manualshive.com logo in svg

HotBrick VPN 800, Руководство пользователя

Поделиться
Скачать
HotBrick VPN 800 Скачать руководство пользователя страница 60

HotBrick Network Solutions 

Page 56 

Key Management 

Key 

– 

Key Type: 

there are two key types (manual key and auto key) 

available for the key exchange management.  

Manual Key: 

If manual key is selected, no key negotiation is needed. 

Encryption Key- 

This field specifies a key to encrypt and decrypt IP 

traffic. 

Authentication Key – 

This field specifies a key use to auth           

entication IP traffic.

 Inbound/outbound SPI 

(Security Parameter Index)

 

– 

is carried on the ESP header. Each tunnel must have a unique 

inbound and outbound SPI, and no two tunnels share the same SPI. 
Notice that Inbound SPI must match the other router’s outbound SPI. 

AutoKey (IKE)- 

There are two types of operation modes can be used. 

Main mode

 accomplishes a phase one IKE exchange by establishing a 

secure channel. 

Aggressive Mode 

is another way of accomplishing a 

phase one exchange. It is faster and simpler than main mode, but does 
not provide identity protection for the negotiating nodes. 

Perfect Forward Secrecy

 (PFS) – If PFS is enable, IKE phase 2 

negotiation will generate a new key material for IP traffic encryption & 
authentication. Preshared Key – This field is to authenticate the remote 
IKE peer. 

Key Lifetime

- This is specified the lifetime of the IKE 

generated Key. If the time expires or data is passed over this volumn, a 
new key will be renegotiated, By default, 0 is for no limit. 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Содержание VPN 800

Страница 1: ...Dual WAN Firewall Router VPN 800 2 User s Guide HotBrick Network Solutions ...

Страница 2: ......

Страница 3: ... Host IP Setup 25 Virtual Server 28 Custom Virtual Server 30 Special Application 32 Dynamic DNS 34 Multi DMZ 37 UPnP 39 NAT 40 Advanced Features 42 5 SECURITY MANAGEMENT 45 Overview 45 Block URL 45 Access Filter 47 Session Limit 49 System Filter Exception 50 6 VPN CONFIGURATION 51 Overview 51 IPSec Global Setting 52 Policy Setup 54 7 QOS CONFIGURATION 57 Overview 57 QoS Setup 57 Policy Configurati...

Страница 4: ...ystem Status 70 WAN Status 73 NAT Status 74 APPENDIX A SPECIFICATIONS 76 APPENDIX B WINDOWS TCP IP SETUP 77 Overview 77 TCP IP Settings 77 APPENDIX C TROUBLESHOOTING 83 Overview 83 General Problems 83 Internet Access 83 Copyright 2004 All Rights Reserved Document Version 1 4 All trademarks and trade names are the properties of their respective owners ...

Страница 5: ...rewall Router by sharing one 1 or two 2 Broadband modems and connections High Performance Dual Modem Support The VPN 800 2 Firewall Router has two 2 WAN ports allowing connection of two 2 Broadband modems This gives twice the bandwidth of a single modem Flexible configuration allows each port to use a different type of modem and connection method Also you can determine how the Internet traffic is ...

Страница 6: ...be blocked For each IP address allocated by your ISP a separate DMZ PC can be specified So if your ISP has given you multiple IP addresses you can have multiple DMZ PCs Each DMZ PC has unrestricted 2 way Internet access providing the ability to run programs that are otherwise incompatible with NAT routers like the Load Balancer Access Filter The network Administrator can use the Access Filter to g...

Страница 7: ...tion exists it can also optionally be configured via the Internet Password protected Configuration Optional password protection is provided to prevent unauthorized users from modifying the configuration data and settings HTTP Firmware Upgrade and backup The web management feature allows you to use HTTP upgrade new firmware and backup system configuration from local or even from remote site As long...

Страница 8: ...of the Front Panel LEDs is as follows LAN LED 100M Green 10M Yellow ON The corresponding LAN port is using 100BaseT OFF No physical connection ON The corresponding LAN port is using 10BaseT OFF No physical connection WAN LED Green 100M Yellow 10M Flash Active Status LED WAN Status LAN Status Green Flash WAN Active Yellow Error Green Flash LAN Active Yellow Error Blinking Data in out Reset Button W...

Страница 9: ...lso some Status and Error conditions are indicated by combinations of LEDs as shown below LED Action Condition WAN LAN Status LEDs flash alternatively Firmware Download in progress WAN LAN LEDs flash concurrently MAC address not assigned ...

Страница 10: ...VPN 800 2 Firewall Router is unusable and you wish to restore it by downloading new firmware Follow this procedure 1 Power On the VPN 800 2 Firewall Router 2 Use the supplied Windows utility or a TFTP client program applies the new firmware If using the supplied Windows TFTP program the screen will look like the following example Figure 1 3 Windows TFTP utility VPN F 800 2 Firewall Router Enter th...

Страница 11: ... to perform three 3 other operations Save the current configuration settings to your PC use the Upload button Restore a previously saved configuration file to the VPN 800 2 Firewall Router use the Download button VPN 800 2 Firewall Router to its default values use the Set to Default button ...

Страница 12: ...th an ISP Network cables Use standard 10 100BaseT network UTP cables with RJ45 connectors TCP IP network protocol must be installed on all PCs Procedure 1 Configuring the VPN 800 2 Firewall Router for your LAN 1 Use a standard LAN cable to connect your PC to any Hub port on the VPN 800 2 Firewall Router 2 Connect the power core and power up the VPN 800 2 Firewall Router Only use the power core pro...

Страница 13: ...configure your PC to use an IP address within the range 192 168 1 2 to 192 168 1 254 with a Network Mask of 255 255 255 0 See Appendix B Windows TCP IP Setup for details Check that the VPN 800 2 Firewall Router is properly installed LAN connection is OK and it is powered ON 8 After the login you will then see the Admin Password screen as shown below Assign a password by entering it in the Password...

Страница 14: ...all Router in your LAN Settings LAN DHCP IP Address IP address for the VPN 800 2 Firewall Router as seen from the local LAN Use the default value unless the address is already in use or your LAN is using a different IP address range In the latter case enter an unused IP Address from within the range used by your LAN Subnet Mask The default value 255 255 255 0 is standard for small class C networks...

Страница 15: ...till available ARP Proxy Enable this ONLY if the LAN port has an IP address in the same address range as the WAN port s This means that all PCs using this Gateway must have valid fixed external Internet IP addresses If enabled enter the IP address range used on your LAN LAN Any IP Setup By default is disabled If you enable LAN any IP that means no matter what static IP address hold on the client y...

Страница 16: ...port on another hub Any LAN port on the VPN 800 2 Firewall Router will automatically act as an Uplink port when required 4 Power Up Power on the Cable or DSL modem or modems Connect the supplied power core to the VPN 800 2 Firewall Router and power up 5 Check the LEDs The Power LED should be ON The WAN Link LED should be ON if the corresponding WAN port is connected to a broadband modem The Error ...

Страница 17: ...nable Select this if you have connected a broadband modem to this port Disable Select this if there is no broadband modem connected to this port Backup Use this if you have a broadband modem on each port and wish to normally use only one Select Enable for the primary port and Backup for the secondary port The Backup port will only be used if the primary port fails ...

Страница 18: ... only Enter the Username and Password provided by your ISP If using PPTP enable the PPTP Connection checkbox and enter the IP address of the PPTP server Host name Optional For PPPoE This field is used by a Host to uniquely associate an access concentrator to a particular Host request Note There are additional PPPoE PPTP options on the Port Options screen To use multiple PPPoE sessions on either po...

Страница 19: ...IP settings refer to Appendix B Windows TCP IP Setup Internet Access To configure your PCs to use the VPN 800 2 Firewall Router for Internet access follow this procedure For Windows 9x 2000 1 Select Start Menu Settings Control Panel Internet Options 2 Select the Connection tab and click the Setup button 3 Select I want to set up my Internet connection manually or I want to connect through a local ...

Страница 20: ... TCP IP for the Network field Leave the Phone Number blank Click Save then OK Configuration is now complete Before clicking Sign On always ensure that you are using the VPN 800 2 Firewall Router location Macintosh Clients From your Macintosh you can access the Internet via the VPN 800 2 Firewall Router The procedure is as follows 1 Open the TCP IP Control Panel 2 Select Ethernet from the Connect v...

Страница 21: ...r Ensure your DNS Name server settings are correct To act as a DHCP Client recommended The procedure below may vary according to your version of Linux and X windows shell 1 Start your X Windows client 2 Select Control Panel Network 3 Select the Interface entry for your Network card Normally this will be called eth0 4 Click the Edit button set the protocol to DHCP and save this data 5 To apply your...

Страница 22: ...nctional if you are using both WAN ports It allows you to determine the proportion of WAN traffic sent through each port Advanced PPPoE setup is required if you wish to use multiple sessions on one or both of the WAN ports It can also be used to manually connect or disconnect a PPPoE session Otherwise this screen can be ignored Advanced PPTP setup is required if using the PPTP connection method Po...

Страница 23: ...Time This determines how often an Echo request is sent to the PPPoE server The Echo request is used to determine if the connection is still valid Normally there is no need to change the default value Echo Retry The number of time the Echo request will be sent if there is no response to the first request Normally there is no need to change the default value Transparent Bridge Option Bridge Mode If ...

Страница 24: ... screen is only operational if using Internet connections on both WAN ports Figure 3 2 Load Balance These settings are only functional if using both WAN ports If using both WAN ports these settings determine the proportion of traffic sent over each port ...

Страница 25: ... traffic to be sent over WAN 1 If one WAN port connection has greater bandwidth than the other the one with the greater bandwidth should be given a higher percentage of traffic than the other Click the Update button to save your changes NAT Statistics This section displays the current data about WAN 1 and WAN 2 You can use this information to help you fine tune the settings above Interface Statist...

Страница 26: ...en be displayed in the WAN IP Account section Session MTU The Maximum Transfer Unit for PPPoE packets data Leave it as default unless the ISP offers different PPPoE packets data size WAN IP Account User Name Enter the PPPoE user name assigned by your ISP Password Enter the PPPoE password assigned by your ISP Verify Password Re enter the PPPoE password assigned by your ISP IP Address If you have a ...

Страница 27: ...work Solutions Page 23 Action Use the Connect and Disconnect buttons to establish or terminate a connection on this session if required Connection Status This displays the current connection status for each session ...

Страница 28: ...d by your ISP Password The PPTP password associated with the User Name above This is assigned by your ISP and used to login to the PPTP Server Verify Password Re enter the PPTP password assigned by your ISP Server IP Address Enter the IP address of the PPTP Server as provided by your ISP Static IP Address If you have a fixed IP address enter if here Otherwise this field should be left at 0 0 0 0 A...

Страница 29: ...n your LAN You wish to use the Access Filter feature This requires that each PC be identified by using the Host IP Setup screen You wish to have different Block URL settings for different PCs This requires that each PC be identified by using the Host IP Setup screen You do not have to use the Host IP feature to apply the same Block URL settings to all PCs You wish to reserve a particular LAN IP ad...

Страница 30: ...y you should use the Hostname computer name defined on the Host itself MAC Address Also called Physical Address or Network Adapter Address Enter the MAC address of this host Select Group Select the group you wish to put this host into Reserve in DHCP Select Enable to reserve a particular LAN IP address for a particular PC on your LAN This allows the PC to use DHCP Windows calls this obtain an IP a...

Страница 31: ...n when WAN1 port is disconnected your packets will automatically go to WAN2 if WAN2 is alive Select WAN Port Select PPPoE session If the setting above is Enable select the desired Port and Session Otherwise ignore these settings Note Multiple PPPoE sessions are defined on the Advanced PPPoE screen Buttons Add Use this to add a new entry to the database using the data shown on screen Delete Click t...

Страница 32: ...ure solves these problems and allows Internet users to connect to your servers as illustrated below Figure 4 2 Virtual Servers Note that in this illustration both Internet users are connecting to the same IP Address but using different protocols Connecting to the Virtual Servers Once configured anyone on the Internet can connect to your Virtual Servers They must use the VPN 800 2 Firewall Router s...

Страница 33: ...omain_name dyndns org Figure 4 3 Virtual Server Settings Virtual Server Enable Use this to Enable or Disable each Virtual server as required Server Type Select the desired Server type If the type of Server you wish to use is not listed use the Custom Virtual Server screen to define your own type LAN IP Address Enter the IP address of the PC on your LAN which is running the required Server software...

Страница 34: ...t an existing entry select it and then click the Select button The screen will update with data for the selected entry Custom Server Configuration This data defines the Custom Virtual Server Server Name Enter a suitable name for this server State Use this to Enable or Disable the server as required Server IP Enter the IP address of the PC on you LAN which is running the required Server software Ea...

Страница 35: ...number used for incoming traffic to this Server If only a single port is required enter it in both fields Interface Binding This selection allows severs binding WAN1 port or WAN2 port or even both WAN1 and WAN2 ports together Buttons Add Create a new Special Application entry Delete Delete the selected entry Update Save any changes you have made to the current entry Cancel Cancel any changes you h...

Страница 36: ...to traffic from the client PC viewpoint Figure 4 5 Special Applications Settings Special Applications Select Special Application Name Select Name Item This lists any special applications which are currently defined If adding a new Special Application ignore this list Just enter your data in the Special Application Configuration section and click the Add button To edit an existing entry select it f...

Страница 37: ... used by the application server for data you receive If the application uses a single port number enter it in both fields Buttons Add Create a new Special Application entry Delete Delete the selected entry Update Save any changes you have made to the current entry Cancel Cancel any changes you have made since the last save operation Special Application List This shows details of all Special Applic...

Страница 38: ...mic DNS is available at http www hotbrick dns4biz com hotbrick php3 TZO at http www tzo com 3322 is available in China at http www 3322 org Standard client available at http www dyndns org Other sites may offer the same service but can not be guaranteed to work To use the Dynamic DNS feature 1 Register for the service from your preferred service provider 2 Follow the service provider s procedure t...

Страница 39: ...ications your DNS service is hosted on dedicated high end servers with 24 7 Monitoring to ensure the highest possible availability reliability TZO Select this to use the TZO service www tzo com You must configure the TZO section of this screen Standard Client Select this to use the standard service from www dyndns org or other provider You must configure the Standard Client section of this screen ...

Страница 40: ...diately Additional Standard Client or 3322 Settings These options are available if using the standard client Enable Wildcard If selected traffic sent to sub domains of your Domain name will also be forwarded to you Enable backup MX If enabled you must enter the Mail Exchanger address below Mail Exchanger If the setting above is enabled enter the address of the backup Mail Exchanger ...

Страница 41: ...ciated with that WAN port IP address Any traffic sent to that IP address will be forwarded to the specified PC allowing unrestricted 2 way communication between the DMZ PC and other Internet users or Servers Note The DMZ PC is effectively outside the Firewall making it more vulnerable to attacks For this reason you should only enable the DMZ feature when required Figure 4 7 Multi DMZ ...

Страница 42: ...ddress For Dynamic IP WAN Select the desired WAN port Session Select DHCP if the IP address on this WAN port is dynamically assigned You can only select assign one 1 Private LAN IP address to each port If using multi session PPPoE select the desired PPPoE session These sessions are defined on the Advanced PPPoE screen You can assign one 1 one 1 Private LAN IP address to each PPPoE session Private ...

Страница 43: ...of networked devices and services Figure 4 8 UPnP Settings UPnP UPnP Option If you Enable UPnP then this two wan router will become one of the entire local network You can find out there is an icon show up on network neighborhood on the window XP OS Every time you add a new network device with port mapping The new network device will appear on the mapping list ...

Страница 44: ...HotBrick Network Solutions Page 40 NAT Setting NAT Network Address Translation is the technology which allows one 1 WAN Internet IP address to be used by many LAN users Figure 4 9 NAT ...

Страница 45: ... WAN ports The default is 120 TCP Window Limit Enter the desired value to use on both WAN ports The default is 0 no limit TCP MSS Limit Enter the required MSS Maximum Segment Size to use on both WAN ports The default is 0 no limit Disable Port Translation If some packets whose port number cannot be translated for special applications you must input value in port range for Disable Port Translation ...

Страница 46: ... range External Filters Configuration These settings determine whether or not the VPN 800 2 Firewall Router should respond to ICMP ping requests received from the WAN port Interface Binding Use these to ensure that certain traffic is sent by a particular WAN port and thereby a particular ISP account These settings are only useful if using both WAN ports Protocol Port Binding This allows you bindin...

Страница 47: ...service When a client program in your computer contacts a remote server for services such as POP IMAP SMTP that remote server sends back a query to the Ident server running in many systems listening for these queries on port 113 This means that port 113 is often probed by attackers as a rich source of your personal information By default it is Disable External Filters Configuration These settings ...

Страница 48: ... sent from Destination IP IP address of destination which packets are sent to Subnet Mask With subnet mask other than 255 255 255 255 you can make an IP sub network as your destination Protocol Select the protocol used by the traffic you wish to configure Port Range Enter the beginning and end of the port range used by the traffic you wish to configure If only a single port is used enter the port ...

Страница 49: ...send email alert to the administrator If the device detect new sessions that is exceed the maximum sampling time Block URL This feature allows you to block access to undesirable Web sites You can block by URL IP address or Keyword You can also have different blocking settings for different groups of PCs In operation every URL is searched to see if it matches or contains any of the URL or keywords ...

Страница 50: ... restrictions to apply to everyone select Default for the Group In this case there is no need to enter any Hosts on the Host IP screen If you wish to apply different restrictions on different Groups select the desired Group and click the Select button The screen will update with data for the selected Group Block Internet Access Enable Disable Use this to Enable or Disable each setting as required ...

Страница 51: ...s assigned to another group on the Host IP screen Figure 5 2 Access Filter Settings Block URL Setup Access Group This allows you have different access rights for different Groups of PCs If you want the same restrictions to apply to everyone select Default for the Group In this case there is no need to enter any Hosts on the Host IP screen If you wish to apply different restrictions on different Gr...

Страница 52: ...rrent group will not be able to use any services which are checked ICMP Filters IF you enable ICMP Filters function that mean it will block ICMP packets from local host send to remote site User defined Ports to Block This section is optional It allows you to define your own filters if required For each filter the following information is required Name Enter a meaningful name for this filter TPC UD...

Страница 53: ...If the number of new sessions for system exceed the maximum in the Sampling Time Any new sessions in the system will be dropped Default 65535 session sec Maximum of New Sessions for Host If the number of new sessions for the host exceeds the maximum in the sampling time Any new session of the host will be dropped Default session sec Maximum of Dropped New Sessions for Host If the number of dropped...

Страница 54: ...heck box can allow you enable or disable firewall exception Interface You can select LAN WAN1 WAN2 or ALL interfaces to be process by the system protocol stack If you enable check box Protocol There are six protocols UDP TCP ICMP GRE ESP AH to choose to let packets directly process by the system protocol stack Foreign Port Range Select foreign port number range directly process by system protocol ...

Страница 55: ...ent LAN IP address ranges If the remote endpoint is a single PC running a VPN client its destination address must be a single IP address with subnet mask of 255 255 255 255 2 Will you be using the Internet Key Exchange IKE setup or Manual Keying in which you must specify each phase of the connection 3 What encryption level you are going to use DES or 3DES Note The VPN 800 2 Firewall Router uses in...

Страница 56: ...HotBrick Network Solutions Page 52 IPSec Global Setting Figure 6 1 IPSec Global Setting ...

Страница 57: ...ethods available DES 3DES and AES Phase 1 Authentication Method There are two authentication available MD5 and SHA1 Secure Hash Algorithm Phase 1 SA Life Time By default the Security Association lifetime is 28800 Sec Maxtime to complete phase 1 The aim of phase 1 is to authenticate and establish a secure tunnel which will protect further IKE negotiation The maximum time default is 30 sec Maxtime t...

Страница 58: ...HotBrick Network Solutions Page 54 Policy Setup Policy Setup Figure 6 2 Policy Setup ...

Страница 59: ...rk These entries identify the private network on this VPN router the hosts of which can use the LAN to LAN connection You can choose a single IP address the subnet or a selected IP range to make VPN LAN to LAN connection Remote Security Network These entries identify the private network on the remote peer VPN router whose hosts can use the LAN to LAN connection You can choose a single IP address t...

Страница 60: ...und SPI must match the other router s outbound SPI AutoKey IKE There are two types of operation modes can be used Main mode accomplishes a phase one IKE exchange by establishing a secure channel Aggressive Mode is another way of accomplishing a phase one exchange It is faster and simpler than main mode but does not provide identity protection for the negotiating nodes Perfect Forward Secrecy PFS I...

Страница 61: ... the data connection If you enable passive mode Check ESP Pad If enable ESP Encapsulating Security Payload it will check ESP padding Allow Full ECN Enable will allow full Explicit Congestion Notification ECN ECN is a standard proposed by the IETF that will cut down on network congestion and routers dropping packets Copy DF Flag When an IP packet is encapsulated as payload inside another IP packet ...

Страница 62: ... supports the high quality of network service Because it will classify outgoing packets based on some policies defined by users make some real time applications to get better response or performance QoS Setup The following web page management are guiding you how to setup QoS and make QoS work Figure 7 1 QoS Setup ...

Страница 63: ... bits field in the IP packet header designed to contain values indicating how each packet should be handled in the network If you choose enable then it will enable this function to process IP Type of Service field Overwrite policy priority Choose yes to set the priority of TOS field in IP packet overwrite the priority defined in policy configuration Policy Configuration When you use QoS you must d...

Страница 64: ...traffic Source Address Define the source address of packets here It has two types like IP address or MAC address If you select IP address you can define IP address range otherwise define up to four MAC addresses Destination Address Define the destination address of packets here The explanation is as the same as above Protocol Type The field defines traffic packet type i e IP TCP and UDP Source Por...

Страница 65: ...SNMP Syslog Upgrade Firmware This chapter contains details of the configuration and use of each of these features SNMP This section is only useful if you have SNMP Simple Network Management Protocol software on your PC If you have SNMP software you can use a standard MIB II file with the VPN 800 2 Firewall Router Figure 8 1 SNMP ...

Страница 66: ... you want traps to be sent All traps are level 1 Email Alert This feature will send a warning Email inform system administrator that one of the WAN ports was disconnected Email Alert You can choose to enable or disable it to send a warning email Email Sender Address It is an email address which will send the warning email Email SMTP Server Address It is an email server address the warning email wi...

Страница 67: ...are enabled email alert For example mail domain com Email SMTP server user name This is the user name of email sender for authentication optional Email SMTP server password This is the user password Email SMTP Server Address It is an email sever a warning email will be sent to If you are enabled email alert For example mail domain com Email Recipient Address It is an email address a warning email ...

Страница 68: ...uration Syslog Configuration allow you where to send system information to other machine or not There are up to three machines you can choose to send your system log Message Status Messages send only keep when keep send message checked Currently we keep last 100 messages in the RAM area they will clear when reboot or power off Figure 8 3 Syslog ...

Страница 69: ...sent messages will be deleted Syslog Server IP address Up to 3 syslog servers can be used Enable You can enable or disable each server temporarily Port If your syslog server does not use the default port you can change it Log Priority Level The syslog messages are divided into 8 levels from Emergency to Debug level The lower level the less messages will be generated Emergency is the lowest priorit...

Страница 70: ...irewall Router Figure 8 4 Admin Password Screen Enter the desired password re enter it in the Verify Password field then save it When you connect to the Load Balancer with your Browser you will be prompted for the password when you connect as shown below Figure 8 5 Password Dialog Enter Admin for the User Name ...

Страница 71: ...ade Figure 8 6 Upgrade Firmware You can backup your system configuration by press save button of Save System Configuration It will save the system configuration for you Notice You have to refresh the browser after you saved the system configuration file You also can do firmware upgrade by input the correct password and the file name of your firmware Remember do not Reset or Restart the device whil...

Страница 72: ...ust be disabled This setting is on the LAN DHCP screen Your DHCP Server must be configured to provide the VPN 800 2 Firewall Router s LAN IP address as the Default Gateway Your DHCP Server must provide correct DNS addresses to the PCs Routing This section is only relevant if your LAN has other Routers or Gateways If you don t have other Routers or Gateways on your LAN you can ignore the Routing pa...

Страница 73: ...ess of the Gateway or Router which the VPN 800 2 Firewall Router must use to communicate with the destination above NOT the router attached to the remote segment Interface Select the correct interface usually LAN The WAN interface is only available if NAT Network Address Translation is disabled Metric The number of hops routers to pass through to reach the remote LAN segment The shortest path will...

Страница 74: ...255 255 255 0 Gateway IP Address 192 168 1 100 Interface LAN Metric 2 Entry 2 Segment 2 Destination IP Address 192 168 3 0 Network Mask 255 255 255 0 Standard Class C Gateway IP Address 192 168 1 100 Interface LAN Metric 3 For Router A s Default Route Destination IP Address 0 0 0 0 Network Mask 0 0 0 0 Gateway IP Address 192 168 1 1 Metric 2 For Router B s Default Route Destination IP Address 0 0 ...

Страница 75: ...uter and the PCs are configured operation is automatic However there are some situations where additional Internet configuration may be required Refer to Chapter 4 Advanced Features for further details System Status Use the System Status link on the main menu to view this screen Figure 10 1 System Status ...

Страница 76: ...ess The LAN IP Address of the VPN 800 2 Firewall Router Subnet Mask The Network Mask Subnet Mask for the IP Address above MAC Address The MAC physical address of the VPN 800 2 Firewall Router as seen from the local LAN DHCP Server The status of the DHCP Server function either Enabled or Disabled Device Information Firmware Version Version of the Firmware currently installed NAT Status of the NAT f...

Страница 77: ...See below for details Restore Factory Defaults When the Restore Factory Defaults button on the Status screen above is clicked the following screen is displayed Figure 10 2 Restore Factory Defaults If the Restore Default Value button on this screen is clicked ALL of your settings will be erased The default IP address password and ALL other settings will be restored to the factory default values The...

Страница 78: ...ection status This will display either Connected or Not Connected Default Loading Share The default traffic loading between the WAN ports Current Loading Share The current traffic loading between the WAN ports Current Loading The number of sessions Bytes and Packets currently being processed on each port Current Bandwidth The current Download and Upload speeds on each WAN port Check NAT Detail wil...

Страница 79: ...rk Mask Subnet Mask for the IP Address above Active WAN IP Info There is one 1 row for each active connection For each connection the following data is shown IP Address The WAN Internet IP Address of the VPN 800 2 Firewall Router Mask Address The Network Mask Subnet Mask for the IP Address above NAT Timeouts This displays the current timeout values for TCP and UDP connections TCP Prosperity This d...

Страница 80: ...Incoming Internet to Local traffic NAT Connections This displays the current number of active connections For further details click the View Connection list button Errors Statistics are displayed for Checksum errors number of retries and number of bad packets Misc This displays the total IP packets and reserved address ...

Страница 81: ...T RJ45 for WAN LEDs 8 LAN 2 WAN 2 Status 1 Power External Power Core AC 115V 230V FCC Statement This device complies with Part 15 of the FCC Rules Operation is subject to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference received including interference that may cause undesired operation CE Marking Warning This is a Class B prod...

Страница 82: ...when the PC boots For all non Server versions of Windows the default TCP IP setting is to act as a DHCP client If you wish to check your TCP IP settings the procedure is described in the following sections If your LAN has a Router the LAN Administrator must re configure the Router itself Checking TCP IP Settings Windows 9x ME 1 Select Control Panel Network You should see a screen like the followin...

Страница 83: ... an IP Address If your PC is already configured check with your network administrator before making the following changes If the DNS Server fields are empty select Use the following DNS server addresses and enter the DNS address or addresses provided by your ISP then click OK On the Gateway tab enter the VPN 800 2 Firewall Router s IP address in the New Gateway field and click Add as shown below Y...

Страница 84: ...then click Add Figure B 4 DNS Tab Win 95 98 Checking TCP IP Settings Windows 2000 1 Select Control Panel Network and Dial up Connection 2 Right click the Local Area Connection icon and select Properties You should see a screen like the following Figure B 5 Network Configuration Win 2000 3 Select the TCP IP protocol for your network card 4 Click on the Properties button You should then see a screen...

Страница 85: ...outer Using a fixed IP Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes Enter the VPN 800 2 Firewall Router s IP address in the Default gateway field and click OK Your LAN administrator can advise you of the IP Address they assigned to the VPN 800 2 Firewall Router If the DNS Server fields are empty sele...

Страница 86: ...twork Connection 2 Right click the Local Area Connection and choose Properties You should see a screen like the following Figure B 7 Network Configuration Windows XP 3 Select the TCP IP protocol for your network card 4 Click on the Properties button You should then see a screen like the following ...

Страница 87: ...Router Using a fixed IP Address Use the following IP Address If your PC is already configured check with your network administrator before making the following changes Enter the VPN 800 2 Firewall Router s IP address in the Default gateway field and click OK Your LAN administrator can advise you of the IP Address they assigned to the VPN 800 2 Firewall Router If the DNS Server fields are empty sel...

Страница 88: ...patible with the VPN 800 2 Firewall Router s default IP Address of 192 168 1 1 Also the Network Mask should be set to 255 255 255 0 to match the VPN 800 2 Firewall Router In Windows you can check these settings by using Control Panel Network to check the Properties for the TCP IP protocol Internet Access Problem 1 When I enter a URL or IP address I get a time out error Solution 1 A number of thing...

Страница 89: ...transparent Use the Special Applications feature to allow the use of Internet applications which do not function correctly If this does solve the problem you can use the DMZ function This should work with most applications but It is a security risk since the firewall is disabled for the DMZ PC Only one 1 PC can use this feature ...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды