Edimax ER-1088 Скачать руководство пользователя страница 61 | Manualshive

Страница: 61 / 97

background image

Settings – IPSec Policy Setup

IPSec Traffic Binding

•

Tunnel Name

– In order to distinguish the tunnel, you have to give

“Tunnel” a name.

•

Tunnel

– If set to

Enable

, this will allow the tunnel to connect.

•

WAN port

– You can choose any WAN port to make the VPN

connection.

•

PPPoE Session

– If you are using a multi-session PPPoE

connection, you can select which PPPoE session will create a
VPN tunnel between two sites.

•

Local Identity Type

– You can select how the router will identify

itself to the destination VPN site. There are three options to select
from:

•

WAN IP address

– This allows the authentication by using its

public IP address.

•

Domain Name

– This allows the authentication by using a

domain name.

•

Distinguished Name

– This allows the authentication by using

a distinguished name such as an email address or alpha-
numeric characters.

Traffic Selector

•

Service

–

Protocol Type:

You can choose TCP, UDP, ICMP or

GRE protocol as your connection protocol. By default the protocol
type is “Any”.

•

Local Security Network

– These entries identify the private

network on this VPN gateway - the hosts of which can use the
LAN-to-LAN connection. You can choose a single IP address, the
subnet, or a selected IP range to make VPN LAN-to-LAN
connection.

•

Remote Security Network

– These entries identify the private

network on the remote peer VPN gateway whose hosts can use
the LAN-to-LAN connection. You can choose a single IP address,
the subnet, or a selected IP range to make VPN connection

•

Remote Security Gateway

– You can select either the remote

side by a domain name, a remote side IP address (WAN IP
address) or a distinguished name as your remote side security
gateway.

Security Level

•

Encryption Method

– Specifies the encryption mechanism to use.

Data encryption makes the data unreadable if intercepted. There
are three encryption methods available: DES, 3DES and AES. The
default setting is

null

.

•

Authentication Method

– Specifies the packets authentication

mechanism to use. Packets authentication confirms if the data’s
source is correct or not. There are three authentication methods
available - MD5, SHA1 and SHA2.

•

ESP Mode

– Only

Tunnel Mode

is available. It offers the most

protection against an intruder trying to intercept VPN packets.

Page 57

«
...
59
60
61
62
63
...
»

Содержание ER-1088

Страница 1: ...Multi WAN VPN Link Balancer User s Guide...

Страница 2: ......

Страница 3: ...4 ADVANCED SETUP 27 Overview 27 Host IP 27 Routing 29 Virtual Server 33 Special Application 36 Dynamic DNS 38 Multi DMZ 40 UPnP Setup 42 NAT Setup 43 Advanced Feature 45 5 SECURITY MANAGEMENT 48 Block...

Страница 4: ...n 80 System Status 80 WAN Status 83 APPENDIX A SPECIFICATIONS 85 APPENDIX B WINDOWS TCP IP SETUP 86 Overview 86 TCP IP Settings 86 APPENDIX C TROUBLESHOOTING 92 Overview 92 General Problems 92 Interne...

Страница 5: ...access If all 8 WAN ports are not used the remaining WAN ports will be available as LAN Ports but by default at least 2 of the ports will be used as WAN ports Shared Broadband Internet Access All LAN...

Страница 6: ...ming connection requests which would otherwise be blocked For each IP address allocated by your ISP a separate DMZ PC can be specified So if your ISP has given you multiple IP addresses you can have m...

Страница 7: ...ncer can be managed from any PC on your LAN Also if an Internet connection exists it can optionally be configured via the Internet Password protected Configuration Optional password protection is prov...

Страница 8: ...When UPnP Universal Plug Play is set to Enable the Multi WAN VPN Link Balancer becomes a network device This feature is useful for detecting and controlling network devices such as Internet gateways P...

Страница 9: ...above items are damaged or missing please contact your dealer immediately Physical Details Front Panel Figure 1 2 Front Panel Front Panel LED indication is as follows Power OFF No Power ON Normal Ope...

Страница 10: ...Reset Button When pressed and released the Multi WAN VPN Link Balancer will reboot restart within 1 second It will reset to default when pushed and held for more than 3 seconds Some Status and Error c...

