LevelOne WBR-3402TX Скачать руководство пользователя

Страница: 43 / 146

Example:

In this example:

1. URL include “www.msn.com” will be blocked, and the action will be record in log-file.

2. URL include “www.sina.com” will not be blocked, but the action will be record in log-file.

3. URL include “www.google.com” will be blocked, but the action will not be record in log-file.

IP address X.X.X.1~ X.X.X.20 can access network without restriction.

Содержание WBR-3402TX

Страница 1: ...1 LevelOne WBR 3402TX 1W 4L 11g Wireless ADSL Router w VPN Printer Server USB User s Manual ...

Страница 2: ...13 4 1 Start up and Log in 14 4 2 Status 15 4 3 Wizard 16 4 4 Basic Setting 17 4 5 Forwarding Rules 33 4 6 Security Settings 37 4 6 1 Packet Filter 38 4 6 2 Domain Filter 42 4 6 3 URL Blocking 44 4 6 4 MAC Address Control 46 4 6 5 VPN setting 48 4 6 6 Miscellaneous Items 54 4 7 Advanced Setting 55 4 7 1 ADSL Modem Performance Setting 56 4 7 2 System Time 58 4 7 3 System Log 59 4 7 4 Dynamic DNS 61...

Страница 3: ...Windows 2000 and XP Platforms 80 5 4 Configuring on Unix like based Platforms 85 5 5 Configuring on Apple PC 90 Appendix A TCP IP Configuration for Windows 95 98 91 Appendix B Win 2000 XP IPSEC Setting guide 97 Appendix C PPTP and L2TP Configurations 133 Appendix D 802 1x Setting 139 Appendix E FAQ and Troubleshooting 145 Reset to factory Default 145 TFTP Mode 145 ...

Страница 4: ...an types Ethernet Over ATM RFC 1483 Bridged without NAT Ethernet Over ATM RFC 1483 Bridged with NAT IP over ATM RFC 1483 Routed Classical Ip over ATM RFC 1577 PPP over ATM RFC 2364 PPP over Ethernet RFC 2516 Firewall All unwanted packets from outside intruders are blocked to protect your Intranet DHCP server supported All of the networked computers can retrieve TCP IP settings automatically from t...

Страница 5: ...de 11M 5 5M 2M 1M data rate with auto fallback in 802 11b mode Security functions Packet filter supported Packet Filter allows you to control access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP address of the source and destination Domain Filter Supported let you prevent users under this device from accessing specific URLs URL Bl...

Страница 6: ... the router has 3 ddns dyndns TZO com and dhs org SNMP Supported Because SNMP this function has many versions anyway the router supports V1 and V2c Routing Table Supported Now the router supports static routing and two kinds of dynamic routing RIP1 and RIP2 Schedule Rule supported Customers can control some functions like virtual server and packet filters when to access or when to block Other func...

Страница 7: ...ed to this product STATUS System status Green Blinking This product is functioning properly On The ADSL is linked Show tme ADSL status1 Green Blinking This router is trying to connect to your ISP ADSL Act ADSL status2 Green Blinking The ADSL is sending or receiving data WLAN Wireless activity Green Blinking Sending or receiving data via wireless On An active station is connected to the correspondi...

Страница 8: ...Router on a desk or other flat surface or you can mount it on a wall For optimal performance place your ADSL Wireless Broadband Router in the center of your office or your home in a location that is away from any potential source of interference such as a metal wall or microwave oven This location must be close to power and network connection 2 Setup LAN connection a Wired LAN connection connects ...

Страница 9: ...to the USB printer port of this product 5 Power on Connecting the power cord to power inlet and turning the power switch on this product will automatically enter the self test phase When it is in the self test phase the indicators STATUS will be lighted ON for about 10 seconds and then STATUS will be flashed 3 times to indicate that the self test operation has finished Finally the STATUS will be c...

Страница 10: ...ically that is via DHCP server of this product After installing the TCP IP communication protocol you can use the ping command to check if your computer has successfully connected to this product The following example shows the ping procedure for Windows 95 platforms First execute the ping command ping 192 168 123 254 If the following messages appear Pinging 192 168 123 254 with 32 bytes of data R...

Страница 11: ... Printer 5 3 Configuring on Windows 2000 and XP Platforms It is not necessary to setup any program and the print server can work Step 1 Insert the installation CD ROM into the CD ROM drive The following window will be shown automatically If it isn t please run install exe on the CD ROM Step 2 Click on the INSTALL button Wait until the following Welcome dialog to appear and click on the Next button...

Страница 12: ...r Step 4 When the following window is displayed click on the Finish button Select the item to restart the computer and then click the OK button to reboot your computer Step 4 After rebooting your computer the software installation procedure is finished Now you can configure the NAT Router refer to Chapter 4 and setup the Print Server refer to Chapter 5 ...

Страница 13: ...ir r re e el l le e es s ss s s B B Br r ro o oa a ad d db b ba a an n nd d d R R Ro o ou u ut t te e er r r This product provides Web based configuration scheme that is configuring by your Web browser such as Netscape Communicator or Internet Explorer This approach can be adopted in any MS Windows Macintosh or UNIX based platforms ...

Страница 14: ...ion is established you will see the web user interface of this product There are two appearances of web user interface for general users and for system administrator To log in as an administrator enter the system password the factory setting is admin in the System Password field and click on the Log in button If the password is correct the web appearance will be changed into administrator configur...

Страница 15: ...de Ready Not ready Printing and Device error When a job is printing there may appear a Kill Job button on the Sidenote column You can click this button to kill current printing job manually C Statistics of WAN enables you to monitor inbound and outbound packets Notice For the WBR 3402B it can support both Annex B and U R2 ADSL line coding schemes The default setting is Annex B If your ISP used U R...

Страница 16: ...16 4 3 Wizard Setup Wizard will guide you through a basic configuration procedure step by step Press Next ...

Страница 17: ...17 Setup Wizard Select WAN Type For detail settings please refer to 4 4 1 primary setup 4 4 Basic Setting ...

Страница 18: ...18 4 4 1 Primary Setup WAN Type Press Change ...

Страница 19: ... WAN Type WAN connection type of your ISP You can click Change button to choose a correct one from the following five options A Ethernet Over ATM RFC 1483 Bridged without NAT B Ethernet Over ATM RFC 1483 Bridged with NAT C IP over ATM RFC 1483 Routed D Classical IP over ATM RFC 1577 E PPP over ATM RFC 2364 F PPP over Ethernet RFC 2516 3 Data Encapsulation Two data encapsulation type are supported ...

Страница 20: ...settings WAN IPAddress WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are also specified by your ISP VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate Once you finished the required configuration you must click on the Save button to save...

Страница 21: ...IP Address Obtain an IP address from ISP automatically Host Name optional Required by some ISPs for example Home 1 Renew IP Forever this feature enables this product to renew your IP address automatically when the lease time is expiring even when the system is idle ...

Страница 22: ...22 ...

Страница 23: ...tatic mode you have to set the following WAN setting manually WAN IPAddress WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are assigned by your ISP VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate Once you finished the required configur...

Страница 24: ... settings from ISP s DHCP server If you select static mode you have to set the following WAN setting manually WAN IPAddress WAN Subnet Mask WAN Gateway and Primary Secondary DNS These settings are assigned by your ISP VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant ...

Страница 25: ...25 button to save the configuration into Flash memory and the reboot this device 4 4 1 5 PPP over ATM RFC 2364 Press More ...

Страница 26: ...ill automatically connect to ISP after system is restarted or connection is dropped VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit rate and CBR Constant bit rate PPPoA Service Name Optional Input the service name if your ISP requires it Assigned IPAddress Optional Required by some ISPs ...

Страница 27: ...ty disconnect to your PPPoE session You can also set it to zero or enable Auto reconnect to disable this feature If Auto reconnect is enabled this product will automatically connect to ISP after system is restarted or connection is dropped VPI VCI Numbers The channel settings provided by your ISP Schedule Type The setting of the ADSL traffic schedule type This device supports UBR Un specified bit ...

Страница 28: ... 4 2 OAM Server In this page you can set the OAM feature for virtual channel First click on the Enable or Disable circle for the settings of OAM Function Activation De activation Loopback and Fault Management individually Then click on the Save button to finish the configuration of the selected session Once you set the appropriate OAM settings on virtual channel you can see the corresponding up to...

Страница 29: ...29 4 4 3 DHCP Server Press More The settings of a TCP IP environment include host IP Subnet Mask Gateway and DNS configurations ...

Страница 30: ...ows you to configure IP s lease time DHCP client 3 IP pool starting Address IP pool starting Address Whenever there is a request the DHCP server will automatically allocate an unused IP address from the IP address pool to the requesting computer You must specify the starting and ending address of the IP address pool 4 Domain Name Optional this information will be passed to the client 5 Primary DNS...

Страница 31: ...m 11 Mbps wireless adapter 5 WEP Security Select the data privacy algorithm you want Enabling the security can protect your data while it is transferred from one station to another The standardized IEEE 802 11 WEP 128 or 64 bit is used here 6 WEP Key 1 2 3 4 When you enable the 128 or 64 bit WEP key security please select one WEP key to be used and input 26 or 10 hexdecimal 0 1 2 8 9 A B F digits ...

Страница 32: ...32 4 4 5 Change Password You can change Password here We strongly recommend you to change the system password for security reason ...

Страница 33: ...33 4 5 Forwarding Rules 4 5 1 Virtual Server ...

Страница 34: ...ts to this port will be redirected to the computer specified by the Server IP Virtual Server can work with Scheduling Rules and give user more flexibility on Access control For Detail please refer to Scheduling Rule For example if you have an FTP server port 21 at 192 168 123 1 a Web server port 80 at 192 168 123 2 and a VPN server at 192 168 123 6 then you need to specify the following virtual se...

Страница 35: ...m of Special Applications fails to make an application work try setting your computer as the DMZ host instead 1 Trigger the outbound port number issued by the application 2 Incoming Ports when the trigger packet is detected the inbound packets sent to the specified port numbers are allowed to pass through the firewall This product provides some predefined settings Select your application and click...

Страница 36: ...to be exposed to unrestricted 2 way communication for Internet games Video conferencing Internet telephony and other special applications NOTE This feature should be used only when needed Non standard FTP port You have to configure this item if you want to access an FTP server whose port number is not 21 This setting will be lost after rebooting ...

Страница 37: ...37 4 6 Security Settings ...

Страница 38: ... Servers or DMZ host only You can select one of the two filtering policies 1 Allow all to pass except those match the specified rules 2 Deny all to pass except those match the specified rules You can specify 8 rules for each direction inbound or outbound For each rule you can define the following Source IP address Source port address Destination IP address Destination port address Protocol TCP or ...

Страница 39: ...work with Scheduling Rules and give user more flexibility on Access control For Detail please refer to Scheduling Rule Each rule can be enabled or disabled individually Inbound Filter To enable Inbound Packet Filter click the check box next to Enable in the Inbound Packet Filter field Suppose you have SMTP Server 25 POP Server 110 Web Server 80 FTP Server 21 and News Server 119 defined in Virtual ...

Страница 40: ...d net news port 119 and transfer files via FTP port 21 Others are all allowed After Inbound Packet Filter setting is configured click the save button Outbound Filter To enable Outbound Packet Filter click the check box next to Enable in the Outbound Packet Filter field Example 1 ...

Страница 41: ...ssary to resolve the domain name 192 168 123 10 192 168 123 20 They can do everything block nothing Others are all blocked Example 2 192 168 123 100 192 168 123 119 They can do everything except read net news port 119 and transfer files via FTP port 21 Others are allowed After Outbound Packet Filter setting is configured click the save button ...

Страница 42: ...ion when someone accesses the specific URLs Privilege IPAddresses Range Setting a group of hosts and privilege these hosts to access network without restriction Domain Suffix A suffix of URL to be restricted For example com xxx com Action When someone is accessing the URL met the domain suffix what kind of action you want Check drop to block the access Check log to log these access Enable Check to...

Страница 43: ...tion will be record in log file 2 URL include www sina com will not be blocked but the action will be record in log file 3 URL include www google com will be blocked but the action will not be record in log file 4 IP address X X X 1 X X X 20 can access network without restriction ...

Страница 44: ...to input a keyword only In other words Domain filter can block specific website while URL Blocking can block hundreds of websites by simply a keyword URL Blocking Enable Checked if you want to enable URL Blocking URL If any part of the Website s URL matches the pre defined word the connection will be blocked For example you can use pre defined word sex to block all websites if their URLs contain p...

Страница 45: ...on will be record in log file 2 URL include erotica will be blocked but the action will be record in log file 3 URL include girl will not be blocked but the action will be record in log file 4 URL include game will be blocked but the action will be record in log file ...

Страница 46: ...this device If a client is denied to connect to this device it means the client can t access to the Internet either Choose allow or deny to allow or deny the clients whose MAC addresses are not in the Control table please see below to connect to this device Assosiation control Check Association control to enable the controling of which wireless client can associate to the wireless LAN If a client ...

Страница 47: ... allow the corresponding client to connect to this device A When Association control is checked check A will allow the corresponding client to associate to the wireless LAN In this page we provide the following Combobox and button to help you to input the MAC address You can select a specific client in the DHCP clients Combobox and then click on the Copy to button to copy the MAC address of the cl...

Страница 48: ...when you really need a security tunnel It is disabled for default Max number of tunnels item Since VPN greatly degrades network throughput the allowable maximum number of tunnels is limited Be careful to set the value for allowing the number of tunnels can be created simultaneously Its value ranges from 1 to 5 Tunnel name Indicate which tunnel that is focused now Method IPSec VPN supports two kind...

Страница 49: ...ting of following items local subnet local netmask remote subnet remote netmask remote gateway and pre shared key The tunnel name is derived from previous page of VPN setting IKE proposal setup includes the setting of a set of frequent used IKE proposals and the selecting from the set of IKE proposals Similarly IPSec proposal setup includes the setting of a set of frequent used IPSec proposals and...

Страница 50: ...ss of remote VPN gateway Pre shared key The first key that supports IKE mechanism of both VPN gateways for negotiating further security keys The pre shared key must be same for both end gateways Function of Buttons Select IKE proposal Click the button to setup a set of frequent used IKE proposals and select from the set of IKE proposals for the dedicated tunnel proposals for the dedicated tunnel S...

Страница 51: ...ased on the value of Life Time Unit If the value of unit is second the value of life time represents the life time of dedicated VPN tunnel between both end gateways Its value ranges from 300 seconds to 172 800 seconds If the value of unit is KB the value of life time represents the maximum allowable amount of transmitted packets through the dedicated VPN tunnel between both end gateways Its value ...

Страница 52: ...es which IPSec proposal to be focused First char of the name with 0x00 value stands for the proposal is not available DH group There are three groups can be selected group 1 MODP768 group 2 MODP1024 group 5 MODP1536 But none also can be selected here for IPSec proposal Encapsulation protocol There are two protocols can be selected ESP and AH Encryption algorithm There are two algorithms can be sel...

Страница 53: ... Its value ranges from 20 480 KBs to 2 147 483 647 KBs Life time unit There are two units can be selected second and KB Proposal ID The identifier of IPSec proposal can be chosen for adding the proposal to the dedicated tunnel There are total ten proposals can be set in the proposal pool At most only four proposals from the pool can be applied to the dedicated tunnel as shown in the proposal index...

Страница 54: ...address is 0 0 0 0 any host can connect to this product to perform administration task You can use subnet mask bits nn notation to specified a group of trusted IP addresses For example 10 1 2 0 24 NOTE When Remote Administration is enabled the web server port will be shifted to 88 You can change web server port to other port too Administrator Time out The time of no activity to logout automaticall...

Страница 55: ...55 4 7 Advanced Setting ...

Страница 56: ...directly added to the calculated Target Noise margin It should be ranged between 3dB and 3dB with a granularity of 0 5 dB The default value is set to 0 dB no offset Max Bits per Tone The value of this parameter will limit the number of bits loaded in each upstream tone It should be ranged between 2 and 14 bits tone The default value is set to the ADSL maximum standard 14 bits tone Rx Gain Offset T...

Страница 57: ...er allows user to reduce the Tx output power in the upstream direction The value should be ranged between 0 and 10 dBm Rx Output Power Offset This parameter allows user to reduce the Rx output power The value should be ranged between 0 and 10 dBm ...

Страница 58: ...nd Time by NTP Protocol Time Server Select a NTP time server to consult UTC time Time Zone Select a time zone where this device locates Set Date and Time manually Selected if you want to Set Date and Time manually Function of Buttons Sync Now Synchronize system time with network time server ...

Страница 59: ...k Enable to enable this function E mail Alert Enable Check if you want to enable Email alert send syslog via email SMTP Server IP and Port Input the SMTP server IP and port which are contacted with If you do not specify port number the default value is 25 For example mail your_url com or 192 168 1 100 26 Send E mail alert to The recipients who will receive these logs You can assign more than 1 rec...

Страница 60: ...60 E mail Subject The subject of email alert This setting is optional ...

Страница 61: ...f your host to your current IP address which changes each time you connect your Internet service provider Before you enable Dynamic DNS you need to register an account on one of these Dynamic DNS servers that we list in provider field To enable Dynamic DNS click the check box next to Enable in the DDNS field Next you can enter the appropriate information about your Dynamic DNS Server You have to d...

Страница 62: ...62 Username E mail Password Key You will get this information when you register an account on a Dynamic DNS server Example After Dynamic DNS setting is configured click the save button ...

Страница 63: ...lues and monitoring network events Enable SNMP You must check either Local or Remote or both to enable SNMP function If Local is checked this device will response request from LAN If Remote is checked this device will response request from WAN Get Community Setting the community of GetRequest your device will response Set Community Setting the community of SetRequest your device will accept Exampl...

Страница 64: ...vice will response to SNMP client which s get community is set as public 2 This device will response to SNMP client which s set community is set as private 3 This device will response request from both LAN and WAN ...

Страница 65: ...routing path and allow different subnets to communicate with each other Routing Table settings are settings used to setup the functions of static and dynamic routing RIP Enable Check to enable RIP function Static Routing For static routing you can specify up to 8 routing rules You can enter the destination IP address subnet mask gateway hop for each routing rule and then enable or disable the rule...

Страница 66: ...2 168 3 88 it would use the above table to determine that it had to go via 192 168 1 33 a gateway And if it sends Packets to 192 168 5 77 will go via 192 168 1 55 Each rule can be enabled or disabled individually After routing table setting is configured click the save button ...

Страница 67: ...de which service at what time will be turned on or off Select the enable item Press Add New Rule You can write a rule name and set which day and what time to schedule from Start Time to End Time The following example configure FTP time as everyday 14 10 to 16 20 ...

Страница 68: ...68 ...

Страница 69: ...the schedule rule Delete To delete the schedule rule and the rule of the rules behind the deleted one will decrease one automatically Schedule Rule can be apply to Virtual server and Packet Filter for example Exanple1 Virtual Server Apply Rule 1 ftp time everyday 14 10 to 16 20 ...

Страница 70: ...70 Exanple2 Packet Filter Apply Rule 1 ftp time everyday 14 10 to 16 20 ...

Страница 71: ...71 4 8 Toolbox ...

Страница 72: ...72 4 8 1 View Log You can View system log by clicking the View Log button ...

Страница 73: ...73 4 8 2 Firmware Upgrade You can upgrade firmware by clicking Firmware Upgrade button ...

Страница 74: ...a bin file Once you want to restore these settings please click Firmware Upgrade button and use the bin file you saved 4 8 4 Reset to default You can also reset this product to factory default by clicking the Reset to default button 4 8 5 Reboot You can also reboot this product by clicking the Reboot button ...

Страница 75: ...ure the target device must be Wake on LAN enabled and you have to know the MAC address of this device say 00 11 22 33 44 55 Clicking Wake up button will make the router to send the wake up frame to the target device immediately Domain Name or IP address for Ping Test Allow you to configure an IP and ping the device You can ping a specific IP to test whether it is alive ...

Страница 76: ...ort please skip this chapter 5 1 Configuring on Windows 95 98 Platforms After you finished the software installation procedure described in Chapter 3 your computer has possessed the network printing facility provided by this product For convenience we call the printer connected to the printer port of this product as server printer On a Windows 95 98 platform open the Printers window in the My Comp...

Страница 77: ...77 1 Find out the corresponding icon of your server printer for example the HP LaserJet 6L Click the mouse s right button on that icon and then select the Properties item ...

Страница 78: ...o item Be sure that the Printer Driver item is configured to the correct driver of your server printer 4 Click on the button of Port Settings Type in the IP address of this product and then click the OK button 8 Make sure that all settings mentioned above are correct and then click the OK button ...

Страница 79: ...cedure for a Windows NT platform is similar to that of Windows 95 98 except the screen of printer Properties Compared to the procedure in last section the selection of Details is equivalent to the selection of Ports and Port Settings is equivalent to Configure Port ...

Страница 80: ...0 and XP Platforms Windows 2000 and XP have built in LPR client users could utilize this feature to Print You have to install your Printer Driver on LPT1 or other ports before you preceed the following sequence 1 Open Printers and Faxs ...

Страница 81: ...81 2 Select Ports page Click Add Port 3 Select Standard TCP IP Port and then click New Port ...

Страница 82: ...82 4 Click Next and then provide the following information Type address of server providing LPD that is our NAT device 192 168 123 254 4 Select Custom then click Settings ...

Страница 83: ...83 6 Select LPR type lp lowercase letter in Queue Name And enable LPR Byte Counting Enabled ...

Страница 84: ...84 7 Apply your settings ...

Страница 85: ...nal configuration procedure on Unix platforms to setup the print server of this product The printer name is lp In X Windows for example In Redhat Platforms Please follow the below steps to configure your printer on Red Hat 9 0 1 Start from the Red Hat System Setting Printing ...

Страница 86: ...86 2 Click Add Forward 3 Enter the Pinter Name Comments then forward ...

Страница 87: ...87 4 Select LPD protocol and then forward 5 Enter the router LAN IP Address and the queue name lp Then forward ...

Страница 88: ...88 6 Select the Printer Brand and Model Name Then Forward 7 Click Apply to finish setup ...

Страница 89: ...u can manual set it or via the tool printtool in X windows PS The spool name is lp all lowercase letter Below is my setting etc printcap lp sd var spool lpd lp mx 0 sh rm 192 168 123 254 rp lp key point if var spool lpd lp filter Then add the corresponding directory mkdir var spool lpd lp Too see the detail please refer to the online manual in linux man printcap ...

Страница 90: ... PC 1 First go to Printer center Printer list and add printer 2 Choose IP print and setup printer ip address router Lan ip address 3 Disable Default Queue of Server And fill in lp in Queue name item 4 Printer type Choose General ...

Страница 91: ...ou have been successfully installed one network card on your personal computer If not please refer to your network card manual Moreover the Section B 2 tells you how to set TCP IP values for working with this NAT Router correctly A 1 Install TCP IP Protocol into Your PC 1 Click Start button and choose Settings then click Control Panel 2 Double click Network icon and select Configuration tab in the...

Страница 92: ...s list And choose TCP IP in the Network Protocols Click OK button to return to Network window 6 The TCP IP protocol shall be listed in the Network window Click OK to complete the install procedure and restart your PC to enable the TCP IP protocol ...

Страница 93: ...e Settings then click Control Panel 2 Double click Network icon Select the TCP IP line that has been associated to your network card in the Configuration tab of the Network window 3 Click Properties button to set the TCP IP protocol for this NAT Router 4 Now you have two setting methods ...

Страница 94: ...94 a Select Obtain an IP address automatically in the IP Address tab b Don t input any value in the Gateway tab ...

Страница 95: ...b B Configure IP manually a Select Specify an IP address in the IP Address tab The default IP address of this product is 192 168 123 254 So please use 192 168 123 xxx xxx is between 1 and 253 for IP Address field and 255 255 255 0 for Subnet Mask field ...

Страница 96: ... address of this product default IP is 192 168 123 254 in the New gateway field and click Add button c In the DNS Configuration tab add the DNS values which are provided by the ISP into DNS Server Search Order field and click Add button ...

Страница 97: ...et t tt t ti i in n ng g g g g gu u ui i id d de e e Example Win XP 2000 VPN Router Configuration on WIN 2000 is similar to XP 1 On Win 2000 XP click Start button select Run type secpol msc in the field then click Run Goto Local Security Policy Settings page 2 Or in Win XP Click Control Pannel Double click Performance and Maintenance ...

Страница 98: ...98 Double click Administrative Tools ...

Страница 99: ...99 Local Security Policy Settings Double click Local Security Policy ...

Страница 100: ... Create IP Security Policy Click the Next button enter your policy s name Here it is to_vpn_router Then click Next Introduction Dis select the Activate the default response rule check box and click Next button Click Finish button make sure Edit check box is checked ...

Страница 101: ...101 Build 2 Filter Lists xp router and router xp Filter List 1 xp router In the new policy s properties screen select Use Add Wizard check box and then click Add button to create a new rule ...

Страница 102: ...102 click Add button ...

Страница 103: ...103 Enter a name for example xp router and dis select Use Add Wizard check box Click Add button ...

Страница 104: ...ecific IP Address and fill in IP Address 192 168 1 1 In the Destination address field select A specific IP Subnet fill in IP Address 192 168 123 0 and Subnet mask 255 255 255 0 If you want to select a protocol for your filter click Protocol page ...

Страница 105: ...105 Click OK button Then click OK button on the IP Filter List page ...

Страница 106: ...106 select Filter Action select Require Security then click Edit button ...

Страница 107: ...107 select Negotiate security Select Session key Perfect Forward Secrecy PFS click Edit button ...

Страница 108: ...108 select Custom button ...

Страница 109: ...109 Select Data integrity and encryption ESP Configure Integrity algorithm MD5 Configure Encryption algorithm DES Configure Generate a new key every 10000 seconds Click OK button ...

Страница 110: ...110 select Authentication Methods page click Add button ...

Страница 111: ...elect Use this string to protect the key exchange preshared key and enter your preshared key string such as mypresharedkey Click OK button Click OK button on Authentication Methods page Select Tunnel Setting ...

Страница 112: ...112 configure The tunnel endpoint is specified by this IP address 192 168 1 254 Select Connection Type ...

Страница 113: ...113 select All network connections Tunnel 2 router xp In the new policy s properties page dis select Use Add Wizard check box and then click Add button to create a new rule ...

Страница 114: ...114 click Add button ...

Страница 115: ...115 Enter a name such as router xp and dis select Use Add Wizard check box Click Add button ...

Страница 116: ...ecific IP Subnet fill in IP Address 192 168 123 0 and Subnet mask 255 255 255 0 In the Destination address field select A specific IP Address and fill in IP Address 192 168 1 1 If you want to select a protocol for your filter click Protocol page ...

Страница 117: ...117 Click OK button Then click OK button on IP Filter List window ...

Страница 118: ...118 select Filter Action tab select Require Security then click Edit button ...

Страница 119: ...119 select Negotiate security Select Session key Perfect Forward Secrecy PFS click Edit button ...

Страница 120: ...120 select Custom button ...

Страница 121: ...121 Select Data integrity and encryption ESP Configure Integrity algorithm MD5 Configure Encryption algorithm DES Configure Generate a new key every 10000 seconds Click OK button ...

Страница 122: ...122 select Authentication Methods page click Add button ...

Страница 123: ...elect Use this string to protect the key exchange preshared key and enter the preshared key string such as mypresharedkey Click OK button Click OK button on Authentication Methods page Select Tunnel Setting ...

Страница 124: ...124 Configure The tunnel endpoint is specified by this IP address 192 168 1 1 Select Connection Type ...

Страница 125: ...125 select All network connections ...

Страница 126: ...126 Configure IKE properties Select General Click Advanced ...

Страница 127: ...127 enable Master key perfect forward security PFS configure Authenticate and generate a new key after every 10000 seconds click Methods click Add button ...

Страница 128: ...e Integrity algorithm SHA1 Configure Encryption algorithm 3DES Configure Diffie Helman group Medium 2 Settings on VPN router VPN Router Wan IP address 192 168 1 254 Lan IP address 192 168 123 254 PC 192 168 123 123 ...

Страница 129: ...129 VPN Settings VPN Enable Max number of tunnels 2 ID 1 Tunnel Name 1 Method IKE Press More ...

Страница 130: ...0 VPN Settings Tunnel 1 IKE Tunnel 1 Local Subnet 192 168 123 0 Local Netmask 255 255 255 0 Remote Subnet 192 168 1 1 Remote Netmask 255 255 255 255 Remote Gateway 192 168 1 1 Preshare Key my preshare key ...

Страница 131: ...131 VPN Settings Tunnel 1 Set IKE Proposal ID 1 Proposal Name 1 DH Group Group2 Encrypt Algorithm 3DES Auth Algorithm SHA1 Life Time 10000 Life Time Unit Sec ...

Страница 132: ...ec Proposal ID 1 Proposal Name proposal1 DH Group Group2 Encap Protocol ESP Encrypt Algorithm DES Auth Algorithm MD5 Life Time 10000 Life Time Unit Sec User can view VPN connection process in System Log page and correct their settings ...

Страница 133: ...d d di i ix x x C C C P P PP P PT T TP P P a a an n nd d d L L L2 2 2T T TP P P C C Co o on n nf f fi i ig g gu u ur r ra a at t ti i io o on n ns s s 1 First please go to the Network connection 2 Connect to network at my workplace ...

Страница 134: ...134 3 Choose Virtual Private Network 4 Do not dial to initial connection ...

Страница 135: ...135 5 Input the router wan ip address 6 Then ok please input username and password as you setup in the router ...

Страница 136: ...136 7 Select the type of VPN ...

Страница 137: ...g any pcs in the lan 192 168 123 x L2TP However the router is the also vpn l2tp server and supports three Authentication Protocols PAP CHAP and MSCPAP And the settings are similar with PPTP But MS operating systems like winxp win2000 will not find The type of vpn L2tp We can use this files disableipsec zip to enable it http support iglou com fom serve cache 473 html Then We will see L2tp IPSEC VPN...

Страница 138: ...138 Then the steps refer to pptp settings ...

Страница 139: ...er date 03 05 2003 PC2 Microsoft Windows XP Professional with Service Pack 1a Z Com XI 725 wireless LAN USB adapter Driver version 1 7 29 0 Driver date 10 20 2001 Authentication Server Windows 2000 RADIUS server with Service Pack 3 and HotFix Q313664 Note Windows 2000 RADIUS server only supports PEAP after upgrade to service pack 3 and HotFix Q313664 You can get more information from http support ...

Страница 140: ... 2 Setup DUT 1 Enable the 802 1X check the Enable checkbox 2 Enter the RADIUS server IP 3 Enter the shared key The key shared by the RADIUS server and DUT 4 We will change 802 1X encryption key length to fit the variable test condition 3 1 3 Setup Network adapter on PC 1 Choose the IEEE802 1X as the authentication method Fig 2 Note Figure 2 is a setting picture of Windows XP without service pack 1...

Страница 141: ...141 Figure 2 Enable IEEE 802 1X access control ...

Страница 142: ...cess Point 3 Set authentication type of wireless client and RADIUS server both to EAP_TLS 4 Disable the wireless connection and enable again 5 The DUT will send the user s certificate to the RADIUS server and then send the message of authentication result to PC1 Fig 5 6 Windows XP will prompt that the authentication process is success or fail and end the authentication procedure Fig 6 7 Terminate ...

Страница 143: ...143 Figure 4 Certificate information on PC1 Figure 5 Authenticating ...

Страница 144: ... to PC2 5 Windows XP will prompt that the authentication process is success or fail and end the authentication procedure 6 Terminate the test steps when PC2 get dynamic IP and PING remote host successfully Support Type Amit supports the types of 802 1x Authentication PEAP CHAPv2 and PEAP TLS Note 1 PC1 is on Windows XP platform without Service Pack 1 2 PC2 is on Windows XP platform with Service Pa...

Страница 145: ...tton about 5 seconds STATUS LED will start flashing about 5 times move away the hand The RESTORE process is completed TFTP Mode 1 Symptom STATUS LED flashes abnormally 1 STATUS LED flashes very quickly 2 STATUS LED flashes reciprocally We can check if the router works ok or not according to STATUS LED If Normal the STATUS LED flashes per second 2 Solution 1 First execute the execute file If the ro...

Страница 146: ...p the same submask For example configure the PC IP address to 192 168 12 xxx 5 Click Upgrade Button and to upgrade the firmware smoothly 6 If successfully please use Reset Button reset to default the router If failed the program will ask to redo again from Step 2 ...

Результаты поиска

Содержание WBR-3402TX

Отзывы:

Похожие инструкции для WBR-3402TX

Бренды по названию

Популярные бренды

LevelOne WBR-3402TX, Руководство пользователя

Результаты поиска

Содержание WBR-3402TX

Отзывы:

Похожие инструкции для WBR-3402TX

Бренды по названию

Популярные бренды