Wireless broadband router unit l Installation CD ROM l Power adapter l CAT 5 UTP Fast Ethernet cable...

Страница 8: ...Blinking This product is functioning properly On The WAN port is linked WAN WAN port activity Green Blinking The WAN port is sending or receiving data WLAN Wireless activity Green Blinking Sending or...

Страница 9: ...Rear Panel Ports Port Description 5VDC Power inlet DC 5V 1 5A minimum WAN the port where you will connect your cable or DSL modem or Ethernet router Port 1 4 the ports where you will connect networke...

Страница 10: ...LAN ports of this product b Wireless LAN connection locate this product at a proper position to gain the best transmit performance Figure 2 3 Setup of LAN and WAN connections for this product 3 Setup...

Страница 11: ...automatically that is via DHCP server of this product After installing the TCP IP communication protocol you can use the ping command to check if your computer has successfully connected to this produ...

Страница 12: ...lle e es s ss s s B B Br r ro o oa a ad d db b ba a an n nd d d R R Ro o ou u ut t te e er r r This product provides Web based configuration scheme that is configuring by your Web browser such as Net...

Страница 13: ...is established you will see the web user interface of this product There are two appearances of web user interface for general users and for system administrator To log in as an administrator enter t...

Страница 14: ...t s working status A WAN Port Status If the WAN port is assigned a dynamic IP there may appear a Renew or Release button on the Sidenote column You can click this button to renew or release IP manuall...

Страница 15: ...15 3 3 Wizard Setup Wizard will guide you through a basic configuration procedure step by step Press Next...

Страница 16: ...16 Setup Wizard Select WAN Type For detail settings please refer to3 4 1 primary setup 3 4 Basic Setting...

Страница 17: ...17 3 4 1 Primary Setup WAN Type Virtual Computers Press Change...

Страница 18: ...SP assigns you a static IP address B Dynamic IP Address Obtain an IP address from ISP automatically C Dynamic IP Address with Road Runner Session Management e g Telstra BigPond D PPP over Ethernet Som...

Страница 19: ...quires it Otherwise leave it blank 3 Maximum Idle Time the amount of time of inactivity before disconnecting your PPPoE session Set it to zero or enable Auto reconnect to disable this feature 4 Maximu...

Страница 20: ...s you to setup the one to one mapping of multiple global IP address and local IP address Global IP Enter the global IP address assigned by your ISP Local IP Enter the local IP address of your LAN PC c...

Страница 21: ...llowing items 1 DHCP Server Choose Disable or Enable 2 Lease Time this feature allows you to configure IP s lease time DHCP client 3 IP pool starting Address IP pool starting Address Whenever there is...

Страница 22: ...TSI channel 7 for Japan 3 WEP Security Select the data privacy algorithm you want Enabling the security can protect your data while it is transferred from one station to another The standardized IEEE...

Страница 23: ...nction is enable the Wireless user must authenticate to this router first to use the Network service RADIUS Server IP address or the 802 1X server s domain name RADIUS Shared Key Key value shared by t...

Страница 24: ...24 3 4 4 Change Password You can change Password here We strongly recommend you to change the system password for security reason...

Страница 25: ...25 3 5 Forwarding Rules 4 5 1 Virtual Server...

Страница 26: ...equests to this port will be redirected to the computer specified by the Server IP Virtual Server can work with Scheduling Rules and give user more flexibility on Access control For Detail please refe...

Страница 27: ...of Special Applications fails to make an application work try setting your computer as the DMZ host instead 1 Trigger the outbound port number issued by the application 2 Incoming Ports when the trig...

Страница 28: ...o be exposed to unrestricted 2 way communication for Internet games Video conferencing Internet telephony and other special applications NOTE This feature should be used only when needed Non standard...

Страница 29: ...29 3 6 Security Settings...

Страница 30: ...w all to pass except those match the specified rules 2 Deny all to pass except those match the specified rules You can specify 8 rules for each direction inbound or outbound For each rule you can defi...

Страница 31: ...rol For Detail please refer to Scheduling Rule Each rule can be enabled or disabled individually Inbound Filter To enable Inbound Packet Filter click the check box next to Enable in the Inbound Packet...

Страница 32: ...net news port 119 and transfer files via FTP port 21 Others are all allowed After Inbound Packet Filter setting is configured click the save button Outbound Filter To enable Outbound Packet Filter cli...

Страница 33: ...92 168 0 123 which is very limited to special functions It is not allowed to send mail port 25 receive mail port 110 and browse Internet port 80 port 53 DNS is necessary to resolve the domain name Sec...

Страница 34: ...2 168 0 200 is not allowed totransfer files via FTP port 21 Second filter 192 168 0 219 can do everything except read net news port 119 Others are allowed After Outbound Packet Filter setting is confi...

Страница 35: ...n when someone accesses the specific URLs Privilege IP Addresses Range Setting a group of hosts and privilege these hosts to access network without restriction Domain Suffix A suffix of URL to be rest...

Страница 36: ...ion will be record in log file 2 URL include www sina com will not be blocked but the action will be record in log file 3 URL include www google com will be blocked but the action will not be record i...

Страница 37: ...o input a keyword only In other words Domain filter can block specific website while URL Blocking can block hundreds of websites by simply a keyword URL Blocking Enable Checked if you want to enable U...

Страница 38: ...on will be record in log file 2 URL include sina will be blocked but the action will be record in log file 3 URL include cnnsi will not be blocked but the action will be record in log file 4 URL inclu...

Страница 39: ...his device If a client is denied to connect to this device it means the client can t access to the Internet either Choose allow or deny to allow or deny the clients whose MAC addresses are not in the...

Страница 40: ...allow the corresponding client to connect to this device A When Association control is checked check A will allow the corresponding client to associate to the wireless LAN In this page we provide the...

Страница 41: ...gorithms VPN enable item VPN protects network information from ill network inspectors But it greatly degrades network throughput Enable it when you really need a security tunnel It is disabled for def...

Страница 42: ...ecessary to setup the configuration of IKE for the dedicated tunnel basic setup IKE proposal setup and IPSec proposal setup Basic setup includes the setting of following items local subnet local netma...

Страница 43: ...gateway Pre shared key The first key that supports IKE mechanism of both VPN gateways for negotiating further security keys The pre shared key must be same for both end gateways Function of Buttons S...

Страница 44: ...e of Life Time Unit If the value of unit is second the value of life time represents the life time of dedicated VPN tunnel between both end gateways Its value ranges from 300 seconds to 172 800 second...

Страница 45: ...IPSec proposal to be focused First char of the name with 0x00 value stands for the proposal is not available DH group There are three groups can be selected group 1 MODP768 group 2 MODP1024 group 5 M...

Страница 46: ...e ranges from 20 480 KBs to 2 147 483 647 KBs Life time unit There are two units can be selected second and KB Proposal ID The identifier of IPSec proposal can be chosen for adding the proposal to the...

Страница 47: ...When using VPN Dynamic IP Setting this router is working as a Dynamic VPN server Dynamic VPN Server will not check VPN client IP information so user can build VPN tunnel with VPN gateway from any rem...

Страница 48: ...e L2TP tunnels for L2TP clients Each tunnel can accept more than one client User is required to configure Virtual IP of L2TP Server Authentication Protocol L2TP Tunnel Name and User Account Password V...

Страница 49: ...clients Each tunnel can accept more than one client User is required to configure Virtual IP of PPTP Server Authentication Protocol PPTP Tunnel Name and User Account Password Virtual IP of PPTP Serve...

Страница 50: ...tion to specified a group of trusted IP addresses For example 10 1 2 0 24 NOTE When Remote Administration is enabled the web server port will be shifted to 88 You can change web server port to other p...

Страница 51: ...S attack comes from the Internet Currently the router can detect the following DoS attack SYN Attack WinNuke Port Scan Ping of Death Land Attack etc VPN PPTP IPSec Pass Through Please enable this feat...

Страница 52: ...52 3 7 Advanced Settings...

Страница 53: ...d Time by NTP Protocol Time Server Select a NTP time server to consult UTC time Time Zone Select a time zone where this device locates Set Date and Time manually Selected if you want to Set Date and T...

Страница 54: ...ess for Syslog Host IP of destination where syslogs will be sent to Check Enable to enable this function E mail Alert Enable Check if you want to enable Email alert send syslog via email SMTP Server I...

Страница 55: ...to separate these email addresses E mail Subject The subject of email alert This setting is optional Username and Password To fill some SMTP server s authentication requirement you may need to input...

Страница 56: ...time you connect your Internet service provider Before you enable Dynamic DNS you need to register an account on one of these Dynamic DNS servers that we list in provider field To enable Dynamic DNS...

Страница 57: ...57 Example After Dynamic DNS setting is configured click the save button...

Страница 58: ...unction If Local is checked this device will response request from LAN If Remote is checked this device will response request from WAN Get Community Setting the community of GetRequest your device wil...

Страница 59: ...ich s get community is set as public 2 This device will response to SNMP client which s set community is set as private 3 This device will response request from both LAN and WAN 4 This device will sen...

Страница 60: ...to setup the functions of static and dynamic routing Dynamic Routing Routing Information Protocol RIP will exchange information about destinations for computing routes throughout the network Please se...

Страница 61: ...168 0 103 1 So if for example the client3 wanted to send an IP data gram to 192 168 10 2 it would use the above table to determine that it had to go via 192 168 0 103 a gateway And if it sends Packets...

Страница 62: ...62 3 7 6 Schedule Rule You can set the schedule time to decide which service will be turned on or off Select the enable item Press Add New Rule...

Страница 63: ...63 You can write a rule name and set which day and what time to schedule from Start Time to End Time The following example configure ftp time as everyday 14 10 to 16 20...

Страница 64: ...you want to Enable the Scheduler Edit To edit the schedule rule Delete To delete the schedule rule and the rule of the rules behind the deleted one will decrease one automatically Schedule Rule can be...

Страница 65: ...65 Exanple1 Virtual Server Apply Rule 1 ftp time everyday 14 10 to 16 20 Exanple2 Packet Filter Apply Rule 1 ftp time everyday 14 10 to 16 20...

Страница 66: ...66 3 8 Toolbox...

Страница 67: ...67 3 8 1 System Log You can View system log by clicking the View Log button...

Страница 68: ...68 3 8 2 Firmware Upgrade You can upgrade firmware by clicking Firmware Upgrade button...

Страница 69: ...bin file Once you want to restore these settings please clickFirmware Upgrade button and use the bin file you saved 3 8 4 Reset to default You can also reset this product to factory default by clicki...

Страница 70: ...re the target device must be Wake on LAN enabled and you have to know the MAC address of this device say 00 11 22 33 44 55 Clicking Wake up button will make the router to send the wake up frame to the...

Страница 71: ...omputer If not please refer to your network card manual Moreover the Section B 2 tells you how to set TCP IP values for working with this NAT Router correctly A 1 Install TCP IP Protocol into Your PC...

Страница 72: ...h NAT Router 1 Click Start button and choose Settings then click Control Panel 2 Double click Network icon Select the TCP IP line that has been associated to your network card in the Configuration tab...

Страница 73: ...73 b Don t input any value in the Gateway tab...

Страница 74: ...tab B Configure IP manually a Select Specify an IP address in the IP Address tab The default IP address of this product is 192 168 0 1 So please use 192 168 0 xxx xxx is between 1 and 253 for IP Addre...

Страница 75: ...75 b In the Gateway tab add the IP address of this product default IP is192 168 0 1 in the New gateway field and click Add button...

Страница 76: ...76 c In the DNS Configuration tab add the DNS values which are provided by the ISP into DNS Server Search Order field and click Add button...

Страница 77: ...t t tt t ti iin n ng g g g g gu u ui iid d de e e Example Win XP 2000 VPN Router Configuration on WIN 2000 is similar to XP 1 On Win 2000 XP click Start button select Run type secpol msc in the field...

Страница 78: ...78 Double click Administrative Tools...

Страница 79: ...79 Local Security Policy Settings Double click Local Security Policy...

Страница 80: ...Create IP Security Policy Click the Next button enter your policy s name Here it is to_vpn_router Then click Next Introduction Dis select the Activate the default response rule check box and click Nex...

Страница 81: ...81 Build 2 Filter Lists xp router and router xp Filter List 1 xp router In the new policy s properties screen select Use Add Wizard check box and then click Add button to create a new rule...

Страница 82: ...82 click Add button...

Страница 83: ...83 Enter a name for example xp router and dis select Use Add Wizard check box Click Add button...

Страница 84: ...cific IP Address and fill in IP Address 192 168 1 1 In the Destination address field select A specific IP Subnet fill in IP Address 192 168 0 0 and Subnet mask 255 255 255 0 If you want to select a pr...

Страница 85: ...85 Click OK button Then click OK button on the IP Filter List page...

Страница 86: ...86 select Filter Action select Require Security then click Edit button...

Страница 87: ...87 select Negotiate security Select Session key Perfect Forward Secrecy PFS click Edit button...

Страница 88: ...88 select Custom button...

Страница 89: ...89 Select Data integrity and encryption ESP Configure Integrity algorithm MD5 Configure Encryption algorithm DES Configure Generate a new key every 10000 seconds Click OK button...

Страница 90: ...90 select Authentication Methods page click Add button...

Страница 91: ...ect Use this string to protect the key exchange preshared key and enter your preshared key string such as mypresharedkey Click OK button Click OK button on Authentication Methods page Select Tunnel Se...

Страница 92: ...92 configure The tunnel endpoint is specified by this IP address 192 168 1 254 Select Connection Type...

Страница 93: ...93 select All network connections Tunnel 2 router xp In the new policy s properties page dis select Use Add Wizard check box and then click Add button to create a new rule...

Страница 94: ...94 click Add button...

Страница 95: ...95 Enter a name such as router xp and dis select Use Add Wizard check box Click Add button...

Страница 96: ...cific IP Subnet fill in IP Address 192 168 0 0 and Subnet mask 255 255 255 0 In the Destination address field select A specific IP Address and fill in IP Address 192 168 1 1 If you want to select a pr...

Страница 97: ...97 Click OK button Then click OK button on IP Filter List window...

Страница 98: ...98 select Filter Action tab select Require Security then click Edit button...

Страница 99: ...99 select Negotiate security Select Session key Perfect Forward Secrecy PFS click Edit button...

Страница 100: ...100 select Custom button...

Страница 101: ...101 Select Data integrity and encryption ESP Configure Integrity algorithm MD5 Configure Encryption algorithm DES Configure Generate a new key every 10000 seconds Click OK button...

Страница 102: ...102 select Authentication Methods page click Add button...

Страница 103: ...lect Use this string to protect the key exchange preshared key and enter the preshared key string such as mypresharedkey Click OK button Click OK button on Authentication Methods page Select Tunnel Se...

Страница 104: ...104 Configure The tunnel endpoint is specified by this IP address 192 168 1 1 Select Connection Type...

Страница 105: ...105 select All network connections...

Страница 106: ...106 Configure IKE properties Select General Click Advanced...

Страница 107: ...107 enable Master key perfect forward security PFS configure Authenticate and generate a new key after every 10000 seconds click Methods click Add button...

Страница 108: ...ure Integrity algorithm SHA1 Configure Encryption algorithm 3DES Configure Diffie Helman group Medium 2 Settings on VPN router VPN Router Wan IP address 192 168 1 254 Lan IP address 192 168 0 1 PC 192...

Страница 109: ...109 VPN Settings VPN Enable Max number of tunnels 2 ID 1 Tunnel Name 1 Method IKE Press More...

Страница 110: ...0 VPN Settings Tunnel 1 IKE Tunnel 1 Local Subnet 192 168 0 0 Local Netmask 255 255 255 0 Remote Subnet 192 168 1 1 Remote Netmask 255 255 255 255 Remote Gateway 192 168 1 1 Preshare Key my preshare k...

Страница 111: ...111 VPN Settings Tunnel 1 Set IKE Proposal ID 1 Proposal Name 1 DH Group Group2 Encrypt Algorithm 3DES Auth Algorithm SHA1 Life Time 10000 Life Time Unit Sec...

Страница 112: ...112 VPN Settings Tunnel 1 Set IPSec Proposal ID 1 Proposal Name proposal1 DH Group Group2 Encap Protocol ESP Encrypt Algorithm DES Auth Algorithm MD5 Life Time 10000 Life Time Unit Sec...

Страница 113: ...113 User can view VPN connection process in System Log page and correct their settings Phase1 is related to IKE settings Phase2 is related to IPSEC settings...

Страница 114: ...d d di iix x x C C C P P PP P PT T TP P P a a an n nd d d L L L2 2 2T T TP P P C C Co o on n nf f fi iig g gu u ur r ra a at t ti iio o on n ns s s 1 First please go to the Network connection 2 Connec...

Страница 115: ...115 3 Choose Virtual Private Network 4 Do not dial to initial connection...

Страница 116: ...116 5 Input the router wan ip address 6 Then ok please input username and password as you setup in the router...

Страница 117: ...117 7 Select the type of VPN...

Страница 118: ...g any pcs in the lan 192 168 0 x L2TP However the router is the also vpn l2tp server and supports three Authentication Protocols PAP CHAP and MSCPAP And the settings are similar with PPTP But MS opera...

Страница 119: ...119 Then the steps refer to pptp settings...

Страница 120: ...PC2 Microsoft Windows XP Professional with Service Pack 1a Z Com XI 725 wireless LAN USB adapter Driver version 1 7 29 0 Driver date 10 20 2001 Authentication Server Windows 2000 RADIUS server with S...

Страница 121: ...le the 802 1X check the Enable checkbox 2 Enter the RADIUS server IP 3 Enter the shared key The key shared by the RADIUS server and DUT 4 We will change 802 1X encryption key length to fit the variabl...

Страница 122: ...122 Figure 2 Enable IEEE 802 1X access control...

Страница 123: ...ess Point 3 Set authentication type of wireless client and RADIUS server both to EAP_TLS 4 Disable the wireless connection and enable again 5 The DUT will send the user s certificate to the RADIUS ser...

Страница 124: ...124 Figure 4 Certificate information on PC1 Figure 5 Authenticating...

Страница 125: ...C2 5 Windows XP will prompt that the authentication process is success or fail and end the authentication procedure 6 Terminate the test steps when PC2 get dynamic IP and PING remote host successfully...

Страница 126: ...R once to show the console mode commands Just type RR command to restore the factory setting Please refer to User Manual for the details 2 Restore with RESET button First turn off the router and press...

Результаты поиска

Содержание WRB54+

Отзывы:

Похожие инструкции для WRB54+

Бренды по названию

Популярные бренды

Comet Labs WRB54+, Руководство пользователя

Результаты поиска

Содержание WRB54+

Отзывы:

Похожие инструкции для WRB54+

Бренды по названию

Популярные бренды