Страница 11: ...empting to restore it by upgrading the firmware Follow this procedure 1 2 Power On the Multi WAN VPN Link Balancer Use the supplied Windows utility or a TFTP client program to apply the new firmware I...

Страница 12: ...s Save the current configuration settings to your PC use the Save Configuration button Restore a previously saved configuration file to the Multi WAN VPN Link Balancer use the Upgrade Firmware button...

Страница 13: ...e standard 10 100BaseT network UTP cables with RJ45 connectors TCP IP network protocol must be installed on all PCs Procedure 1 Configuring the Multi WAN VPN Link Balancer for your LAN 1 2 3 4 5 6 Use...

Страница 14: ...it is highly recommended that you set a password You may do this using the Admin Setup screen After logging in you will see the Administrator Password setup in the Admin Setup screen as shown below A...

Страница 15: ...e Multi WAN VPN Link Balancer must be disabled You will find this setting in the LAN DHCP screen Your DHCP Server must be configured to provide the Multi WAN VPN Link Balancer s LAN IP Address as the...

Страница 16: ...access the Internet through NAT DHCP Configuration Lease Time This is a finite period of time for a DHCP server to lease an IP address to a client DNS Server IP for Client An IP address of the defaul...

Страница 17: ...WAN VPN Link Balancer Both 10BaseT and 100BaseT connections can be used simultaneously If you need to connect the Multi WAN VPN Link Balancer to another Hub just use a standard LAN cable to connect a...

Страница 18: ...p to eight 8 WAN ports Once you have selected how many ports you are going to use click on Submit You may then proceed to the Primary Setup page Figure 2 5 MAX WAN Select Primary Setup from the menu Y...

Страница 19: ...if your ISP has provided a Fixed or Static IP address Enter the data into the Address Info fields Dynamic IP Select this if your ISP provides an IP address automatically when you connect You can ignor...

Страница 20: ...e multiple PPPoE sessions on either port configure settings in the Advanced PPPoE screen DNS If using a Fixed IP address you MUST enter at least 1 DNS address If using a Dynamic IP PPPoE or PPTP DNS i...

Страница 21: ...TCP IP settings refer to Appendix B Windows TCP IP Setup Internet Access To configure your PCs to use the Multi WAN VPN Link Balancer for Internet access follow this procedure For Windows 9x 2000 1 2...

Страница 22: ...nfiguration is now complete Before clicking Sign On always ensure that you are using the Multi WAN VPN Link Balancer location Macintosh Clients For Macintosh users the procedure for accessing the Inte...

Страница 23: ...rver settings are correct To act as a DHCP Client recommended The procedure below may vary depending on your version of Linux and X windows shell 1 2 3 4 5 Start your X Windows client Select Control P...

Страница 24: ...iple WAN ports It allows you to determine the proportion of WAN traffic sent through each port Advanced PPPoE setup is required if you wish to use multiple sessions on each WAN port It can also be use...

Страница 25: ...not You may change this address if you wish Default is the gateway IP Note This is not used for PPPoE connections Transparent Bridge Option Bridge Mode If set to Enable this WAN port doesn t use NAT...

Страница 26: ...is only operational if using Internet connections on multiple WAN ports Figure 3 2 Load Balance Only functional when using two 2 or more WAN ports these settings determine the proportion of traffic se...

Страница 27: ...in Continuously repeating sequence Weight Round Robin In sequence with weight placed accordingly Loading Share Enter the percentage of traffic to be sent over each WAN port If one WAN port connection...

Страница 28: ...e multiple floating real IPs for PPPoE Each WAN port can have up to eight 8 PPPoE sessions each with a different IP address if your WAN port is using PPPoE connectivity PPPoE Session MTU The Maximum T...

Страница 29: ...his determines when an idle connection will be terminated Enter the required time period 1 Always on Echo Time This determines how often an Echo request is sent to the PPPoE server The Echo request is...

Страница 30: ...xed IP address enter if here Otherwise this field should be left at 0 0 0 0 PPTP Auto Dialup Auto Dialup connect on demand If set to Enable a connection will be established whenever outgoing WAN traff...

Страница 31: ...Filter feature This requires that each PC is identified by using the Host IP screen You wish to have different Block URL settings for different PCs This requires that each PC is identified by using t...

Страница 32: ...dress of this Host Select Group Select the group you wish this Host to be included in Reserve in DHCP Select Enable to reserve a particular LAN IP address for a particular PC on your LAN This allows t...

Страница 33: ...rt and Session Otherwise ignore these settings Note Multiple PPPoE sessions are defined on the Advanced PPPoE screen Buttons Add Use this to add a new entry to the database using the data shown on scr...

Страница 34: ...entries You cannot modify or delete these entries Settings Routing Dynamic Routing RIP v2 This acts as a master switch If enabled the selected WAN or LAN will run RIPv1 v2 otherwise RIP function will...

Страница 35: ...s only available if NAT Network Address Translation is disabled Metric The number of hops routers to pass through to reach the remote LAN segment The shortest path will be used Routing List This shows...

Страница 36: ...IP Address 192 168 1 100 Interface LAN Metric 2 Entry 2 Segment 2 Destination IP Address 192 168 3 0 Network Mask 255 255 255 0 Standard Class C Gateway IP Address 192 168 1 100 Interface LAN Metric...

Страница 37: ...4 Multi WAN VPN Link Balancer Figure 4 4 Virtual Server Note that in this illustration both Internet users are connecting to the same IP Address but using different protocols Connecting to the Virtual...

Страница 38: ...nown virtual servers have been listed on the Custom Virtual Server List Protocol Select the network protocol TCP UDP used by this sever IP Address LAN Enter the IP address of the server on your LAN wh...

Страница 39: ...y a range of remote side IP addresses to access the virtual servers The default entry 0 0 0 0 0 0 0 0 means all remote side IP address can access it Buttons Add Create a new Virtual Server entry Delet...

Страница 40: ...t function correctly because they are blocked by the firewall in the Multi WAN VPN Link Balancer In this case you can define the application as a Special Application in order to make it work Note that...

Страница 41: ...ive If the application uses a single port number enter it in both fields Buttons Add Create a new Special Application entry Delete Delete the selected entry Update Save any changes you have made to th...

Страница 42: ...client available at http www dyndns org Other sites may offer the same service but can not be guaranteed to work TZO at http www tzo com 3322 is available in China at http www 3322 org To use the Dyna...

Страница 43: ...China It is similar to DynDNS User Defined DDNS Server This is the user defined DDNS server If the DDNS provider is other than TZO dyndns org or 3322 Additional Settings These options are available i...

Страница 44: ...Any traffic sent to that IP address will be forwarded to the specified PC allowing unrestricted 2 way communication between the DMZ PC and other Internet users or Servers Note The DMZ PC is effective...

Страница 45: ...on the operation Private IP Address LAN Enter the IP address of the PC you wish to associate with this WAN port IP address This IP address should be fixed or reserved See the Host IP section for detai...

Страница 46: ...p UPnP Option If set to Enable UPnP this device will register on the local network You will find that there is an icon showing on the My Network Places in Window XP Each time you add a new service wit...

Страница 47: ...disable the NAT checkbox it will act as a bridge or Static Router Most features will be unavailable TCP Timeout Enter the desired value to use on each WAN port The default is 300 UDP Timeout Enter th...

Страница 48: ...alias of the host with Local LAN IP accessing the Internet via the specified WAN port for the specified protocol packets i e 1 1 NAT NAT Alias List NAT Alias List shows the list of all NAT alias conf...

Страница 49: ...eived from the WAN port or not Interface Binding Use these settings to ensure that certain traffic is sent by a particular WAN port and thereby a particular ISP account These settings are only useful...

Страница 50: ...ing E mail accounts from different ISPs on each port you can ignore these settings Some ISPs configure their E mail Servers so they will not accept E mail from IP addresses not allocated by them If yo...

Страница 51: ...Protocol Port Binding List This list shows the details of all protocol and port configuration data which are currently defined You can modify them by clicking on a selected row Page 47...

Страница 52: ...s to run more smoothly This is also applicable for some future applications that may need this mechanism in order to work well Block URL This feature allows you to block access to undesirable Web site...

Страница 53: ...esired Group and click the Select button The screen will update the data for the selected Group URL List Type Black List If you select Black List It will block the URL that you keep it on Access Item...

Страница 54: ...ver the Internet access and applications available to LAN users Five 5 user groups are available and each group can have different access rights assigned to them All PCs users are in the Default group...

Страница 55: ...efine your own filters ICMP Filters If you enable ICMP Filter that means it will block ICMP request packet types specified by users from local host to remote side User Defined Filter This section is o...

Страница 56: ...t The maximum number of new sessions from the host which is acceptable in the sampling time Any new incoming sessions will be dropped from this host after the number of new sessions has been exceeded...

Страница 57: ...AN any WAN port or ALL interfaces from which a packet originates Protocol The packet type selected in the above Interface which will be directly processed by this device Foreign Port Range Enter the b...

Страница 58: ...urely between two networks We call this by creating a tunnel A VPN tunnel connects the two PCs or networks Note The VPN Load Balancer uses industry standard IPSec encryption However due to the variati...

Страница 59: ...Association lifetime is 28800 seconds When it is expired a new key is re negotiated During the negotiation period the VPN tunnel isn t available Retry Counter This indicates how many times the proces...

Страница 60: ...ust specify each phase of the connection 3 At least one side must have a fixed IP address The other side with a dynamic IP address must always be the initiator of the connection 4 What encryption leve...

Страница 61: ...ies identify the private network on this VPN gateway the hosts of which can use the LAN to LAN connection You can choose a single IP address the subnet or a selected IP range to make VPN LAN to LAN co...

Страница 62: ...another way of accomplishing a phase one exchange It is faster and simpler than Main Mode but does not provide identity protection for the negotiating nodes Perfect Forward Secrecy PFS If PFS is enabl...

Страница 63: ...nnection so it can be re established This is the primary method of VPN failover or backup Detection If set to Enable this will enable the following Check Method which you have selected to work Check M...

Страница 64: ...nnel state will remain idle until an attempt is made to connect to the remote side This setting will override the Auto Triggered option Check ESP Pad If set to Enable a device will check the ESP Encap...

Страница 65: ...on t have to enter IPSec policy setup again here You can press the Scan Policies button to copy the IPSec Policy into the Mesh Group Setup web page You also can configure your IPSec Policy on the Mesh...

Страница 66: ...ng for VPN load balancing You should enable the check box before you make a VPN load balance connection Delete Button This button can delete one or all IPSec Policies Set Button Once you have enabled...

Страница 67: ...6 6 VPN Logs Data VPN Logs Message Status Time Indicates when the message was created according to system time Priority Indicates the priority level of a message for analysis Undefined Messages Module...

Страница 68: ...ce utility to provide high quality network support service Because it classifies outgoing packets based on policies defined by users real time applications should respond or perform better QoS Setup T...

Страница 69: ...An 8 bit field in the IP packet header designed to contain values indicating how each packet should be handled in the network If you choose enable it will enable this function to process IP TOS fields...

Страница 70: ...addresses Destination Address Define the destination address of packets here The explanation is the same as above Protocol Type The field defines traffic packet type i e ICMP TCP or AH Source Port De...

Страница 71: ...porates a DNS server module Users must first construct a server behind the LAN side of the Multi WAN VPN Link Balancer It is also necessary for users to register a domain name with at least two WAN IP...

Страница 72: ...N Domain SOA Record in SOA The start of a zone of authority It records all authoritative information Primary Name Server The primary server name that you give to this server e g pns1 Its FQDN is pns1...

Страница 73: ...DNS Record Apart from setting up the DNS SOA configuration to complete the whole DNS setup it is also necessary to configure the DNS record Figure 8 2 DNS Record Page 69...

Страница 74: ...an select Static IP Enter IP address in Public IP Address WAN IP Choose any WAN Interface IP you wish VServer of WAN Choose any WAN IP of Vserver you have set NAT Alias Choose any WAN IP of NAT Alias...

Страница 75: ...use of each of these features Admin Setup Remote Access Configuration This feature allows you to manage the Multi WAN VPN Link Balancer via the Internet You can restrict access to a specified IP addr...

Страница 76: ...d access is only available by a PC on the LAN Access port The port number used when connecting remotely The default port number is 8080 Allowed Remote IP Remote access is only available to the IP addr...

Страница 77: ...Email Alert Settings Email Alert Global Setting Notification on Link Down If set to Enable it will send a warning email to alert the administrator when any WAN port is disconnected Excessive Ping This...

Страница 78: ...password for the sender Sender Address An email address that sends a warning email to a recipient Recipient Address An email address that a warning email will be sent to Usually this is a system admin...

Страница 79: ...he name of this device Physical Location The location of the device Community Community Name This is a password or key used between this device and the management station The administrator manager mus...

Страница 80: ...to select whether to send the system information to another machine or not Up to three machines can be chosen to send the system log to Message Status Messages are only sent and kept when Keep Sent Me...

Страница 81: ...ency to Debug The lower the level the more messages will be generated Emergency is the highest priority level and Debug is the lowest Log Priority for Modules By pressing the Expand button selection c...

Страница 82: ...by the port number e g HTTP 123 123 123 123 8080 This example assumes that the WAN IP Address is 123 123 123 123 and the port number is 8080 If using the Dynamic DNS feature you can connect using the...

Страница 83: ...uration Save button This will save the system configuration for future use You also can upgrade the firmware by inputting the correct password browsing to the firmware upgrade file and then pressing t...

Страница 84: ...gured operation is automatic However there are some situations where additional Internet configuration may be required Refer to Chapter 4 Advanced Setup for further details System Status Use the Syste...

Страница 85: ...ateway MAC Address The MAC physical address of the Multi WAN VPN Link Balancer as seen from the Internet LAN Interface IP Address The LAN IP Address of the Multi WAN VPN Link Balancer Subnet Mask The...

Страница 86: ...actory default settings See below for details Restore Factory Defaults When the Restore Factory Defaults button on the Status screen above is clicked the following screen is displayed Figure 11 2 Rest...

Страница 87: ...lt traffic loading on each WAN port Current Loading Share The current traffic loading on each WAN port Current Loading The number of current traffic Sessions Bytes and Packets being processed on each...

Страница 88: ...Interface Statistics This section displays cumulative statistics Use the Restart Counter button to restart these counters when required Page 84...

Страница 89: ...AC 100V 240V 50 60 Hz FCC Statement This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference 2 This dev...

Страница 90: ...C boots For all non Server versions of Windows the default TCP IP setting is to act as a DHCP client If you wish to check your TCP IP settings the procedure is described in the following sections If y...

Страница 91: ...r PC is already configured check with your network administrator before making the following changes If the DNS Server fields are empty select Use the following DNS server addresses and enter the DNS...

Страница 92: ...B 4 DNS Tab Win 95 98 Checking TCP IP Settings Windows 2000 1 2 Select Control Panel Network and Dial up Connection Right click the Local Area Connection icon and select Properties You should see a sc...

Страница 93: ...P Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes Enter the Multi WAN VPN Link Balancer s IP address in...

Страница 94: ...ht click the Local Area Connection and choose Properties You should see a screen like the following Figure B 7 Network Configuration Windows XP Select the TCP IP protocol for your network card 3 4 Cli...

Страница 95: ...IP Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes Enter the Multi WAN VPN Link Balancer s IP address in...

Страница 96: ...t is using an IP Address within the range 192 168 1 2 to 192 168 1 254 and thus compatible with the Multi WAN VPN Link Balancer s default IP Address of 192 168 1 1 Also the Network Mask should be set...

Страница 97: ...ugh it so it is not transparent Use the Special Applications feature to allow the use of Internet applications which are not functioning correctly If this does solve the problem you can use the DMZ fu...

Отзывы:

Нет отзывов

Похожие инструкции для ER-1088

Бренд: 3Com Страницы: 20

Бренд: D-Link Страницы: 32

Бренд: D-Link Страницы: 6

Бренд: D-Link Страницы: 221

ShareCenter Pro DNS-1200-05

Бренд: D-Link Страницы: 68

Express Ethernetwork DI-707P

Бренд: D-Link Страницы: 14

COMSPHERE 3800 Series

Бренд: Paradyne Страницы: 88

COMSPHERE 3800PLUS

Бренд: Paradyne Страницы: 5

Бренд: Paradyne Страницы: 2

Бренд: Juniper Страницы: 502

Бренд: Caimore Страницы: 79

Бренд: ZyXEL Communications Страницы: 485

HiGain H2TU-R-402 List 7A

Бренд: ADC Страницы: 7

Бренд: Renesas Страницы: 28

Бренд: NKE Страницы: 15

Бренд: PairGain Страницы: 80

XC-16CH-NVR-4TB

Бренд: Xyclop Страницы: 19

Бренд: Patton electronics Страницы: 8

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды