Maipu MP1800-10 Скачать руководство пользователя страница 64 | Manualshive

Страница: 64 / 95

background image

MP1800-10 3G Router User Manual

Maipu Confidential & Proprietary Information

Page 64 of 95

VPN Configuration

VPN (Virtual Private Network) is one security LAN based on Internet.
Currently, MP1800-10 router supports IPSec and GRE, providing the
flexible, economical, and valid scheme for the enterprise network security.

The “VPN configuration” function of MP1800-10 router includes:



IPSEC



GRE



Certificate management

IPSec

IPSec (IP Secure Protocol) is one of VPN technologies. The protocol not
only refers to the data encryption and decryption technology, but also
refers to the data transmission and validation technology. It is often used
for the end-to-end network security transmission.

IPSEC tunnel configuration

Enter

VPN

>

IPSec

>

Configure Tunnel

and you can enter the IPSEC

configuration interface, as follows:

IPSec tunnel management

Input IKE Name

: The phase-1 ID, setting one name for the IPSec tunnel.



Caution

1.

When modifying the VPN tunnel configuration, the phase-1 ID
cannot be modified.

2.

By default, the IPSec service of MP1800-10 router is disabled.
To make all created rules take effect, you should enable the
service when enabling one rule.

«
...
62
63
64
65
66
...
»

Содержание MP1800-10

Страница 1: ...MP1800 10 3G Router User Manual V1 2 Maipu Communication Technology Co Ltd No 16 Jiuxing Avenue Hi Tech Park Chengdu Sichuan Province P R China 610041 Tel 86 28 85148850 85148041 Fax 86 28 85148948 8...

Страница 2: ...isclaims any implied warranties of merchantability or fitness for any specific purpose Further Maipu reserves the right to revise this document and to make changes from time to time in its content wit...

Страница 3: ...g Preparations 9 Configure Computer 10 Log into System 14 Configuration 15 System 15 System Time 16 Remote Logs 18 Management Control 18 Configuration Management 19 System Upgrade 20 SNMP 21 Modify Pa...

Страница 4: ...l 59 Basic Setting 59 Access Control 60 Port Mapping 61 MAC IP Binding 62 QOS 63 Bandwidth Management 63 VPN Configuration 64 IPSec 64 GRE 71 Certificate Management 73 Status 78 System Logs 79 System...

Страница 5: ...ure 1 Hardware specifications 2 Functions 3 Product models 4 Product shapes Hardware Specifications 1 3G data Support two kinds of 3G module that is WCDMA and CDMA2000 2 Interface Wireless interface 5...

Страница 6: ...humidity 95 no condensing Functions 1 Basic Features Convenient flexible reliable Support CDMA 2000 and WCDMA Data terminal online forever NTP Remote logs Remote SSH Telnet HTTP management Local Firm...

Страница 7: ...tication Support disconnection detection Support multi WAN port backup Support getting time via 3G Support regular online offline Support E3G management Product Models MP1800 10 router adopts the gene...

Страница 8: ...9600 8 bit data bit no parity one bit stop bit FE0 FE4 RJ45 Ethernet interface USB Outer USB interface ANT0 is 3G antenna ANT1 is WIFI antenna The outer power adaptor is DC 12V 1 5A Indicator descrip...

Страница 9: ...figure computer 4 Log into system Environment Requirement The requirements of MP1800 10 router for the using environment Work environment temperature 25 70 Storage temperature 30 70 Relative humidity...

Страница 10: ...e following takes the LAN connection mode and adopts Windows XP as an example to describe the configuration steps of the computer network connection 1 Method 1 In LAN select one computer for configura...

Страница 11: ...Router User Manual Maipu Confidential Proprietary Information Page 11 of 95 Configure local connection properties of the computer Select Internet Protocol TCP IP and click Properties to enter the foll...

Страница 12: ...s IP address 192 168 10 refers to any integer from 2 254 Subnet mask 255 255 255 0 Default gateway 192 168 10 1 After configuration click OK Caution 1 The method interrupts the communication between t...

Страница 13: ...still can configure MP1800 10 router you can consider adding route IP to realize Click Advanced in the above figure 3 3 as shown in Figure 3 3 Advanced configuration interface of TCP IP attributes Cl...

Страница 14: ...e IE browser of the computer and input http 192 168 10 1 in the address bar Web login Press Enter to enter the login interface of the user as follows User login authentication When the user logs into...

Страница 15: ...configuration parameters precautions and problems of the product 1 System 2 Network 3 Service 4 Status firewall 5 QoS 6 VPN configuration 7 Status 8 CLI System The system tool of MP1800 10 router pro...

Страница 16: ...r setting time manually as follows Interface for setting time manually Current time Display current system time System time setting Manual setting time server Date setting Set system date Time setting...

Страница 17: ...al of synchronizing time Time server Specify the domain name or IP address of the server providing the service of synchronizing time Time Zone Specify the time zone of the country against UTC Caution...

Страница 18: ...Enter System Remote log and you can see the following configuration interface Remote log configuration interface Enable Whether to send the device log information to the remote log server Remote Log...

Страница 19: ...user configuration Backup can save the configured parameters to the PC Recovery can restore the saved configuration parameters to the system 1 Backup configuration Enter System Configuration Manageme...

Страница 20: ...en you want to restore the system to the factory status enter System Configuration Management and click Restore Factory Setting System Upgrade MP1800 10 router can perform the remote web upgrade Befor...

Страница 21: ...ccessfully the interface turns to the login interface automatically Caution During upgrade do not power off Otherwise the device cannot be used SNMP When you want to configure SNMP enter System SNMP a...

Страница 22: ...ns are all set to the nodes in MIB Modify Password MP1800 10 router provides the authority of modifying user password Enter System Modify Password and you can set the new password for the system admin...

Страница 23: ...r System Log out Network MP1800 10 router network setting includes the following functions Dialing interface WAN interface LAN interface Forwarding mode Dynamic domain name Static route Dynamic route...

Страница 24: ...y account to dial Enable SIM Card Bind Set the binding function of the SIM card If enabling the option bind the IMSI code of the SIM card with the system When using the 3G module for the first time re...

Страница 25: ...dial Count Set the re dialing times of each account By default it is three times 0 means always trying to use the master account dialing and do not use standby account APN Specifies the APN Access Po...

Страница 26: ...ed with the service that needs to use the 3G traffic such as NTP remote log and IPSec DPD the dial on demand function becomes invalid Idle time Set the idle time of the connection when reaching the id...

Страница 27: ...MS2 CHAP MS CHAP version 2 EAP It is one expansible authentication protocol The protocol is used by the authentication in the point to point network such as PPP It can support various authentication...

Страница 28: ...by the peer The mapping table uses the hexadecimal coding do not need 0x The least significant bit 00000001 indicates the character 0 and the most significant bit 80000000 indicates the character 31 D...

Страница 29: ...ed by MP1800 10 router Local IP Set the local IP of MP1800 10 router when performing PPP IPCP negotiation Remote IP Set the peer IP of MP1800 10 router when performing PPP IPCP negotiation WAN Interfa...

Страница 30: ...of the WAN interface The DNS server uses the IP address format Multiple DNS servers are separated by the blank After selecting the connection mode as DHCP the setting interface of WAN interface is as...

Страница 31: ...n mode as Disable you cannot connect Internet via Ethernet WAN interface 2 PPPoE advanced setting If you are advanced user enter Network WAN interface PPPoE advanced setting and you can complete the c...

Страница 32: ...fter reaching the maximum feature times do not dial any more The default value is 0 and it means always trying It is mandatory 2 Authentication and encryption parameters Authentication mode configurat...

Страница 33: ...on of the two sides on the PPP link negotiate which compression algorithm to adopt and use the reliable mode to identify the failure of the compression and de compression mechanism If ticking it means...

Страница 34: ...Interval Set the PPP LCP keepalive interval The setting range is 1 2147483647 By default send one LCP every 10s LCP Echo Failure Set the PPP LCP keepalive times The setting range is 1 2147483647 The...

Страница 35: ...ting IP Set or modify the LAN IP address of MP1800 10 router The default value is 192 168 10 1 Usually it is the gateway IP or LAN gateway of the direct connected computer Netmask Set or modify the sp...

Страница 36: ...ation interface Forwarding mode setting Route mode Decide the forwarding path by searching for the system route table NAT mode Perform the source address pretending for the packet to realize the requi...

Страница 37: ...service provider DNS The DNS domain name set by the DDNS service provider Static Route Static route can confirm the external route for the packet sent out When the router network and the target access...

Страница 38: ...n address is set as one IP the subnet mask should be set as 255 255 255 255 Otherwise the system calculates one network address automatically according to the subnet mask 3 If you want to add route in...

Страница 39: ...formation Failure time Set the invalid interval of the route information If not receiving update packets after exceeding the time set the route information unavailable but do not clear the route infor...

Страница 40: ...MP1800 10 router already knows the IP address of the E3G server and the telephone number of the short message gateway E3G server can manage the device via the traditional mode of delivering the confi...

Страница 41: ...e accessed you can select Dial interface 2 For the using of the device report interface the device reports the information via the 3G dial interface as the source interface use LAN port as the report...

Страница 42: ...be emitted Name SSID Set the access point name of the wireless network Forbid SSID broadcast After ticking the SSID is not broadcast Authentication Select the security mode of the wireless network Yo...

Страница 43: ...ice can reduce the workload of the network management staff greatly MP1800 10 router is inbuilt with DHCP server letting it provide the dynamic IP distributing service for your LAN Enter Service DHCP...

Страница 44: ...ress of other kinds of client hosts refer to the using instruction of the device Setting of auto get IP address 2 Statics IP Mapping Static IP mapping is the IP MAC map setting that is the binging set...

Страница 45: ...LAN port and cannot be the broadcast address or LAN port address Caution After adding the static IP mapping information click Save to make the device valid Before saving do not switch to other interf...

Страница 46: ...irtual Router ID Specify the virtual router ID of this device Priority The one with the highest priority becomes the master router Interval The interval of sending the VRRP packets By default it is se...

Страница 47: ...tion The AAA module of MP1800 10 router provides the log authentication service including serial port web Telnet and SSH Enter Service AAA Configuration and you can see the following interface AAA con...

Страница 48: ...client 802 1x Authentication The 802 1x protocol is C S based access control and authentication protocol It can limit the un authorized user device from accessing LAN WLAN via the access port Before...

Страница 49: ...authentication Deny MAC List Configure the refused MAC address The host in the list cannot access network resource without passing authentication Basic configuration of 802 1x authentication Enable I...

Страница 50: ...ithout authentication Deny MAC address configuration interface Deny MAC address Configure the denied MAC address The MAC address cannot pass the authentication or access the network resources PIN Code...

Страница 51: ...protect is as follows Configuration interface of enabling PIN code protect Show status Query the current status of the SIM card including PIN code protect status PIN code remaining input times and rem...

Страница 52: ...PIN code protect status PIN code remaining input times and remaining input times of PUK code PIN The PIN code is the personal identification code comprising 4 8 digitals Enable protect Enable the PIN...

Страница 53: ...er modifying the PIN code successfully and if the PIN code protect is enabled before modifying the PIN code the system automatically records the new PIN code and uses the PIN code during dialing The P...

Страница 54: ...ion interface is as follows PUK code unblocking configuration interface After unblocking PUK code successfully and the PIN code protect is enabled the system automatically records the new PIN code and...

Страница 55: ...nter Service Regular online offline and the configuration interface is as follows Regular Online Offline Enable If ticking enable the regular online offline function Start time Set the 3G to be online...

Страница 56: ...uccessively failed the device automatically restarts Count The number of the ICMP packets every time Abnormal Time The waiting time for the device to restart because of the SIM card arrears wrong dial...

Страница 57: ...terface as the work interface according to the status of the dial interface and Ethernet WAN port and the other interfaces work as the backup of the work interface Backup Mode There are two work modes...

Страница 58: ...t of the route in the load balance Track IP Detect whether the link is the fluent IP address It is suggested to fill in one fixed address in the network Ping Count The times of ping keepalive address...

Страница 59: ...prevent DOS attack and whether to enable the status firewall Enter Status firewall Basic setting and the setting interface is as follows Basic setting Default Policy Set the default action of the fire...

Страница 60: ...ol protect Enter Status Firewall Access control and the configuration interface is as follows Access control Enable If ticking the item enable the rule Protocol It can be TCP protocol UDP protocol ICM...

Страница 61: ...to one mapping between Internet public IP address and internal private IP address Enter Status firewall Port mapping and you can see the following configuration interface Port mapping Enable If ticki...

Страница 62: ...P address in LAN to filter the packets according to the mode of matching IP and MAC at the same time The optional filter modes are accept refuse or drop Rule setting MAC IP binding rule setting Source...

Страница 63: ...management Bandwidth Management Enter QoS Bandwidth Management tick Enable and you can set the downloading speed and uploading speed as follows Bandwidth management Interface The name of the network...

Страница 64: ...protocol not only refers to the data encryption and decryption technology but also refers to the data transmission and validation technology It is often used for the end to end network security trans...

Страница 65: ...el configuration includes two phases phase 1 and phase 2 1 Add rule After inputting the tunnel name on the interface as shown in Figure 4 50 click Add to enter the interface for configuring the IPSec...

Страница 66: ...of the authentication center CA certificate The certificate requires uploading the corresponding certificate in the certificate uploading configuration item The item depends on the authentication mode...

Страница 67: ...orithm The authentication algorithm used by IPSec phase 1 You can select MD5 SHA1 and SHA256 The default value is MD5 DH Key Group Select the desired key group the key group is also the DH algorithm L...

Страница 68: ...2 You can select DES and 3DES BLOWFISH AES128 AES192 AES256 NULL DES for RM1800 10C RM1800 10W RM1800 10 Hash Algorithm The authentication algorithm used by IPSec phase 2 You can select MD5 SHA1 SHA2...

Страница 69: ...n you should click Save to make the device take effect Before clicking Save do not switch to other interface Advanced setting Advanced setting IPSec Fragment If ticking the item enable the IPSec pre f...

Страница 70: ...y the gateway address at the two sides of the tunnel Package Display the security protocol of the tunnel such as esp and ah encryption algorithm authentication algorithm negotiation mode transport or...

Страница 71: ...quirement for the enterprise internal protocol encapsulation when setting up the tunnel in China The unique reason why the enterprise adopts GRE is the encapsulation for the internal address Enter VPN...

Страница 72: ...an Network Set the internal interface segment of the peer network of the GRE tunnel It also can be one single IP address Inner Lan Mask Set the subnet mask of the peer intranet of the GRE tunnel If it...

Страница 73: ...one certificate request file the suffix is csr For the application mode refer to the certificate application After the router generates the certificate request file it turns to the certificate uploadi...

Страница 74: ...ation interface as follows Upload certificate Cert Upload Used to upload the certificate applied from other device Here you should upload the device certificate and private key center certificate CA c...

Страница 75: ...ficate application Application Way There are two modes of filling the certificate One is to fill by the prompt the other is to fill the whole subject name applicable to apply for the certificates with...

Страница 76: ...st file from the certificate application file list it is recommended to place the mouse on the corresponding certificate application file right click and select Save as to download If using the third...

Страница 77: ...er Manual Maipu Confidential Proprietary Information Page 77 of 95 Online certificate CA Type mandatory select the certificate server type Currently the system supports Maipu CMS and Windows certifica...

Страница 78: ...the certificate The maximum length is 30 bits Common Name CN mandatory you cannot input the special characters such as County Name C optional you can select CN HK or do not input Province optional in...

Страница 79: ...of MP1800 10 router Click Status System logs and you can see the following interface System logs Prompt The system logs include route IPSEC firewall DHCP and system The user can select from the drop d...

Страница 80: ...current operation system application software version information CPU frequency The main frequency information of MP1800 10 device Memory The memory information of MP1800 10 device SM1 Information Th...

Страница 81: ...nel Send Flow The data traffic sent to the peer via the tunnel Lifetime The maximum using time of IPSec SA Run Time The time of setting up the tunnel Tunnel Num The total number of the tunnels set up...

Страница 82: ...MP1800 10 3G Router User Manual Maipu Confidential Proprietary Information Page 82 of 95 Dialer interface status After enabling the standby account the dial interface status interface is as follows...

Страница 83: ...ce status The dialer interface traffic information displays the wireless network interface traffic information of the current device as follows Dialer interface traffic information The mobile network...

Страница 84: ...r Status WAN status and you can see the following interface WAN status Network Status Display the current connection status of the WAN port Protocol Display the protocol used by the WAN interface IP a...

Страница 85: ...the bytes received by the WAN port Sent Packets Display the total number of the packets sent by the WAN port Sent Errors Display the number of the error packets sent by the WAN port Sent Drops Displa...

Страница 86: ...s received by the LAN port Received Drops Display the number of the dropped packets received by the LAN port Received Bytes Display the number of the bytes received by the LAN port Sent Packets Displa...

Страница 87: ...all DHCP clients of MP1800 10 router Click Status DHCP information and you can see the auto distributed addresses as follows DHCP information Connection Information The connection information display...

Страница 88: ...Manual Maipu Confidential Proprietary Information Page 88 of 95 Connection information GPS Status This screen provides the longitude and latitude information of the devices location if GPS signal can...

Страница 89: ...buffer realtime View the system running logs Reload Restart the device Exit Log out the device active device Activate the locked device login key Log into the shell command line traceroute dst Track t...

Страница 90: ...ce mask refers to the network mask of the interface show interface View the information of all interfaces or one interface show interface ifname configure status ifname can be wan lan wan1 and lan1 Sy...

Страница 91: ...the system show sms gateway View the number of the short message gateway show ppp View the PPP configuration information show configure View the configuration information of the module show configure...

Страница 92: ...in value in the subject name of the certificate no crypto ca certificate name commonname Syntax Description commonname The CN value in certificate subject no crypto ca certificate type Delete the cert...

Страница 93: ...tion clear conntrack Clear the connection track in the system show firewall View the firewall configuration information show firewall configure all chain name table name Syntax Description configure a...

Страница 94: ...ernet Protocol IPv4 IP version 4 IPv6 IP version 6 IPSEC IP Secure Protocol L2TP Layer 2 Tunneling Protocol MTU Maximum Transmission Unit NAT Network Address Translation NTP Network Time Protocol PAP...

Страница 95: ...n Page 95 of 95 TDMA Time Division Multiple Access UDP User Datagram Protocol UIM User Identity Module UMTS Universal Mobile Telecommunication System VPN Virtual Private Network VRRP Virtual Router Re...

Отзывы:

Нет отзывов

Похожие инструкции для MP1800-10

DWL-2700AP - AirPremier Outdoor Wireless Access...

Бренд: D-Link Страницы: 70

DWL-2200AP - AirPremier - Wireless Access...

Бренд: D-Link Страницы: 58

Бренд: Gemtek Systems Страницы: 13

Бренд: Konig Страницы: 2

Бренд: GROM Audio Страницы: 4

Бренд: Edimax Страницы: 49

Бренд: Tenda Страницы: 80

Бренд: Rosewill Страницы: 8

Бренд: Airlinkplus Страницы: 96

Бренд: Jensen Страницы: 5

Бренд: Kogan Страницы: 16

Бренд: IgniteNet Страницы: 10

Бренд: Billion Страницы: 2

ORINOCO AP-4000MR

Бренд: Proxim Страницы: 2

Бренд: DQ Technology Страницы: 43

Бренд: Marley Страницы: 23

Бренд: Westermo Страницы: 28

AirPrime EM7700

Бренд: Sierra Wireless Страницы: 26

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды